tinyapps.org / blog


whois terminal command not returning registrant contact info #

At some point in recent history, whois stopped returning registrant contact info for a number of TLDs, including .com*. In Why is 'whois' showing no registrant information?, bu11etpr00f explains that the specific registrar whois server must now be queried directly in order to get registrant contact information, i.e.,

$ whois reddit.com
...
Registrar WHOIS Server: whois.markmonitor.com
...
$ whois -h whois.markmonitor.com reddit.com
...
Registrant Name: Domain Administrator
Registrant Organization: Reddit Inc.
Registrant Street: 548 Market St.,
...

Rather than running two commands, I cobbled together this oneliner:

$ whois -h $(whois reddit.com | grep 'Registrar WHOIS Server:' | cut -f2- -d:) reddit.com

but quickly realized that I use whois often enough to create a bash function for it.

So I saved this in ~/.bash_profile:

function w2 {
  whois -h $(whois $1 | grep 'Registrar WHOIS Server:' | cut -f2- -d:) $1
}

then ran source ~/.bash_profile to reload.

Much easier now:

$ w2 reddit.com
...
Registrant Name: Domain Administrator
Registrant Organization: Reddit Inc.
Registrant Street: 548 Market St.,
...

* Thanks to Guy at easyDNS for kindly informing me of the difference between thick and thin WHOIS registries. See also Anthony Geoghegan's reply to Why do some domain names have extremely truncated whois information? for more information.

/nix | Nov 14, 2017

Demi-decennial coworking update* #

WeWork "transforms buildings into beautiful, collaborative workspaces." 237 buildings in 56 cities, for teams of 1 to 500+.

Previously: 2005, 2010

*Yes, this installment is running slightly behind schedule.

/misc | Oct 26, 2017

Windows 10: Restore classic blue solid color Desktop background #

In Windows 2000 and XP, the default solid color Desktop background was a serene shade of blue:

Windows 2000 and XP blue solid color Desktop background

Hue: 141
Sat: 115
Lum: 105

 

Red: 58
Grn: 110
Blu: 165

 

Hex: #3A6EA5

The "Windows Classic" theme in Windows 7 used the same color, but there was a slightly darker blue default color available in the Solid Colors menu, which was still available in Windows 8.1:

Windows 7 and 8.1 blue solid color Desktop background

Hue: 142
Sat: 203
Lum: 60

 

Red: 10
Grn: 59
Blu: 118

 

Hex: #0A3B76

Inexplicably, Windows 10 not only removed these calming blue tones and replaced them with 24 largely garish colors, but also failed to provide any option for customizing colors in the main Settings menu (right click Desktop > Personalize > Background: Solid Color). Happily, the classic Desktop Background applet is accessible via Run > control /name Microsoft.Personalization /page pageWallpaper. Not only can you select the Windows 7 darker blue, but you can also create custom colors by clicking "More...".

UPDATE: The day after this post, Microsoft released Windows 10 Fall Creators Update, which includes a "Custom color" option in the main Background settings window. Click "More" to enter RGB, HSV, or hex values.

/windows | Oct 16, 2017

macOS: Export Contacts to CSV #

While Contacts.app does not include an explicit CSV export option, one can be easily effected by:
  1. highlighting desired contacts,
  2. dragging them into a new Numbers spreadsheet, and
  3. exporting the spreadsheet to CSV

/mac | Oct 16, 2017

Taking screenshots in macOS Recovery Mode or within a bootable installer #

  1. Boot into Recovery Mode (Cmd+R) or via a USB bootable install disk
  2. Utilities > Terminal
  3. If you have access to the existing macOS install, you can use the copy of screencapture located at /Volumes/Macintosh\ HD/usr/sbin/screencapture for the following. Otherwise, copy /usr/sbin/screencapture from another macOS install to a USB flash drive (e.g., SANDISK) and run from there.
  4. Open desired application(s) from the Terminal, e.g.,
  5. Open another tab in Terminal and run /Volumes/SANDISK/screencapture /Volumes/SANDISK/screenshot.png

References:

/mac | Oct 01, 2017

High Sierra's Disk Utility does not recognize unformatted disks #

unless you click View > Show All Devices, quit Disk Utility, then relaunch it (thanks to xenadu02 for the workaround!)

macOS 10.13's Disk Utility 17.0 (1626) does not recognize raw drives. Here is an example while booted from the installer, attempting to prepare a new internal drive:

high_sierra_disk_utility_before

However, as seen in the blue Terminal window, diskutil does recognize the drive. We'll use it to perform a quick, cursory format (e.g., diskutil eraseDisk JHFS+ NewDisk GPT disk0) to make the disk appear in Disk Utility, where further modifications can more easily be made:

high_sierra_disk_utility_after

Plugging in an unformatted external drive produces the usual alert, "The disk you inserted was not readable by this computer. Initialize... | Ignore | Eject", but clicking Initialize just opens Disk Utility without the disk appearing:

High Sierra Disk Utility

As shown above, clicking View > Show All Devices does not cause the raw disk to appear.

