The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

  • Twitter Updates

  • My Flickr Stream

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 2,042 other followers

Archive for June, 2020

binaryfiles – How to convert PDF binary parts into ASCII/ANSI so I can look at it in a text editor? – Stack Overflow

Posted by jpluimers on 2020/06/30

The first hit of pdf binary to text – Google Search was [WayBack] binaryfiles – How to convert PDF binary parts into ASCII/ANSI so I can look at it in a text editor? – Stack Overflow has many options including:

Since I have qpdf installed on most systems:

Another useful tool to transform a PDF into an internal format that enables text editor access is qpdf. It is a “command-line program that does structural, content-preserving transformations on PDF files”.

Example usage:

 qpdf                                  \
   --qdf                               \
   --object-streams=disable            \
     input-with-compressed-objects.pdf \
     output-with-expanded-objects.pdf
  1. The output of the QDF-mode enforced by the --qdf switch organizes and re-orders the objects neatly. It adds comments to track the original object IDs and page content streams. All object dictionaries are written into a “normalized” standard format for easier parsing.
  2. The --object-streams=disable causes the extraction of (otherwise not recognizable) individual objects that are compressed into another object’s stream data.

The recompress is easy as per [WayBackQPDF Manual:

qpdf /tmp/uncompressed.pdf /tmp/compressed.pdf

The answer is by [WayBack] User Kurt Pfeifle – Stack Overflow who has many other interesting PDF related answers at:

Stackoverflow.com:

Superuser.com:

Serverfault.com:

–jeroen

Posted in Development, EPS/PostScript, PDF, Power User | Leave a Comment »

Just as “curl | sudo sh is not advised”, do not impose running http based scripts in your customers IDE

Posted by jpluimers on 2020/06/30

For a long time, it is advised against to curl | sudo sh or equivalent:

  • [WayBackwhy using curl | sudo sh is not advised? – Stack Overflow

    Because you are giving root access to whatever script you are executing. It can do a wide variety of nasty things.

  • [WayBack] The Security Spectrum of curl | sh

    By far the most irresponsible use of curl | sh is to use it with plain, unauthenticated, insecure HTTP instead of HTTPS. This is because it’s not only possible, but also increasingly likely, that the connection over which the shell script is delivered could have its contents silently modified by anyone in network position between the vendor and the installer—especially if you’re using public Wi-Fi. (If you don’t believe this is a real risk, consider that some companies’ business models revolve around modifying JavaScript delivered over HTTP in-transit—and anyone can hijack Wi-Fi with inexpensive, easy-to-obtain devices.)

So I’m surprised that companies still run content – include JavaScript – over an insecure http transport channel in their customers IDE instances.

Many developers run their IDE as Administrator, but even as regular user this is a large security risk: the transport layer is the easiest to hack and will eventually be hacked.

One such occasion was [WayBack] Delphi 10.2.3: Tools > Options Click OK = Script Error I have another weird situation with Delphi 10.2.3. Anytime I open up the options and click OK I … – Michael Riley – Google+ .

That one actually showed the script executed, but normally you do not see it happening at all.

So my advice:

Run the web-traffic from your development machines over a web-proxy like HTTP Fiddler, then disable all http based scripts.

–jeroen

Line 73: https://gist.github.com/jpluimers/40a60ca1e07bb91fa337ecfebe314d64#file-cf-common-js-L73

Read the rest of this entry »

Posted in Development, Power User, Security, Software Development | Leave a Comment »

Watch Kevlin Henney’s “Enterprise Programming Tricks for Clean Code” and drink The Singleton Single Malt Scotch Whisky

Posted by jpluimers on 2020/06/30

Watch Enterprise Programming Tricks for Clean Code by Kevin Henney and Agile is Dead by Pragmatic Dave Thomas.

Then (or at the same time) drink [WayBack] The Singleton Single Malt Scotch Whisky | The Singleton.

A few titbits:

I should watch more of his videos; luckily he has a playlist on YouTube.

There is also a Vimeo channel, and an InfoQ channel. These alle are not in sync, because, well, internet.

–jeroen

Read the rest of this entry »

Posted in Design Patterns, Development, Software Development | Leave a Comment »

RugGear RG100: RugGear

Posted by jpluimers on 2020/06/29

Interesting product: [WayBack] RugGear RG100: RugGear

The RugGear RG100 is the solid basic mobile phone for outdoor use. Tough and waterproof! The RG100 is equipped with a 1.3 megapixels camera and allows you to take pictures under water.

–jeroen

Posted in LifeHacker, Power User | Leave a Comment »

shell – List open SSH tunnels – via: Super User

Posted by jpluimers on 2020/06/29

I put an lsof example and output in Reverse ssh tunnel between two linux boxes to allow RDP traffic over port 3389, but forgot to explain it.

Note that if you are bumping into remote tunneling issues selecting the wrong network interface, then checkout the GatewayPorts setting in the above post first!

Inactive local tunnels on the client: find the first word ssh on lsof output.

$ lsof -i -n | grep -w '^\<ssh\>'
ssh       93548 jeroenp    3u  IPv4 0x298985ab430c8aa9      0t0  TCP 192.168.71.77:50257->80.101.239.92:30022 (ESTABLISHED)
ssh       93548 jeroenp    5u  IPv6 0x298985ab22e02df9      0t0  TCP [::1]:59124 (LISTEN)
ssh       93548 jeroenp    6u  IPv4 0x298985ab272543a1      0t0  TCP 127.0.0.1:59124 (LISTEN)
ssh       93548 jeroenp    7u  IPv6 0x298985ab22e03339      0t0  TCP [::1]:ms-wbt-server (LISTEN)
ssh       93548 jeroenp    8u  IPv4 0x298985ab4306eaa9      0t0  TCP 127.0.0.1:ms-wbt-server (LISTEN)
ssh       93548 jeroenp    9u  IPv6 0x298985ab28049339      0t0  TCP [::1]:5925 (LISTEN)
ssh       93548 jeroenp   10u  IPv4 0x298985ab25cefe89      0t0  TCP 127.0.0.1:5925 (LISTEN)

The above listens two tunnels listening to ports 59124, 3389 (ms-wbt-server) and 5925.

