Posted by jpluimers on 2021/10/26
This is sort of a follow-up on VMware ESXi console: viewing all VMs, suspending and waking them up: part 4 which already gave part of the configuration details of all the configured VMs.
Back then, we ended with this:
List the vmid values, power status and name of all VMs
Back to the listing script vim-cmd-list-all-VMs.sh:
#!/bin/sh
# https://wiert.me/2021/04/29/vmware-esxi-console-viewing-all-vms-suspending-and-waking-them-up-part-4/
vmids=`vim-cmd vmsvc/getallvms | sed -n -E -e "s/^([[:digit:]]+)\s+((\S.+\S)?)\s+(\[\S+\])\s+(.+\.vmx)\s+(\S+)\s+(vmx-[[:digit:]]+)\s*?((\S.+)?)$/\1/p"`
for vmid in ${vmids} ; do
powerState=`vim-cmd vmsvc/power.getstate ${vmid} | sed '1d'`
name=`vim-cmd vmsvc/get.config ${vmid} | sed -n -E -e '/\(vim.vm.ConfigInfo\) \{/,/files = \(vim.vm.FileInfo\) \{/ s/^ +name = "(.*)",.*?/\1/p'`
vmPathName=`vim-cmd vmsvc/get.config ${vmid} | sed -n -E -e '/files = \(vim.vm.FileInfo\) \{/,/tools = \(vim.vm.ToolsConfigInfo\) \{/ s/^ +vmPathName = "(.*)",.*?/\1/p'`
echo "VM with id ${vmid} has power state ${powerState} (name = ${name}; vmPathName = ${vmPathName})."
done
It uses vim-cmd vmsvc/getallvms, vim-cmd vmsvc/power.getstate and vim-cmd vmsvc/get.config with some sed and a for loop from dash to generate a nice list of information.
A long time ago, I already figured out that vim-cmd vmsvc/get.guest # gives all guest information including network information for a running VM that has either VMware Tools or open-vm-tools running (see VMware ESXi console: viewing all VMs, suspending and waking them up: part 3 for the difference between these two tools).
A full output of a sample VM is below the signature.
There are a few places that have the LAN ipAddress. For now, I choose to use only the IPv4 main address from ipAddress, which is in between (vim.vm.GuestInfo) { and net = (vim.vm.GuestInfo.NicInfo) [.
I modified the above script to become this:
Read the rest of this entry »
Posted in *nix, *nix-tools, ash/dash, ash/dash development, Development, ESXi6, ESXi6.5, ESXi6.7, ESXi7, find, Power User, Scripting, sed, sed script, Software Development, Virtualization, VMware, VMware ESXi | Leave a Comment »
Posted by jpluimers on 2021/10/26
I needed a way to append the directory of a script to the path as all my tool scripts are in there, and I did not want to modify any profile scripts as these might be modified during ESXi upgrade.
First you need the full script filename through readlink then toe parent directory name through dirname:
Note there might be dragons with more symlinks or different shells:
I created the script below. It is not perfect, but for my situation it gets the job done.
If you do not start a new shell, then the export is lost as a new dash shell process is started for each script that runs from the terminal or console.
# cat /opt/bin/append-script-directory-to-path-and-start-new-shell.sh
#!/bin/sh
# Absolute path to this script, e.g. /home/user/bin/foo.sh
# echo "'$0'"
SCRIPT=$(readlink -f "$0")
# Absolute path this script is in, thus /home/user/bin
SCRIPTPATH=$(dirname "$SCRIPT")
# echo Appending to $PATH: $SCRIPTPATH
export PATH=$PATH:$SCRIPTPATH
sh
–jeroen
Posted in *nix, *nix-tools, ash/dash, ash/dash development, Development, ESXi6, ESXi6.5, ESXi6.7, ESXi7, Power User, Scripting, Software Development, Virtualization, VMware, VMware ESXi | Leave a Comment »
Posted by jpluimers on 2021/10/21
I have used other on-line HTML cleanup tools in the past (especially for including parts of web-pages in a blog post), but so far none beats HTML Washer: [Wayback] HTML cleanup tool & simplifier. For basic & clean HTML 🔧
An online tool that reduces HTML to basic tags and attributes. Removes scripts, CSS, and other non-basic elements like , , etc… Also, corrects errors and formats the HTML doc or a fragment.
–jeroen
Posted in Development, HTML, Power User, SocialMedia, Software Development, Web Development, WordPress | Leave a Comment »
Posted by jpluimers on 2021/10/21
I need to write some tests for this, but it looks like you can use the keywords Begin/Process/End with code blocks when the script block is inside a .ForEach member call.
The behaviour seems to be the same as if these blocks are part of a function that executes inside a pipeline (Begin and End are executed once; Process is executed for each item in the pipeline).
It’s hard to Google on this, as all hits of all queries I tried got me into these keywords in the context of functions.
The below links are on my reading list.
Microsoft documentation:
SS64 docs (which has guidance on which of the 3 foreach constructs to use when):
Social media and blog posts:
StackOverflow entries:
–jeroen
Posted in CommandLine, Development, PowerShell, PowerShell, Scripting, Software Development | Leave a Comment »
Posted by jpluimers on 2021/10/20
[Archive.is] Filippo Valsorda on Twitter: “whoami.filippo.io , the SSH server that knows who you are, got some newly refreshed intel! Try it out! $ ssh whoami.filippo.io “
The server itself has some HTML with information too whoami.filippo.io redirecting to [WayBack] ssh whoami.filippo.io (source code is at [WayBack] GitHub – FiloSottile/whoami.filippo.io: A ssh server that knows who you are. $ ssh whoami.filippo.io).
