Thursday, 1 May 2014

Retrieve passwords stored in SQLyog

Recently I needed to retrieve a mysql-password I had stored in SQLyog, but nowhere else. First I "feared" I had to change the password and update it in some places, but luckily SQLyog is open source, so a had a quick glance at the source to see how the password was stored. I suspected that it couldn't be a very good encryption because you don't have a master-password. I'd have guessed as a windows-only application they'd use the protected storage to be a bit secure against offline attacks, but it quickly turned out that the passwords are only obfuscated with a simple bit-manipulation.
The relevant function is DecodePassword in CommonHelper.cpp which just decodes the Base64-encoding and then rotates the bits of each character one bit to the left. I used this python-script to decrypt my password.
import base64
import sys

def deobfuscate(c):
  b = ord(c)
  return chr(((b << 1) & 0xFF) | (b >> (8 - 1)))

encoded = sys.stdin.readline();
print(''.join(map(deobfuscate, base64.b64decode(encoded))))

BTW: if you ever want to generate a configuration from an existing source, you could of course do the reverse of this (rotate right, then base64).

Saturday, 23 July 2011

Gentoo SHA-512 passwords in /etc/shadow

I searched a while on how to use SHA-512 for password-hashing in /etc/shadow on Gentoo. After a while I noticed that I don't have to configure anything - just reset the password with "passwd" and be done. Easy :-)

Thursday, 21 July 2011

Tomato with PPTP and PPPoE

I just wanted to setup my Tomato-Firmware to provide a PPTP-based VPN. Naturally I used the HOWTO, but sadly I ran into a problem where Google couldn't help. The log only showed

pppd[8449]: unrecognized option 'local'

But my config did not contain "local"! After I'd already given up and tried without PPTP, I stumbled over a post that made the problem obvious, although it did not offer a solution. The problem seems to be, that my router has to use PPPoE and therefore already has a config in /tmp/ppp which is then used for the VPN-connects. No wonder that didn't work.

It seems that the path is hardwired into the pppd-binary. So the only solution I came up with, was to copy and modify the binary. Dirty of course, but at least working :-/

So here is what I did:
cp /usr/sbin/pppd /opt/sbin/
# be careful: the replacement has to be exactly 3 chars!
sed -i -e 's#/tmp/ppp/#/tmp/xxx/#' /opt/sbin/pppd
cat > /opt/etc/config/vpn.wanup <<EOF
if [ ! -f /tmp/xxx/chap-secrets ]; then
mkdir -p /tmp/xxx
ln -s /opt/etc/ppp/chap-secrets /tmp/xxx
/opt/etc/init.d/S20poptop restart
# now edit /opt/etc/pptpd.conf
# and set "ppp /opt/sbin/pppd"
/opt/etc/init.d/S20poptop restart

I hope that's all. Good luck!

Saturday, 4 December 2010

Howto: Compress Broken Sword

I just tried to compress the data from my CD of Broken Sword to use it with scummvm, but I stumbled over an issue that made me mad.
$ scummvm-tools-cli --tool compress_sword1 --flac --best .

Unable to find speech files.
Please copy the SPEECH.CLU files from Broken Sword CD1 and CD2
into the game directory on your disk or into a "SPEECH" subdirectory
and rename them to SPEECH1.CLU and SPEECH2.CLU

If your OS is case-sensitive, make sure the filenames
and directorynames are all upper-case.
But I had done everything that was obvious: The files hat the right name (even in uppercase) and the right location, but I still got that message. So finally I debugged the compress_sword1.cpp and noticed that the tool was not using my full path. The solution was to use a trailing slash in the path (e.g.: ./) or even append a filename (e.g.: ./SPEECH1.CLU). So the tool seems to expect a file-name, but then works on all files in that directory. Very strange behavior.

Saturday, 9 October 2010

Using a filemap with hgsubversion

I wanted to clone a svn-repository with mercurial using my preferred hgsubversion, but I was only interested in on directory. I noticed that there was a --filemap option but I found no documentation for this until I discovered that it is the same syntax the ConvertExtension has. So if you want to use a filemap check their documentation on filemaps.

If you want to exclude all directories by default and only include specific directories like me use this:
exclude /
include foo/bar

Another Hint: As mentioned by danchr in the ticket #175 your next pull will not obey this filemap. So make sure you place your filemap in .hg/svn/filemap and add this to the .hg/hgrc of your clone:
filemap = .hg/svn/filemap

Wednesday, 30 June 2010

lafilefixer-hook for paludis

Please note that the information in this post is outdated. Don't use lafilefixer anymore.

After reading about the la-files-checksum-mtime-unmerge-problem (at least) the second time and because I never liked the way lafilefixer worked, I decided to go the same way Diego does.

Because I use paludis I could not simply copy&paste the code, but writing a hook for paludis is really easy if you know what phase to hook into. I went with "merger_install_pre" and it seems to worked (I checked the CONTENTS file).

The code is an auto-hook, so just put it into "/etc/paludis/hooks/auto/lafilefixer.hook" and you should be fine. But I take no responsibility for killed kittens or other disasters ;-)

#!/usr/bin/env bash

hook_auto_names() {
echo "merger_install_pre"

hook_run_merger_install_pre() {
source ${PALUDIS_EBUILD_DIR}/echo_functions.bash

einfo_unhooked "Running lafilefixer"

lafilefixer ${IMAGE}

Sunday, 2 May 2010

Get my contacts as vcf-files from my Nokia S60v5

After writing how to split a single vcf to get it into a Nokia S60v5 a year ago it's now time to write how to get the contacts back as vcf-files from the nokia device.

Luckily this time I quickly stumbled over an article that recommends to use the NBU Explorer, which is not only for free but also free (as in Stallman's terms) too. The application worked like I charm, I could extract my contacts as .vcf, my calendar as .vcs and my memos as .txt files.