Archive for the ‘Scripting’ Category
Posted by jpluimers on 2023/04/18
Cool one-liner program via [Archive] Jilles🏳️🌈 (@jilles_com) / Twitter:
for s in 0123456789ABCDEF 172.16.0.254 Passwd:admin;do echo -en "Big Endian: $s\nMiddle Endian: ";echo -n $s|xxd -e -g 4 | xxd -r;echo -en "\nLittle Endian: ";echo -n $s|xxd -e -g 2 | xxd -r;echo -en "\nReversed : ";echo -n $s|xxd -p -c1 | tac | xxd -p -r;echo -e "\n";done
Note that the hex are bytes, not nibbles, so the endianness is OK:
Big Endian: 0123456789ABCDEF
Middle Endian: 32107654BA98FEDC
Little Endian: 1032547698BADCFE
Reversed : FEDCBA9876543210
Big Endian: 172.16.0.254
Middle Endian: .2710.61452.
Little Endian: 71.2610.2.45
Reversed : 452.0.61.271
Big Endian: Passwd:admin
Middle Endian: ssaPa:dwnimd
Little Endian: aPssdwa:mdni
Reversed : nimda:dwssaP
That nibble/byte thing confused me at first (as I associate hexadecimal output with hex dumps, where each hexadecimal character represents a nibble)) so here are some interesting messages from the thread that Jilles_com started:
Some related man pages:
–jeroen
Posted in *nix, *nix-tools, bash, Development, Power User, Scripting, Software Development, xxd | Leave a Comment »
Posted by jpluimers on 2023/04/13
MikroTik switches and routers are very flexible to configure, as everything is done through [Wayback/Archive] RouterOS settings.
This means that given enough ports, you can split a physical switch into logical switches. This can be very convenient when you run multiple networks without VLAN.
Earlier this week, I already wrote about Torching a specific port on a MikroTik switch or router running RouterOS which involved turning off hardware acceleration off for specific ports in order to have the flow through the underlying switch chip prohibiting torch and filter features.
For splitting noticing which ports are connected to which switch chip is also important: splitting works best if you can configure each logical switch to exclusively use network ports on one switch chip.
This post was to both research how to configure this, and if my MikroTik devices would allow for hardware acelleration.
Here are some links that should help me with configuring (via [Wayback/Archive] mikrotik split switch in two – Google Search):
–jeroen
Read the rest of this entry »
Posted in Development, Hardware, MikroTik, Network-and-equipment, Power User, RouterOS, routers, Scripting, Software Development | Leave a Comment »
Posted by jpluimers on 2023/04/11
On most recent [Wayback/Archive] RouterOS configurations of MikroTik Routers and Switches, running [Wayback/Archive] Torch a port will show zero traffic when they are part of a bridge configuration. The same holds for the Packet Sniffer.
The reason is that these bridges have hardware acceleration turned on, which makes all traffic go through the switch chip instead of the device CPU. Torch works on the CPU level, so won’t show hardly any traffic except for some configuration stuff (depending on the combination of switch chip and CPU type).
This is not documented in the Torch documentation, but it is documented in the Packet Sniffer documentation.
Further reading:
- [Wayback/Archive] Manual:Troubleshooting tools – Torch – MikroTik Wiki
- [Wayback/Archive] Manual:Tools/Packet Sniffer – MikroTik Wiki
Note: Unicast traffic between Wireless clients with client-to-client forwarding enabled will not be visible to sniffer tool. Packets that are processed with hardware offloading enabled bridge will also not be visible (unknown unicast, broadcast and some multicast traffic will be visible to sniffer tool).
- [Wayback/Archive] mikrotik nonhardware bridge – Google Search (yes that was a typo, but Google still got good results)
- [Wayback/Archive] Can not see trafic in TORCH – MikroTik
As the ethernet ports are marked as S(laves) in the tables, I would assume that they are member ports of bridges and “hardware acceleration” is enabled (the value of hw in the respective rows of /interface bridge port is set to yes). So any frames which pass through these ports to other ports of the same switch chip are counted by the switch chip counters, but as they never get to the CPU, the torch cannot see them.
