Migrate to hugo blog
This commit is contained in:
parent
472695b402
commit
b7709343ad
2
.gitignore
vendored
2
.gitignore
vendored
|
@ -1,2 +1,4 @@
|
|||
*.pyc
|
||||
output/
|
||||
public/
|
||||
resources/
|
||||
|
|
3
.gitmodules
vendored
Normal file
3
.gitmodules
vendored
Normal file
|
@ -0,0 +1,3 @@
|
|||
[submodule "themes/fuji"]
|
||||
path = themes/fuji
|
||||
url = https://github.com/amzrk2/hugo-theme-fuji
|
47
config.toml
Normal file
47
config.toml
Normal file
|
@ -0,0 +1,47 @@
|
|||
baseURL = "https://hya.sk/b/"
|
||||
title = "Skia"
|
||||
|
||||
theme = "fuji"
|
||||
enableRobotsTXT = true
|
||||
paginate = 10
|
||||
|
||||
[outputs]
|
||||
home = ["HTML", "RSS"]
|
||||
|
||||
[params]
|
||||
author = "Skia"
|
||||
subTitle = "Unmaintained space"
|
||||
|
||||
# Word counter and read time indicator in post metadata
|
||||
showWordCounter = true
|
||||
showReadTime = false
|
||||
|
||||
# License at the end of each post
|
||||
showLicense = true
|
||||
showToc = false
|
||||
|
||||
# Open Graph & Twitter Card variables
|
||||
# You can also set description and images in post front matter individually
|
||||
description = "A minimal Hugo theme with nice theme color."
|
||||
images = ["img/og.png"] # This will use the image called og.png in static/img folder
|
||||
|
||||
# Posts shown in homepage
|
||||
mainSections = ["posts"]
|
||||
|
||||
# License
|
||||
license = "CC BY-SA 4.0"
|
||||
licenseLink = "http://creativecommons.org/licenses/by-sa/4.0/"
|
||||
|
||||
# custom lazyload placeholder
|
||||
# 16:9
|
||||
lazyPlaceholder = "/assets/lazyload/dsrca_loading_480x270.svg"
|
||||
# 32:9
|
||||
lazyPlaceholderRow = "/assets/lazyload/dsrca_loading_960x270.svg"
|
||||
# 8:9
|
||||
lazyPlaceholderCol = "/assets/lazyload/dsrca_loading_480x540.svg"
|
||||
|
||||
# Let images display in full brightness under dark mode
|
||||
disableDarkImage = true
|
||||
|
||||
[taxonomies]
|
||||
tag = "tags"
|
23
content/posts/24h-at-airport/index.md
Normal file
23
content/posts/24h-at-airport/index.md
Normal file
|
@ -0,0 +1,23 @@
|
|||
---
|
||||
title: 24h in the airport
|
||||
date: 2015-04-27
|
||||
tags: ["trip", "adventure"]
|
||||
lang: en
|
||||
summary: How I slothed 24h in an airport
|
||||
---
|
||||
|
||||
Being in holidays for two days, I had last month bought my tickets to go to
|
||||
Nothern Ireland with a friend. We arrived at the airport at least half an hour
|
||||
before the time that was written in the email we received, but when asking for
|
||||
the boarding pass, we were refused because it was apparently too late... I never
|
||||
really travelled by plane in a big airport, so I didn't know that we should have
|
||||
arrived at least one hour earlier to get the flight.
|
||||
|
||||
We managed to change the ticket for the following day (today!) but we had to
|
||||
wait for the 24h in the airport, without anything but my small travelling bag
|
||||
and my laptop...
|
||||
|
||||
This resulted in some [useless things](https://libskia.so/pub/darkvador.sh), but
|
||||
also some more useful [r2 commits](http://rada.re). This was anyway really
|
||||
tiresome, noisy, and boring to death, and I wish it won't happen again (for the
|
||||
comeback trip, for example :D)
|
32
content/posts/clearing/index.md
Normal file
32
content/posts/clearing/index.md
Normal file
|
@ -0,0 +1,32 @@
|
|||
---
|
||||
title: "Clearing my mind about my task"
|
||||
date: 2014-07-10
|
||||
tags: ["radare2", "rsoc"]
|
||||
lang: en
|
||||
summary: Getting a better view on what I'm supposed to do...
|
||||
---
|
||||
|
||||
# Clearing my mind about my task
|
||||
|
||||
After receiving XVilka's mail, asking for our status about the RSoC, I was asked
|
||||
to join the `#radare-rsoc` channel, a very smaller chan much more adapted to the
|
||||
student of the RSoC. If I say that, it's because despite everybody says "feel
|
||||
free to..." on the main chan, I really felt outnumbered by so many people
|
||||
talking about such advanced things, and honestly, I didn't dare to ask even a
|
||||
small question... Stupid life.... :)
|
||||
|
||||
Anyway, after joining the RSoC chan, I explained what I had already done, and I
|
||||
was answered that many things were already done! In fact, the biggest part was
|
||||
mainly done, and for now, the priority was to write tests for the `pf` command,
|
||||
the one that make use of a kind of template (my task)...
|
||||
|
||||
I quickly went to the test directory, forked the
|
||||
[radare2-regressions](https://github.com/radare/radare2-regressions) repo on my
|
||||
Github, and began to learn how `pf` worked, in order to test it in the test
|
||||
suite. Two hours or three later, my commits were merged, and I even discovered
|
||||
my first bug in r2, as pancake said when I wondered about the result of a
|
||||
command...
|
||||
|
||||
Next step now is to fix the bugs in `pf`, then to improve it to support nested
|
||||
types, and then, we'll see...
|
||||
|
38
content/posts/first-step-rsoc/index.md
Normal file
38
content/posts/first-step-rsoc/index.md
Normal file
|
@ -0,0 +1,38 @@
|
|||
---
|
||||
title: "First step in the RSoC"
|
||||
date: 2014-06-26
|
||||
tags: ["radare2", "rsoc"]
|
||||
lang: en
|
||||
summary: First small work for Radare2
|
||||
---
|
||||
|
||||
# First step in the RSoC
|
||||
|
||||
A [friend](https://dustri.org/b/) of mine motivated me for doing the
|
||||
[Radare Summer of Code](http://rada.re/rsoc/) a few month ago. I took a
|
||||
look, and found it very interesting, so I applied, asking to do the
|
||||
Struct Templates job. I was accepted, and I began to take some interest
|
||||
to the project. I did a very few commit here and there, trying to
|
||||
understand how the project worked, how it was organized, and also
|
||||
learning how to use the different tools, like GitHub that I had never
|
||||
really known before.
|
||||
|
||||
The start was given last week, but having a
|
||||
[project](https://git.libskia.so/skia/snp_compiler) to finish for the
|
||||
school, I had no time to take it... Now that the project is done, I'll
|
||||
have more time to spend on r2, and it's what I've done tonight: I
|
||||
looked precisely at some file, trying to understand how the thing was
|
||||
done, and beginning to think what I'll have to do to complete the task.
|
||||
|
||||
I really feel happy that the school project was a compiler and not some
|
||||
other shit, because reading a C parser is now far easier than it would
|
||||
have been otherwise! As we could say in Molière's tongue: *C'est en
|
||||
forgeant que l'on devient forgeron* (*Smithing makes the smith*, or
|
||||
more likely *Practice makes perfect*) and as we all know, that's really
|
||||
true for programming!
|
||||
|
||||
Concerning that blog, I'll try to post for every step I'll complete,
|
||||
in order to keep something about my first commitment in a free project!
|
||||
And if you want to contribute to r2, you can find a list of idea
|
||||
[there](https://pad.nopcode.org/p/r.kbQMywcnKtU6z6wn) and join us on
|
||||
`freenode#radare`!
|
19
content/posts/gogs/index.md
Normal file
19
content/posts/gogs/index.md
Normal file
|
@ -0,0 +1,19 @@
|
|||
---
|
||||
title: Discovering Gogs
|
||||
date: 2015-06-11
|
||||
tags: ["git", "gogs", "sysadmin"]
|
||||
lang: en
|
||||
summary: Just another Git web frontend
|
||||
---
|
||||
|
||||
I just discovered [Gogs](http://gogs.io/), a light Git web fronted written in
|
||||
Go. After reading a bit on its website, I decided to try a bit, just for fun. It
|
||||
was *really* easy to install it with NginX as reverse proxy, everything is Gogs'
|
||||
documentation, and it was ready in less than 10 minutes. Wonderful!
|
||||
|
||||
It's still in beta, but already very functional, providing most of the classic
|
||||
features such as issues, milestones, ssh keys, *README.md* parser, etc...
|
||||
|
||||
Finally, I just dropped my old Gitweb[^1], and I welcome you to my new [Gogs](https://git.libskia.so/skia)! :)
|
||||
|
||||
[^1]: even if you can still reach it though [*http*](http://git.libskia.so)
|
25
content/posts/grehack/index.md
Normal file
25
content/posts/grehack/index.md
Normal file
|
@ -0,0 +1,25 @@
|
|||
---
|
||||
title: First workshop at the Grehack
|
||||
date: 2016-11-20
|
||||
tags: ["radare2", "workshop"]
|
||||
lang: en
|
||||
summary: I gave my first workshop
|
||||
---
|
||||
|
||||
Last Friday, I was in Grenoble, at the Grehack, to give my very first workshop!
|
||||
[Dustri](https://dustri.org/b/radare2-at-the-grehack-2016.html) asked me a few weeks ago if I could come with him, since
|
||||
this was about [radare2](http://rada.re/), the very famous reverse engineering framework that I had worked for in RSoC
|
||||
2014.
|
||||
|
||||
This was a very fun experience, with everyone being pretty happy learning the mysteries of r2. I even helped a bit
|
||||
a guy using r2 during the CTF that followed, this was really encouraging.
|
||||
Of course, you can grad the slides and the material here: [link](https://libskia.so/pub/grehack_2016.tar.xz). Feel free
|
||||
to contact me if you have problems trying to (re)do the workshop at home.
|
||||
|
||||
During the day, there were also some various talks, more or less interesting. That was also the occasion to talk a
|
||||
bit with cool guys from [Tetrane](http://www.tetrane.com/) about their awesome tool Reven (almost as awesome as
|
||||
r2! :D).
|
||||
|
||||
The organisation was great, but there were some small hiccups that made the Grehack a bit messy. Anyway, the staff was
|
||||
really kind, and I'd still be happy to come back another year.
|
||||
|
BIN
content/posts/loosezip/images/loozip.png
Normal file
BIN
content/posts/loosezip/images/loozip.png
Normal file
Binary file not shown.
After Width: | Height: | Size: 84 KiB |
25
content/posts/loosezip/index.md
Normal file
25
content/posts/loosezip/index.md
Normal file
|
@ -0,0 +1,25 @@
|
|||
---
|
||||
title: Using WinZip
|
||||
date: 2015-04-10
|
||||
tags: ["winzip", "windows"]
|
||||
lang: en
|
||||
summary: Trying to use Winzip
|
||||
---
|
||||
|
||||
This morning, I decided to begin my AI course project, so I went to my
|
||||
[professor's library's website](http://www.ipseity-project.com/) to download it
|
||||
and see how it worked.
|
||||
|
||||
So I had now two zip files, that I tried to unzip without success. *Unzip* says
|
||||
`End-of-central-directory signature not found.`, and *7z* says `Unsupported
|
||||
Method` for every non directory file... Weird...
|
||||
|
||||
Okay, no problem, the binaries are only for W$, so the zip must have been done
|
||||
with WinZip, or some other strange archieving tool. I was at school, so I had a
|
||||
few time to try using Wine and WinZip on my X31. Great idea!