UPDATE: Fans of Disk Utility's last classic version (13 (606) from OS X 10.10 Yosemite) have got it running in El Capitan and Sierra:

Disk Utility version 13 was the last to support:

However, in light of APFS and other changes, it may be wiser to simply use diskutil and hdiutil instead.

/mac | Oct 01, 2017

Breathing new life into a 2006 MacBook #

/mac | Sep 17, 2017

Menu bar firewall status indicator #

BitBar (open source) can be used to display an emoji of choice in the menubar depending on the built-in Application Firewall's state: off (0), on for specific services (1), or on for essential services (aka stealth mode) (2):

Firewall status in menubar via BitBar

  1. Install and launch BitBar
  2. Create a new directory (e.g., ~/bitbar/) to store plugins when prompted
  3. Save the following Bash script as ~/bitbar/firewall_status_indicator.10s.sh and make it executable (chmod +x firewall_status_indicator.10s.sh):
    #!/bin/bash
    
    state=$(defaults read "/Library/Preferences/com.apple.alf" globalstate);
    
    if [ "$state" -eq 2 ]; then
      echo "🔒"
    elif [ "$state" -eq 1 ]; then
      echo "❗️"
    else
      echo "‼️"
    fi
    
    echo "---"
    echo "Open Firewall preference pane| href='x-apple.systempreferences:com.apple.preference.security?Firewall'"
    

GeekTool (free) can display a tiny red or green status LED on the desktop or in the menubar to indicate the firewall status:

Firewall status in menubar via GeekTool

TextBar ($2.99) can be used to display a shield icon and the firewall state (0, 1, or 2 as explained above) in the menu bar:

Firewall status in menubar via TextBar

  1. Install and launch TextBar
  2. Disable the default items
  3. Click the plus symbol to add a new item
  4. Replace echo 'Hello' with defaults read /Library/Preferences/com.apple.alf globalstate
  5. Check the far left box to enable and select the shield image

/mac | Sep 10, 2017

Particulars: BgInfo for OS X / macOS #

Sysinternals' BgInfo has been around for ages, displaying key system info on the Windows Desktop for convenience (especially handy for admins supporting remote users).

Glencode's Particulars offers similar functionality for Mac users, including a lab mode to help ease mass deployment.

/mac | Sep 10, 2017

Recovering saved macOS user passwords #

Users who have (inadvisedly) enabled automatic login often forget the password. It is merely encoded with an XOR cipher and stored in /etc/kcpassword.

A number of sites suggest this Ruby one-liner to recover it:

sudo ruby -e'key=[125,137,82,35,210,188,221,234,163,185,31];IO.read("/etc/kcpassword").bytes.each_with_index{|b,i|break if key.include?(b);print [b^key[i%key.size]].pack("U*")}'

However, only the first four characters were returned in my limited testing.

Joaquin Moreno Garijo's Python script, kcpass.py, did the trick:

  1. Copy /etc/kcpassword via target disk mode, single-user mode, etc.
  2. curl -O https://raw.githubusercontent.com/jjarava/mac-osx-forensics/master/kcpass.py
  3. chmod +x kcpass.py
  4. ./kcpass.py $(xxd -p /path/to/kcpassword)
        Kcpasswd: 0x09e03c5ab3ccad998dd66d1a89b165ae7e8912b851f8f0ff.
        Magic Xor: 0x7d895223d2bcddeaa3b91f.
        Used Magic Xor: 0x7d895223d2bcddeaa3b91f7d895223d2bcddeaa3b91f7d895223d2bcddeaa3b91f.
    
        The password is: "tinyapps.org".
    

See also:

/mac | Sep 07, 2017

Veganism in a nutshell #

If we could live happy and healthy lives without harming others... why wouldn't we?

-- Pam Ahern of Edgar's Mission

/misc | Sep 03, 2017

Cracking Microsoft Office password protection #

A new guide has been added to the dusty docs section: Cracking Microsoft Office password protection via hashcat, locally or in the cloud. Enjoy!

/nix | Aug 22, 2017

Proving the existence and content of a webpage #

ICanProve generates "digitally signed screenshots and session logs for legal evidence, proofs and discovery".