- [Wayback/Archive] mikrotik torch ip ports of bridge – Google Search
- [Wayback/Archive] Manual:Layer2 misconfiguration; Packet flow with hardware offloading and MAC learning – MikroTik Wiki
Consider the following scenario, you setup a bridge and have enabled hardware offloading in order to maximize the throughput for your device, as a result your device is working as a switch, but you want to use Sniffer or Torch tools for debugging purposes, or maybe you want to implement packet logging.
- [Wayback/Archive] Manual:Layer2 misconfiguration; Packet flow with hardware offloading and MAC learning; Configuration – MikroTik Wiki
/interface bridge
add name=bridge1
/interface bridge port
add bridge=bridge1 hw=yes interface=ether1 learn=yes
add bridge=bridge1 hw=yes interface=ether2 learn=yes
- [Wayback/Archive] Manual:Layer2 misconfiguration; Packet flow with hardware offloading and MAC learning; Problem – MikroTik Wiki
When running
Sniffer or
Torch tool to capture packets you might notice that barely any packets are visible, only some unicast packets, but mostly broadcast/multicast packets are captured, while the interfaces report that much larger traffic is flowing through certain interfaces than the traffic that was captured.
Since RouterOS v6.41 if you add two or more Ethernet interfaces to a bridge and enable Hardware Offloading, then the switch chip will be used to forward packets between ports. To understand why only some packets are captured, we must first examine how the switch chip is interconnected with the CPU, in this example we can use a block diagram from a generic 5-Port Ethernet router:
For this device each Ethernet port is connected to the switch chip and the switch chip is connected to the CPU using the CPU port (sometimes called the
switch-cpu port).
For packets to be visible in Sniffer tools, the packet must be sent from an Ethernet port to the CPU port, this means that the packet must be destined to the CPU port (destination MAC address of the packet matches the bridge’s MAC address) or the packet’s MAC address has not be learnt (packet is flooded to all ports), this behavior is because of
MAC learning·
The switch chip keeps a list of MAC addresses and ports called the
Hosts table· Whenever a packet needs to be forwarded, the switch chip checks the packet’s destination MAC address against the hosts table to find which port should it use to forward the packet.
If the switch chip cannot find the destination MAC address, then the packet is flooded to all ports (including the CPU port). In situations where packet is supposed to be forwarded from, for example, ether1 to ether2 and the MAC address for the device behind ether2 is in the hosts table, then the packet is never sent to the CPU and therefore will not be visible to
Sniffer or
Torch tool..
- [Wayback/Archive] Manual:Layer2 misconfiguration; Packet flow with hardware offloading and MAC learning – MikroTik Wiki
Packets with a destination MAC address that has been learned will not be sent to the CPU since the packets are not not being flooded to all ports. If you do need to send certain packets to the CPU for packet analyser or for Firewall, then it is possible to copy or redirect the packet to the CPU by using ACL rules. Below is an example how to send a copy of packets that are meant for 4C:5E:0C:4D:12:4B:
/interface ethernet switch ruleadd copy-to-cpu=yes dst-mac-address=4C:5E:0C:4D:12:4B/FF:FF:FF:FF:FF:FF ports=ether1 switch=switch1
Note: If the packet is sent to the CPU, then the packet must be processed by the CPU, this increases the CPU load.
- [Wayback/Archive] mikrotik torch mac address – Google Search
–jeroen
Posted in Development, Hardware, MikroTik, Power User, RouterOS, routers, Scripting, Software Development | 1 Comment »
Posted by jpluimers on 2023/03/16
PolyShell is a script that’s simultaneously valid in Bash, Windows Batch, and PowerShell (i.e. a polyglot).
[Wayback/Archive] llamasoft/polyshell: A Bash/Batch/PowerShell polyglot!
Need to check this out, as often I have scripts that have to go from one language to the other or vice versa.
Maybe it enables one language to bootstrap functionality in the other?
The quest
The above polyglot started with a quest to see if I can could include some PowerShell statements in a batch file with two goals:
- if the batch file started from the PowerShell command prompt, then execute the PowerShell code
- if the batch file started from the
cmd.exe command prompt, then have it start PowerShell with the same command-line arguments
The reasoning is simple:
- PowerShell scripts will start from the PATH only when PowerShell is already running
- Batch files start from the path when either
cmd.exe or PowerShell are running
Lots of users still live in the cmd.exe world, but PowerShell scripts are way more powerful, and since PowerShell is integrated in Windows since version 7, so having a batch file bootstrap PowerShell still makes sense.
Since my guess was about quoting parameters the right way, my initial search for the link below was [Wayback/Archive] powershell execute statement from batch file quoting – Google Search.
I have dug not yet into this, so there are still…
Many links to read
These should give me a good idea how to implement a polyglot batch file/PowerShell script.
–jeroen
Posted in *nix, *nix-tools, bash, bash, Batch-Files, Development, JavaScript/ECMAScript, Perl, Polyglot, Power User, PowerShell, Scripting, Software Development | Leave a Comment »
Posted by jpluimers on 2023/03/15
Yup, web browser bookmarklets, though hardly published about any more, I still like them (and wrote about them before). With a little bit, usually unreadable, JavaScript, they can add magical functionality to your browser.
So here are some links on Twitter related bookmarklets:
- [Wayback/Archive] Send to Twitter Bookmarklet (uses document.title and URL as content) with this URI:
javascript:location.href='http://twitter.com/share?url='+encodeURIComponent(window.location.href)+'&text='+encodeURIComponent(document.title)
which I reworked into:
javascript:window.open('http://twitter.com/share?url='+encodeURIComponent(window.location.href)+'&text='+encodeURIComponent(document.title))
- These are all from the same author:
All code from the above links seemed to give corrupted tweets, which I thought was because of quote beautification, but was just me doing the whitespace removal wrong.
This is the right one:
javascript:(function(){n=getSelection().anchorNode;if(!n){t=document.title;}else{t=n.nodeType===3?n.data:n.innerText;}t='“'+t.trim()+'”\n\n';window.open(`https://twitter.com/intent/tweet?text=${encodeURIComponent(t)}${document.location.href}`)})();
which I reworked using «» quotes into:
javascript:(function(){n=getSelection().anchorNode;if(!n){t=document.title;}else{t=n.nodeType===3?n.data:n.innerText;}t='«'+t.trim()+'»\n\n';window.open(`https://twitter.com/intent/tweet?url=${document.location.href}&text=${encodeURIComponent(t)}`)})();
All via [Wayback/Archive] twitter bookmarklet – Google Search.
–jeroen
Posted in Bookmarklet, Development, JavaScript/ECMAScript, Power User, Scripting, Software Development, Web Browsers, Web Development | Leave a Comment »
Posted by jpluimers on 2023/03/07
A long time ago, on just one system, I forgot which one, I needed explicit [Wayback/Archive] linux – Newline-separated xargs – Server Fault.
The simple solution was to replace the newline with null before running xargs:
tr '\n' '\0'
The clean solution was to install [Wayback/Archive] gnu xargs:
GNU xargs (default on Linux; install findutils from MacPorts on OS X to get it) supports [Wayback/Archive] -d which lets you specify a custom delimiter for input, so you can do
ls *foo | xargs -d '\n' -P4 foo
–jeroen
Posted in *nix, *nix-tools, bash, Development, Power User, Scripting, Software Development, xargs | Leave a Comment »
Posted by jpluimers on 2023/01/19
After publishing Free Linux cloud shell for Gmail users – shell in the browser that works in all locations I’ve been so far, the Google Cloud Shell got extended quite a bit.
There is now [Wayback/Archive] Safe Mode (which skips initialisation scripts):
If there’s a problem in your .bashrc or .tmux.conf files, Cloud Shell immediately close after connection. To resolve this, open Cloud Shell in safe mode by appending cloudshellsafemode=true to the URL. This restarts your Cloud Shell instance and logs you in as root, allowing you to fix any issues in the files.
To permanently delete all files in your home directory and restore your Cloud Shell home directory to a clean state, you can reset your Cloud Shell VM.
And there is support for way more [Wayback/Archive] tools and languages:
Read the rest of this entry »
Posted in .NET, C#, Cloud, Development, Go (golang), Google, GoogleCloudShell, Infrastructure, Java, Java Platform, JavaScript/ECMAScript, Node.js, Perl, PHP, Power User, Python, Ruby, Scripting, Software Development | Leave a Comment »
The Wiert Corner - irregular stream of stuff 