dusty hacks

Everyone who has ever hacked around on unix machines for fun (student) or profit (sysadmin/programmer) has developed their own little tools & programs to make their lives easier. Here are a few of mine. If you use them, please report failure or success to me.

Everything here is GPL'd unless otherwise noted.

  • 2006-03-05 - talk-to-gw (perl) -- simple script to connect to a SAP gateway and dump some (cryptic) information. Wrote while troubleshooting an irritating DS-3 problem. I have no idea if it works in other environments. Please share what you find!

  • 2003-11-23 - shargs.sh (shell script) -- Someone doesn't know how to use /usr/bin/getopt .. I wonder who? Oh. Me.

  • 2002-10-22 - spoof-fopen.c -- Had a problem with a winbind (winbound?) samba unable to authenticate against AD. Winbind assumed that the resolver libraries on the Unix host itself were pointing at AD, but our Unix boxes didn't. A hacky workaround was to write a library interposer that trapped fopen() calls to /etc/nsswitch.conf and replaced it with a Samba-specific copy of nsswitch.conf. This let Samba & winbind auth against AD while leaving the rest of the system alone.

    Yes, it is gross. But it was fun to learn about library interposers. And we're no longer using winbind :-)

  • 2001-07-17 - catm-dump.sex (expect script, 569 bytes) catm-clean.pl (perl, 4kb) -- grab & decode ATM packet dumps from a Cisco router (fuggly Cisco ATM sniffer)

  • 2001-04-29 - asip-status (perl, 9kb) asip-status-doc.html (HTML, 4kb) -- asip-status is a perl script that sends a DSIGetStatus / FPGetSrvrInfo to a machine running AppleShare file services (AFP) over TCP port 548. I've also written a Nessus plug-in that does more or less the same thing.

  • 2001-05-01 - threaded-nshunt.c -- Passed a list of IPs on stdin, try to connect to each host and determine if it's a DNS server by asking it for its own IP address.

  • 2001-01-10 - httpscan.c (C, 17kb) -- Handed a list of hosts on stdin, httpscan will open a connection to each and record the response to HEAD / HTTP/1.0. Uses pthreads to work efficiently on hosts in parallel. Tested w/ up to 120 threads on Linux 2.2.16 and 2.4.0.

  • 2000-12-06 - deadman (perl) -- Run a command with a deadman timer. If the command runs longer than the time specified, kill it.

  • 2000-10-05 - tnscmd (perl, 5kb) tnscmd-doc.html (HTML, 16kb) -- I was bored at work one day and decided to figure out how the Oracle 'tnsping' application worked. A little while later I had a working program that could ping and prod the TNS listener, and I'd discovered some security bugs in the process (interestingly enough, ISS released an advisory on this very problem at the end of October.) This has been rolled into a pair of Nessus plug-ins that report on potential Oracle tnslsnr security problems.

  • 2000-12-10 - iis2apache (perl, 3kb) -- Gross perl code to turn an IIS log into an Apache log. We had some IIS boxes @ work & wanted to be able to webalize them. I hunted around on the Net for something that would do this, and while I did learn that you can just configure IIS to log in Apache Common Log Format, that wasn't an option for us. This seems to work so far.. :-)

  • 2000-02-17 - tcp-term.c (C, 10kb) v1.0 -- tcp-term binds a TCP socket to a serial device. This lets me telnet to a machine and get to a modem or whatever is attached to the serial port. Someone else may have already done something like this.. but does theirs have a twirly cursor?? :-)

  • 1998-05-28 - checksyslog (perl, 2kb) resort (perl, 751 bytes) checksyslog-doc.html (HTML, 7kb) example.rules (English, 8kb) v1.3 -- Updated 7 May 2001 - Analyze your syslogs for security or system problems by creating a list of normal behaviour to ignore; everything else is something you should be aware of. (aka "artificial ignorance"). Requires perl 5.

  • 1994-05-04 - nfs-root.shar (shell archive, 39kb) -- This is a hacked up version of Leendert van Doorn's nifty nfsbug tool that wanders down the export list and tries to create a suid root shell.

    $ cd ..