It uses a "remote controlled browser to create screenshots with extended logging of user actions and data transfer to create a timestamped and digitally signed document to give a very reliable proof of the website contents while allowing to selectively exclude sensitive information and transparently decoding ssl (https) sessions".

Would the generated files hold up in court? No idea. I am not a lawyer (thank heavens), this is not legal advice, etc, etc. It may be prudent to have an actual notary (or twelve) verify and notarize as well (after conferring with a phalanx of attorneys, of course).

Related:

/misc | Aug 16, 2017

OS X: Undelete iMessage messages #

/mac | Jul 17, 2017

Download Windows and Office ISOs from Microsoft #

quickly and easily with Jan Krohn's Microsoft Windows and Office ISO Download Tool:
"This tool allows an easy and comfortable way to download genuine Windows 7, Windows 8.1 and Windows 10 disk images (ISO) directly from Microsoft's servers, as well as Office 2007, Office 2010, Office 2013, Office 2016, and Office 2011 for Mac.*

"In the past Microsoft provided disk images for many of their products through their subcontractor "Digital River". These downloads were pulled in early 2014. Afterwards, Microsoft made a limited selection of downloads available on their TechBench site. Our tool accesses that TechBench site, and unlocks a large number of hidden download files on it."

*In my testing, only Windows 8.1, Windows 10, Insider Preview, Office 2013, Office 2016, and Office 2016 for Mac were available. However, there is this promising note on Jan's website:

"Removal of Windows 7 and Office in Version 5.00: These downloads have been blocked by Microsoft. We're working on an update."

/windows | Jun 03, 2017

Incremental disk image backups with auto-pruning, encryption, and more #

Veeam Endpoint Backup was recently upgraded and renamed to Veeam Agent for Microsoft Windows. The freeware edition is even more powerful than before; here are just some of the features:

Backup

Restore

Recovery Media

More

Notes

/windows | May 31, 2017

Encrypt and decrypt files in GPG without keys; #

that is, using only a symmetric cipher:

Create an encrypted copy of foo, saving it as foo.gpg in the current directory:

$ gpg --symmetric --cipher-algo AES256 foo
Enter passphrase:
Repeat passphrase:

Create a decrypted copy of foo.gpg, saving it as foo in the current directory:

$ gpg --output foo --decrypt foo.gpg
gpg: AES256 encrypted data
Enter passphrase:
gpg: encrypted with 1 passphrase

Create an encrypted copy of foo, saving it as foo.asc in the current directory in ASCII-armored format (suitable for pasting into email, etc):

$ gpg --symmetric --armor --cipher-algo AES256 foo
Enter passphrase:
Repeat passphrase:

Same as above, but send output to stdout instead of saving as foo.asc:

$ gpg --symmetric --armor --cipher-algo AES256 --output - foo
Enter passphrase:
Repeat passphrase:
-----BEGIN PGP MESSAGE-----
Version: GnuPG v1

jA0ECQMCpjdNrpTC689g0kYBkyRd+aGyQwt8sZu+OvEilyCnXd6RiYMXM75MlSb+
OCZnMy6hBhGxvJ7R23HCkNPg76X8dH4O8k5kYtuQwL9fZL8akSY0
=uWsn
-----END PGP MESSAGE-----

Decrypt foo.asc, sending output to stdout:

$ gpg --decrypt foo.asc
gpg: AES256 encrypted data
Enter passphrase:
gpg: encrypted with 1 passphrase
hello, world!

Notes:

/nix | May 30, 2017

Renaming files in OS X for Windows or Unix compatibility #

Free

While the above approaches should cover most use case scenarios, none of them address all of the possible naming issues in Windows.

Fee

/mac | May 16, 2017

Apple Keyboard (A1243) - Function Keys Not Working #

The Apple Keyboard (A1243) was introduced in 2007 and rechristened Apple Keyboard with Numeric Keypad in 2009. Almost a decade later, it is still sold under the same name and model number.

However, there have been two different order numbers for this keyboard with separate system requirements:

The only cosmetic difference between the MB110LL/A and MB110LL/B is the icons on the F3 and F4 keys:

MB110LL/A MB110LL/B
MB110LL/A F3 & F4 keys MB110LL/B F3 & F4 keys

/mac | Apr 29, 2017

OS X: Rich text editor with regex #

Bean has been under constant development for years; it's been listed on the OS X page since version 0.94 (current version is 3.2.9). In addition to supporting a host of file formats (rtf, rtfd, plain text, webarchive, doc, docx, and odt), Bean is the only rich text editor I have found for OS X which also supports regex find/replace.

