Autarchy of the Private Cave

Tiny bits of bioinformatics, [web-]programming etc

    • Archives

    • Recent comments

    Archive for the 'Software' Category

    Linux console/CLI/ncurses samba shared folders browsing

    16th April 2009

    Connecting remotely via ssh to my Debian box at work, I needed to mount a CIFS (samba) share, but didn’t remember server name (or IP) and share name.

    At least two convenient utilities are available in Debian Lenny for non-X Samba browsing.

    smbtree (part of smbclient package) will list all visible workgroups, their servers, and share names of those servers – including “hidden” shares like C$, IPC$, ADMIN$, print$. Very handy and greppable!

    samba-commander (smbc package) is a ncurses samba browser with “find file” functionality.

    Share

    Posted in *nix, Software | No Comments »

    Panda USB and AutoRun Vaccine against autorun.inf viruses

    11th April 2009

    Linux users are not affected with a plethora of autorun.inf “viruses”, but that seems to be a real plague for Windows users.

    Ideologically correct solution is offered by Panda software – a free Panda USB and AutoRun Vaccine. It can do two things for your Windows box:

    1. with a single click disable auto-execution of programs from USB sticks and CDs/DVDs, and
    2. with one more click – make the autorun.inf file on your pendrive inaccessible, so as to prevent infecting your USB stick with an “autorun.inf virus”.

    Program does not require installation, but requires Administrator privileges. It supports FAT/FAT32 pendrives, but NTFS-enabled version is being tested and should be made available shortly.

    Note, that if you perform step 2, re-enabling access to autorun.inf may require pendrive formatting. Also, after step 1 your favourite CDs and DVDs won’t start automatically anymore – but you will be able to start them manually.

    And, of course, Linux users have nothing to worry about (yet).

    Share

    Posted in Links, Misc, Software | No Comments »

    gitosis: how to add new repository

    20th February 2009

    I assume that you already have your gitosis-admin repository working (this is described elsewhere).

    1. cd gitosis-admin && git pull – enter your gitosis administrative repository and ensure it is up-to-date
    2. $EDITOR gitosis.conf
    3. add [group newreponame] section (newreponame is the name of your new repository being added); add yourself with members = yourlogin@yourhost line; also add writable = newreponame line:

      [group newreponame]
      members = yourlogin@yourhost
      writable = newreponame

    4. based on my assumption of a correctly setup gitosis-admin repository, you should already have the appropriate public key in the keydir directory, but if not – copy your user’s ssh public key to keydir in the form of yourlogin@yourhostname.pub, then do git add keydir/yourlogin@yourhostname.pub
    5. git commit -am ‘new repository: newreponame’; git push;
    6. now that you have the new repo permissions configured, let’s actually create it. Navigate to the directory holding the files of your project (e.g. cd ~/newreponame), and do git init; git add . – this initializes empty git repository, and then adds all the files to it. If you have no files – you can skip the ‘git add .’ command, as it will do nothing for you.
    7. git commit -m ‘initial commit’. If you had no files added to the commit, git will complain that it cannot create an empty commit. In this case use the command git commit ––allow-empty -m ‘initial commit’
    8. git remote add origin ssh://gitosis@yourGitosisServerName/newreponame.git
    9. git push ––all
    10. final thing: git config ––add branch.master.remote origin && git config ––add branch.master.merge refs/heads/master; alternatively, cd .git && $EDITOR config, and then add these lines:

      [branch "master"]
      remote = origin
      merge = refs/heads/master

      Without these lines, you won’t be able to git pull.

    Share

    Posted in *nix, how-to, Software | 16 Comments »

    GSoC 2009 is now open

    14th February 2009

    GSoC 2009 FAQs

    Don’t forget to update your personal calendars with important GSoC 2009 dates.

    Share

    Posted in Links, Software | No Comments »

    WordPress and Google Analytics external nofollow problem in comment links

    13th February 2009

    Since some WP release, the comment author’s link in comments is broken – it has ‘ external nofollow’ attached straight to the href attribute (which breaks the link).

    I assume that the problem is caused by Google Analytics, namely the “track outgoing clicks” feature (as recalled, might be inaccurate feature name). “Track outgoing links” adds some JavaScript code to all outgoing links, and that script has tick characters like this one ‘ which, incidentally, are also used for delimiting the values of comment anchor tags.

    To fix:
    Read the rest of this entry »

    Share

    Posted in CMS, how-to, PHP, Programming, Software, Web | 2 Comments »

    Best online favicon.ico generator/editor

    28th January 2009

    favicon.cc has cool real-time previews and allows creating animated favicons.

    Update: check the comments below for more online favicon editors/generators!

    Share

    Posted in Links, Notepad, Software, Web | 3 Comments »

    ExpressionEngine contact form (email module) spam vulnerability

    26th January 2009

    Yesterday I had a look at mod.email.php – the Email module of ExpressionEngine CMS.

    It appears that it is very easy to use ExpressionEngine’s contact form (which uses Email module) to send emails to arbitrary addresses – simply put, send spam using someone’s EE.

    And here’s why:

    • recipients hidden field is passed to the client; it is encrypted, but with access to the mod.email.php code, it is a matter of several minutes to write your own email-encoding function which will produce a completely valid recipients field
    • there’s also XID field, which seems to be unique for each page load

    Spamming algorithm is clear, so I won’t elaborate. (I could have missed some session variables, though – didn’t check them.)

    This information is valid as of ExpressionEngine 1.6.6, but nothing in the change-logs indicates that this mechanism was modified in the newer versions of EE.

    Update: I’ve tested, and this vulnerability does exist. The simplest prevention measure is to enable Captcha for Contact Form.

    I’ve notified the developers.

    Share

    Posted in CMS, PHP, Programming, Software, Web | 1 Comment »