Computers on ScienceChronicle

A typical Perl project directory structure

Sun, 01 Sep 2024 01:58:40 +0000

A typical Perl project directory structure is designed to separate the main script(s) from modules, configurations, and other resources like tests or documentation. Here’s an example of a standard Perl project directory structure:

my_perl_project/
├── bin/
│   └── main.pl
├── lib/
│   ├── MyApp/
│   │   ├── Module1.pm
│   │   └── Module2.pm
├── t/
│   ├── 01_module1.t
│   └── 02_module2.t
├── script/
│   └── some_utility_script.pl
├── doc/
│   └── README.md
├── Makefile.PL
└── MANIFEST

Breakdown of the Structure

1. `bin/` Directory:

Purpose: This directory contains the main executable scripts of your application.
Example: main.pl is the main entry point for your application.
Content:
- main.pl: The main script that uses the modules from the lib/ directory.

2. `lib/` Directory:

Purpose: This directory is where your Perl modules (libraries) reside.
Example: The MyApp/ directory within lib/ contains the modules Module1.pm and Module2.pm.
Content:
- MyApp/Module1.pm: A Perl module providing specific functionality.
- MyApp/Module2.pm: Another Perl module.

Typical Module Structure:

Using SQLITE database with Perl on OpenWRT

Wed, 21 Aug 2024 03:58:40 +0000

This article discusses using an SQLite database with Perl on the OpenWRT openwrt-23.05 branch (git-23.233.52805-dae2684). We aim to use an SQLite database with Perl.

First, we need to install the DBI module and then find and install DBD for SQLite. Let’s examine the directory of Perl modules available on OpenWRT: Perl Modules on OpenWRT .

One can see that the DBI module is present: perl-dbi . After installing it, let’s check which DBD modules are included:

Ensuring Safe File Operations in Linux: Handling Simultaneous Reads and Writes

Sun, 18 Aug 2024 22:58:40 +0000

Ensuring Safe File Operations in Linux: Handling Simultaneous Reads and Writes

In Linux, managing file access between multiple processes can be tricky, especially when one script is writing to a file while another is reading from it. Without proper synchronization, you may encounter situations where a reader script accesses a partially written file, leading to incomplete or corrupt data reads. In this blog post, we’ll explore how to handle simultaneous file access safely using flock and atomic operations like mv. We’ll also discuss best practices to ensure that your scripts can read and write files without interference.

Understanding Cronjob Self-Deletion: Behavior and Implications When Restarting Cron Service on OpenWRT

Sun, 18 Aug 2024 01:58:40 +0000

Intro

The article addresses the question: Will a cronjob complete its run if it removes itself from the crontab and restarts the cron service? We conducted tests on OpenWRT version 23.05.3 240325 to find out.

Test

To answer this question, we wrote a short Perl script, b.pl:

#!/usr/bin/perl

print "Start\n";
`sed -i /b.pl/d /etc/crontabs/root`;
print "Removed crontab entry\n";
`service cron restart`;
print "Restarted cron service\n";
sleep(10);
print "Slept 10 sec and now exiting\n";

We added the following crontab entry using crontab -e:

OpenWRT with WireGuard server which is connected through OpenVPN

Thu, 18 Jul 2024 01:58:40 +0000

We setup a wireguard server on an OpenWRT router. We generate a setup file for the client. The wireguard server itself we connect through a VPN. The VPN itself can be socked through TOR (we don’t discuss this in the article).

Generate keys

umask go=
wg genkey | tee wgserver.key | wg pubkey > wgserver.pub
wg genkey | tee wgclient.key | wg pubkey > wgclient.pub
wg genpsk > wgclient.psk

Setup wireguard server

Note, wireguard server is actually a kernel module and there is no a special application to be run. The wireguard module exposes interface to ip link with which one can create a device of type wireguard.

OpenWRT under hood

Mon, 08 Jul 2024 01:58:40 +0000

Wireless configuration

Behind the scenes, UCI (Unified Configuration Interface) in OpenWRT uses various command-line utilities and services to apply the wireless configurations defined in /etc/config/wireless. Here are some key components and commands involved in this process:

netifd:

The netifd (network interface daemon) is responsible for managing network interfaces in OpenWRT. It handles the configuration of interfaces based on the UCI configuration files.

hostapd and wpa_supplicant:

OpenWRT typically uses hostapd for managing Access Point (AP) interfaces and wpa_supplicant for client interfaces. These services are controlled and configured by netifd based on the UCI settings.

iw and ip commands:

netifd uses iw to configure wireless devices and interfaces. It also uses ip to manage network interfaces at a lower level.

Example Workflow

When you configure an SSID in /etc/config/wireless and run wifi reload, the following steps typically occur:

Install NYX on OpenWRT

Tue, 04 Jun 2024 02:58:40 +0000

NYX is a monitoring utility for TOR. It connects to Tor’s control port so to make it work we should define the control port in /etc/tor/torrc:

# File: /etc/tor/torrc
ControlPort 9051

Install NYX on OpenWRT version 23.05.3 r23809-234f1a2efa with the following commands:

opkg update
opkg install nyx

When running, we get into an error:

nyx
Traceback (most recent call last):
  File "/usr/bin/nyx", line 8, in <module>
    sys.exit(main())
             ^^^^^^
  File "/usr/lib/python3.11/site-packages/nyx/__init__.py", line 176, in main
  File "/usr/lib/python3.11/site-packages/stem/util/conf.py", line 288, in wrapped
AttributeError: module 'inspect' has no attribute 'getargspec'. Did you mean: 'getargs'?

To solve that problem, we proceed as follows:

NodeJS / Typescript: module in directory

Mon, 27 May 2024 11:52:37 +0000

What are the hardest problems in software engineering? The obvious answer is “cache invalidation and variable naming.” However, on a more serious note, a significant part of software engineering is devoted to the separation of concerns. This is one of the reasons object-oriented programming (OOP) came into existence. In fact, it could be argued that the entire field of software engineering revolves around the separation of concerns—how to effectively factor and modularize software to make it more manageable.

NodeJS nexe resources

Mon, 27 May 2024 01:58:40 +0000

For some reason, there is a scare description of how to add and access resources for executables created by nexe-cli. Here we make some clarifications.

What’s nexe-cli?

nexe-cli is an utility which creates a standalone executable from nodejs code. It compiles nodejs runtime for the target platform and creates a stanalone executable which contains the nodejs runtime and program js source code. Note, however, that nexe does not include node_modules folder in the executable so if the source code uses some of npm modules the distributed executable should be distributed along with the modules:

Taking over Zabbix with Hydra

Wed, 22 May 2024 01:58:40 +0000

Lab experiment

As usual, we start with an experiment in highly constrolled conditions - in our virtual lab.

Let’s first install hydra:

sudo apt install hydra -y

Then let’s run zabbix appliance to have all zabbix components run in a single command:

docker run --name some-zabbix-appliance -p 80:80 -p 10051:10051 -d zabbix/zabbix-appliance:tag

After docker ran, we can see exposed ports:

docker ps
CONTAINER ID   IMAGE                     COMMAND                  CREATED             STATUS             PORTS                                                                                       NAMES
3b0230770aa0   zabbix/zabbix-appliance   "/sbin/tini -- /usr/…"   About an hour ago   Up About an hour   0.0.0.0:80->80/tcp, :::80->80/tcp, 0.0.0.0:10051->10051/tcp, :::10051->10051/tcp, 443/tcp   some-zabbix-appliance

and we get into the UI by going with browser to http://localhost:

Is CVE-2021-23017 remotely exploitable?

Mon, 20 May 2024 01:58:40 +0000

CVE-2021-23017 is a critical vulnerability in the NGINX resolver that can lead to a buffer overflow, allowing for potential remote code execution (RCE). This vulnerability affects NGINX when it is configured to use a resolver with DNS server responses.

Conditions for CVE-2021-23017

NGINX Version:
- The vulnerability affects NGINX versions 0.6.18 through 1.20.0.
NGINX Configuration:
- NGINX must be configured to use the resolver directive. This directive specifies the IP address of the DNS server that NGINX should use to resolve domain names.
- The resolver directive is typically used in configurations for DNS-based service discovery, dynamic upstreams, or when using NGINX with server names that require DNS resolution.
DNS Response Handling:

PoC for CVE-2018-16167

Mon, 20 May 2024 01:58:40 +0000

Setup

We analyzed https://github.com/JPCERTCC/LogonTracer/blob/v1.2.0/docker/Dockerfile to understand how to properly run the docker. We need Neo4j container to be run first, then logontracer container to be linked to. Also, pay attention, without specifying LTHOSTNAME env var logontracer will not run.

docker run -d \
  --name neo4j \
  -p 7474:7474 \
  -p 7687:7687 \
  -e NEO4J_AUTH=neo4j/password \
  neo4j:3.2.3

docker run -d \
  --name logontracer \
  --link neo4j \
  -p 8080:8080 \
  -e LTHOSTNAME=localhost \ 
  jpcertcc/docker-logontracer:v1.2.0

Check:

How to reset Windows password in VirtualBox

Sun, 19 May 2024 02:58:40 +0000

If you forgot your password for Windows running inside VirtualBOx, the solution is very simple. Here we desribe the steps to reset the password.

We use VirtualBox Version 7.0.8 r156879 (Qt5.12.8) on Linux Mint 20.3 (Una) (Ubunti Codename=focal). The Windows running in VirtualBox is Windows 11 with standard user User for which Passw0rd! password was expired, then changed to something and this something was forgotten:

Windows requires password

Note: It seems MS removed passwords for the Vms at the time of writing this post (19 May 2024).

Computers on ScienceChronicle

A typical Perl project directory structure

Breakdown of the Structure

1. bin/ Directory:

2. lib/ Directory:

Using SQLITE database with Perl on OpenWRT

Ensuring Safe File Operations in Linux: Handling Simultaneous Reads and Writes

Ensuring Safe File Operations in Linux: Handling Simultaneous Reads and Writes

Understanding Cronjob Self-Deletion: Behavior and Implications When Restarting Cron Service on OpenWRT

Intro

Test

OpenWRT with WireGuard server which is connected through OpenVPN

Generate keys

Setup wireguard server

OpenWRT under hood

Wireless configuration

Example Workflow

Install NYX on OpenWRT

NodeJS / Typescript: module in directory

NodeJS nexe resources

What’s nexe-cli?

Taking over Zabbix with Hydra

Lab experiment

Is CVE-2021-23017 remotely exploitable?

Conditions for CVE-2021-23017

PoC for CVE-2018-16167

Setup

How to reset Windows password in VirtualBox

1. `bin/` Directory:

2. `lib/` Directory: