April 2026
M	T	W	T	F	S	S
	1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29	30

Archive for the ‘Development’ Category

Some bash parameter propagation links that hopefully will work with ash/dash too

Posted by jpluimers on 2021/10/27

For my link archive; I started with [Wayback] dash get all parameters quoted – Google Search:

[Wayback] Handling positional parameters [Bash Hackers Wiki] has this handy table:

Parameter(s) Description

$0 the first positional parameter, equivalent to argv[0] in C, see the first argument

$FUNCNAME the function name (attention: inside a function, $0 is still the $0 of the shell, not the function name)

$1 … $9 the argument list elements from 1 to 9

${10} … ${N} the argument list elements beyond 9 (note the parameter expansion syntax!)

$* all positional parameters except $0, see mass usage

$@ all positional parameters except $0, see mass usage

$# the number of arguments, not counting $0

These positional parameters reflect exactly what was given to the script when it was called.

Option-switch parsing (e.g. -h for displaying help) is not performed at this point.

See also the dictionary entry for “parameter”.

[Wayback] Handling positional parameters: mass usage [Bash Hackers Wiki] has this summary table:

Syntax Effective result

$* $1 $2 $3 … ${N}

$@ $1 $2 $3 … ${N}

"$*" "$1c$2c$3c…c${N}"

"$@" "$1" "$2" "$3" … "${N}"
[Wayback] Parameter expansion [Bash Hackers Wiki]
The elaborate answer to [Wayback] How to pass all arguments passed to my bash script to a function of mine? – Stack Overflow by [Wayback] User Gordon Davisson – Stack Overflow of which the first part is:
The $@ variable expands to all command-line parameters separated by spaces. Here is an example.
```
abc "$@"
```
When using $@, you should (almost) always put it in double-quotes to avoid misparsing of arguments containing spaces or wildcards (see below). This works for multiple arguments. It is also portable to all POSIX-compliant shells.

It is also worth nothing that $0 (generally the script’s name or path) is not in $@.

The Bash Reference Manual Special Parameters Section says that $@ expands to the positional parameters starting from one. When the expansion occurs within double quotes, each parameter expands to a separate word. That is "$@" is equivalent to "$1" "$2" "$3"....
Last part of the [Wayback] Accessing bash command line args $@ vs $* – Stack Overflow answer by [Wayback] Serge Stroobrandt:

If the arguments are to be stored in a script variable and the arguments are expected to contain spaces, I wholeheartedly recommend employing a "$*" trick with the input field separator set to tab IFS=$'\t' [Wayback].

and comment by Serge as well:

Here is [Wayback] an example, which includes quoted input. The input also matters!

Parameter(s)	Description
`$0`	the first positional parameter, equivalent to `argv[0]` in C, see the first argument
`$FUNCNAME`	the function name (attention: inside a function, `$0` is still the `$0` of the shell, not the function name)
`$1 … $9`	the argument list elements from 1 to 9
`${10} … ${N}`	the argument list elements beyond 9 (note the parameter expansion syntax!)
`$*`	all positional parameters except `$0`, see mass usage
`$@`	all positional parameters except `$0`, see mass usage
`$#`	the number of arguments, not counting `$0`

Syntax	Effective result
`$*`	`$1 $2 $3 … ${N}`
`$@`	`$1 $2 $3 … ${N}`
`"$*"`	`"$1c$2c$3c…c${N}"`
`"$@"`	`"$1" "$2" "$3" … "${N}"`

[Wayback] Propagate all arguments in a bash shell script – Stack Overflow (thanks [Wayback] Sdaz MacSkibbons for the answer and [Wayback] Ilan Schemoul to make it understandable by applying proper naming of the script files):

Use "$@" instead of plain $@ if you actually wish your parameters to be passed the same.

Observe:

$ cat no_quotes.sh
#!/bin/bash
echo_args.sh $@

$ cat quotes.sh
#!/bin/bash
echo_args.sh "$@"

$ cat echo_args.sh
#!/bin/bash
echo Received: $1
echo Received: $2
echo Received: $3
echo Received: $4

$ ./no_quotes.sh first second
Received: first
Received: second
Received:
Received:

$ ./no_quotes.sh "one quoted arg"
Received: one
Received: quoted
Received: arg
Received:

$ ./quotes.sh first second
Received: first
Received: second
Received:
Received:

$ ./quotes.sh "one quoted arg"
Received: one quoted arg
Received:
Received:
Received:

–jeroen

Posted in *nix, *nix-tools, ash/dash, ash/dash development, bash, bash, Development, ESXi6, ESXi6.5, ESXi6.7, ESXi7, Power User, Scripting, Software Development, Virtualization, VMware, VMware ESXi | Leave a Comment »

