tinyapps.org / blog


whois terminal command not returning registrant contact info #

At some point in recent history, whois stopped returning registrant contact info for a number of TLDs, including .com*. In Why is 'whois' showing no registrant information?, bu11etpr00f explains that the specific registrar whois server must now be queried directly in order to get registrant contact information, i.e.,

$ whois reddit.com
...
Registrar WHOIS Server: whois.markmonitor.com
...
$ whois -h whois.markmonitor.com reddit.com
...
Registrant Name: Domain Administrator
Registrant Organization: Reddit Inc.
Registrant Street: 548 Market St.,
...

Rather than running two commands, I cobbled together this oneliner:

$ whois -h $(whois reddit.com | grep 'Registrar WHOIS Server:' | cut -f2- -d:) reddit.com

but quickly realized that I use whois often enough to create a bash function for it.

So I saved this in ~/.bash_profile:

function w2 {
  whois -h $(whois $1 | grep 'Registrar WHOIS Server:' | cut -f2- -d:) $1
}

then ran source ~/.bash_profile to reload.

Much easier now:

$ w2 reddit.com
...
Registrant Name: Domain Administrator
Registrant Organization: Reddit Inc.
Registrant Street: 548 Market St.,
...

* Thanks to Guy at easyDNS for kindly informing me of the difference between thick and thin WHOIS registries. See also Anthony Geoghegan's reply to Why do some domain names have extremely truncated whois information? for more information.

/nix | Nov 14, 2017

Cracking Microsoft Office password protection #

A new guide has been added to the dusty docs section: Cracking Microsoft Office password protection via hashcat, locally or in the cloud. Enjoy!

/nix | Aug 22, 2017

Encrypt and decrypt files in GPG without keys; #

that is, using only a symmetric cipher:

Create an encrypted copy of foo, saving it as foo.gpg in the current directory:

$ gpg --symmetric --cipher-algo AES256 foo
Enter passphrase:
Repeat passphrase:

Create a decrypted copy of foo.gpg, saving it as foo in the current directory:

$ gpg --output foo --decrypt foo.gpg
gpg: AES256 encrypted data
Enter passphrase:
gpg: encrypted with 1 passphrase

Create an encrypted copy of foo, saving it as foo.asc in the current directory in ASCII-armored format (suitable for pasting into email, etc):

$ gpg --symmetric --armor --cipher-algo AES256 foo
Enter passphrase:
Repeat passphrase:

Same as above, but send output to stdout instead of saving as foo.asc:

$ gpg --symmetric --armor --cipher-algo AES256 --output - foo
Enter passphrase:
Repeat passphrase:
-----BEGIN PGP MESSAGE-----
Version: GnuPG v1

jA0ECQMCpjdNrpTC689g0kYBkyRd+aGyQwt8sZu+OvEilyCnXd6RiYMXM75MlSb+
OCZnMy6hBhGxvJ7R23HCkNPg76X8dH4O8k5kYtuQwL9fZL8akSY0
=uWsn
-----END PGP MESSAGE-----

Decrypt foo.asc, sending output to stdout:

$ gpg --decrypt foo.asc
gpg: AES256 encrypted data
Enter passphrase:
gpg: encrypted with 1 passphrase
hello, world!

Notes:

/nix | May 30, 2017

Saving colorized output from Bash #

even from programs like testdisk, in which output may span many separate screens:

Text-based output:

  1. Install aha: $ sudo apt install aha
  2. $ sudo testdisk | tee >(aha --black>output.html)
  3. After quiting testdisk, type exit on the command line. Find output.html in the current directory.

Graphic-based output:

  1. $ sudo apt install imagemagick ttyrec gcc x11-apps
  2. $ git clone https://github.com/icholy/ttygif.git
  3. $ cd ttygif
  4. $ make && sudo make install
  5. $ ttyrec
  6. Run desired command(s), e.g., $ sudo testdisk
  7. Type exit when finished
  8. Convert ttyrec's output file (ttyrecord by default) to tty.gif in the current directory: $ ttygif ttyrecord

Sources & More

/nix | Mar 05, 2017

List all files on disk #

Even as root, ls and find produced too many errors ("Permission denied", "Not a directory", "directory causes a cycle", "Input/output error", etc) when attempting to list all files on disk. Tree worked a treat:

$ tree -a -i -f / > filesystemlist.txt

 -a All files are listed.
 -i Don't print indentation lines.
 -f Print the full path prefix for each file.
See also Tree for Windows and LINUX Recursively list all files in a directory including files in symlink directories.