/mac | Apr 27, 2017

Saving colorized output from Bash #

even from programs like testdisk, in which output may span many separate screens:

Text-based output:

  1. Install aha: $ sudo apt install aha
  2. $ sudo testdisk | tee >(aha --black>output.html)
  3. After quiting testdisk, type exit on the command line. Find output.html in the current directory.

Graphic-based output:

  1. $ sudo apt install imagemagick ttyrec gcc x11-apps
  2. $ git clone https://github.com/icholy/ttygif.git
  3. $ cd ttygif
  4. $ make && sudo make install
  5. $ ttyrec
  6. Run desired command(s), e.g., $ sudo testdisk
  7. Type exit when finished
  8. Convert ttyrec's output file (ttyrecord by default) to tty.gif in the current directory: $ ttygif ttyrecord

Sources & More

/nix | Mar 05, 2017

Resetting an HP OfficeJet 5740 #

Notes

Support and Engineering main menu entries

Support Menu (Press Back/Return 4 times)

Some potentially useful/interesting options:

Engineering Menu (Press Home, Back, Home, Home)

Some potentially useful/interesting options:

Links

/misc | Mar 04, 2017

Windows keeps reverting to high contrast mode #

If Windows keeps changing back to high contrast mode despite repeated attempts to change in Control Panel > All Control Panel Items > Personalization and disabling all options under "Choose a High Contrast theme" in Control Panel > All Control Panel Items > Ease of Access Center > "Make the computer easier to see", head to the Lock Screen > Ease of Access icon at bottom left > and turn off High Contrast.

/windows | Mar 01, 2017

Preparing a Mac for resale or donation (Sierra edition) #

  1. Deauthorize Mac in iTunes, turn off Find My Mac, sign out of iCloud, and sign out of iMessage.
  2. Securely erase internal storage, install macOS, create temporary admin account (e.g., tempuser), install apps and updates, etc.
  3. Log in normally as tempuser and run:
    $ sudo dscl . -delete /Groups/admin GroupMembership tempuser
    $ sudo dscl . -delete /Users/tempuser
  4. Restart in Single User Mode and run:
    # fsck -fy
    # mount -uw /
    # rm -R /Users/tempuser
    # rm /var/db/.AppleSetupDone
    # shutdown -h now

Sources

Regarding iLife and iWork apps

/mac | Feb 18, 2017

Reset Safari 10 in OS X 10.11 El Capitan #

Turn this:

Safari junk

into this:

Safari clean

#!/bin/bash

# Reset Safari 10 for current user. Developed and tested under OS X 10.11.6 El Capitan.

# Backup bookmarks to Desktop, exiting if unsuccessful
cp -v ~/Library/Safari/Bookmarks.plist ~/Desktop/Bookmarks-`date +%Y%m%d%H%M%S`.plist
if [[ $? -ne 0 ]]; then exit 1; fi

# Delete main Safari data directory
rm -rfv ~/Library/Safari

# Delete caches
rm -rfv ~/Library/Caches/com.apple.Safari
rm -rfv ~/Library/Caches/com.apple.Safari.SearchHelper
rm -rfv ~/Library/Caches/com.apple.safaridavclient
rm -rfv ~/Library/Caches/com.apple.WebKit.PluginProcess
rm -rfv ~/Library/Caches/Metadata/Safari
rm -rfv ~/Library/Caches/SafariNotificationAgent
rm -rfv ~/Library/Caches/com.apple.commerce.safari/SafariLibrary

# Delete cookies
rm -rfv ~/Library/Cookies/Cookies.binarycookies
rm -rfv ~/Library/Cookies/com.apple.safari.cookies
rm -rfv ~/Library/Cookies/com.apple.CaptiveNetworkAssistant.binarycookies
rm -rfv ~/Library/Cookies/com.apple.Safari.SafeBrowsing.binarycookies
rm -rfv ~/Library/Cookies/com.apple.Safari.SearchHelper.binarycookies

# Delete preferences
rm -rfv ~/Library/Preferences/com.apple.Safari.LSSharedFileList.plist
rm -rfv ~/Library/Preferences/com.apple.Safari.RSS.plist
rm -rfv ~/Library/Preferences/com.apple.Safari.plist
rm -rfv ~/Library/Preferences/com.apple.Safari.Extensions.plist
rm -rfv ~/Library/Preferences/com.apple.WebFoundation.plist
rm -rfv ~/Library/Preferences/com.apple.WebKit.PluginHost.plist
rm -rfv ~/Library/Preferences/com.apple.WebKit.PluginProcess.plist
rm -rfv ~/Library/Preferences/com.apple.commerce.safari.plist

