July 31, 2017

automatically set gnu screen window title

http://scie.nti.st/2008/8/19/1-minute-post-hostname-as-screen-window-title/

In short, add this line to the remote host's .bashrc:

[ "$TERM" = "screen" ] && PROMPT_COMMAND='echo -ne "\033k$HOSTNAME\033\\"'

July 20, 2017

Setting ssh server to an user to only SFTP to the user's home directory

Here is a guide for setting up SFTP users who’s access is restricted to their home directory.

Add the following to the end of the /etc/ssh/sshd_config file:
Subsystem sftp internal-sftp

# This section must be placed at the very end of sshd_config
Match Group sftponly
    ChrootDirectory %h
    ForceCommand internal-sftp
    AllowTcpForwarding no

This means that all users in the ‘sftponly’ group will be chroot’d to their home directory, where they only will be able to run internal SFTP processes.

Now you can create the group sftponly by running the following command:
$ groupadd sftponly
Set a user’s group:
$ usermod steve -g sftponly
To deny SSH shell access, run the following command:
$ usermod steve -s /bin/false
And set the user’s home directory:
$ sudo chown root /home/steve
$ sudo chmod go-w /home/steve
$ sudo mkdir /home/steve/writable
$ sudo chown steve:sftponly /home/steve/writable
$ sudo chmod ug+rwX /home/steve/writable


Finally, you probably need to restart SSH
$ service ssh restart

The SSH part should now be in order, but you should make sure that file permissions also are correct. If the chroot environment is in a user’s home directory both /home and /home/username must be owned by root and should have permissions along the lines of 755 or 750.
In other words, every folder leading up to and including the home folder must be owned by root, otherwise you will get the following error after logging in:
Write failed: Broken pipe
Couldn't read packet: Connection reset by peer

June 15, 2017

xxd reverse with an offset

When using xxd to reverse a hex dump file, if you hexdump file has a non-0 offset like this:

bc000000: 01 02 03 04 05 06 07 08  ........

You would need to use the "-s offset" option of the xxd. However, there is a bug in the code that makes this options only works as the FIRST option. Otherwise, it wouldn't work.

You want to do this:

xxd -s -0xbc000000 -r -g 1 test.dump test.bin

Basically the xxd is hardcoded to look for the offset at argv[2].

Another alternative:
https://github.com/pheehs/hexdump2bin/blob/master/hexdump2bin.py


May 17, 2017

ios command line console log viewing

use "idevice_id --list" to list the UUIDs.
use "deviceconsole" to actually view the logs
deviceconsole -u <UUID>



May 16, 2017

unbrick TPLINK Archer C7 V2 (2017-05 from Amazon)

I bricked my Archer C7 v2 with bad configuration.

TFTP boot didn't work for me. It turned out that the product id doesn't match.

Had to connect to console.

1. The pinout is as follows. The warning on this page (https://wiki.openwrt.org/toh/tp-link/tl-wdr7500#tftp_recovery_de-bricking) itself is wrong.

2. I used the Openwrt Snapshot image. I tried the official image from TPLink website but that didn't work. I didn't try the "cut" process described in the above link.

3. The command is as follows

type "tpl" really fast at boot time to stop the autoboot

tftpboot 0x81000000 [name of your firmware file].bin
erase 0x9f020000 +f80000
cp.b 0x81000000 0x9f020000 0xf80000
reset

That's it.

May 11, 2017

socket buffer size

To find the current socket buffer size:

getsockopt(fdsocket,SOL_SOCKET,SO_RCVBUF,(void *)&n, &m);

getsockopt(fdsocket,SOL_SOCKET,SO_SNDBUF,(void *)&n, &m);

To find out more, do "man getsockopt"

To find the current bytes in the socket's buffer:
ioctl(fd,FIONREAD,&bytes_available)
ioctl(fd,FIONWRITE,&bytes_available)

To find out more, do "man ioctl"