tmux Script

I use tmux a lot and like to have a good layout that’s relevant to the work I’m doing. Mainly, this is very simple things like DNS queries, nmap scans, telnet/ssh checking which leaves most screen space free for displays such as watching failed hack attempts or showing system usage. Here are my scripts.

linkstart

This is the script that launches tmux and sets up the panes or rejoins an existing session.

#!/bin/bash
# TMUX Startup script
# C-m means enter key
#Inspired by https://github.com/seyrenhe/linux-autoconfig/blob/master/tmux.sh

tmux start-server

if ! $(tmux has-session -t 'linkstart'); then
tmux new-session -d -s 'linkstart' -n 'linkstart' # -d *
tmux select-window -t 'linkstart'
tmux split-window -h -p 40
tmux select-pane -t 1
tmux split-window -v -p 15
tmux split-window -v -l 1
tmux send-keys -t 1 './watchfail' C-m
tmux send-keys -t 2 './watchauth' C-m
tmux send-keys -t 3 './watchusage' C-m
tmux new-window -n 'general'

tmux select-window -t 'linkstart'
tmux select-pane -t 0
fi

tmux attach-session -d -t 'linkstart'

watchfail

Sometimes it’s interesting to see the brute force attempts and get a feel for what usernames are popular with malicious actors.

#!/bin/bash

watch -t -n 30 "tail -n 400 /var/log/auth.log \
| grep 'for invalid' \
| awk '{print \$1, \$2, \$3 \"\t\" \$13 \"\t\" \$11 }'"

watchauth

This is so I can easily see where any successful connections have come from as I know the IPs I usually connect from.

#!/bin/bash

watch -t -n 300 "tail -n 2000 /var/log/auth.log | grep 'Accepted' | awk '{print \$1, \$2, \$3 \"\t\" \$9 \"\t\" \$11 }'"

watchusage

It’s a very, very, low-usage VM so this is really a “just because” pane.

#!/bin/bash

watch -t -n 20  "echo "CPU `LC_ALL=C top -bn1 | grep "Cpu(s)" | sed "s/.*, *\([0-9.]*\)%* id.*/\1/" | awk '{print 100 - $1}'`% RAM `free -m | awk '/Mem:/ { printf("%3.1f%%", $3/$2*100) }'` HDD `df -h / | awk '/\// {print $(NF-1)}'`""

 

Google Chrome Yellow Tint Version 68

If you’ve updated Google Chrome and now have a horrible yellow tint to everything that should be white you’ve been struck by the Overly Helpful Application Syndrome. This disease commonly affects Microsoft products but can also infect other applications and displays itself as a “helpful default” that is completely stupid.

The yellow tint in Google Chrome is easily fixed by going here and setting Force color profile to sRGB:

chrome://flags/#force-color-profile

You’ll have to copy that URL and paste it into the address bar of Chrome because the latest versions of the browser do not allow clicking chrome:// links.

Why does this happen? The Chrome developers have modified the way Google Chrome displays so that it tries to match the default colour profile of the monitor it is in. Unfortunately, it often fails to do this properly which leaves you with just Chrome looking like an old yellowed smoker’s desktop PC from the 90s.

Update Ubuntu 16.04 Login Message

The standard login message is called the MOTD and usually looks like this:

Welcome to Ubuntu 16.04.4 LTS (GNU/Linux 4.4.0-116-generic x86_64)

 * Documentation:  https://help.ubuntu.com
 * Management:     https://landscape.canonical.com
 * Support:        https://ubuntu.com/advantage

29 packages can be updated.
11 updates are security updates.


Last login: Wed Jul 11 18:35:08 2018 from 555.555.555.555
[email protected]:~$

This text is generated by a series of executable files in /etc/update-motd.d that you can change or even add your to.

[email protected]:~$ ls -la /etc/update-motd.d
total 36
drwxr-xr-x  2 root root 4096 Jun  6 15:43 .
drwxr-xr-x 92 root root 4096 Jun 28 08:34 ..
-rwxr-xr-x  1 root root 1220 Oct 22  2015 00-header
-rwxr-xr-x  1 root root 1157 Jun 14  2016 10-help-text
-rwxr-xr-x  1 root root   97 May 24  2016 90-updates-available
-rwxr-xr-x  1 root root  299 Jul 22  2016 91-release-upgrade
-rwxr-xr-x  1 root root  111 Jan 11 05:42 97-overlayroot
-rwxr-xr-x  1 root root  142 May 24  2016 98-fsck-at-reboot
-rwxr-xr-x  1 root root  144 May 24  2016 98-reboot-required

I decided to modify mine to display the system’s IP addresses on login and disable 00-header, 10-help-text from running:

[email protected]:~$ ls -la /etc/update-motd.d
total 44
drwxr-xr-x  2 root root 4096 Jul 11 19:54 ./
drwxr-xr-x 91 root root 4096 Jul 11 16:59 ../
-r--r--r--  1 root root 1220 Oct 22  2015 00-header
-r--r--r--  1 root root 1157 Jun 14  2016 10-help-text
-rwxr-xr-x  1 root root  147 Jul 11 19:54 50-ip*
-rwxr-xr-x  1 root root   97 May 24  2016 90-updates-available*
-rwxr-xr-x  1 root root  299 Jul 22  2016 91-release-upgrade*
-rwxr-xr-x  1 root root  111 Jan 11 05:42 97-overlayroot*
-rwxr-xr-x  1 root root  142 May 24  2016 98-fsck-at-reboot*
-rwxr-xr-x  1 root root  144 May 24  2016 98-reboot-required*

As you can see, to disable a file you only need to remove the execute permissions. When you add a file it’s important to think about the order in which they’ll execute. These scripts are run alphabetically which is NOT the same as ‘numerical order’

 

Here’s the IP script I added.

#!/bin/bash
echo -e "\n\nSystem IP Addresses: "
ifconfig | grep "inet addr" | cut -d: -f2 | awk '/([0-9]{1,3}\.){3}[0-9]{1,3}/ { print "\t" $1; }'

Of course you’re could do anything in these scripts such as list the current load, free space, memory usage, logged on users, etc…

Illegal Phone Call Scams

These days the average user is far wiser against email spam than ever before and criminals are turning back towards direct threats in telephony-based shakedowns of vulnerable people. Thankfully the advent of websites like Who Called Me and Twitter mean you can easily discover if the number that called you is a known scam or not.

Once you know it’s a scam you can report it to the police directly through 101 if it’s not an emergency or 999 if you believe it’s something more serious than a simple scammer. Remember, you can also report crime anonymously through CrimeStoppers so make sure you say something if you get one of these calls!

Is it a scam?

  1. Do you recognise the number?
  2. Is the caller from a company you have a relationship with?
  3. Are they asking for your details?

It may sound obvious that a call from a company you don’t know from a number you don’t recognise asking for your bank information is suspicious but what would you do if you got a call from a stern police officer demanding to you know where you were on Tuesday? Or a pleasant individual calling to advise you’ve over paid on your water bill and are due a refund?

Whatever the purpose someone claims you need to be mindful of what information you’re giving out. Did the caller address you by your full name like a real company representative would or did they wait until you gave up that information first? Did they confirm your address to you or get you to let go of that as well?

If you’re ever in any way doubtful of the authenticity of a caller’s identity HANG UP and use the Internet to identify the number it came from. You could even simply call the company back on a known safe contact number from their website or your contract with them.

Elite Dangerous Useful Tips

Elite Dangerous is a massively multiplayer online role play game with a huge amount of space and wide-open gameplay with a few key areas for players to interact with. These are some links I have found to be particularly useful in the game.

The Road to Riches – Easy money from exploration of Earth Like Worlds, Water Worlds, and so on. By taking your ship out to these worlds and scanning them you will earn anything from 2 million to 6 million an hour.