/nix | Feb 06, 2017

Convert asciidoc to markdown #

  1. Install pandoc and asciidoc

    $ sudo apt install pandoc asciidoc

  2. Convert asciidoc to docbook

    $ asciidoc -b docbook foo.adoc

    foo.xml will be output into the same directory as foo.adoc

  3. Convert docbook to markdown

    $ pandoc -f docbook -t markdown_strict foo.xml -o foo.md

  4. Unicode symbols were mangled in foo.md. Quick workaround:

    $ iconv -t utf-8 foo.xml | pandoc -f docbook -t markdown_strict | iconv -f utf-8 > foo.md

  5. Pandoc inserted hard line breaks at 80 characters. Removed like so:

    $ iconv -t utf-8 foo.xml | pandoc -f docbook -t markdown_strict --wrap=none | iconv -f utf-8 > foo.md

/nix | Jan 24, 2017

Compare / diff disk images and other large binary files #

with lfhex (Large File Hex Editor). Installation in Debian-based distros is as easy as # apt install lfhex, but that version is sadly plagued with a long-standing bug which hides the (very handy) "Cursor Offset" selection box:
lfhex missing Cursor Offsetlfhex with Cursor Offset
lfhex missing cursor offsetlfhex with cursor offset

As Kalle Olavi Niemitalo explains in the aforementioned bug report, removing statusBar()->showMessage("Ready",2000); from hexGui.cpp before compiling works, but only if you have older versions of Qt, gcc, g++, etc. to compile with (or manage to resolve compatibility problems like this one).

After several false starts, I got a x64 binary compiled under Ubuntu 12.04, gcc 4.6.3, and Qt 4.8.1. Works fine under newer Debian-based distros as well.

See also wxHexEditor, a cross-platform (Linux, Windows, OS X), open source hex editor with support for very large files (up to 2EB) and raw disk access (under POSIX systems). The current version, 0.23 beta, is available via # apt install wxhexeditor.

UPDATE 1: Just noticed this on the lfhex homepage under "Limitations": "Search/compare can be slow (compared to cmp or any other non-paged IO app)". Note that cmp -s is faster than just cmp and roughly equal to diff -q. More info. Tip: If you just need to know whether two large files differ, first check the file sizes. Only then if necessary run: diff --speed-large-files --brief --report-identical-files file1 file2.

UPDATE 2: To compare two files, run $ lfhex -c file1 file2 (there isn't a comparison option within the GUI, though the preceding command will launch the GUI in comparison mode).

/nix | Nov 05, 2016

Interrupt PhotoRec recovery, change the destination, and resume #

During a PhotoRec session, if disk space on the destination starts running precariously low, you can interrupt the session, change the destination, and resume like so:
  1. Halt the session and exit PhotoRec: Stop > Y > Quit > Quit > Quit
  2. If desired, move recup_dir.* to new destination (while not required, you may wish to keep all of the recovered files together). In any case, do not move or edit photorec.ses, which is located in the current working directory)
  3. Launch PhotoRec again
  4. When "Continue previous session ? (Y/N)" prompt appears, press Y
  5. Browse to new destination directory then press C
  6. Recovery will resume where it left off

/nix | Oct 24, 2016

Mounting partitions from full disk images with guestfish #

Just added a long-overdue update to Mounting partitions from full disk images with guestfish, part of the inimitable libguestfs:
"libguestfs can access almost any disk image imaginable. It can do it securely — without needing root and with multiple layers of defence against rogue disk images. It can access disk images on remote machines or on CDs/USB sticks. It can access proprietary systems like VMware and Hyper-V."

/nix | Oct 02, 2016

Installing ddrescue in Debian, Ubuntu, Mint, et.al. #

A few ddrescue install tips for Debian-based distros:

/nix | Sep 30, 2016


Subscribe or visit the archives