|
||||
|
||||
Wine went without problem, but I gave up when I faced the following error:
|
||||
|
||||
![screenshot](images/loozip.png)
|
||||
|
||||
I really thank you, WinZip, for giving me so much fun this morning! :)
|
22
content/posts/mailoo/index.md
Normal file
22
content/posts/mailoo/index.md
Normal file
|
@ -0,0 +1,22 @@
|
|||
---
|
||||
title: Quitting mailoo
|
||||
date: 2016-05-20
|
||||
tags: ["mail", "privacy"]
|
||||
lang: en
|
||||
summary: Why I'm leaving Mailoo
|
||||
---
|
||||
|
||||
I've been using [Mailoo](http://mailoo.org) for a few years now, and I was pretty happy with it. But recently, as I
|
||||
changed my password, I was upset, as every time, when I again received the confirmation e-mail saying something like:
|
||||
_"Great, you changed your password, your new password is **blahblahblah4000**!"_.
|
||||
That made me sad, but I passed over, as always, still saying to myself that I really should change my e-mail provider.
|
||||
|
||||
And what a surprise! The next morning, I began to receive a lot of messages from friends (contacts) saying _"yeah? what
|
||||
do you need?"_ and other strange answers to a message I didn't send. I quickly changed my password again, and no mail
|
||||
have been oddly resend since, but the evil was done...
|
||||
|
||||
Today, two days later, I've already made a new address with my friend [Piké](https://smagnin.org) on our dedicated
|
||||
server, self hosting one more service, and replacing the aliases I had at [Gandi](https://www.gandi.net).
|
||||
|
||||
You can now write me at skia [at] libskia (dot) so, and soon, the old addresses at mailoo.org won't work anymore (I'm
|
||||
still waiting a bit before deleting everything, since I use theses e-mail every day).
|
17
content/posts/new-blog/index.md
Normal file
17
content/posts/new-blog/index.md
Normal file
|
@ -0,0 +1,17 @@
|
|||
---
|
||||
title: A very new blog
|
||||
date: 2014-06-20
|
||||
lang: en
|
||||
tags: ["blog", "first step"]
|
||||
summary: Short presentation
|
||||
---
|
||||
|
||||
Hi there!
|
||||
|
||||
I'm proud to announce to the world that I'm at least opening a blog.
|
||||
The purpose isn't to tell you everything about my super life, but to
|
||||
provide information about interesting (or not) stuff I've done...
|
||||
|
||||
Feel free to contact me if you think you have to!
|
||||
|
||||
-- Skia --
|
38
content/posts/new-motherboard/index.md
Normal file
38
content/posts/new-motherboard/index.md
Normal file
|
@ -0,0 +1,38 @@
|
|||
---
|
||||
title: A new motherboard for my X60
|
||||
date: 2015-04-21
|
||||
tags: ["x60", "coreboot", "libreboot", "hardware", "thinkpad", "laptop"]
|
||||
lang: en
|
||||
summary: Putting in place my new Thinkpad X60 motherboard
|
||||
---
|
||||
|
||||
A few weeks ago, I was playing putting water on my thinkpad, because it can
|
||||
normally handle it, and mostly because a friend of mine didn't believed it. The
|
||||
water went as usual through the laptop, but this time, I think I put a little
|
||||
too much, and I broke the battery loading circuits.
|
||||
|
||||
The result was a perfectly working motherboard, but the battery was not able to
|
||||
charge. That was a little embarrassing, and I decided to completely take the
|
||||
laptop apart to see 1) if I could see something strange around the battery, and
|
||||
2) how the laptop was built exactly.
|
||||
|
||||
1) showed nothing, but even better, it bricked the board... Watching
|
||||
[libreboot](http://libreboot.org)'s output did not really helped, because I'm
|
||||
not a coreboot dev, and because it worked until a moment where it just stopped,
|
||||
without error... Hard to debug...
|
||||
|
||||
Still, I really needed that laptop, because during that period, I had dug my old
|
||||
X31 up, but this one was a bit too slow, so I bought on Ebay a second-hand
|
||||
motherboard for only 9€!
|
||||
|
||||
Putting it into the X60 went pretty good (I love how the thinkpad is done,
|
||||
btw!), but I faced a strange matter: the Lenovo bios couldn't boot with my
|
||||
Atheros Wifi card. Anyway, this was only one more good reason the flash
|
||||
libreboot, because it worked very good on the old motherboard, and I wanted to
|
||||
do it myself at least once (first time, I bought the laptop from
|
||||
[Gluglug](http://shop.gluglug.org.uk/) and it came preflashed).
|
||||
|
||||
This went very well thanks to libreboot's
|
||||
[tutorial](http://libreboot.org/docs/install/index.html#flashrom_lenovobios) and
|
||||
I was now able to use my laptop with a very new and state-of-the-art software
|
||||
for an even better hardware!
|
50
content/posts/outlive-captainsonar/index.md
Normal file
50
content/posts/outlive-captainsonar/index.md
Normal file
|
@ -0,0 +1,50 @@
|
|||
---
|
||||
title: "Boardgame review: Outlive & Captain Sonar"
|
||||
date: 2019-01-03
|
||||
tags: ["games", "boardgames"]
|
||||
lang: en
|
||||
summary: We tested Captain Sonar and Outlive, and they rock!
|
||||
---
|
||||
|
||||
|
||||
A long time a go, in a blog not so far away, someone stopped writing, for no
|
||||
real reason. Many happy new years later, that guy tested two wonderful
|
||||
boardgames, and started writing again.
|
||||
|
||||
|
||||
# Outlive
|
||||
|
||||
Let's start by the most common of the two:
|
||||
[Outlive](https://www.philibertnet.com/fr/la-boite-de-jeu/50119-outlive-3770004610105.html).
|
||||
|
||||
In this survival game, you compete with other players to collect the too few
|
||||
resources available and optimize your shelter, so that you get better bonuses
|
||||
and make more "survival point" to win the game.
|
||||
|
||||
One of the fun part regarding other games is that you can directly interact with
|
||||
other by putting "pressure" on their characters so that you steal them
|
||||
resources, which can make a great difference in their, and your ability to
|
||||
realize one or the other action.
|
||||
|
||||
All in one, it's quite a challenging game for those who want to calculate the
|
||||
many possibilities at each turn, since there are always multiple ways to win.
|
||||
|
||||
|
||||
# Captain Sonar
|
||||
|
||||
The second game is in a far less common style. [Captain
|
||||
Sonar](https://www.philibertnet.com/fr/matagot/43073-captain-sonar-3760146643017.html)
|
||||
is here to immerse yourself in a submarine crew member, dividing the players in
|
||||
two teams competing on the same map to destroy the other, a bit like a classical
|
||||
naval battle.
|
||||
|
||||
But the really awesome part is that this game is made to be played in real-time,
|
||||
meaning that a team can just navigate faster than the other by simply being more
|
||||
efficient in coordinating itself. Though, speed will not help when it comes to
|
||||
launch a torpedo on the other submarine, and a great part of the work is first
|
||||
to spot the enemy ship without giving too much informations about your own
|
||||
position.
|
||||
|
||||
Really fast to learn, but very difficult to master, this game is perfect to play
|
||||
with 6 to 8 players, and is seriously awesome for a week-end with friends, even
|
||||
if some of them are not particularly fond of boardgames.
|
31
content/posts/pocketbook/index.md
Normal file
31
content/posts/pocketbook/index.md
Normal file
|
@ -0,0 +1,31 @@
|
|||
---
|
||||
title: Reviewing the Touch Lux 3, by Pocketbook
|
||||
date: 2016-05-22
|
||||
tags: ["ebooks","reader"]
|
||||
lang: en
|
||||
summary: I just got an ebook reader, and wanted to share my point of view about it.
|
||||
---
|
||||
|
||||
For my birthday, my parents offered me an ebook reader, the [*Touch Lux 3*, by
|
||||
**Pocketbook**](http://www.pocketbook-int.com/fr/products/pocketbook-touch-lux-3).
|
||||
I already knew a bit about it, since it's not the first one I see around me, and
|
||||
I was again happy seeing a printed version of the GPL in the box.
|
||||
Indeed, it is a really nice product, both in quality and in *open-mindness*. It
|
||||
runs a Linux based OS, can read a lot of file formats with or without DRM, and
|
||||
has a lot of nice applications, from the *Web browser* to the *Chess game*.
|
||||
|
||||
E-pubs and PDFs are great, but I have in my library tons of comics in various
|
||||
strange formats, such as .CBR (rar), .CBZ (zip), or .CBT (tar), which are
|
||||
archives containing pictures. Sadly, the Pocketbook can not read those formats,
|
||||
but after a small research, I found that an amazing guy did a great job in [this
|
||||
page](http://www3.telus.net/rkomar/pbimageviewer/)!
|
||||
|
||||
Thanks to the open design of the reader, we have really easy access to the
|
||||
system, and thus, we can add applications as we want. That's how the man did
|
||||
manage to implement a new viewing application supporting the .CBx formats, and
|
||||
allowing me to read my comics on the Pocketbook.
|
||||
|
||||
It's still a bit small and in black and white, but the books are nicely readable
|
||||
when rotating the screen, and the refresh time is less than 1s to get a complete
|
||||
new page, which I find really quick and makes me really happy with it!
|
||||
|
131
content/posts/rsoc-end/index.md
Normal file
131
content/posts/rsoc-end/index.md
Normal file
|
@ -0,0 +1,131 @@
|
|||
---
|
||||
title: The RSoC is finished
|
||||
date: 2014-11-26
|
||||
lang: en
|
||||
summary: The RSoC is finished
|
||||
tags: ["radare2", "rsoc"]
|
||||
---
|
||||
|
||||
That's sad, I know, but the RSoC is now finished since 2 months and I haven't
|
||||
post for even longer! :/
|
||||
|
||||
I have done quit a few commits this summer, and that was really nice to
|
||||
implement new features in a project such as [radare2](https://radare.org/)!
|
||||
Still, I have some regrets not to have had enough time for the RSoC... I had no
|
||||
time to implement all the task I was given, and I even still have some that I
|
||||
hope to do in the next few weeks.
|
||||
|
||||
And this year, having a lot of responsibilities in my school's associations, and
|
||||
having a few school projects, I find even less time than this summer, so I don't
|
||||
think I'll be able to contribute a lot as I expected.
|
||||
|
||||
Now stop complaining about my free time and let's do a quick summary of what
|
||||
I've done. The task was about structure templates, so the goal is to define a
|
||||
human readable structure, a bit like a C header for example, and to apply it on
|
||||
a binary to see each field easily. The method with header file is quickly
|
||||
described [here](http://radare.today/types/), and I think I'll do a more
|
||||
complete example one day.
|
||||
|
||||
But my work was more focused on one r2 feature related to structures: `pf`. That
|
||||
is the basic command for which you can have a quick help on r2 by hitting `pf?`.
|
||||
|
||||
The command works as follow:
|
||||
|
||||
```
|
||||
pf iwf foo bar troll
|
||||
```
|
||||
|
||||
Applies the `iwf` format at current offset. The `iwf` format is an
|
||||
integer named **foo**, a word called **bar**, and a float, **troll**.
|
||||
This gives the following output:
|
||||
|
||||
```
|
||||
[0x00000000]> pf iwf foo bar troll
|
||||
foo : 0x00000000 = 1179403647
|
||||
bar : 0x00000004 = 0x0101
|
||||
troll : 0x00000006 = 1.000000
|
||||
```
|
||||
|
||||
More fields type can be easily found in the `pf` help.
|
||||
|
||||
Moreover, `pf` supports some nice tricks like pointers by using `*` or arrays
|
||||
using `[]`...
|
||||
eg:
|
||||
|
||||
```
|
||||
pf *i[2]w pointer_to_int array_of_words
|
||||
```
|
||||
|
||||
The next point is to store a format by entering following command:
|
||||
|
||||
```
|
||||
pf.name iwf foo bar meh
|
||||
```
|
||||
|
||||
We can now apply the format with `pf.name`. But the thing is that we can now use
|
||||
the stored format as a structure in a new format using `?`.
|
||||
eg:
|
||||
|
||||
```
|
||||
[0x00000000]> pf.meh iw int word
|
||||
[0x00000000]> pf.boh i?w otherint (meh)plop otherword
|
||||
[0x00000000]> pf.boh
|
||||
otherint : 0x00000000 = 1179403647
|
||||
plop : struct<meh>
|
||||
int : 0x00000004 = 65793
|
||||
word : 0x00000008 = 0x0000
|
||||
otherword : 0x0000000a = 0x0000
|
||||
```
|
||||
|
||||
That way, you can define linked lists for example, to apply on memory
|
||||
dumps, or create nested structures for complex templates.
|
||||
|
||||
Other features are the JSON output, with `pfj`, or the already done templates
|
||||
such as the elf32 header that you can easily load with `pfo elf32`.
|
||||
|
||||
On last thing is the writing mode (not fully supported for arrays and nested
|
||||
structs, which are my remaining tasks) that you can use that way.
|
||||
You define a format:
|
||||
|
||||
```
|
||||
pf.name iwf foo bar meh
|
||||
```
|
||||
|
||||
And then you can modify its field with:
|
||||
|
||||
```
|
||||
pf.name.bar=0xfa0
|
||||
```
|
||||
|
||||
That prints the command you should have to type to write 0xfa0 at the
|
||||
right offset, and a bit of r2 shell makes life easy (see the dot before
|
||||
the command, to execute the output of it as if entered in r2):
|
||||
|
||||
|
||||
```
|
||||
[0x00000000]> pf.name
|
||||
foo : 0x00000000 = 0
|
||||
bar : 0x00000004 = 0x0000
|
||||
meh : 0x00000006 = 0.000000
|
||||
[0x00000000]> .pf.name.bar=0xfa0
|
||||
[0x00000000]> pf.name
|
||||
foo : 0x00000000 = 0
|
||||
bar : 0x00000004 = 0x0fa0
|
||||
meh : 0x00000006 = 0.000000
|
||||
```
|
||||
|
||||
There are still some features in `pf`, but I think you now have a good overview
|
||||
of what `pf` can do, and so what I've done during my RSoC.
|
||||
|
||||
To sum up, that was a great wonderful experience, and I've learned a lot of
|
||||
various interesting things. I hope to finish the last tasks soon, and after
|
||||
that, `pf` will really be a powerful tool to dump nice elf headers, or
|
||||
analyse strange corrupted PNG files! :)
|
||||
|
||||
Finally, I really thank my mentors [pancake](https://twitter.com/trufae),
|
||||
[xvilka](https://github.com/XVilka), and [jvoisin](https://dustri.org/) for
|
||||
helping me doing the task, and for organizing the RSoC in general. I also thank
|
||||
[maijin](https://github.com/Maijin) for having done a lot of tests in `pf`
|
||||
and for reporting a lot of unexpected features, and I also thank all the r2
|
||||
community for being nice on the IRC chan, and for supporting such a great
|
||||
project!
|
89
content/posts/sauvetage/index.md
Normal file
89
content/posts/sauvetage/index.md
Normal file
|
@ -0,0 +1,89 @@
|
|||
---
|
||||
title: Sauvetage d'un serveur
|
||||
date: 2015-01-30
|
||||
lang: fr
|
||||
summary: Comment récupérer l'accès après un accident...
|
||||
tags: ["sauvetage"]
|
||||
---
|
||||
|
||||
Un petit déterrage pour ce premier post de 2015. Il s'agit là simplement d'un
|
||||
article que j'avais rédigé dans un wiki, et qui est resté depuis le seul article
|
||||
du dit wiki. Plutôt donc de le laisser moisir, je le ressors ici, où il aura un
|
||||
peu plus sa place... :)
|
||||
|
||||
#Récupération d'un serveur perdu
|
||||
|
||||
## Le problème
|
||||
|
||||
Au cours de manipulation visants à augmenter la sécurité du serveur, j'ai
|
||||
malheureusement un peu trop joué avec les droits, ce qui fait qu'en essayant de
|
||||
se connecter via ssh, celui-ci, après avoir afficher les quelques lignes de
|
||||
bienvenue et au moment de lancer le shell:
|
||||
|
||||
```
|
||||
/bin/zsh: permission denied
|
||||
connection to pike.tf closed
|
||||
```
|
||||
|
||||
Plutôt problématique, n'est-ce pas?
|
||||
|
||||
## La solution
|
||||
|
||||
Comme tout problème a une solution, il fallait donc la trouver. Fort
|
||||
heureusement, on pouvait toujours envoyer des fichiers par FTP dans le dossier
|
||||
root d'apache, donc on pouvait uploader un script PHP qui nous sauverait la vie.
|
||||
|
||||
J'ai testé quelques script codés moi même, mais finalement, j'ai plutôt utilisé
|
||||
un reverse shell, bien plus pratique pour tester différentes commandes. Le
|
||||
script est dispo ici :
|
||||
http://pentestmonkey.net/tools/web-shells/php-reverse-shell. Tout y est très
|
||||
bien expliqué et l'on obtient rapidement un pseudo shell sur notre machine
|
||||
locale.
|
||||
|
||||
Un autre problème se posait alors à moi: il fallait que j'execute une commande
|
||||
avec les droits root pour chmoder les fichiers de zsh. Pour cela, deux options:
|
||||
`su` et `sudo`. Mais en faisant `su`, la commande nous répond
|
||||
|
||||
```
|
||||
su: must be run from a terminal
|
||||
```
|
||||
|
||||
Pour `sudo`, le problème est différent. La commande fonctionnait tout à fait,
|
||||
sauf que le script qui l'execute est lancé par www-data, l'user d'apache, et
|
||||
celui-ci n'est pas dans le sudoers, donc il ne peut rien faire.
|
||||
|
||||
J'ai donc trouvé une nouvelle astuce sur cette page : http://evertpot.com/189/,
|
||||
qui donne deux lignes à rentrer dans notre pseudo shell pour executer un "vrai"
|
||||
shell via python. Bien sûr, il faut que Python soit installé sur le serveur, ce
|
||||
qui était notre cas. La première ligne créer un script placé dans `/tmp`, et la
|
||||
deuxième l'execute, nous donnant un shell dans lequel on peut ensuite executer
|
||||
`su` sans aucun problème.
|
||||
|
||||
## En résumé
|
||||
|
||||
- Uploader la page de script du reverse-shell une fois modifiée, comme
|
||||
indiquée sur le site, en spécifiant l'adresse IP de la machine
|
||||
local sur laquelle vous obtiendrez le pseudo shell, ainsi qu'un
|
||||
port disponible sur lequel vous allez pouvoir faire écouter votre
|
||||
machine. Attention, si vous êtes derrière une box, penser à
|
||||
forwarder le port!
|
||||
- Lancer la commande `nc` avec les options qui vont bien sur votre
|
||||
machine pour qu'elle soit prête à écouter sur le port, par exemple
|
||||
avec le port 1234:
|
||||
```
|
||||
nc -v -n -l -p 1234
|
||||
```
|
||||
- Lancer le script en accédant à son URL dans votre naviguateur, votre
|
||||
pseudo-shell est alors disponible là où vous aviez lancé netcat
|
||||
- Executer les deux commande Python pour avoir ensuite un vrai shell
|
||||
et pouvoir lancer `su`
|
||||
```
|
||||
echo "import pty;
|
||||
pty.spawn('/bin/bash')" > /tmp/asdf.py
|
||||
python /tmp/asdf.py
|
||||
```
|
||||
|
||||
Voilà, vous pouvez désormais récupérer votre serveur!
|
||||
|
||||
Merci à [Dustri](http://dustri.org) pour les nombreuses indications
|
||||
fournies pendant la récupération! :)
|
25
content/posts/ssl/index.md
Normal file
25
content/posts/ssl/index.md
Normal file
|
@ -0,0 +1,25 @@
|
|||
---
|
||||
title: Putting HTTPS in place
|
||||
date: 2015-01-30
|
||||
lang: en
|
||||
summary: At least deploying secure connections
|
||||
tags: ["https", "ssl"]
|
||||
---
|
||||
|
||||
For a few time I have set up this blog, and I always said that I should put SSL
|
||||
in place, to provide secure connection for most of the hosted services.
|
||||
|
||||
Now it's done!
|
||||
|
||||
Certification was made by [CACert](https://www.cacert.org/), and this went
|
||||
pretty quick, thanks to a few [Nginx tutorials](https://www.linode.com/docs/security/ssl/ssl-certificates-with-nginx/),
|
||||
and the [CACert presentation by S. Bortzmeyer](http://www.bortzmeyer.org/cacert.html) (in French).
|
||||
|
||||
That wasn't so hard, after all, and I still wonder why it took me so
|
||||
much time... :/
|
||||
|
||||
Memo:
|
||||
|
||||
```
|
||||
openssl req -new -days 365 -nodes -newkey rsa:2048 -keyout libskia.so.key -out libskia.so.csr
|
||||
```
|
50
content/posts/sslh/index.md
Normal file
50
content/posts/sslh/index.md
Normal file
|
@ -0,0 +1,50 @@
|
|||
---
|
||||
title: "SSLH, ssh&co though Proxies"
|
||||
date: 2015-11-09
|
||||
tags: ["ssh", "sysadmin", "sslh"]
|
||||
lang: en
|
||||
summary: Using SSH though proxies, hotspots, etc...
|
||||
---
|
||||
|
||||
During my intership, I wanted to access my server, to continue using IRC in my
|
||||
[irssi](http://www.irssi.org/). I need for that to ssh to
|
||||
[libskia.so](https://libskia.so), but the problem came from the proxy that
|
||||
provide my Internet connection, because it's blocking everything except ports 80
|
||||
and 443.
|
||||
|
||||
First thought: easy, I just have to set SSH to listen on port 443!
|
||||
|
||||
Problem: we ([Piké](https://smagnin.org/) and I), are running website with
|
||||
[HTTPS](https://en.wikipedia.org/wiki/HTTPS) enabled, and it's running, of
|
||||
course, on port 443.
|
||||
|
||||
From there, I had many solutions. I could put in place a VPN using some option
|
||||
like
|
||||
[port-share](https://community.openvpn.net/openvpn/wiki/Openvpn23ManPage#lbAH)
|
||||
but it was a bit heavy for just an SSH connection... Moreover, VPNs are stictly
|
||||
forbidden by the local policy, so it wasn't a really good idea.
|
||||
|
||||
I also could have used [GoTTY](https://github.com/yudai/gotty), to get a shell
|
||||
in my browser, but I didn't really like this solution, especially for IRC
|
||||
notifications, that are forwarded though screen to my terminal, to have a little
|
||||
"beep" when someone highlights me.
|
||||
|
||||
I finally found a far better solution:
|
||||
[SSLH](http://www.rutschle.net/tech/sslh.shtml). It's a small SSL multiplexer
|
||||
that, once set to listen on `$PUBLIC_IP:443`, can forward many protocols to
|
||||
their respective interfaces.
|
||||
|
||||
Here is how I call SSLH. You can of course set it in */etc/default/sslh* and run
|
||||
it as a daemon.
|
||||
|
||||
```bash
|
||||
sslh --user sslh --listen 12.123.123.132:443 --ssh 127.0.0.1:22 --ssl 127.0.0.1:443 --openvpn 127.0.0.1:1194
|
||||
```
|
||||
|
||||
That way, I have SSH, HTTPS, and even OpenVPN that can pass through port 443,
|
||||
and that's very useful when you work behind weird restrictive proxies!
