Geekblok

Storing data is not a problem anymore. Google gives you a couple of gigabytes email storage for free, Yahoo! gives you “unlimited” email storage, a plethora of sites like YouSendIt and Files4Ever give you plenty of storage, and hooking up your own machine to the online world never has been easier with all the cheap ADSL/Cable connections we have nowadays. All good, but not fun. Therefor, let’s store text in a place people wouldn’t suspect (and probably don’t want).

Like the avalanche of file sharing websites mentioned before, another breed of website seems to be quite popular: the URL shorteners. TinyURL, is.gd, etc. etc. There are many and a lot of them don’t care what you feed them! (I bet you start seeing where I’m going with this post…)

Read more »

Instead of another ssh guide, I thought it was about time for a first shell-scripting guide. In my daily job I often notice scripts that do work, but are not as efficient as could be. Say that I want the process id of the ssh daemon on my system. Loads of people will come up with something like:
ps -ef | grep sshd | grep -v grep | awk '{print $2}'

This does get the process id of sshd, but the above could also be written as:
ps -ef | awk '/sshd$/ {print $2}

And even this can still be written more efficient. Think about what you want to achieve. I asked for the process id of sshd. Basically the following would suffice:
cat /var/run/sshd.pid

Hey, I never really asked for a running sshd. But if I had asked for the process id of a running ssh daemon, the most simple solution would be:
ps -C sshd -o pid=

Or:
pgrep 'sshd'

Both just use one command instead of the four of the first example.

I can’t stand phishing, so when someone send me a link to login today, I decided to poison the phising pool. The site in question (hopefully disabled by now) asked for my Yahoo! account info.

So how to poison the phishing pool? Quite easy! Just send the phiser a lot of false data. So much that the real data of poor people is harder to filter out. Luckily with Perl, it’s quite easy to do so.

MySpace is probably the biggest in the world and Dutch social networking site Hyves went over five million members last Wednesday.

So why another new “social”? Well… because this one is antisocial: Bugroff.

Guess this opens some opportunities for Web 3.0, heh-heh!

You’ve probably heard about storing secret messages in JPEGs by means of steganography. But what if you have entire documents that you’d like to hide? As proof of concept, I showed this example to my coworkers.

We start out with a random JPEG, taken from my Flickr account:

Now we create a simple zip file with a text document in it:

$ zip test.zip test.txt

And we cat the two files together:

$ cat fotobok.jpg test.zip > fotobok-test.jpg

File indeed recognizes this as an image:

$ file fotobok-test.jpg
fotobok-test.jpg: JPEG image data, JFIF standard 1.01

And you can see it here too:

The only difference now is that we can unzip the file aswell:

$ unzip fotobok-test.jpg
Archive: fotobok-test.jpg

warning [fotobok-test.jpg]: 19881 extra bytes at beginning or within zipfile

(attempting to process anyway)

extracting: test.txt

Tada! Our highly secret test.txt is back!