Tuesday, October 17, 2017

sudo without password

Tired of getting prompted for sudo password? 

Add following to bottom of 'sudo visudo

myusername ALL=(ALL) NOPASSWD: ALL

Replace 'myusername' with your username.

Friday, October 13, 2017

Installed Python 3.5.4

Installed Python 3.5.4 

Don't step on my blue suede shoes...ur...sneakers

Don't step on my blue suede shoes...ur...sneakers

Country INNS & SUITES - not so sweet in Flagstaff

I know some people who have had great experiences at Country INNS & SUITES when staying in upstate New York.

My recent stay at a Flagstaff, AZ Country INNS & SUITES was a bit less satisfying.

After a long drive our party arrived exhausted at the Flagstaff Country INNS & SUITES. Upon driving into the parking lot we were greeted by a disheveled plastic sign that was sewn up across the center much like the skull cap on Frankenstein's head.

We were checked into our room by a dark curly haired lady behind the front desk.

We were given 2 plastic room keys and went blissfully on our way.  We arrived at our room to find neither key card working.

We trekked back down to the front-desk to fix the key problem.  The dark curly haired clerk took my keys - without smile or apology, reprogrammed them and handed them to me with a gruff "Here" - no "Sorry for the inconvenience" or even a simple smile.  Just "Here".

We drudged back up to the room and the keys worked.

Upon entry we discovered a blinking light on the room phone.  Calling the front-desk the call was answered by the now-familiar sounding voice of the dark curly haired lady from earlier.  I asked why the light on the phone was blinking.  "It must be a message for the earlier guest" was her reply. She said "push pound (#) 0" and she hung up.  I followed her instructions but only busy signal emanated from the ear piece.  I called the dark curly haired lady back and she coarsely said - "I said to push pound (#) 0 9" and she hung up.  I tried that and once again heard a busy signal.

I called dark curly haired lady and she said with a sigh, "I'll try to do it from here" and she hung up the phone. Ten minutes later the phone light was still blinking.  I called dark curly haired lady and told her I was going to unplug the phone, she replied "Ok" and hung up the phone.

During these exchanges there was never a "please", "thank you", "sorry" or any other nicety that one might expect from a nice hotel.

Nobody likes domestic violence and maybe that's not what caused the patched hole in the wall above the towel rack in the bathroom.

Is there a rodent problem?  Hard to say but the chipped paint near the base board does not provide a lot of confidence:

Well at least the room is clean...or is it?  The white comforter had a red stain on it - not sure if it was nail polish or blood.  Perhaps a forensic expert might be needed.

So, things aren't going as well as we might have liked.  Wait, what is this?  There is a table sandwiched between the two double beds in the room.  The corners on the table are coated with a plastic or metal surface that has separated and bent down at the perfect angle for slicing/cutting one's arms or legs when getting out of bed or reaching for the alarm clock.

How about a treat?  Head over to the vending machine just outside of the 2nd floor elevator.  Hmmm...how about a 3 Musketeer bar?  Ok, let's see we need to press "E-2".  Put in the $1.25 and pressed E-2.  And suddenly the Peanuts are being dispensed.  The items were mislabeled in the vending machine. See the picture below.  Aughhhh!

So, would I recommend the Flagstaff Country INNS & SUITES?  Take a wild guess.

Saturday, September 30, 2017

Cookie yum

1/2 teaspoon salt
1 teaspoon baking soda
1-1/4 cups (2-1/2 sticks) butter (softened)
2 cups Sugar
3/4 cup Hershey Cocoa
2 cups Flour
2 eggs
2 teaspoons vanilla extract
1-2/3 cups (10 oz. package) chips

Heat oven 350F
Stir together flour, cocoa, baking soda and salt ; set aside
Beat butter and sugar in large bowl with mixer until fluffy.
Add eggs and vanilla; beat well.
Gradually add flour mixture, beating well. Stir in chips.
Chill batter for a bit of time.
Drop by rounded teaspoons onto ungreased cookie sheet.

Cook on 350F for 9 min

batch sizes
baking sodateaspoons120.5
vanilla extractteaspoons241

Thursday, September 21, 2017

Java 9 is GA

Download Java 9 | javadoc | httpclient

jshell (REPL) getting started

./java -version
java version "9"
Java(TM) SE Runtime Environment (build 9+181)

Java HotSpot(TM) 64-Bit Server VM (build 9+181, mixed mode)

Java REPL ()

$ ./jshell
|  Welcome to JShell -- Version 9
|  For an introduction type: /help intro

jshell> /help intro
|  intro
|  The jshell tool allows you to execute Java code, getting immediate results.
|  You can enter a Java definition (variable, method, class, etc), like:  int x = 8
|  or a Java expression, like:  x + x
|  or a Java statement or import.
|  These little chunks of Java code are called 'snippets'.
|  There are also jshell commands that allow you to understand and
|  control what you are doing, like:  /list
|  For a list of commands: /help

jshell> System.out.println("this is pretty cool");
this is pretty cool
jshell> int age = 23
age ==> 23

jshell> System.out.printf("Your age is %d\n", age);
Your age is 23
$4 ==> java.io.PrintStream@3ffc5af1

Friday, September 8, 2017

bandit spoilers

These are spoilers for Bandit

Part 0 (pw=bandit0
ssh -p 2220 bandit0@bandit.labs.overthewire.org cat readme

Part 1 (pw=boJ9jbbUNNfktd78OOpsqOltutMc3MY1)
ssh -p 2220 bandit1@bandit.labs.overthewire.org
bandit1@bandit:~$ ls -li
total 4
2219 -rw-r----- 1 bandit2 bandit1 33 Jun 15 11:40 -
bandit1@bandit:~$ find . -inum 2219 -exec cat {} \;


Part 2 (pw=CV1DtqXWVFXTvM2F0k09SHz0YwRINYA9)
ssh -p 2220 bandit2@bandit.labs.overthewire.org
cat "spaces in this filename"

Part 3 (pw=UmHadQclWmgdLOKQ3YNgjWxGoRMb5luK)
ssh -p 2220 bandit3@bandit.labs.overthewire.org
ls -al inhere

cat inhere/.hidden

Part 4 (pw=pIwrPrtPN36QITSp3EQaw936yaFoFgAB)
ssh -p 2220 bandit4@bandit.labs.overthewire.org
cd inhere
$ find . -exec file {} \;
.: directory 
./-file00: data
./-file03: data
./-file04: data
./-file01: data
./-file07: ASCII text
./-file08: data
./-file06: data
./-file02: data
./-file09: data

./-file05: data
# so looks like -file07 is readable data
find . -name *7 -exec cat {} \;

Part 5 (pw=koReBOKuIDDepwhWk7jZC0RTdopnAYKh)
ssh -p 2220 bandit5@bandit.labs.overthewire.org
# find all files of size 1033 bytes
find . -type f -size 1033c

cat ./maybehere07/.file2

Part 6 (pw=DXjZPULLxYr17uwoI01bNLQbtFemEgo7)
ssh -p 2220 bandit6@bandit.labs.overthewire.org
# find all files of size 33 bytes, group=bandit6, and user=bandit7

find / -size 33c -group bandit6 -user bandit7 2>/dev/null
cat /var/lib/dpkg/info/bandit7.password

Part 7 (pw=HKBPTKQnIay4Fw76bEy8PVxKEDQRKTzs)
ssh -p 2220 bandit7@bandit.labs.overthewire.org
#  password for the next level is stored in the file data.txt next to the word millionth
grep millionth data.txt
millionth cvX2JJa4CFALtqS87jk27qwqGhBM9plV

-- grep, sort, uniq, strings, base64, tr, tar, gzip, bzip2, xxd --

Part 8 (pw=cvX2JJa4CFALtqS87jk27qwqGhBM9plV)
ssh -p 2220 bandit8@bandit.labs.overthewire.org
# password for the next level is stored in the file data.txt and is the only line of text that occurs only once
sort data.txt | uniq -c | less
# need to watch for row starting with 1:
     10 R9CPM1AMEOr9WpP0w5DVyidVCkSeIZfd
     10 RT1PR3807DDs8AvpfM0pvSZA6TTUuQDy
     10 Tqb6puERyTJF4VH3BfuheLGFrakigDPo
      1 UsvVyFSfZZWbi6wgC7dAFyFuR6jQQUhR
     10 WZLyRZR0jnb3Xknz8VI8CFwaAGPMX0as
     10 WqrYevKp6eKTMkS7y3gakKKxrUfORq4m
     10 XJIRNKoZ3NTRVjTleSnKxF6WELaV8y4G


Part 9 (pw=UsvVyFSfZZWbi6wgC7dAFyFuR6jQQUhR)
ssh -p 2220 bandit9@bandit.labs.overthewire.org
# only show the text (strings) in each record, then filter '=='
 strings data.txt | grep ==
J========== the
========== password
========== is
W========== truKLdjsbJ5g7yyJ2X2R0o3a5HQJFuLk

Part 10 (pw=truKLdjsbJ5g7yyJ2X2R0o3a5HQJFuLk)
ssh -p 2220 bandit10@bandit.labs.overthewire.org
cat data.txt 
base64 --decode data.txt 
The password is IFukwKGsFW8MOq3IRFqrxE1hxTNEbUPR

Part 11 (pw=IFukwKGsFW8MOq3IRFqrxE1hxTNEbUPR)
ssh -p 2220 bandit11@bandit.labs.overthewire.org
password for the next level is stored in the file data.txt, where all lowercase (a-z) and uppercase (A-Z) letters have been rotated by 13 positions
# https://en.wikipedia.org/wiki/ROT13
cat data.txt
Gur cnffjbeq vf 5Gr8L4qetPEsPk8htqjhRK8XSP6x2RHh
cat data.txt |  tr '[A-Za-z]' '[N-ZA-Mn-za-m]'
The password is 5Te8Y4drgCRfCx8ugdwuEX8KFC6k2EUu

-- grep, sort, uniq, strings, base64, tr, tar, gzip, bzip2, xxd, mkdir, cp, mv --

Part 12 (pw=5Te8Y4drgCRfCx8ugdwuEX8KFC6k2EUu)
ssh -p 2220 bandit12@bandit.labs.overthewire.org
# password for the next level is stored in the file data.txt, which is a hexdump of a file that has been repeatedly compressed. For this level it may be useful to create a directory under /tmp in which you can work using mkdir. For example: mkdir /tmp/myname123. Then copy the datafile using cp, and rename it using mv (read the manpages!)
# lots of gunzip2 -f, bunzip2 -f, tar -xf
The password is 8ZjyCRiBWFYkneahHwxCv3wb2a1ORpYL

-- ssh, telnet, nc, openssl, s_client, nmap --

Part 13 (pw=8ZjyCRiBWFYkneahHwxCv3wb2a1ORpYL)
ssh -p 2220 bandit13@bandit.labs.overthewire.org
# password for the next level is stored in /etc/bandit_pass/bandit14 and can only be read by user bandit14. For this level, you don’t get the next password, but you get a private SSH key that can be used to log into the next level. Note: localhost is a hostname that refers to the machine you are working on

ssh -p 2220 -i sshkey.private bandit14@localhost
cat /etc/bandit_pass/bandit14

-- ssh, telnet, nc, openssl, s_client, nmap --

Part 14 (pw=4wcYUJFw0k0XLShlDzztnTBHiqxU3b3e)
ssh -p 2220 bandit14@bandit.labs.overthewire.org
#  password for the next level can be retrieved by submitting the password of the current level to port 30000 on localhost.
telnet localhost 30000
Connected to localhost.
Escape character is '^]'.

Connection closed by foreign host.

-- ssh, telnet, nc, openssl, s_client, nmap --

Part 15 (pw=BfMYroe26WYalil77FoDi9qh59eK5xNr)
ssh -p 2220 bandit15@bandit.labs.overthewire.org
#  password for the next level can be retrieved by submitting the password of the current level to port 30001 on localhost using SSL encryption.
# Helpful note: Getting “HEARTBEATING” and “Read R BLOCK”? Use -ign_eof and read the “CONNECTED COMMANDS” section in the manpage. Next to ‘R’ and ‘Q’, the ‘B’ command also works in this version of that command…
openssl s_client -quiet -connect localhost:30001
depth=0 CN = a9678380ab81
verify error:num=18:self signed certificate
verify return:1
depth=0 CN = a9678380ab81
verify return:1


Part 16 (pw=cluFn7wTiGryunymYOu4RcffSxQluehd)
ssh -p 2220 bandit16@bandit.labs.overthewire.org
# credentials for the next level can be retrieved by submitting the password of the current level to a port on localhost in the range 31000 to 32000. First find out which of these ports have a server listening on them. Then find out which of those speak SSL and which don’t. There is only 1 server that will give the next credentials, the others will simply send back to you whatever you send to it.

nmap -sV localhost -p31000-32000

Starting Nmap 6.40 ( http://nmap.org ) at 2017-09-11 23:43 UTC
Nmap scan report for localhost (
Host is up (0.00062s latency).
Other addresses for localhost (not scanned):
Not shown: 996 closed ports
31046/tcp open  echo
31518/tcp open  msdtc   Microsoft Distributed Transaction Coordinator (error)
31691/tcp open  echo
31790/tcp open  msdtc   Microsoft Distributed Transaction Coordinator (error)
31960/tcp open  echo
Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows

Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 41.23 seconds

openssl s_client -quiet -connect localhost:31790
depth=0 CN = a9678380ab81
verify error:num=18:self signed certificate
verify return:1
depth=0 CN = a9678380ab81
verify return:1

# Copy all the contents between "-----BEGIN RSA PRIVATE KEY-----" and "-----END RSA PRIVATE KEY-----" to a file 'mycreds'.
# adjust the permissions on the file:
chmod 600 mycreds
# now try to log in as bandit17
ssh -i mycreds bandit17@localhost
# dump the contents of the password file for bandit17
cat /etc/bandit_pass/bandit17

Part 17 (pw=xLYVMN9WE5zQ5vHacb0sZEVqbrp7nBTn)
ssh -p 2220 bandit17@bandit.labs.overthewire.org
# There are 2 files in the homedirectory: passwords.old and passwords.new. The password for the next level is in passwords.new and is the only line that has been changed between passwords.old and passwords.new
#NOTE: if you have solved this level and see ‘Byebye!’ when trying to log into bandit18, this is related to the next level, bandit19
diff passwords.old passwords.new
< eG69HnVwO1p7cOdfhadHkPv8Vn0ChedC
> kfBf3eYk5BPBRzwjqutbbfE887SVc5Yd

Part 18 (pw=kfBf3eYk5BPBRzwjqutbbfE887SVc5Yd)

# password for the next level is stored in a file readme in the homedirectory. Unfortunately, someone has modified .bashrc to log you out when you log in with SSH.
ssh -p 2220 bandit18@bandit.labs.overthewire.org ls -atlr
total 28
-rw-r--r--  1 bandit18 bandit18  675 Apr  9  2014 .profile
-rw-r--r--  1 bandit18 bandit18  220 Apr  9  2014 .bash_logout
-rw-r-----  1 bandit19 bandit18   33 Jun 15 11:40 readme
-rw-r-----  1 bandit19 bandit18 3660 Jun 15 11:40 .bashrc
drwx------  2 bandit18 bandit18 4096 Sep 12 15:25 .cache
drwxr-xr-x 30 root     root     4096 Sep 12 15:25 ..
drwxr-xr-x  3 bandit18 bandit18 4096 Sep 12 15:25 .
ssh -p 2220 bandit18@bandit.labs.overthewire.org cat readme

Part 19 (pw=IueksS7Ubh8G3DCwVzrTd8rAVOwq3M5x)
ssh -p 2220 bandit19@bandit.labs.overthewire.org
# gain access to the next level, you should use the setuid binary in the homedirectory. Execute it without arguments to find out how to use it. The password for this level can be found in the usual place (/etc/bandit_pass), after you have used the setuid binary.