|
||||
|
||||
**Bonus**: that works in both sides, so when you have server in a DMZ where, for
|
||||
*security reasons*, the network admin blocked SSH port, but allowed, say, HTTPS
|
||||
for example, you can have a direct secure shell without any weird reverse tunnel
|
||||
with SSLH.
|
58
content/posts/star-wars-awakens/index.md
Normal file
58
content/posts/star-wars-awakens/index.md
Normal file
|
@ -0,0 +1,58 @@
|
|||
---
|
||||
title: The Force has awoken...
|
||||
date: 2015-12-16
|
||||
tags: ["star wars", "force", "jedi", "geek"]
|
||||
lang: en
|
||||
summary: How the Force has long ago awoken in the heart of a small Jedi...
|
||||
---
|
||||
|
||||
Today is the 16th December, and the world (at least the France) sees the release
|
||||
of **Star Wars VII: The Force Awakens**. In this special occasion, I take the
|
||||
time to write a bit about how much I've been loving the *Star Wars* universe,
|
||||
and that for a very long time!
|
||||
|
||||
It all began when I first saw **A New Hope** when I was young (I don't remember
|
||||
precisly when). Since then, I grew up [playing the Jedi
|
||||
master](https://www.youtube.com/watch?v=HoRXYZD0Zc8), making stop-motion Star
|
||||
Wars Lego movies (that I sadly lost), even [becoming sometimes a Sith
|
||||
Lord](https://www.youtube.com/watch?v=gmVg-ubmlJo), when not too busy
|
||||
collecting/playing with about fifteen Lego spaceships, and more than thirty
|
||||
characters!
|
||||
|
||||
I continued exploring the Star Wars universe
|
||||
[reading](http://starwars.wikia.com/wiki/The_Thrawn_trilogy)
|
||||
[books](http://starwars.wikia.com/wiki/Darth_Maul:_Shadow_Hunter),
|
||||
[playing](http://starwars.wikia.com/wiki/Star_Wars:_Jedi_Knight:_Jedi_Academy)
|
||||
[video](http://starwars.wikia.com/wiki/Republic_Commando)-[games](http://starwars.wikia.com/wiki/KOTOR),
|
||||
and still now playing a lost, Jedi to become,
|
||||
[Kiffar](http://starwars.wikia.com/wiki/Kiffar) vagabond, in a [very cool
|
||||
role-playing game](https://libskia.so/pub/Star-Wars-Fate-Edition.pdf)!
|
||||
|
||||
And today, I'm very happy that the universe continues to live through a new
|
||||
movie!
|
||||
|
||||
Many people have asked me how I felt about Lucasfilm beeing sold to Disney, and
|
||||
I always answered that it was great.
|
||||
It's great to do so while George Lucas has not yet joined the Force (sadly, it
|
||||
will happen).
|
||||
It's great to do so because Disney has a lot of money, and it's great that they
|
||||
use it to make more Star Wars stuff.
|
||||
It's great because they trusted J.J. Abrams to make this new movie, and I think
|
||||
he has done a good job previously with the new Star Trek films.
|
||||
It's great because we will see the old characters played by the old actors, and
|
||||
I already know that it will be a magic moment!
|
||||
It's great because while writing these lines, I'm listening to the soundtrack
|
||||
that made John Williams for the first and second trilogy, and I'm really happy
|
||||
that he doing a third one!
|
||||
|
||||
More generally, I'm also very happy with how Disney managed to keep the giant
|
||||
extended-universe by creating the
|
||||
[Legend](http://starwars.wikia.com/wiki/Star_Wars_Legends), without beeing hold
|
||||
back for the new films. Indeed, keeping the universe consistant would have been
|
||||
almost impossible without using a entire new place, with very few references to
|
||||
the old movies.
|
||||
|
||||
That said, I'm still waiting patiently to see the awaken of the Force, although
|
||||
I know that within me, it already awoke *a long time ago...*
|
||||
|
||||
|
30
content/posts/strange-high-ping/index.md
Normal file
30
content/posts/strange-high-ping/index.md
Normal file
|
@ -0,0 +1,30 @@
|
|||
---
|
||||
title: Strange high ping
|
||||
date: 2015-04-20
|
||||
tags: ["network"]
|
||||
lang: en
|
||||
summary: Fixing a strangly high ping with a Proxmox 3.4 VM
|
||||
---
|
||||
|
||||
Currently rebuilding my student association's infrastructure, I have to deal
|
||||
with Proxmox 3.4 quit a lot. Having up to 5 VM, I decided to first install one,
|
||||
called **generic**, that I would backup, then restore 5 times to get all my VM
|
||||
with a basic configuration without efforts.
|
||||
|
||||
That worked perfectly a first time, and I have been able to deploy our
|
||||
[Gitlab](https://about.gitlab.com/) quit quickly.
|
||||
|
||||
Then I wanted to work on our **proxy** VM, so I restored the generic image, and
|
||||
logged into the VM with the console interface to change at least its name and
|
||||
IP. After that, I was able to ssh to the machine, but I remarked that when
|
||||
typing a command, it was really slow to answer.
|
||||
|
||||
Some quick ping based investigations told me that there were many lost packages,
|
||||
and the average ping was up to half a second! Of course, everything was in a
|
||||
local network, and pinging the Proxmox host was pretty normal, just as the first
|
||||
Gitlab VM. Why was that second machine causing so much trouble?
|
||||
|
||||
The answer was very dummy: restoring an image restores really everything, and
|
||||
even the MAC address! Changing that address fixed the problem, but that story
|
||||
reminds me how shitty I am with networks! :D
|
||||
|
31
content/posts/tool-in-concert/index.md
Normal file
31
content/posts/tool-in-concert/index.md
Normal file
|
@ -0,0 +1,31 @@
|
|||
---
|
||||
title: Why you should go watch Tool in concert
|
||||
date: 2019-07-02
|
||||
tags: ["tool","metal","hellfest","music"]
|
||||
lang: en
|
||||
summary: A really impressive show that I highly recommend, even if you don't know the band already.
|
||||
---
|
||||
|
||||
Last summer, I had the pleasure to see
|
||||
[Tool](https://en.wikipedia.org/wiki/Tool_(band)) in concert at the Hellfest
|
||||
festival, and that really was awesome for multiple reasons:
|
||||
|
||||
* The musicians are technically very skilled, being in studio as well as on
|
||||
stage.
|
||||
* The show is centred on the music and the visual light effects combined
|
||||
together to create a very mesmerizing performance.
|
||||
* They even ask the public not to take pictures or videos to enjoy the moment as
|
||||
one that must be lived and felt, rather than watched later on a small, inhuman
|
||||
screen.
|
||||
* The sound tuning was just perfect, and I don't remember being at a metal show
|
||||
with that many people able to listen to the music without their ear
|
||||
protection. Thank you Hellfest for that!
|
||||
* They played some of their new titles that weren't released yet at the time.
|
||||
|
||||
|
||||
Of course, going to another show now would probably fulfil only the three first
|
||||
points in my list, but I find them far good enough to recommend *Tool* for your
|
||||
next concert!
|
||||
|
||||
|
||||
|
BIN
content/posts/x60/images/x60-1.jpg
Normal file
BIN
content/posts/x60/images/x60-1.jpg
Normal file
Binary file not shown.
After Width: | Height: | Size: 93 KiB |
BIN
content/posts/x60/images/x60-2.jpg
Normal file
BIN
content/posts/x60/images/x60-2.jpg
Normal file
Binary file not shown.
After Width: | Height: | Size: 93 KiB |
BIN
content/posts/x60/images/x60-3.jpg
Normal file
BIN
content/posts/x60/images/x60-3.jpg
Normal file
Binary file not shown.
After Width: | Height: | Size: 77 KiB |
BIN
content/posts/x60/images/x60-4.jpg
Normal file
BIN
content/posts/x60/images/x60-4.jpg
Normal file
Binary file not shown.
After Width: | Height: | Size: 93 KiB |
35
content/posts/x60/index.md
Normal file
35
content/posts/x60/index.md
Normal file
|
@ -0,0 +1,35 @@
|
|||
---
|
||||
title: Open Laptop
|
||||
date: 2014-07-13T03:20:00+02:00
|
||||
lang: en
|
||||
summary:
|
||||
Cooling my open-laptop by opening it... o.O Okay, that was mainly for
|
||||
drying it... and for fun!
|
||||
tags: ["laptop", "x60", "thinkpad"]
|
||||
---
|
||||
|
||||
First, let me introduce my laptop: it's a Thinkpad X60, he's called
|
||||
[Kiffu](http://starwars.wikia.com/wiki/Kiffu) and was bought ~6 months ago from
|
||||
[Gluglug](http://www.gluglug.org.uk/), and as the [FSF](https://www.fsf.org/)
|
||||
said, it's an open-laptop, and that means that it runs without any proprietary
|
||||
software, nor any blob, not even the CPU microcode!
|
||||
|
||||
Yesterday, I decided to clean my keyboard, and for that,
|
||||
[Maat](http://maat.mooo.com/) and I had no better idea than putting it under the
|
||||
tap! Of course it was powered off, but I put a bit too much of water, and
|
||||
everything didn't go though it. It was now a bit wet, and I decided to wait for
|
||||
the full night before pluging and running it again... But the whole night wasn't
|
||||
enough, and when I ran it, it worked for five minutes, and then I got some
|
||||
strange things on the screen, before it self rebooted, then reboot again, and
|
||||
behaved very oddly... I shut it down, removed the battery, unpluged, and decided
|
||||
to dry it **really**. I opened it completely, removed the SSD, the keyboard, and
|
||||
even the upper body! Drying and waiting for a bit, I then decided to try to run
|
||||
it, but I was too lazy to rebuild it, and then redry if it still didn't worked,
|
||||
so I run it completly opened!
|
||||
|
||||
Everything went well, and I even took a few pictures with the webcam, without
|
||||
any problems: ![pict1](images/x60-1.jpg) ![pict2](images/x60-2.jpg)
|
||||
![pict3](images/x60-3.jpg) ![pict4](images/x60-4.jpg)
|
||||
|
||||
Finally, I just rebuilt the laptop and wrote this article, because I just found
|
||||
that fun and wanted to share the pictures... ;)
|
3
layouts/_default/_markup/render-image.html
Normal file
3
layouts/_default/_markup/render-image.html
Normal file
|
@ -0,0 +1,3 @@
|
|||
<img class="img-zoomable" src="{{ .Destination | safeURL }}" alt="{{ .Text }}" title="{{ .Title }}" />
|
||||
<br>
|
||||
<em>{{ .Title }}</em>
|
27
layouts/_default/baseof.html
Normal file
27
layouts/_default/baseof.html
Normal file
|
@ -0,0 +1,27 @@
|
|||
<!DOCTYPE html>
|
||||
<html lang="{{ .Site.Language.Lang }}">
|
||||
|
||||
<head>
|
||||
{{ partial "head.html" . }}
|
||||
</head>
|
||||
|
||||
<body data-theme="auto">
|
||||
{{ partial "scripts-front.html" . }}
|
||||
{{ partial "header.html" . }}
|
||||
|
||||
<main>
|
||||
<div class="container-lg clearfix">
|
||||
<!-- list -->
|
||||
<div class="col-12 col-md-12 float-left content">
|
||||
{{ block "main" . }}{{ end }}
|
||||
</div>
|
||||
</div>
|
||||
{{ partial "components.html" . }}
|
||||
</main>
|
||||
|
||||
{{ partial "footer.html" . }}
|
||||
{{ partial "scripts-end.html" . }}
|
||||
</body>
|
||||
|
||||
</html>
|
||||
|
1
themes/fuji
Submodule
1
themes/fuji
Submodule
|
@ -0,0 +1 @@
|
|||
Subproject commit 2ab30a541b96354274ae559cc8d19c2a1f6e7988
|
Loading…
Reference in a new issue