Instant Cash For Phones

So I saw this the other day while cruising through the local grocery store.  I walked by it and laughed at the sight of a BIOS screen on an ATM (of sorts) before returning to take the photo.  [Nevermind the man and baby in the background.]  Oh, the fun we could have if I were an after-hours stock boy. 😀

Welp

April 21, 2016 — Leave a comment

It’s been a while since I’ve been around these parts.  409 days, if you’re the nerdy track-all-the-things type.

Maybe I’ll sling some content on the blog and see what sticks…

A couple weeks ago I blogged about my downloadOTX.sh script, which automates the collection of AlienVault OTX reports.  I hadn’t used this script in about a week, so I was surprised to see some 404 errors this morning:

$ ./downloadOTX.sh 62.141.45.205
--2015-03-09 10:47:29--  http://www.alienvault.com/apps/api/threat/pdf/?ip=62.141.45.205
Resolving www.alienvault.com (www.alienvault.com)... 64.62.160.26
Connecting to www.alienvault.com (www.alienvault.com)|64.62.160.26|:80... connected.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://www.alienvault.com/apps/api/threat/pdf/?ip=62.141.45.205 [following]
--2015-03-09 10:47:29--  https://www.alienvault.com/apps/api/threat/pdf/?ip=62.141.45.205
Connecting to www.alienvault.com (www.alienvault.com)|64.62.160.26|:443... connected.
HTTP request sent, awaiting response... 404 NOT FOUND
2015-03-09 10:47:30 ERROR 404: NOT FOUND.

Continue Reading…

VRFBackupTool shares the same broken function as VRFSearchAndBackup, so I decided I would update this one as well.

You can find the most recent version on it’s GitHub Repository.

As you might have noticed form this week’s blog posts, I enjoy writing code to automate tedious or time consuming tasks.  Well, maybe it might be a stretch to say I enjoy it — but I certainly reap the benefit of putting in the hard work to automate tasks that I otherwise hate performing.  I do, however, enjoy publishing much of this code on the Internet in hopes that others will find it useful and I occasionally hear from them stating such.

In a past life, as a Network Engineer, I wrote a small application which automates the ability to search a Cisco router for a VRF VPN profile and back it up to disk.  (If you’re making changes to your Cisco routers and you don’t back up your configurations before you change them, then you obviously haven’t broken one yet.)  I received a lot of feedback from other people who found this tool to be useful and use it regularly.  I also recently received word that it doesn’t work under Cisco IOS 15.4.

That sucks.

Specifically, it blows up right about here:


VRFSearchAndBackup.py v1.0.1 (2014-03-17)
-----------------------------------------

--> Index found and appears up to date.

Enter the VRF Name or IP Address you are searching for: USG-10195

+--------------------+--------------------+--------------------+
| VRF NAME | REMOTE IP ADDRESS | LOCAL IP ADDRESS |
+--------------------+--------------------+--------------------+
| ABC-12345 | 192.168.1.1 | 192.168.2.1 |
| ABC-12345 | 192.168.1.1 | 192.168.2.1 |
+--------------------+--------------------+--------------------+

Do you want to back up this configuration now? [Y/n]

--> Logging into 192.168.2.1...
--> Backing up ABC-12345 ...
Traceback (most recent call last):
 File "<string>", line 534, in <module>
 File "<string>", line 413, in searchIndex
 File "<string>", line 176, in backupVRF
AttributeError: 'NoneType' object has no attribute 'group'

C:\Applications>

Continue Reading…

One of the least glamorous parts of network security is capturing information on Internet hosts that exhibit malicious intent.  Here is a script that I’ve created to help automate the process of collecting AlienVault’s Open Threat Exchange (OTX) reports:

#!/usr/bin/sh
#
# downloadOTX.sh
#
# This script uses AlienVault's Open Threat Exchange (OTX) to download a PDF
# containing the IP reputation of the IP Addresses provided.
#
# USAGE:
# $ ./downloadOTX.sh 1.2.3.4
# $ ./downloadOTX.sh 1.2.3.4 1.2.3.5 1.2.3.6 etc.
#

# Set path to save files:
path=/Downloads/

# Set filename prefix and/or suffix:
prefix=
suffix=\_otx.pdf

for args in "$@"
do
    wget http://www.alienvault.com/apps/api/threat/pdf/?ip=$args -O $path$prefix$args$suffix
done

Continue Reading…

One of the least glamorous parts of network security is capturing information on Internet hosts that exhibit malicious intent.  Here is a script that I’ve created to help automate the process of collecting WHOIS information:

#!/usr/bin/sh
#
# downloadWHOIS.sh
#
# This script uses native whois command to return the WHOIS information
# of the IP Addresses provided.
#
# USAGE:
# $ ./downloadWHOIS.sh 1.2.3.4
# $ ./downloadWHOIS.sh 1.2.3.4 1.2.3.5 1.2.3.6 etc.
#

# Set path to save files:
path=/Downloads/

# Set filename prefix and/or suffix:
prefix=
suffix=\_whois.txt

for args in "$@"
do
    whois $args > $path$prefix$args$suffix
done

Continue Reading…

2014 Blog Summary

February 3, 2015 — Leave a comment

Regular readers, assuming I have any left, may have noticed activity around here has been pretty quiet the past few months.  Major work projects with deadlines in November last year sucked up all my available time outside family life. In a very short timeframe I was able to successfully integrate both a new network performance monitoring tool and an intrusion detection system into our network.  Now that those things have (mostly) settled down a bit, I have more time to continue exploring activities that interest me and the margin to blog about them.

In 2014 I began capturing basic metrics on the blog and I thought it would be fun to look back at the year to see what was hot and what was not.  In the approximately 86 blog posts I made in 2014, one post practically dominated the majority of my inbound traffic.  I’m not a paid subscriber to StatCounter, so I can’t provide you with a detailed history, but if the last 9 days are any indication, you can see just how popular my How To Rip P90X3 DVDs With Handbrake post was:

blog_popular_pages

 

Thanks to everyone participating in the comments section on that post.  I never imagined there would be so much interest in this topic when I wrote my guide. Continue Reading…

Last month I attended Maker Faire Atlanta with other Atlanta Hams where I helped teach kids how to build a very basic circuit with an attention-getting LED.  I blogged about that here.

I wanted to salvage that mini breadboard and I had some Adafruit Perma-Proto PCBs that were looking lonely, so I moved all everything over and soldered it into place.  It turned out pretty well, but I wasn’t so sure by the time I had arrived to the end.

I started by placing the 555 timer directly in the center of the board instead of counting out my spacing to ensure I’d h ave enough room the way everything was laid out.  As it turns out, I did, but I was right on the edge of the board when I soldered the capacitor on.  Had I started one space closer to the edge of the board, I wouldn’t have had enough room.

You can see the finished product posted on Vine:

Continue Reading…

DerbyConCTF: In Summary

November 21, 2014 — Leave a comment

In closing, I wanted to say a few things about my experience with DerbyCon CTF 2014.

This year was much different than years past simply because I had my family with me this year.  Although I had my wife’s blessing to experience the con as I always had, it just felt different because my family was present and therefore I acted different.

When I was in the CTF room my attention was divided between trying to discover the next flag and taking a break to spend time with my family.  When I was with my family, my mind was secretly trying to solve a problem I hadn’t yet answered.  In other words, it wasn’t much fun for me or the family.  Well, it wasn’t awful — it just couldn’t be both.

Continue Reading…