Make sure not to explode, though, as you’ll only get your reward once getting back to a station and selling your data on the Stella Cartography section of Station Services.

https://www.edsm.net/ has several useful tools but I like this mainly because it shows an out of game log of what you’ve done, your credits, your ships, and a bunch of stats which can be shared with friends. You’ll need to use a tool to read your player logs and send them to the site, I use Elite Dangerous: Market Connector.

http://elitedangerous.hozbase.co.uk/ is useful for finding specific things like black holes to go sight-seeing.

Building your ship is the most expensive, and fun, thing you can do in the game made much easier with the excellent Coriolis tool. You can use this to see how much money you need to buy certain ships, use its links to find stations to buy the modules from, see how effective it’ll be at combat, and even plan out module engineering.

Travian – Worth Playing?

No! Not unless you can get in at the start of a game round. In the village-building and conquest game you control a ‘hero’ character who can go on adventures and build up local resource gathering so you can progress to better structures, defences, unites, and even grow your own guild.

You begin with newbie protection from other “players” (usually just scripted bots) so you cannot be attacked until you’re ready. However, you can never catch up to withstand any attacks by long-standing players and there’s nothing you can do to prevent the botting from whittling away your resources.

The game has many microtransactions and is extremely pay-to-win so if you like throwing money at something this game may be interesting for you. However, if you like to have fun and enjoy building things in games this is definitely something to avoid.

Converting ASP Classic to PHP5

I posted a while ago that I added a page with ASP Classic to show your current IP. This worked because the site was being hosted in IIS with ASP.NET, ASP Classic, and PHP all enabled but I have now moved to a PHP only host and wanted to quickly get the IP lookup working again (I use it quite often).

I can potter around with PHP and would be able to figure it out but I did a quick search to find a converter and discovered this great online tool which did the work for me!

Here’s the original code.

<%@Language="VBScript"%>
<%
If Request.QueryString("debug") = "1" Then
  Response.Write("<pre>")
  For Each x in Request.ServerVariables
    Response.Write(X & " = " & Request.ServerVariables(X) & vbCrLf)
  Next
  Response.Write("</pre>")
Else
  If Len(Request.ServerVariables("HTTP_X_FORWARDED_FOR")) = 0 Then
    Response.Write Request.ServerVariables("REMOTE_ADDR")
  Else
    Response.Write Request.ServerVariables("HTTP_X_FORWARDED_FOR")
  End If
End If
%>

 

Here’s the converted result.

<? 
if ($_GET["debug"] == "1") {
  echo "<pre>";
  foreach ($_SERVER as $x) {
    echo $X." = ".$_SERVER[$X]."\r\n";
  }
  echo "</pre>";
}
else {
  if (strlen($_SERVER["HTTP_X_FORWARDED_FOR"]) == 0) {
    echo $_SERVER["REMOTE_ADDR"];
  }
  else {
    echo $_SERVER["HTTP_X_FORWARDED_FOR"];
  }
}
?>

 

It works exactly the same as before but this time it’s PHP. You can try it with the same link: What is my IP?

Review of Udemy Online Learning

At the start of 2018 Udemy ran a promotion where courses could be purchased for up to 95% off their original price so, naturally, I had to take advantage of this and picked up an The Complete Android N Developer Course by Rob Percival.

There are hundreds of courses available and I picked this one because I’ve been interested in making mobile applications for a long time but always found the YouTube videos clunky and disjointed to watch. Based on the high quality content provided by Rob in his Android course I picked up a few others on other topics and found that the overall quality of instructors on Udemy appears to be very high. They, or at least the ones I’ve found, take the time to enunciate clearly and speak at an appropriate pace even if English is not their native language which makes their topic much easier to follow and a pleasure to watch.

I will likely make a future post documenting a basic timer app being developed from start to finish or if I feel confident enough maybe even a simple game good enough for the Play store!

Proudly powered by WordPress | Theme: Baskerville 2 by Anders Noren.

Up ↑