It’s a cool open source server written in Golang, that gets all your public ssh keys (ssh automatically transmits those) and tries to map them back to a GitHub account.
In addition it shows you some potential vulnerabilities of your ssh client.
Note that in October 2020, it was temporarily down, but it will be up again: [Archive.is] Filippo Valsorda 💉💉 on Twitter: “Yeah I’m planning to but I can’t give you an ETA I’m afraid. A few weeks, maybe?… “
Thread comments
Some interesting comments in the thread:
- [WayBack] Filippo Valsorda on Twitter: “The server will also warn you if you have agent forwarding or X11 forwarding globally enabled, allowing any server to use your SSH keys or catch your keystrokes. A dozen vulnerable connections already!… “
- [Archive.is] Filippo Valsorda on Twitter: “Yep, configuring keys per host. It is pretty inconvenient though, and I personally don’t mind, but your threat model might vary. … “
- [Archive.is] 不可爱的硅基生物 on Twitter: “GitLab (private instance or gitlab.com) will also expose your ssh public key,
https://GitLabWebsite/username.keys… “
- [Archive.is] Olivier Mengué on Twitter: “One good reason to use
github-keygen: it builds SSH config that protects against this attack by using your GitHub SSH key only when connecting to GitHub.… “
- [Archive.is] d2x2 on Twitter: “There is an interesting article from @rushter which made a POC to find target infrastructure using a github public key. … “
- [WayBack] Public SSH keys can leak your private infrastructure | Artem Golubin
- [Archive.is] Raullen Chai ~子非鱼,焉知鱼之乐~ on Twitter: “Publish a public key is not a concern at all; @github exposes the mapping between the user and his/her public key is a concern; should use pseudo names on @github per se.… “
- [WayBack] GitHub – lgandx/Responder: Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.
- [Archive.is] HD Moore on Twitter: “We love this so much we made Flamingo (OSS) save the entire (re-usable) public key. Cross-reference vs public data sets or rescan to find out what machines accept that user’s key for auth: … Hurrah for easy Go SSH servers =D… “
- [Archive.is] Filippo Valsorda on Twitter: “To be clear I think
whoami.filippo.io is a neat trick, not a proof of concept of a vulnerability. However, all the folks who said “public keys are public duh” pass their cryptography 101 and fail their security 201 =)”
- [Archive.is] Samuel Berthe 🐘 on Twitter: “Sync SSH keys of your coworkers, from Github to ~/.authorized_keys with => … #cronjob #automation… “
- [Archive.is] Filippo Valsorda on Twitter: “Added a OpenSSH roaming vuln test to the whoami server
$ ssh whoami.filippo.io (code: …) “
Related: [WayBack] Auditing GitHub users’ SSH key quality
Stop presenting public keys
[WayBack] GitHub – FiloSottile/whoami.filippo.io: A ssh server that knows who you are. $ ssh whoami.filippo.io: How do I stop passing public keys
How do I stop it?
If this behavior is problematic for you, you can tell ssh not to present your public keys to the server by default.
Add these lines at the end of your ~/.ssh/config (after other “Host” directives)
Host *
PubkeyAuthentication no
IdentitiesOnly yes
And then specify what keys should be used for each host
Host example.com
PubkeyAuthentication yes
IdentityFile ~/.ssh/id_rsa
# IdentitiesOnly yes # Enable ssh-agent (PKCS11 etc.) keys
If you want you can use different keys so that they can’t be linked together
Host github.com
PubkeyAuthentication yes
IdentityFile ~/.ssh/github_id_rsa
–jeroen
Read the rest of this entry »
Posted in *nix, *nix-tools, Communications Development, Development, Go (golang), Internet protocol suite, Power User, Software Development, SSH, ssh/sshd, TCP | Leave a Comment »
Posted by jpluimers on 2021/10/19
From a long while my answer to [WayBack] EProgrammerNotFound exception in Delphi? – Stack Overflow (I added the WayBack links)
It was introduced in Delphi 2009, still present in Delphi 2010, and [WayBack] recently got some [WayBack] more attention on the [WayBack] internet.
I think it is an easter egg, similar to [WayBack] “EBCAK” (Error Between Chair and Keyboard), and the [WayBack] skipping of Delphi version number 13.
[WayBack] EProgrammerNotFound
- is declared in the Win32 branch of the SysUtils unit, but not used anywhere in the RTL or VCL
- is not present in Delphi Prism
- was introduced in Delphi 2009, so not present in VCL.NET
- has currently (version 3.5) nothing similar in the .NET framework (not sure why, these guys [WayBack] do have humour)
I don’t think EProgrammerNotFound is actually meant to be used at all, but since it is there, people will jokingly use it (similar like putting a stray “const False = True; True = not False;” in someone elses sourcecode).
On green bits and red bits (which I highly associate with the “green wobbly bit”:
–jeroen
Posted in Delphi, Development, Software Development | Leave a Comment »
The Wiert Corner - irregular stream of stuff 