My name is Philipp C. Heckel and I write about nerdy things.

Posts Tagged / Linux


  • May 04 / 2015
  • 3
Linux, Programming, Security

OpenSSH ‘AuthorizedKeysCommand’ with ‘fingerprint’ argument (Patch for OpenSSH 6.6p1)

Many of us developers or system administrators use OpenSSH’s public key authentication (aka password-less login) on a daily basis. The mechanism works based on public key cryptography: By adding a RSA/DSA public key to the authorized_keys file, the user with the matching private key can login without a password. The mechanism works great for a couple of hundred, thousands and even 100k thousand users (tested, login takes ~2sec).

But what if there are more keypairs, say, a million users, or a more flexible approach is desired? Maybe with an LDAP or a database backend? Think of GitHub and how they do their ssh git@github.com ... login! This blog post shows you how to do that by patching OpenSSH’s AuthorizedKeysCommand option to support an additional fingerprint argument.

Continue Reading

  • Mar 24 / 2015
  • 2
Code Snippets, Linux, Scripting

Snippet 0x0B: Bash completion with sub-commands and dynamic options

Every system administrator, most programmers and countless of command line surfing Linux/Mac users use it every day without thinking twice. Hitting the tab key twice, [TAB][TAB], has become the most common thing in the world. Bash completion is the magic behind the tab key. It’s easy to use, but it’s a pain to write. This tiny post demonstrates how to write scripts for bash completion, with sub-commands and dynamic parameters. A working script is embedded in my open source file sync software Syncany.

Continue Reading

  • May 29 / 2014
  • 3
Programming

The magic of Gradle: create Windows installers, Debian packages, manage a PPA, and optional sub-projects

Gradle is great build tool. Compared to Ant or Maven, it’s so much easier to use and write proper code for it — it’s unbelievable at times. A little while ago, I switched from an ugly Ant/Maven installation to Gradle with my open source project Syncany. Ever since then, I am simply amazed about what Gradle can do. Granted, it’s not always easy to understand and the lack of proper documentation and IDE support makes things more like a trial-and-error-based packaging experience. However, the amount of time that it saves is worth it.

Since I really like Gradle and I myself often have a hard time finding proper answers for the questions I have, I’d like to demonstrate a few solutions that I have come up with. In particular, I’ll describe how to create a Windows installer using Inno Setup under Linux, create Debian packages and manage a PPA (debuild/dput) as well as how to add an optional Gradle sub-project.

Continue Reading

  • Jul 07 / 2013
  • 160
Mobile, Programming, Scripting

Send WhatsApp messages via PHP using WhatsAPI

I recently discovered that once you have acquired your WhatsApp account password, it’s relatively easy to send and receive WhatsApp messages via PHP. Using the PHP-based framework WhatsAPI, a simple WhatsApp notifier script only has a dozen lines of code.

This tiny tutorial shows how to use the two very basic functions of WhatsAPI, namely to send simple outgoing messages to any number and to listen for new incoming messages from your own WhatsApp account. This is the second part of a two-part tutorial. The first part demonstrated how to sniff the WhatsApp password from your Android phone or iPhone.

Continue Reading

  • Jul 05 / 2013
  • 62
Android, Mobile, Security

How To: Sniff the WhatsApp password from your Android phone or iPhone

WhatsApp is a very popular SMS-like messenger for smartphones, but it’s unfortunately only available for smartphones right now. If you want to use other tools or write web applications that send or receive WhatsApp messages (e.g. WhatsAPI, was at https://github.com/venomous0x/WhatsAPI, site now defunct, July 2019), you have to find a way to sniff the WhatsApp password from your smartphone. Until recently, this password was just an MD5 hash of your IMEI (or MAC address), but that has changed when that was uncovered. Since then, the WhatsApp server assigns a password to each device/account when it first registers.

This tutorial demonstrates how to capture the WhatsApp password of your WhatsApp account using the SSL/TLS proxy mitmproxy. Once you have this password, you can use it to communicate with the WhatsApp servers directly or via a framework. This is the first part of a two-part tutorial. The second part demonstrates how to send and receive WhatsApp messages via PHP.

Continue Reading

  • Jul 01 / 2013
  • 68
Android, Linux, Security

How To: Use mitmproxy to read and modify HTTPS traffic

Capturing HTTP and HTTPS traffic on your own machine is quite simple: Using tools like Wireshark or Firebug, sniffing the local connections is only a matter of seconds. Capturing and/or altering the HTTP/HTTPS traffic of other machines in your network (such as your smartphone or other laptops) on the other hand is not so easy. Especially sniffing into SSL-secured HTTPS-connections seems impossible at first. Using mitmproxy, however, makes this possible in a very easy and straight forward way.

This small tutorial shows how to use mitmproxy to transparently sniff into and alter (!) HTTPS connections of your phone or other devices in your network.

Continue Reading

  • Mar 24 / 2013
  • Comments Off on Restart LIRC if remote control is reconnected using a udev rule
Linux, Multimedia

Restart LIRC if remote control is reconnected using a udev rule

I recently built myself a new HTPC. It’s controlled with a Medion X10 remote control using LIRC. For some reason, LIRC doesn’t realize when the USB dongle for my remote control is reconnected (unplug USB, plug it back in). This blog posts demonstrates how to easily fix this using a udev rule. I originally posted this on the XBMC forum.

Continue Reading

  • Dec 07 / 2012
  • 33
Multimedia, Scripting

Script: Refresh the Fritz!Mediaserver DLNA Index of the Fritz!Box 6360 Cable

Some of AVM’s Fritz!Box routers allow connecting a USB device and use this device as a network attached storage (NAS) via Samba/SMB in the local network. In combination with the fact that the NAS can also be accessed from the Internet via FTP, and the multimedia files can be streamed to a TV via the Fritz!Mediaserver (using DLNA), it makes a pretty basic home entertainment system. I use it to automatically copy videos (YouTube, etc.) to the NAS from my virtual server, and then watch these with my Samsung Smart TV. It’s not as great as XBMC, but it works for now.

Unfortunately, the Fritz!Mediaserver (DLNA server) does not automatically refresh the index when media files are added via Samba/SMB or FTP (only if they are added via their web interface Fritz!NAS). It can be refreshed manually via the interface on fritz.box/storage/settings.lua. But, since I like to automate things, I made a little helper to automatically refresh the index.

Continue Reading

  • Jun 15 / 2012
  • 9
Cloud Computing, Linux, Scripting

Script: Your US proxy server in one minute using Amazon EC2

Many of the well known websites determine your location based on your IP address and restrict their content or functionalities based on the country you’re in. Some examples are Gmail (Germans get only @googlemail.com-addresses, legal reasons), YouTube (content is restricted by the GEMA), and Pandora (limited to US citizens) to name only a few. To circumvent these restrictions, being able to quickly get an IP address outside of your own country is most helpful.

To do exactly that I wrote a little script that will start your very own US proxy server in one minute using Amazon EC2. In combination with browser plug-ins such as FoxyProxy, the script enables you to route all your web traffic through a proxy on an Amazon-owned machine — with an IP address in the US, Ireland, Singapore, Tokyo or Sao Paulo (location of Amazon data centers).

Continue Reading

Pages:1234