# Delete saved state
rm -rfv ~/Library/Saved\ Application\ State/com.apple.Safari.savedState

# Delete RSS feeds subscribed in Safari or Mail
# More info on PubSub database and command:
# http://krypted.com/mac-os-x/managing-mail-and-safari-rss-subscriptions-from-the-command-line/
rm -rfv ~/Library/PubSub/Database

# Delete yet more Safari data (cannot find any definitive documentation on this directory)
rm -rfv ~/Library/WebKit/com.apple.Safari

# Delete SharedFileList
rm -rfv ~/Library/Application Support/com.apple.sharedfilelist/com.apple.LSSharedFileList.ApplicationRecentDocuments/com.apple.safari.sfl

# Delete LSOs / Flash cookies
rm -rfv ~/Library/Caches/Adobe/Flash\ Player

# Clear file quarantine database (i.e., list of downloaded files)
# More info: http://osxdaily.com/2012/07/12/list-download-history-mac-os-x/
sqlite3 ~/Library/Preferences/com.apple.LaunchServices.QuarantineEventsV* 'delete from LSQuarantineEvent'

# Delete QuickTime cache
rm -rfv ~/Library/Caches/QuickTime

printf "\n\n\033[1;32mSafari cleanup complete.\n\n\033[1;31mThe contens of /Library/Internet Plug-Ins and ~/Library/Internet Plug-Ins\nwill appear below after pressing Enter. Check output for unwated plugins.\nPreserve Quartz Composer.webplugin & Default Browser.plugin at a minimum.\033[0m\n\n"

read -p "Press Enter to continue."

# List contents of /Library/Internet Plug-Ins and ~/Library/Internet Plug-Ins
ls -A /Library/Internet\ Plug-Ins ~/Library/Internet\ Plug-Ins

Sources:

  1. Testing with fs_usage and File Buddy in a clean VM.
  2. completely reset Safari 9
  3. How to reset safari 9.0.3
  4. Reset Safari from command line
  5. Reset Safari doesn't really clean all the cookies of Safari web browser
  6. History in Safari
  7. Aborting a shell script if any command returns a non-zero value?
  8. In a bash script, how can I exit the entire script if a certain condition occurs?
  9. guapolo's answer to How to get osx shell script to show colors in echo

/mac | Feb 11, 2017

Still using Yahoo Mail? #

/misc | Feb 10, 2017

List all files on disk #

Even as root, ls and find produced too many errors ("Permission denied", "Not a directory", "directory causes a cycle", "Input/output error", etc) when attempting to list all files on disk. Tree worked a treat:

$ tree -a -i -f / > filesystemlist.txt

 -a All files are listed.
 -i Don't print indentation lines.
 -f Print the full path prefix for each file.
See also Tree for Windows and LINUX Recursively list all files in a directory including files in symlink directories.

/nix | Feb 06, 2017

Migrating from Mail.app to Thunderbird #

* In Mail.app, you can highlight multiple mailboxes > "Export Mailbox..." > Options > Export all subfolders > Choose, but the resulting mbox files are all named "mbox".

/mac | Feb 05, 2017

Batch remove all tiles from Windows 10 Start Menu #

Well, almost all tiles; the few that remain after running the script below (save as unpin.ps1 then right click and "Run with PowerShell") can be removed manually (right click tile > "Unpin from Start").

/windows | Feb 04, 2017

Convert asciidoc to markdown #

  1. Install pandoc and asciidoc

    $ sudo apt install pandoc asciidoc

  2. Convert asciidoc to docbook

    $ asciidoc -b docbook foo.adoc

    foo.xml will be output into the same directory as foo.adoc

  3. Convert docbook to markdown

    $ pandoc -f docbook -t markdown_strict foo.xml -o foo.md

  4. Unicode symbols were mangled in foo.md. Quick workaround:

    $ iconv -t utf-8 foo.xml | pandoc -f docbook -t markdown_strict | iconv -f utf-8 > foo.md

  5. Pandoc inserted hard line breaks at 80 characters. Removed like so:

    $ iconv -t utf-8 foo.xml | pandoc -f docbook -t markdown_strict --wrap=none | iconv -f utf-8 > foo.md

/nix | Jan 24, 2017

3 Mac file-related apps #

from a blog post (and related comments) on Robservatory:

/mac | Jan 23, 2017

Objections to veganism #

Vegan Sidekick has a handy guide to justifications for harming and exploiting animals. TL;DR: this comic covers much of it.

/misc | Jan 23, 2017


Subscribe or visit the archives