Remote tunnels on the server: find the first word sshd on lsof output. Needs sudo if sshd runs as daemon or to listen active connections:

$ sudo lsof -i -n | grep -w '^\<sshd\>'
sshd       1664     root    3u  IPv4   21299      0t0  TCP *:ssh (LISTEN)
sshd       1664     root    4u  IPv6   21301      0t0  TCP *:ssh (LISTEN)
sshd       5026     root    3u  IPv4  350758      0t0  TCP 192.168.124.32:ssh->192.168.171.24:52417 (ESTABLISHED)
sshd       5029  jeroenp    3u  IPv4  350758      0t0  TCP 192.168.124.32:ssh->192.168.171.24:52417 (ESTABLISHED)
sshd       5120     root    3u  IPv4 6693665      0t0  TCP 192.168.124.32:ssh->80.100.143.119:11585 (ESTABLISHED)
sshd       5123  jeroenp    3u  IPv4 6693665      0t0  TCP 192.168.124.32:ssh->80.100.143.119:11585 (ESTABLISHED)
sshd      13320     root    3u  IPv4 6319692      0t0  TCP 192.168.124.32:ssh->192.168.171.24:56801 (ESTABLISHED)
sshd      13323  jeroenp    3u  IPv4 6319692      0t0  TCP 192.168.124.32:ssh->192.168.171.24:56801 (ESTABLISHED)
sshd      16505     root    3u  IPv4 6374150      0t0  TCP 192.168.124.32:ssh->192.168.171.24:21505 (ESTABLISHED)
sshd      16508  jeroenp    3u  IPv4 6374150      0t0  TCP 192.168.124.32:ssh->192.168.171.24:21505 (ESTABLISHED)

The above does not list any tunnels, just regular connections as there were no local tunnels from the client active, which lists the server side of tunnel -L 59124:192.168.124.32:5900 (which is service rfb):

$ sudo lsof -i -n | grep -w '^\<sshd\>'

sshd       1664     root    3u  IPv4   21299      0t0  TCP *:ssh (LISTEN)
sshd       1664     root    4u  IPv6   21301      0t0  TCP *:ssh (LISTEN)
sshd       5026     root    3u  IPv4  350758      0t0  TCP 192.168.124.32:ssh->192.168.171.24:52417 (ESTABLISHED)
sshd       5029  jeroenp    3u  IPv4  350758      0t0  TCP 192.168.124.32:ssh->192.168.171.24:52417 (ESTABLISHED)
sshd       5120     root    3u  IPv4 6693665      0t0  TCP 192.168.124.32:ssh->80.100.143.119:11585 (ESTABLISHED)
sshd       5123  jeroenp    3u  IPv4 6693665      0t0  TCP 192.168.124.32:ssh->80.100.143.119:11585 (ESTABLISHED)
sshd       5123  jeroenp   13u  IPv4 6698066      0t0  TCP 192.168.124.32:51494->192.168.124.32:rfb (ESTABLISHED)
sshd      13320     root    3u  IPv4 6319692      0t0  TCP 192.168.124.32:ssh->192.168.171.24:56801 (ESTABLISHED)
sshd      13323  jeroenp    3u  IPv4 6319692      0t0  TCP 192.168.124.32:ssh->192.168.171.24:56801 (ESTABLISHED)
sshd      16505     root    3u  IPv4 6374150      0t0  TCP 192.168.124.32:ssh->192.168.171.24:21505 (ESTABLISHED)
sshd      16508  jeroenp    3u  IPv4 6374150      0t0  TCP 192.168.124.32:ssh->192.168.171.24:21505 (ESTABLISHED)

For the client side of active connections you need sudo too:

$ sudo lsof -i -n | grep -w '^\<ssh\>'
Password:
ssh 93548 jeroenp 3u IPv4 0x298985ab430c8aa9 0t0 TCP 192.168.71.77:50257->80.101.239.92:30022 (ESTABLISHED)
ssh 93548 jeroenp 5u IPv6 0x298985ab22e02df9 0t0 TCP [::1]:59124 (LISTEN)
ssh 93548 jeroenp 6u IPv4 0x298985ab272543a1 0t0 TCP 127.0.0.1:59124 (LISTEN)
ssh 93548 jeroenp 7u IPv6 0x298985ab22e03339 0t0 TCP [::1]:ms-wbt-server (LISTEN)
ssh 93548 jeroenp 8u IPv4 0x298985ab4306eaa9 0t0 TCP 127.0.0.1:ms-wbt-server (LISTEN)
ssh 93548 jeroenp 9u IPv6 0x298985ab28049339 0t0 TCP [::1]:5925 (LISTEN)
ssh 93548 jeroenp 10u IPv4 0x298985ab25cefe89 0t0 TCP 127.0.0.1:5925 (LISTEN)
ssh 93548 jeroenp 15u IPv4 0x298985ab2998de89 0t0 TCP 127.0.0.1:59124->127.0.0.1:52580 (ESTABLISHED)

Based on [WayBackshell – List open SSH tunnels – Super User.

–jeroen

Posted in *nix, *nix-tools, Power User, ssh/sshd | Leave a Comment »

 
%d bloggers like this: