The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

    Mastodon

  • Twitter Updates

  • My Flickr Stream

    20140508-Delphi-2007--Project-Options--Cannot-Edit-Application-Title-HelpFile-Icon-Theming20140430-Fiddler-Filter-Actions-Button-Run-Filterset-now20140424-VMware-Fusion-6.0.3.-no-reclaimable
    More Photos

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,828 other subscribers

Archive for the ‘Scripting’ Category

« Previous Entries
Next Entries »

PSA: Don’t use the ‘save password’ feature, or plug random USBs into your computer.  – Album on Imgur

Posted by jpluimers on 2017/03/14

Rubber Ducky

Rubber Ducky

Looks like a simple USB sick. Has it’s own CPU, Micro SD storage and can run scripts by pretending to be a keyboard.

Easy way of getting into computers:

Imgur – PSA: Don’t use the ‘save password’ feature, or plug random USBs into your computer. 

This is a neat little tool called a USB Rubber Ducky.

It simulates a keyboard. Their motto goes along the lines of “Humans use keyboards. Computers trust humans.”. What they’re trying to say is the computer won’t look at this new device as malicious, because it’s ‘a keyboard’. It types at 1000 words a minute, meaning it takes about 8 seconds to completely infect a computer with a small scale payload. It has been featured on the tv show Mr. Robot.

You can get it here:

Take Social Engineering to the next level with a USB Rubber Ducky Deluxe hidden inside an inconspicuous “thumb drive” case. All the fixings included.  Since 201

Source: USB Rubber Ducky Deluxe – HakShop

  • Fast 60 MHz 32-bit Processor
  • Convenient Type A USB Connector
  • Expandable Memory via Micro SD
  • Hideable inside an in an innocuous looking case
  • Onboard Payload Replay Button

Community Payload Generators, Firmware, Encoders and Toolkits

The USB Rubber Ducky project has fostered considerable innovation and creativity among the community. Some gems include

–jeroen

 

via: PSA: Don’t use the ‘save password’ feature, or plug random USBs into your computer.  https://imgur.com/gallery/MGS0L – DoorToDoorGeek “Stephen McLaughlin” – Google+

Read the rest of this entry »

Posted in Development, Power User, Rubber Ducky, Scripting, Security, Software Development | Leave a Comment »

sed: convert Google Drive urls to direct download ones

Posted by jpluimers on 2017/03/14

RegEx Fu

RegEx Fu

One of the things after moving most of my things from copy.com to Google Drive was the direct (public) download URLs that copy.com provides. DropBox has them as well, but Google Drive lacks them in the UI.

There is a URL format that does allow for direct download though:

While Google aims for Drive to be a competent Dropbox competitor, there’s one small but key feature that isn’t easy: sharing direct download links. Fortunately, you can create your own.

Source: Share Direct Links to Files in Google Drive and Skip the Web Viewer

You can do a similar replacement for Google Doc URLs: How to Create Direct Download Links for Files on Google Drive

The Google Drive conversion seems straightforward as they convert from either of

https://drive.google.com/file/d/FILE_ID/edit?usp=sharing
https://drive.google.com/file/d/FILE_ID/view
https://drive.google.com/open?id=FILE_ID

to

https://drive.google.com/uc?export=download&id=FILE_ID

There are tons of RegEx examples for doing the first conversion at Regex to modify Google Drive shared file URL – Stack Overflow, but

  1. they don’t cover the two conversions
  2. they use the non-greedy (.*?) capturing groups which are tricky, introduce question mark escaping issues in hash and many sed implementations fail to implement non-greedy

Since I’m a command-line person, I’ve opted for a sed conversion that wasn’t in the above list. I choose sed because it allows you to convert either a line or a complete file at one time.

There are a few indispensable resources to get my regex expressions right:

So here it goes, starting with fixing https://drive.google.com/open?id=FILE_ID as it’s the most simple replacement because the FILE_ID is at the end.

First of all, these code fragments below are part of bash functions as bash functions remove the quoting hell you have with bash aliases.

Where bash aliases have no parameters (i.e. the arguments are put after the end of the expansion), functions have parameters. So if you want to pass all function parameters to a command inside a function, you have to use “$@” to pass all parameters.

