Decrypting TLS traffic

In Firefox

A Docker image that runs Chromium headless with SSLKEYLOGFILE set, opens an HTTPS page and dumps the decrypted TLS traffic to the terminal. Also runs in Play with Docker. Pull and run docker run --net host deanturpin/ssldump Dockerfile FROM kalilinux/kali-linux-docker RUN apt update RUN apt install -y chromium RUN apt install -y ssldump RUN apt install -y psmisc CMD \ # Kill the ssldump in the future or the container won't terminate ((sleep 10s && killall ssldump && cat ~/dump. [Read More]

Simple Python web server

To report browser headers

My work Firefox ESR browser seemed to be giving up my username (I.e., half of my login credentials) in its HTTP headers so I wrote simple Python-based webserver that mirrors the browser HTTP headers back to the browser. The script is encapsulated in a Docker image and could be deployed to an AWS instance. Here the server is started on common HTTP ports. docker run --rm -d -p 80:8080 deanturpin/http docker run --rm -d -p 443:8080 deanturpin/http docker run --rm -d -p 8080:8080 deanturpin/http Dockerfile FROM ubuntu RUN apt update --yes RUN apt install --yes python COPY . [Read More]

Resetting a forgotten Windows password

When you’ve misplaced the password to a local Windows account. Seen to work on Windows 2000, 7 and 10. Prerequisites: a 4GB USB stick and a machine capable of creating a USB boot disk (Ubuntu is good). Time to complete: half an hour to download Kali and create the stick and a few minutes to reset a password. Download the latest Kali Linux ISO and create a USB boot disk on another machine. [Read More]

Network analysis

On the Linux command line

For the purposes of this exercise we’re not employing any nefarious means to gain access to packets. Generally Ethernet switches attempt to intelligently direct packets to only the intended host so an ordinary machine sat on a subnet will only receive its own packets and broadcasts. But unsolicited broadcasts will at least show you some other active IPs on the network. You want to get “in the way” of as much data as possible so if you can run these tests on the router then even better. [Read More]

Cloud computing

Play With Docker Amazon Web Services Digital Ocean Google Cloud Hybrid Cloud Cloud9 versus Google Cloud SSH Google’s is slightly slicker, more tightly integrated with the instance browser. The Google web SSH client is so close to the real thing that you quickly forget what’s going on. Cloud9 IDE is quite nice, Sublime-style editor. But slightly odd ctrl codes remind you that you’re not actually typing into a real terminal. [Read More]

Create a Twitter bot

Using twurl and Google Cloud

Prerequisites: a Twitter account, moderate command line and Google Cloud experience. Time to complete: a couple of hours. Alternatively you might consider GitLab hosting. Developer account Apply for a Twitter dev account, create an app and make a note of the two API keys. Keep them to yourself. Google Cloud hosting Create the smallest (and cheapest) Linux instance on Google Cloud. Installation Connect to your instance and install the essentials. [Read More]

KEYnote

A Linux JUCE application that extracts the peak FTT bin from a live audio recording and reports the closest note

Screenshot is highlighting the major 3rd of an A chord: 440, 550 and 660Hz. Note the FFT bin is not a precise pitch so the closest concert pitch is displayed. See the source on GitHub. Note mapping #include <iostream> #include <map> #include <vector> const std::map<double, std::string> notes{ // Catch all for lower bound search {0.0, "Bx"}, // All the notes we're interested in. At the low end a single Fourier bin // will map to multiple notes. [Read More]

Generate a network topology

From a hosts file

tracehost is a bash script that parses a standard hosts files and generates an SVG. The script accepts a standard system hosts file format but actually it only cares about the first host or IP on a line. In fact any line format may be used as long as each line begins with something that can be pinged. 127.0.0.1 localhost # for local people 216.58.213.99 - google silobrighton.com # Zero waste The image below is generated as a daily GitLab cron job. [Read More]

Ghost blog

Install Ghost in a Google Cloud instance

Prerequisites: basic knowledge of the Linux command line, domain names and DNS. Time to complete: one hour. Google Cloud actually offer pre-built Ghost images but unfortunately they deploy a woefully antique revision. So I built my own using Ghost’s GitHub instructions as a reference. Before we proceed it must be remembered that if you’re hosting it yourself you are in control of the backups. You can casually delete entire VMs in as few as three slipshod strikes of the mouse button. [Read More]