Shodan (via SCADA systems accessible through the internet)

Posted by jpluimers on 2021/10/27

Just 2 years ago I bumped into shodan.io through [Wayback] Onderzoekers: zestig slecht beveiligde Nederlandse scada-systemen op internet – Computer – Nieuws – Tweakers and saved the entry [Wayback] Shodan (website) – Wikipedia:

Shodan is a search engine that lets the user find specific types of computers (webcams, routers, servers, etc.) connected to the internet using a variety of filters. Some have also described it as a search engine of service banners, which are metadata that the server sends back to the client.^[1] This can be information about the server software, what options the service supports, a welcome message or anything else that the client can find out before interacting with the server.

Shodan collects data mostly on web servers (HTTP/HTTPS – ports 80, 8080, 443, 8443), as well as FTP (port 21), SSH (port 22), Telnet (port 23), SNMP (port 161), IMAP (ports 143, or (encrypted) 993), SMTP (port 25), SIP (port 5060),^[2] and Real Time Streaming Protocol (RTSP, port 554). The latter can be used to access webcams and their video stream.^[3]

It was launched in 2009 by computer programmer John Matherly, who, in 2003,^[4] conceived the idea of searching devices linked to the Internet.

It looked promising, but I was really pressed for time (having impromptu arrange all care for my mom, and became even more so when I got diagnosed with rectum cancer later that year), so did not pay much attention apart from registering.

Last year in the midst of my chemos I noted [Archive.is] Nate Warfield on Twitter: “https://t.co/16969jRfuL The latest Citrix vulnerability looks bad but there might be time to fix them before PoC comes out. The @shodanhq query above might help. (support.citrix.com/article/CTX269106 has more details)… “ (I think via @jilles_com) , so put it on my list of things to look into a bit further.

Since then, I found out a lot of people dislike Shodan and want to blacklist it because they see it as a threat. It feels like people think the internet is like the [Wayback] Ravenous Bugblatter Beast of Traal | Hitchhikers | Fandom

The Ravenous Bugblatter Beast of Traal is a vicious wild animal from the planet of [Wayback] Traal, known for its never-ending hunger and its mind-boggling stupidity. One of the main features of the Beast is that if you can’t see it, it assumes it can’t see you.

(This by the way is one of the reasons for Towel Day – Wikipedia)

Anyway: a few lists of Shodan IPv4 addresses and hostnames, and means to maintain them for the ones interested:

Reality is that the internet is much smarter, so if you block Shodan from seeing you, others from the internet still will and if you have vulnerable services, one day they will be abused. For instance, this personal anecdote:

I forgot I had a port redirection on my router for RDP access a non longer existing Windows system any more. I forgot that this Windows machine had no fixed DHCP-lease while in use (it kept it’s lease as it was always on).

When that machine was long gone, another temporary Windows machine obtained the same internal machine (the router had been rebooted and after reboot hands out previously handed out IP address), and boom: the new Windows machine was bombarded with RDP logon requests.

In the end, the new Windows machine was not compromised, so I was lucky as it could have been.

Back when registering, shodan.io sent SMTP mail via sky.census.shodan.io, so you might want to not blacklist it if you blacklist at all (incidentally, when writing the IP address servicing that hostname was hosted in The Netherlands: [Wayback] 80.82.77.33 – sky.census.shodan.io – Netherlands – IP Volume inc – IP address geolocation).

It is good to think of you use Shodan, as not all usage might be legal where you live or where you travel to.

Some discussion in Dutch on the risks of using Shodan are in the above Tweakers.net link. It boils down to:

Searching should be OK
Accessing the devices found can be totally illegal

That’s basically with anything you find on the internet, for instance by Googling, so nothing new here.

I mainly use Shodan to see if I have any known vulnerabilities exposed. There are not that many ports open, but given the anecdote above, I might screw up again and not be so lucky.

This article has a balanced explanation of Shodan, how you use it, and how to stay safe: [Wayback] How to remove your device from the Shodan IoT search engine.

––jeroen

Posted in Development, IoT Internet of Things, Network-and-equipment, Power User, Security, Software Development, Web Development | Leave a Comment »

ESXi: listing virtual machines with their IP addresses

Posted by jpluimers on 2021/10/26

This is sort of a follow-up on VMware ESXi console: viewing all VMs, suspending and waking them up: part 4 which already gave part of the configuration details of all the configured VMs.

Back then, we ended with this:

List the `vmid` values, power status and name of all VMs

Back to the listing script vim-cmd-list-all-VMs.sh:

#!/bin/sh
# https://wiert.me/2021/04/29/vmware-esxi-console-viewing-all-vms-suspending-and-waking-them-up-part-4/
vmids=`vim-cmd vmsvc/getallvms | sed -n -E -e "s/^([[:digit:]]+)\s+((\S.+\S)?)\s+(\[\S+\])\s+(.+\.vmx)\s+(\S+)\s+(vmx-[[:digit:]]+)\s*?((\S.+)?)$/\1/p"`
for vmid in ${vmids} ; do
    powerState=`vim-cmd vmsvc/power.getstate ${vmid} | sed '1d'`
    name=`vim-cmd vmsvc/get.config ${vmid} | sed -n -E -e '/\(vim.vm.ConfigInfo\) \{/,/files = \(vim.vm.FileInfo\) \{/ s/^ +name = "(.*)",.*?/\1/p'`
    vmPathName=`vim-cmd vmsvc/get.config ${vmid} | sed -n -E -e '/files = \(vim.vm.FileInfo\) \{/,/tools = \(vim.vm.ToolsConfigInfo\) \{/ s/^ +vmPathName = "(.*)",.*?/\1/p'`
    echo "VM with id ${vmid} has power state ${powerState} (name = ${name}; vmPathName = ${vmPathName})."
done

It uses vim-cmd vmsvc/getallvms, vim-cmd vmsvc/power.getstate and vim-cmd vmsvc/get.config with some sed and a for loop from dash to generate a nice list of information.

A long time ago, I already figured out that vim-cmd vmsvc/get.guest # gives all guest information including network information for a running VM that has either VMware Tools or open-vm-tools running (see VMware ESXi console: viewing all VMs, suspending and waking them up: part 3 for the difference between these two tools).

A full output of a sample VM is below the signature.

There are a few places that have the LAN ipAddress. For now, I choose to use only the IPv4 main address from ipAddress, which is in between (vim.vm.GuestInfo) { and net = (vim.vm.GuestInfo.NicInfo) [.

I modified the above script to become this:

Read the rest of this entry »

Posted in *nix, *nix-tools, ash/dash, ash/dash development, Development, ESXi6, ESXi6.5, ESXi6.7, ESXi7, find, Power User, Scripting, sed, sed script, Software Development, Virtualization, VMware, VMware ESXi | Leave a Comment »

ESXi shell: appending the parent directory of a script to the path and starting a new shell, even if the script is symlinked

Posted by jpluimers on 2021/10/26

I needed a way to append the directory of a script to the path as all my tool scripts are in there, and I did not want to modify any profile scripts as these might be modified during ESXi upgrade.

First you need the full script filename through readlink then toe parent directory name through dirname:

- [Wayback] string – bash : Bad Substitution – Stack Overflow
```
me@pc:~$ readlink -f $(which sh)
/bin/dash
```
  By [Wayback] Vanni Totaro.
- [Wayback] shell – Getting parent’s directory name by piping the results of dirname to basename in a Bash script – Stack Overflow
```
# echo 'test/90_2a5/Windows' | xargs dirname | xargs
basename90_2a5
```
  By [Wayback] Rafael.

Note there might be dragons with more symlinks or different shells:

I created the script below. It is not perfect, but for my situation it gets the job done.

If you do not start a new shell, then the export is lost as a new dash shell process is started for each script that runs from the terminal or console.

# cat /opt/bin/append-script-directory-to-path-and-start-new-shell.sh
#!/bin/sh
# Absolute path to this script, e.g. /home/user/bin/foo.sh
# echo "'$0'"
SCRIPT=$(readlink -f "$0")
# Absolute path this script is in, thus /home/user/bin
SCRIPTPATH=$(dirname "$SCRIPT")
# echo Appending to $PATH: $SCRIPTPATH
export PATH=$PATH:$SCRIPTPATH
sh

–jeroen

Posted in *nix, *nix-tools, ash/dash, ash/dash development, Development, ESXi6, ESXi6.5, ESXi6.7, ESXi7, Power User, Scripting, Software Development, Virtualization, VMware, VMware ESXi | Leave a Comment »

Via a private message: Agile Rhapsody – Bohemian Rhapsody Parody – Scrum Team Building – Agile … on @YouTube

Posted by jpluimers on 2021/10/26

About half a year ago, someone shard this with me [Archive.is] Jeroen Wiert Pluimers on Twitter: “Via a private message: Agile Rhapsody – Bohemian Rhapsody Parody – Scrum Team Building – Agile … via @YouTube”.

It is a great video about agile, the manifesto and scrum: spot on.

Via a private message:

Agile Rhapsody – Bohemian Rhapsody Parody – Scrum Team Building – Agile … https://t.co/uoYdknFrRy via @YouTube

— Jeroen Wiert Pluimers @wiert (@jpluimers) April 21, 2021

–jeroen

Read the rest of this entry »

Posted in Agile, Development, Scrum, Software Development | Leave a Comment »

HTML cleanup tool & simplifier. For basic & clean HTML 🔧

Posted by jpluimers on 2021/10/21

I have used other on-line HTML cleanup tools in the past (especially for including parts of web-pages in a blog post), but so far none beats HTML Washer: [Wayback] HTML cleanup tool & simplifier. For basic & clean HTML 🔧

An online tool that reduces HTML to basic tags and attributes. Removes scripts, CSS, and other non-basic elements like , , etc… Also, corrects errors and formats the HTML doc or a fragment.

–jeroen

Posted in Development, HTML, Power User, SocialMedia, Software Development, Web Development, WordPress | Leave a Comment »

Zombie Processes are Eating your Memory | Random ASCII

Posted by jpluimers on 2021/10/21

Zombies probably won’t consume 32 GB of your memory like they did to me, but zombie processes do exist, and I can help you find them and make sure that developers fix them…

Source: [WayBack] Zombie Processes are Eating your Memory | Random ASCII

For my link archive via [WayBack] In short, close handles after process opening or creation, or it leaks and zombie process stays consuming 64k. – Ilya S – Google+

–jeroen

Posted in Development, Software Development, Windows Development | Leave a Comment »

Reminder to self: script blocks inside .ForEach calls can have Begin/Process/End blocks

Posted by jpluimers on 2021/10/21

I need to write some tests for this, but it looks like you can use the keywords Begin/Process/End with code blocks when the script block is inside a .ForEach member call.

The behaviour seems to be the same as if these blocks are part of a function that executes inside a pipeline (Begin and End are executed once; Process is executed for each item in the pipeline).

It’s hard to Google on this, as all hits of all queries I tried got me into these keywords in the context of functions.

The below links are on my reading list.

Microsoft documentation:

SS64 docs (which has guidance on which of the 3 foreach constructs to use when):

[WayBack] ForEach method – PowerShell – SS64.com
[WayBack] ForEach – PowerShell – SS64.com on the foreach statement)
[WayBack] ForEach-Object % – PowerShell – SS64.com (aliased ForEach and %)
[WayBack] Function Begin Process End – PowerShell – SS64.com[WayBack] Powershell Arrays – PowerShell – SS64.com
[WayBack] Scriptblocks – PowerShell – SS64.com

Social media and blog posts:

StackOverflow entries:

[WayBack] powershell – How does begin/process/end save the need for foreach? Still needed for the parameter isn’t it? – Stack Overflow
[WayBack] PowerShell: the mysterious -RemainingScripts parameter of ForEach-Object – Stack Overflow
[WayBack] powershell – Use Begin, Process, End in Scriptblock – Stack Overflow
[WayBack] Difference between ForEach and ForEach-Object in powershell – Stack Overflow
[WayBack] PowerShell: How to get count of piped collection? – Stack Overflow
[WayBack] powershell – Nested function inside a function with begin/process/end blocks? – Stack Overflow
[WayBack] PowerShell Pipeline iteration – Stack Overflow

[WayBack] powershell – How to query registry values skipping the PS* ones – Stack Overflow (thanks [WayBack] User Keith Miller – Stack Overflow / [WayBack] Keith A. Miller – Microsoft Community for bringing this to my attention)

I know this is truly old, but here’s a function I added to my Profile to facilitate registry exploration:

Function Get-KeyProperty  {
Param(
    [Parameter(Mandatory=$true,ValueFromPipeline=$true)]
    [ValidateScript( {(Resolve-Path $_).Provider.Name -Like 'Registry'} )]
    [String[]]
    $Path,
    [String[]]
    $Name=@("*")
)
Process {
    $Name.ForEach({ (Get-Item $Path).Property -like $_}).ForEach({
        Begin {$Hash = @{}}
        Process { $Hash += @{ $_ = (Get-Item $Path).GetValue($_)} }
        End {[PSCustomObject]$Hash}
    })
}}

…

–jeroen

Posted in CommandLine, Development, PowerShell, PowerShell, Scripting, Software Development | Leave a Comment »

Difficult programming concepts explained in tweets

Posted by jpluimers on 2021/10/20

Highlights from the thread [Archive.is] Tomasz Łakomy on Twitter: “What’s the most difficult programming concept you can explain in a tweet?”

Finally a cheat (as it has an image), but great illustration:

Read the rest of this entry »

Posted in Development, SocialMedia, Software Development, Twitter | Leave a Comment »

Filippo Valsorda on Twitter: “whoami.filippo.io , the SSH server that knows who you are … Try it out! $ ssh http://whoami.filippo.io”

Posted by jpluimers on 2021/10/20

[Archive.is] Filippo Valsorda on Twitter: “whoami.filippo.io , the SSH server that knows who you are, got some newly refreshed intel! Try it out! $ ssh whoami.filippo.io “

The server itself has some HTML with information too whoami.filippo.io redirecting to [WayBack] ssh whoami.filippo.io (source code is at [WayBack] GitHub – FiloSottile/whoami.filippo.io: A ssh server that knows who you are. $ ssh whoami.filippo.io).

It’s a cool open source server written in Golang, that gets all your public ssh keys (ssh automatically transmits those) and tries to map them back to a GitHub account.

In addition it shows you some potential vulnerabilities of your ssh client.

Note that in October 2020, it was temporarily down, but it will be up again: [Archive.is] Filippo Valsorda 💉💉 on Twitter: “Yeah I’m planning to but I can’t give you an ETA I’m afraid. A few weeks, maybe?… “

Thread comments

Some interesting comments in the thread:

Stop presenting public keys

[WayBack] GitHub – FiloSottile/whoami.filippo.io: A ssh server that knows who you are. $ ssh whoami.filippo.io: How do I stop passing public keys

How do I stop it?

If this behavior is problematic for you, you can tell ssh not to present your public keys to the server by default.

Add these lines at the end of your ~/.ssh/config (after other “Host” directives)
Host *
    PubkeyAuthentication no
    IdentitiesOnly yes
And then specify what keys should be used for each host
Host example.com
    PubkeyAuthentication yes
    IdentityFile ~/.ssh/id_rsa
    # IdentitiesOnly yes # Enable ssh-agent (PKCS11 etc.) keys
If you want you can use different keys so that they can’t be linked together
Host github.com
    PubkeyAuthentication yes
    IdentityFile ~/.ssh/github_id_rsa

–jeroen

Read the rest of this entry »

Posted in *nix, *nix-tools, Communications Development, Development, Go (golang), Internet protocol suite, Power User, Software Development, SSH, ssh/sshd, TCP | Leave a Comment »

« Previous Entries

Next Entries »

	Attila Kovacs on Crowbarring Windows 95 into Wi…
	Jeroen Wiert Pluimer… on Does Odido (the old T-Mobile N…
	Lars Fosdal on Security alarm provider Woonve…
	Thomas Mueller on Question got closed in May 202…
	Thaddy de Koning on Formulier voor bewindvoerders…

The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

Subscribe

Archives

Recent Comments

Recent Posts

Blog Stats

Meta title

Tag Cloud Title

Top Clicks

Top Posts

My badges

Twitter Updates

My Flickr Stream

Pages

All categories

Email Subscription

Archive for the ‘Development’ Category

Some bash parameter propagation links that hopefully will work with ash/dash too

Shodan (via SCADA systems accessible through the internet)

ESXi: listing virtual machines with their IP addresses

List the `vmid` values, power status and name of all VMs

ESXi shell: appending the parent directory of a script to the path and starting a new shell, even if the script is symlinked

Via a private message: Agile Rhapsody – Bohemian Rhapsody Parody – Scrum Team Building – Agile … on @YouTube

HTML cleanup tool & simplifier. For basic & clean HTML 🔧

Zombie Processes are Eating your Memory | Random ASCII

Reminder to self: script blocks inside .ForEach calls can have Begin/Process/End blocks

Difficult programming concepts explained in tweets

Filippo Valsorda on Twitter: “whoami.filippo.io , the SSH server that knows who you are … Try it out! $ ssh http://whoami.filippo.io”

Thread comments

Stop presenting public keys

How do I stop it?

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

Subscribe

Archives

Recent Comments

Recent Posts

Blog Stats

Meta title

Tag Cloud Title

Top Clicks

Top Posts

My badges

My Flickr Stream

Pages

All categories

Email Subscription

Archive for the ‘Development’ Category

Rate this:

Share this:

Rate this:

Share this:

List the vmid values, power status and name of all VMs

Rate this:

Share this:

Rate this:

Share this:

Rate this:

Share this:

Rate this:

Share this:

Rate this:

Share this:

Rate this:

Share this:

Rate this:

Share this:

Thread comments

Stop presenting public keys

How do I stop it?

Rate this:

Share this:

List the `vmid` values, power status and name of all VMs