This fragment fixes https://drive.google.com/open?id=FILE_ID printing each fix on one line using the p for printing command in sed:

sed -n 's@https://drive.google.com/open?id=@https://drive.google.com/uc?export=download\&id=@p' "$@"

A few remarks:

The second fragment fixes https://drive.google.com/file/d/FILE_ID/edit?usp=sharing and https://drive.google.com/file/d/FILE_ID/view again printing each fix:

sed -n 's@https://drive.google.com/file/d/\([^.]*\)/.*@https://drive.google.com/uc?export=download\&id=\1@p' "$@"

Some more remarks:

  • The FILE_ID is obtained from a capturing group during the match using \([^.]*\) and using the value in the replace with \1 as reference.
  • There is backslash escaping of the parentheses because that’s the sed way.
  • I’ve used a non-greedy \(.*?\) capturing group (sed can’t do that) but \([^.]*\)/ which matches any non-slash inside the capturing group until the first slash outside that group.

The final part is combing both replacement into one sed command:

sed 's@https://drive.google.com/open?id=@https://drive.google.com/uc?export=download\&id=@;s@https://drive.google.com/file/d/\([^.]*\)/.*@https://drive.google.com/uc?export=download\&id=\1@' "$@"

Final remarks:

–jeroen

Posted in *nix, *nix-tools, bash, bash, Development, Power User, Scripting, sed, sed script, Software Development | Leave a Comment »

PowerShell: when Format-Table -AutoSize displays only 10 columns and uses the width of the console when redirecting to file

Posted by jpluimers on 2017/03/09

Lets start with the second problem: There are various ways to redirect PowerShell output to a file.

  • Shell redirect with a greater than sign (>) to create/overwrite output or two greater than signs (>>) to append output.
  • Use Out-File [WayBack] with a filename and either -FilePath (default, similar to >) or -Append (similar >>).

I write “similar” as they are not fully equivalent. That’s where Format-Table [WayBack] with the -AutoSize parameter comes in (with or without a -Wrap parameter).

Apart from Format-Table displaying only 10 columns by default (see below), the -AutoSize will change columns presentation depending not just on the -Wrap parameter but also to the total width it thinks it has available.

Useful Format-Table parameters

First the representation:

Read the rest of this entry »

Posted in CommandLine, Development, Power User, PowerShell, PowerShell, Scripting, Software Development, Windows | 3 Comments »

ShellCheck – shell script analysis tool

Posted by jpluimers on 2017/03/09

This is golden: ShellCheck – shell script analysis tool.

It checks your shell scripts, either on-line or off-line (brew install shellcheck for Mac, apt, etc for Linuces)

–jeroen

via: regex – Read file line by line with bash script – Stack Overflow

Posted in bash, Development, Scripting, Sh Shell, Software Development | Leave a Comment »

node.js – a nightmare to get started. Did I try the wrong technology for my problem?

Posted by jpluimers on 2017/03/08

Most of my web-stuff is on Apache. Which works fine, has TLS/SSL enabled, etc.

But I wanted to do server-side JavaScript. Which somehow is a forrest without trees, or a nightmare to get started, especially on OpenSuSE.

First of all, virtually all examples explain how to run node as a script. But none explain where to save it, how to run it as a service (and restart when it crashes: it will crash) or how to run multiple sites under it. And the scripts seems to listen to a TCP port by themselves so they operate as a full server by themselves. Nice for a fully fledged portal, but not for some one-offs.

Some links below hopefully will get me re-started later on, but for now, I’ve given up: the out-of-the-box experience is totally non-intuitive.

Maybe what I really want is something else: I want JavaScript stuff that normally renders a page in the browser through the dom to run server side so I can run XMLHttpRequest to various places without bumping into CORS stuff but still render a page DOM.

If you know a better way to do what I want (serving small mostly single-page scripts written in an easy to debug/trace language) let me know.

So basically work around this:

XMLHttpRequest cannot load http://myApiUrl/login. No
'Access-Control-Allow-Origin' header is present on the requested
resource. Origin 'null' is therefore not allowed access.

Read the rest of this entry »

Posted in *nix, Apache2, Development, JavaScript/ECMAScript, Linux, openSuSE, Power User, Scripting, Software Development, SuSE Linux | 1 Comment »

bash – how do I list the functions defined in my shell? – Stack Overflow

Posted by jpluimers on 2017/03/07

Nice: “you can get both aliases and functions with compgen -a -A function

It uses the compgen completion generator. Simply brilliant (:

Source: bash – how do I list the functions defined in my shell? – Stack Overflow

–jeroen

Posted in *nix, *nix-tools, bash, bash, Development, Power User, Scripting, Software Development | Leave a Comment »

How to enable JavaScript in your browser and why

Posted by jpluimers on 2017/03/02

Just in case it’s not enabled yet: How to enable JavaScript in your browser and why

It even has some html to redirect to it, which I’ve replaced with the wayback machine (and put into a gist as WordPress kills noscript tag blocks and everything they contain.


<noscript>
For full functionality of this site it is necessary to enable JavaScript.
Here are the <a href="http://web.archive.org/web/20160402005258/http://www.enable-javascript.com/&quot; target="_blank">
instructions how to enable JavaScript in your web browser</a>.
</noscript>

view raw

enable-javascript.com-noscript-fragment.html

hosted with ❤ by GitHub

I needed it as at a client site, one of the embedded devices would show the message “Javascript is required to use this web portal” in various web browsers so I had to check the JavaScript status in each browser.

–jeroen

Posted in Chrome, Chrome, Development, Firefox, Google, Internet Explorer, JavaScript/ECMAScript, Opera, Power User, Safari, Scripting, Software Development, Web Browsers | Leave a Comment »

JavaScript. Sigh. No real RegExp support. Sigh. Google Search results. Sigh.

Posted by jpluimers on 2017/03/01

Prologue

Every time I need to use JavaScript there’s this tiny voice in the back of my head “Please don’t”, for instance because of

JavaScript has two sets of equality operators: === and !==, and their evil twins == and !=.

Verify a URI in JavaScript with a Regular Expression using Google Search examples

This time it did it again: I used JavaScript. My need was to verify a basic URI in JavaScript, so I wrote this function based on RFC 3986 [WayBack] which in Appendix B has a nice regular expression: ^(([^:/?#]+):)?(//([^/?#]*))?([^?#]*)(\?([^#]*))?(#(.*))?

function isValidUri(uri){
    var uriRegExPattern = "^(([^:/?#]+):)?(//([^/?#]*))?([^?#]*)(\?([^#]*))?(#(.*))?";
    var uriRegEx = new RegExp(uriRegExPattern); 

    return (uriRegEx.test(uri));
}

It would crash. But JavaScript is JavaScript, so even a site like JSFiddle wouldn’t show an error (later I found out that enabling the console on http://jsbin.com/wamavacuco/edit?html,console,output does show the error in the console complete with stack trace).

Read the rest of this entry »

Posted in Development, JavaScript/ECMAScript, JSFiddle, JSON, RegEx, Scripting, Software Development | Leave a Comment »

bash – cheatsheet to choose between ; or && or || or & via Ask Ubuntu

Posted by jpluimers on 2017/02/26

Cheatsheet:

A; B    Run A and then B, regardless of success of A
A && B  Run B if A succeeded
A || B  Run B if A failed
A &     Run A in background.

Source: bash – Which one is better: using ; or && to execute multiple commands in one line? – Ask Ubuntu [WayBack]

Thanks Jack [WayBack] for the initial answer ubfan1 [WayBack] for getting the formulation right, Hatshepsut [WayBack] for making it a readable cheat-sheet and leftaroundabout [WayBack] for making this brilliant addition using parenthesis which can be used for all permutations:

(A && B) &     In the background: run B if A succeeded

–jeroen

Posted in bash, Development, Scripting, Software Development | Leave a Comment »

Windows 10 – language neutral batch file to start Windows Update

Posted by jpluimers on 2017/02/22

A while ago, I bitched that Microsoft moved away the Windows Update out of the Control panel into a language depended place (in Windows 10 1511 update broke the Hyper-V networking – Fix network connection issues).

Since then I had to maintain too many locales running Windows 10. So here is the batch file:

for /f "delims=" %%A in ('PowerShell -Command "(Get-Culture).Name"') do explorer "%LocalAppData%\Packages\windows.immersivecontrolpanel_cw5n1h2txyewy\LocalState\Indexed\Settings\%%A\AAA_SystemSettings_MusUpdate_UpdateActionButton.settingcontent-ms"

It uses these tricks:

  1. Set output of a command as a variable (in this case a for loop variable)
  2. Execute PowerShell script in a .bat file
  3. PowerShell Get-Culture (which gets a .NET CultureInfo instance)
  4. CultureInfo.Name property (which has the nl-NL, en-US, etc codes in it)

It replaced this simple batch-file which has worked for like 10 years:

%windir%\System32\rundll32.exe url.dll,FileProtocolHandler wuapp.exe

–jeroen

via: Windows Update Shortcut – Create in Windows 10 – Windows 10 Forums

Posted in .NET, .NET 1.x, .NET 2.0, .NET 3.0, .NET 3.5, .NET 4.0, .NET 4.5, Batch-Files, CommandLine, Development, Power User, PowerShell, Scripting, Software Development, Windows, Windows 10 | Leave a Comment »

« Previous Entries
Next Entries »