tinyapps.org / blog


Cracking Microsoft Office password protection #

A new guide has been added to the dusty docs section: Cracking Microsoft Office password protection via hashcat, locally or in the cloud. Enjoy!

/nix | Aug 22, 2017

Encrypt and decrypt files in GPG without keys; #

that is, using only a symmetric cipher:

Create an encrypted copy of foo, saving it as foo.gpg in the current directory:

$ gpg --symmetric --cipher-algo AES256 foo
Enter passphrase:
Repeat passphrase:

Create a decrypted copy of foo.gpg, saving it as foo in the current directory:

$ gpg --output foo --decrypt foo.gpg
gpg: AES256 encrypted data
Enter passphrase:
gpg: encrypted with 1 passphrase

Create an encrypted copy of foo, saving it as foo.asc in the current directory in ASCII-armored format (suitable for pasting into email, etc):

$ gpg --symmetric --armor --cipher-algo AES256 foo
Enter passphrase:
Repeat passphrase:

Same as above, but send output to stdout instead of saving as foo.asc:

$ gpg --symmetric --armor --cipher-algo AES256 --output - foo
Enter passphrase:
Repeat passphrase:
-----BEGIN PGP MESSAGE-----
Version: GnuPG v1

jA0ECQMCpjdNrpTC689g0kYBkyRd+aGyQwt8sZu+OvEilyCnXd6RiYMXM75MlSb+
OCZnMy6hBhGxvJ7R23HCkNPg76X8dH4O8k5kYtuQwL9fZL8akSY0
=uWsn
-----END PGP MESSAGE-----

Decrypt foo.asc, sending output to stdout:

$ gpg --decrypt foo.asc
gpg: AES256 encrypted data
Enter passphrase:
gpg: encrypted with 1 passphrase
hello, world!

Notes:

/nix | May 30, 2017

Saving colorized output from Bash #

even from programs like testdisk, in which output may span many separate screens:

Text-based output:

  1. Install aha: $ sudo apt install aha
  2. $ sudo testdisk | tee >(aha --black>output.html)
  3. After quiting testdisk, type exit on the command line. Find output.html in the current directory.

Graphic-based output:

  1. $ sudo apt install imagemagick ttyrec gcc x11-apps
  2. $ git clone https://github.com/icholy/ttygif.git
  3. $ cd ttygif
  4. $ make && sudo make install
  5. $ ttyrec
  6. Run desired command(s), e.g., $ sudo testdisk
  7. Type exit when finished
  8. Convert ttyrec's output file (ttyrecord by default) to tty.gif in the current directory: $ ttygif ttyrecord

Sources & More

/nix | Mar 05, 2017

List all files on disk #

Even as root, ls and find produced too many errors ("Permission denied", "Not a directory", "directory causes a cycle", "Input/output error", etc) when attempting to list all files on disk. Tree worked a treat:

$ tree -a -i -f / > filesystemlist.txt

 -a All files are listed.
 -i Don't print indentation lines.
 -f Print the full path prefix for each file.
See also Tree for Windows and LINUX Recursively list all files in a directory including files in symlink directories.

/nix | Feb 06, 2017

Convert asciidoc to markdown #

  1. Install pandoc and asciidoc

    $ sudo apt install pandoc asciidoc

  2. Convert asciidoc to docbook

    $ asciidoc -b docbook foo.adoc

    foo.xml will be output into the same directory as foo.adoc

  3. Convert docbook to markdown

    $ pandoc -f docbook -t markdown_strict foo.xml -o foo.md

  4. Unicode symbols were mangled in foo.md. Quick workaround:

    $ iconv -t utf-8 foo.xml | pandoc -f docbook -t markdown_strict | iconv -f utf-8 > foo.md

  5. Pandoc inserted hard line breaks at 80 characters. Removed like so:

    $ iconv -t utf-8 foo.xml | pandoc -f docbook -t markdown_strict --wrap=none | iconv -f utf-8 > foo.md

/nix | Jan 24, 2017

Compare / diff disk images and other large binary files #

with lfhex (Large File Hex Editor). Installation in Debian-based distros is as easy as # apt install lfhex, but that version is sadly plagued with a long-standing bug which hides the (very handy) "Cursor Offset" selection box:
lfhex missing Cursor Offsetlfhex with Cursor Offset
lfhex missing cursor offsetlfhex with cursor offset

As Kalle Olavi Niemitalo explains in the aforementioned bug report, removing statusBar()->showMessage("Ready",2000); from hexGui.cpp before compiling works, but only if you have older versions of Qt, gcc, g++, etc. to compile with (or manage to resolve compatibility problems like this one).

After several false starts, I got a x64 binary compiled under Ubuntu 12.04, gcc 4.6.3, and Qt 4.8.1. Works fine under newer Debian-based distros as well.

See also wxHexEditor, a cross-platform (Linux, Windows, OS X), open source hex editor with support for very large files (up to 2EB) and raw disk access (under POSIX systems). The current version, 0.23 beta, is available via # apt install wxhexeditor.

UPDATE 1: Just noticed this on the lfhex homepage under "Limitations": "Search/compare can be slow (compared to cmp or any other non-paged IO app)". Note that cmp -s is faster than just cmp and roughly equal to diff -q. More info. Tip: If you just need to know whether two large files differ, first check the file sizes. Only then if necessary run: diff --speed-large-files --brief --report-identical-files file1 file2.

UPDATE 2: To compare two files, run $ lfhex -c file1 file2 (there isn't a comparison option within the GUI, though the preceding command will launch the GUI in comparison mode).

/nix | Nov 05, 2016

Interrupt PhotoRec recovery, change the destination, and resume #

During a PhotoRec session, if disk space on the destination starts running precariously low, you can interrupt the session, change the destination, and resume like so:
  1. Halt the session and exit PhotoRec: Stop > Y > Quit > Quit > Quit
  2. If desired, move recup_dir.* to new destination (while not required, you may wish to keep all of the recovered files together). In any case, do not move or edit photorec.ses, which is located in the current working directory)
  3. Launch PhotoRec again
  4. When "Continue previous session ? (Y/N)" prompt appears, press Y
  5. Browse to new destination directory then press C
  6. Recovery will resume where it left off

/nix | Oct 24, 2016

Mounting partitions from full disk images with guestfish #

Just added a long-overdue update to Mounting partitions from full disk images with guestfish, part of the inimitable libguestfs:
"libguestfs can access almost any disk image imaginable. It can do it securely — without needing root and with multiple layers of defence against rogue disk images. It can access disk images on remote machines or on CDs/USB sticks. It can access proprietary systems like VMware and Hyper-V."

/nix | Oct 02, 2016

Installing ddrescue in Debian, Ubuntu, Mint, et.al. #

A few ddrescue install tips for Debian-based distros:

/nix | Sep 30, 2016

A lickable Linux distro #

Apricity OS is an Arch-based Linux distribution with a simple, beautiful, and consistent UI:

Apricity OS

According to the developers, "Apricity OS idles at around 500 megabytes of memory usage, as opposed to other popular operating systems that idle at up to several gigabytes. This also helps bring boot times down to just a few seconds." I found it fast and responsive running in a VM with just 2GB of RAM. Love the little coffee cup icon in the menu bar which functions much like OS X's caffeinate, though it has the added benefit of disabling the screensaver as well.

(via Hacker News)

/nix | Apr 03, 2016


Subscribe or visit the archives