Category Archives: software - Page 2

Python function to update a var in a list of tuple

As part of my new ssh-fail script, now written in python I found myself needing to update a var in a list of a list, but you can’t just do list_a[3][3]= ‘new thing’ :(

so i wrote this function:

def tuple_update(touple, varloc, newval):
    temp = []
    for a in range(len(tuple)):
        if varloc != a:
            temp.append(tuple[a])
        else:
            temp.append(newval)
    return temp

and you can use it like this:

>>>ip_test=[('8.8.8.8', 423, None, 0), ('4.2.2.2', 64, None, 3), ('42.42.42.42', 23, None, 10)]
 
>>> ip_test[1]
('4.2.2.2', 64, None, 3)
>>> ip_test[1]=tuple_update(ip_test[1],1,38)
>>> ip_test[1]
['4.2.2.2', 38, None, 3]
>>> ip_test[2]=tuple_update(ip_test[2],0,'100.100.2.3')
>>> ip_test[2]
['100.100.2.3', 23, None, 10]
>>> ip_test
[['9.9.9.9', 423, None, 0], ['4.2.2.2', 38, None, 3], ['100.100.2.3', 23, None, 10]]

that’s: tuple_update(list,location,newval)

SourceForge direct download with clean filename

If you ever wget files from source forge you’ll know how the file name will be annoying with a bunch of extra crap

so…:

 

#!/bin/bash
file=`echo $1 | sed 's,.*/,,g; s/?.*//'`
echo $file
wget "$1" -O ./$file

for:

% ~/sf.sh "http://downloads.sourceforge.net/project/gns-3/GNS3/0.8.3.1/GNS3-0.8.3.1-src.tar.bz2?r=http%3A%2F%2Fsourceforge.net%2Fprojects%2Fgns-3%2F%3Fsource%3Ddirectory&ts=1354547913&use_mirror=voxel"
GNS3-0.8.3.1-src.tar.bz2
--2012-12-03 10:18:49--  http://downloads.sourceforge.net/project/gns-3/GNS3/0.8.3.1/GNS3-0.8.3.1-src.tar.bz2?r=http%3A%2F%
<>

Length: 2611269 (2.5M) [application/x-bzip2]
Saving to: `./GNS3-0.8.3.1-src.tar.bz2'

100%[=======================================================================================================================================================================>] 2,611,269   2.37M/s   in 1.1s    

2012-12-03 10:19:16 (2.37 MB/s) - `./GNS3-0.8.3.1-src.tar.bz2' saved [2611269/2611269]
 
( ~/del/sftest )% ls
GNS3-0.8.3.1-src.tar.bz2

yay!

Bash one liner: rDNS of failed ssh logins

Quickly get the rDNS of each IP that failed to login to your ssh :D

grep Failed /var/log/auth.log|grep -v pronto|sed 's/.*from //;s/ port.*//'|sort -u|while read host
do
        host "$host"
done
Host 196.108.80.114.in-addr.arpa not found: 2(SERVFAIL)
Host 71.102.207.124.in-addr.arpa not found: 2(SERVFAIL)
Host 192.190.210.125.in-addr.arpa. not found: 3(NXDOMAIN)
Host 248.196.211.125.in-addr.arpa. not found: 3(NXDOMAIN)
218.15.28.176.in-addr.arpa domain name pointer lvps176-28-15-218.dedicated.hosteurope.de.
Host 242.15.120.187.in-addr.arpa. not found: 3(NXDOMAIN)
Host 253.109.15.198.in-addr.arpa. not found: 3(NXDOMAIN)
Host 179.115.27.198.in-addr.arpa not found: 2(SERVFAIL)
8.197.61.198.in-addr.arpa domain name pointer 198-61-197-8.static.cloud-ips.com.
Host 159.203.61.198.in-addr.arpa. not found: 3(NXDOMAIN)
Host 60.82.71.198.in-addr.arpa. not found: 3(NXDOMAIN)
178.230.241.201.in-addr.arpa domain name pointer pc-178-230-241-201.cm.vtr.net.
Host 66.2.62.42.in-addr.arpa not found: 2(SERVFAIL)
82.179.79.4.in-addr.arpa domain name pointer scanning-service-4.nessus.org.
Host 61.226.49.64.in-addr.arpa. not found: 3(NXDOMAIN)
38.96.111.78.in-addr.arpa domain name pointer fire3.methosting.com.
7.138.17.85.in-addr.arpa domain name pointer hosted-by.leaseweb.com.
Host 72.129.211.95.in-addr.arpa. not found: 3(NXDOMAIN)

:D    also you can replace the “host “$host”  part with:    whois “$host” > $host    and quickly whois each IP as well, I recommend doing this in it’s own DIR though.  Then just do less *   and :n  to go to next file

Breakdown on the one liner for people new to linux/bash/celery
This part is pretty self explanatory, just greping auth.log for Failed, then grep -v is an inverse grep getting rid of my user name

grep Failed /var/log/auth.log|grep -v pronto

This part using is removing everything up to and including the word ‘from’ then everything and including the word ‘port’
the sed command is acutely doing two sed actions separated via a semicolon (no need to pipe sed to sed)

sed 's/.*from //;s/ port.*//'
the original line looks like:
Nov  9 08:22:56 tasty sshd[25254]: Failed password for root from 199.83.51.16 port 54268 ssh2
 
then end result is just "199.83.51.16"

for more useful sed one liners check out this page
this next part just sorts the massive list, and the -u flag only shows the unique ones

sort -u

 

Android Socks5 proxy

As an update to my last post I was able to get a socks5 proxy going on android(with no root) with ipv6 also working via the proxy

Some reason the screenshot program screws up the colors

 

That IP is one of my VPS’s and as you can see, ipv6 is working  (i don’t have ipv6 at home either)

How I did it:

Start with irssi connect-bot And save a server, on the main menu area, press and hold the server, and select “Edit Port fowards” and add a new one with info like:

You don’t need the same port, but it does need to be a dynamic socks proxy

 

Then on firefox go to about:config

Search for “proxy” and make the following changes:

network.proxy.socks = localhost
network.proxy.socks_port = 50505  (or what ever port you used)
network.proxy.socks_remote_dns = true
network.proxy.type = 1

and boom, it should work :D to revert to no proxy make network.proxy.type = 5

ssh, socks5 proxy, and windows

I have this VPS that has an ipv6 address (yay! I’m so awesome…)
Sadly my ISP does not yet provide ipv6 (evil FiOS, but that’s a rant on it’s own), so while using linux I’m able to do simple socks5 proxy to be able to use the ipv6 awesomness, eg:

$ ssh -D 50502 remote.server.here

firefox proxy config

Yay, I’m now browsing the web via the socks5 proxy, and when I go to http://test-ipv6.com/ I get a lovely 10/10 and I see my VPS’s ipv6 address

When I try to do this on putty via windows7 ipv6 does NOT work *sadface*

Windows7, firefox, putty, socks5, no ipv6! :(