15 July, nearly two months with nary a word.

That is not to say that I have been just sitting on my duff, in fact I have not. It is really due to the fact that after I am done with work I simply don’t have much in the way of chops to bring home and hack around in things.

Tonight, though I have done a little. I actually am trying to rework some things that I had done a while ago, namely getting some basic functionality duplicated using the Infusionsoft API.  The first thing that I did was download the sample code from GitHub. After I downloaded the zip file I extracted the contents and uploaded the API-Sample-Code-master/PHP folder to my webserver. After doing that, for some reason or another, the folder that I originally uploaded it to would not serve online, even after checking permissions and creating various files to browse to. I ended up creating a folder in the portfolio section of my site and moved everything there, and it seems to be serving.

After ensuring that everything was web visible, i went through the three php scripts, ContactService-Sample.php, DataService-Sample.php, and InvoiceService-Sample.php and update the link to the application from mach2.infusionsoft.com TO my application name. While I was in each application I took the time to copy and paste my API key as well.

As I looked at what the sample scripts did and the html webform I realized that the webform is currently only set up to work with the ContactService-Sample.php file. I updated its name to reflect that.

I then navigated to the form, filled it out, and submitted it. A new contact was created and it had tags applied to it, however I did not have appropriately numbered campaigns.  follow up actions.

After messing with this I actually forked the branch and am going to make some documentation changes and then submit a pull request.

 

 

21 May What I Have Been Up To

Today I finally started to get a handle on Phyllis’ laptop. She left it with me over a week ago due to “some” malware she had picked up and I have been too drugged up to touch it until today. It really blows my mind how people get so much crapware on their computer, but it happens. I have spent the better part of 10 hours cleaning it up, removing toolbars, browser hijackers, and other suspicious software.

Continue reading

Installing Sublime Text 2 on a minimal Arch Linux

I recently completed a relatively minimal install of Arch Linux on a netbook that was gifted to me. There are several things that I intend to use the portability of the netbook for and one of them is the occasional editing of code while I am on the go. To that end I really wanted to get Sublime Text installed on it, but I really found little instruction available online to help. This is a short record of what I have done, to the best of my recollection.

I have i3 installed, which means that I also have X installed. (while not listed as a dependency, i am pretty sure that it is). I then found Sublime Text in the AUR and used pacman to ensure that I had its listed dependencies installed.

After the dependencies were taken care of I then downloaded and extracted this archive.  At this point in time I could cd into the directory and run the executable, however sublime text was not available from the command line nor dmenu. After doing some googling around I was able to find this helpful article which walked me through the rest of the process that I needed.

After unzipping the folder I then renamed the folder to just “sublime” and moved it to /opt/ . Once it was moved I transferred ownership to root and gave global run permissions. Upon completing that I created a file in /usr/bin/ (where is not as important as the fact that it be on the PATH) and included the following text in it:

#!/bin/sh 
export SUBLIME_HOME="/opt/sublime" 
$SUBLIME_HOME/sublime_text "$*" 

I ensured that others could run but not edit the file, and viola!, sublime_text was available in dmenu as well as the command line!.

Getting started in netsec and cyber security

I was recently asked by a friend what they best way to get started in cyber security would be. As someone who knows jack squat about cyber security I am not in any way really qualified to answer this, but, at the same time, I am also someone who is generally pretty good at finding resources and learning stuff, so I figure I may put some resources together.

One of the first things that you can do it find communities that work within the topic and start interacting with them, some of the groups that I am aware of in one way of another include:

  • Reddit NetSec – A community for news and discussion regarding information security and related topics.
  • Reddit Ask NetSec -  A place to ask questions regarding Information Security.
  • #r_netsec – Reddit NetSec on freenode.
  • Pentester Academy – A place to learn pentesting online
  • Reddit Blackhat - We seek to discuss vulnerability and exploitation theory and [evading] the countermeasures used to deter exploitation
  • Reddit Codes – A place to find various codes to keep your cracking sharp.
  • Reddit WebSec – A place to discuss web-based vulnerabilities.
  • Reddit CompSec – A place to discuss local, computer based security measures.
  • Reddit Malware – A place to discuss malware reports and gain other information.
  • Reddit NetSecStudents - A place to share resources, ask questions, and help other students learn Network Security specialties of all kinds.
  • NetSecStudents wiki – probably a better maintained, more through concept of what this blog post is supposed to be.

A list of freenode IRC channels that I keep handy that may be handy for you as well:

  • ##infra-talk
  • #metasploit
  • #NetHack
  • ##Networking
  • #reddit-sysadmin
  • #r_netsec
  • ##security
  • ##systemadmins
  • #algorithms
  • ##c++basic
  • ##C++general
  • #friendly-coders
  • #learnprogramming
  • ##math
  • ##programming
  • #python
  • #bash
  • ##linux

An online phenomenon that I would actively pay attention to is “cicada 3301“. It is turning out to me a huge information searching game hosted annually by persons unknown.

 

My burgeoning love affair with DD-WRT

For the longest time I was unable to use DD-WRT because the router I had was unsupported and I could not justify buying a new router simply to play with the Linux based firmware that it provided. Then one day, several months ago, I started looking through the routers available at goodwill and found one that was in the dd-wrt database and was only $4. I took it home that night and was up until all hours reading all of the available documentation on installing DD-WRT on that router and then installed it. Thankfully it was considerably easier than I originally anticipated.

Continue reading

webanize – a bash script to help me share my scripts.

I recently started reading the Advanced Bash-Scripting Guide and I have been writing scripts intended to save me time and make some of what I do more visible to potential employers. While I have tried to keep a portfolio online for a very long time I found that I really sucked at updating it. I would have to upload the scripts to the portfolio site, figure out how to make them look “okay”, and then update the actual database that built the portfolio site. Okay, honestly it was not a lot of work, but today I decided to make it even less.

Continue reading

Home Directory Listing, my first “to order” bash script.

I recently have been reading the “Advanced Bash-Scripting Guide” because the trial and error that I agonized through to create the taskwarrior scripts nearly drove my crazy. Since I have spent a lot of time reading today I decided to start to try my hand at one of the exercises. Specifically I did the first one, “Home Directory Listing”.

Continue reading

First install of Arch and notes on sshing to CentOS

For the first time in my life I successfully installed Arch Linux last night. To be honest it was considerably more involved than I expected it to be, but the Beginners’ guide was really helpful and gave me enough to get it rocking and rolling. I was originally doing “OK” with their Installation guide, but I needed help formatting my partitions and the beginners guide broke it down Barney-style enough for me that I was able to get it.

 

Another thing that I figured out last night is the case of the slow SSH authorization. Frequently when I am attempting to either scp or ssh to a CentOS install it takes a loooong time to authorize me to access. Originally I thought that it had something to do with the fact that I was working on an old assed out machine, but then I realized that it happened even on virtual machines. Doing a little bit of research I found that the connection was hanging when attempting to authenticate using GSSAPI. Since I am a huge user of ssh keys I simply commented out the line in the config file that allowed it.