blog.farhan.codes

Farhan's Personal and Professional Blog


My Python3 Programming Environment

UPDATE: I have since started using a very good vimrc. I recommend it over mine listed below. My only modification is that I removed all line numbers, eww. I ssh into a FreeBSD jail with everything setup. The Jail runs on code.mydomainname.com, which has an internet-routable IPv6 address – and IPv4 behind a NAT, (boo!) I have a virtualenv already built-out. (more about my pip list later) The set my ~/.

Read more...

Hotspot Hijacking & Password Capturing

There are two types of penetration testers in the industry. Those who identify risk and vulnerabilities beyond a simple Nexpose/Nessus/Qualys scan. And those who want to “win”. The job of the “winner” is to get DA on their client’s network. Great! But once they’ve gotten it, they show off. Look how much information I can get with the DA account! I can get access to these databases and these spreadsheets. Sensitive Information!

Read more...

Easytether running on ARMv7l Chromebook

Easytether is a proprietary application, so you can’t just apt-get it on a chroot’ed crouton environment. Additionally, I am not running an x86 or x64 CPU, so most of these packages will not work. Crouton mostly comes for Debian, so I downloaded the Ubuntu package. I installed the package ‘alien’. Then unzipped the deb file as follows: alien easytether_0.8.5-1_armhf.deb This will 3 tar.xz files, mostly importantly data.tar.xz. Unzip it with the following command:

Read more...

Differences between Mint and Ubuntu

I looked into the differences between Mint and Ubuntu to see which was best for me. I watched tons of videos, reviews, comparisons, ran them both for months, etc. Here’s what I learned… They’re the same damn thing. No really, they are identical. The only differences are what software comes pre-installed and some user interface prettiness. Otherwise, no difference in the underlying system at all. Literally no difference. Next question?

Adding Arbitrary XML to python-docx

I am thankful to the developers of python-docx, they did a great job, especially since OpenXML is beyond confusing. However, I have two respectful criticisms: Python-docx lacks several key features and though it is properly written…its really confusing to follow the code. Its just a few steps. Identify the entry-point, create a new tag, and append it to the document. from docx.oxml.shared import OxmlElement # Necessary Import tags = document.element.xpath('//w:r') # Locate the right <w:r> tag tag = tags[0] # Specify which <w:r> tag you want child = OxmlElement('w:ARBITRARY') # Create arbitrary tag tag.

Read more...

Convert Docx to Markdown

I needed to convert a Docx file to Markdown, but Pandoc kept giving me this obnoxious error: $ pandoc test.docx -o test.md pandoc: Cannot decode byte '\xae': Data.Text.Encoding.Fusion.streamUtf8: Invalid UTF-8 stream However, you can use the tool unoconv to make an intermediary step to convert first to HTML and then to Markdown. $ unoconv --stdout -f html test.docx | pandoc -f html -t markdown -o test.md On Ubuntu (And other Debian-based systems I would imagine) you can get unoconv with a simple apt-get install unoconv.

Read more...

Duplicate a Django modelformset_factory Form

I created a formset_factory and wanted to have a simple “click me to add another form”. This seemed like a routine task, but the solutions I found online were unnecessarily complicated or required me to install a separate Django app, which I had no intention of doing. So I created my own… The only pre-requirement that this needs besides standard Django is jQuery. So here is a rough overview of how this works:

Read more...

Custom Django Fixture Imports

I needed to convert an XML document into a customize Django model with modifications to the based on programmable logic. Converting it to my model’s fixture would take too long and be unnecessary work, so I instead opted to manually convert the data. I figured I could just import the Django model object, as is follows: from tester.models import Control a = Control() However, I got the following vexing error in red:

Read more...

Hotspot Hijacking & Password Capturing

Unless you know enough about security to know what’s going on behind the scenes, Wifi is beyond insecure. Even with SSL as an attempt to secure a web connection, your connection is still fundamentally insecure. This is an explanation of how someone would capture passwords and other variables sent over an SSL connection that uses Wifi. In essence, its a Man in the Middle (MiM) attack over Wifi that modifies the victim’s HTTP connection and thus gathers GET and POST variables.

Read more...

Old Chat Framework in C

During my high school years, I used to be part of an “underground” IRC server. We would talk about security-related topics and the latest exploits, usually about some Unix variant. Even though no one would really care about our late-night computer conversations, I thought it best that we chat over an encrypted medium, and considering that I knew nothing about how SSL could serve to transparently encrypt IRC daemons and clients, I decided to write my own encrypted chat server.

Read more...
Previous Page 3 of 4 Next Page