Merge branch 'master' of zx2c4.com:laurent-tools

29 files changed, 476 insertions, 1 deletions

diff --git a/propagate/Makefile b/broken/propagate/Makefile
index 5722a0d..5722a0d 100644
--- a/propagate/Makefile
+++ b/broken/propagate/Makefile
diff --git a/propagate/README.txt b/broken/propagate/README.txt
index 97b601c..97b601c 100644
--- a/propagate/README.txt
+++ b/broken/propagate/README.txt
diff --git a/propagate/TODO.txt b/broken/propagate/TODO.txt
index 873f9f4..873f9f4 100644
--- a/propagate/TODO.txt
+++ b/broken/propagate/TODO.txt
diff --git a/propagate/src/Makefile b/broken/propagate/src/Makefile
index a59af5d..a59af5d 100644
--- a/propagate/src/Makefile
+++ b/broken/propagate/src/Makefile
diff --git a/propagate/src/atomicio.c b/broken/propagate/src/atomicio.c
index 4ac3a08..4ac3a08 100644
--- a/propagate/src/atomicio.c
+++ b/broken/propagate/src/atomicio.c
diff --git a/propagate/src/atomicio.h b/broken/propagate/src/atomicio.h
index c11e63f..c11e63f 100644
--- a/propagate/src/atomicio.h
+++ b/broken/propagate/src/atomicio.h
diff --git a/propagate/src/base64.c b/broken/propagate/src/base64.c
index acf49c8..acf49c8 100644
--- a/propagate/src/base64.c
+++ b/broken/propagate/src/base64.c
diff --git a/propagate/src/base64.h b/broken/propagate/src/base64.h
index 8973755..8973755 100644
--- a/propagate/src/base64.h
+++ b/broken/propagate/src/base64.h
diff --git a/propagate/src/cli_fe_http.py b/broken/propagate/src/cli_fe_http.py
index 40b7373..40b7373 100644
--- a/propagate/src/cli_fe_http.py
+++ b/broken/propagate/src/cli_fe_http.py
diff --git a/propagate/src/listener.c b/broken/propagate/src/listener.c
index 782385d..782385d 100644
--- a/propagate/src/listener.c
+++ b/broken/propagate/src/listener.c
diff --git a/propagate/src/log.c b/broken/propagate/src/log.c
index bf494fe..bf494fe 100644
--- a/propagate/src/log.c
+++ b/broken/propagate/src/log.c
diff --git a/propagate/src/msg.c b/broken/propagate/src/msg.c
index 568ff44..568ff44 100644
--- a/propagate/src/msg.c
+++ b/broken/propagate/src/msg.c
diff --git a/propagate/src/pg.c b/broken/propagate/src/pg.c
index f3c3c8d..f3c3c8d 100644
--- a/propagate/src/pg.c
+++ b/broken/propagate/src/pg.c
diff --git a/propagate/src/pg.h b/broken/propagate/src/pg.h
index b671883..b671883 100644
--- a/propagate/src/pg.h
+++ b/broken/propagate/src/pg.h
diff --git a/propagate/src/queue.h b/broken/propagate/src/queue.h
index fb23a72..fb23a72 100644
--- a/propagate/src/queue.h
+++ b/broken/propagate/src/queue.h
diff --git a/propagate/src/route.c b/broken/propagate/src/route.c
index 99f52ec..99f52ec 100644
--- a/propagate/src/route.c
+++ b/broken/propagate/src/route.c
diff --git a/propagate/src/tests/Makefile b/broken/propagate/src/tests/Makefile
index 6f81535..6f81535 100644
--- a/propagate/src/tests/Makefile
+++ b/broken/propagate/src/tests/Makefile
diff --git a/propagate/src/tests/test_base64.c b/broken/propagate/src/tests/test_base64.c
index e32ff65..e32ff65 100644
--- a/propagate/src/tests/test_base64.c
+++ b/broken/propagate/src/tests/test_base64.c
diff --git a/propagate/src/tests/test_explode.c b/broken/propagate/src/tests/test_explode.c
index 0210397..0210397 100644
--- a/propagate/src/tests/test_explode.c
+++ b/broken/propagate/src/tests/test_explode.c
diff --git a/propagate/src/util.c b/broken/propagate/src/util.c
index 646492a..646492a 100644
--- a/propagate/src/util.c
+++ b/broken/propagate/src/util.c
diff --git a/conf/Makefile b/conf/Makefile
index 8dfeb4d..a3db36f 100644
--- a/conf/Makefile
+++ b/conf/Makefile
@@ -1,2 +1,3 @@
 deploy:
-	ln -s `readlink -f bashrc-laurent-public` ~/.bashrc-laurent-public
+	-ln -s `readlink -f bashrc-laurent-public` ~/.bashrc-laurent-public
+	-ln -s `readlink -f vimrc` ~/.vimrc
diff --git a/conf/bashrc-laurent-public b/conf/bashrc-laurent-public
index 1196490..63845f6 100644
--- a/conf/bashrc-laurent-public
+++ b/conf/bashrc-laurent-public
@@ -71,7 +71,10 @@ alias    usee='vim ~/perso/USEFULL_COMMANDS'
 alias    xbindkeys-reload="pkill xbindkeys; xbindkeys"
 alias    tn='tmux new-session -s'
 alias    ta='tmux attach'
+alias    pabeep='paplay /usr/share/sounds/gnome/default/alerts/bark.ogg'
 function now() { while read line; do echo -e "`date ${1:++"$1"}` $line"; done }
+function loop() { time=$1; shift; while :; do echo $@; eval $@; sleep $time; done; pabeep; }
+function loop_false() { time=$1; shift; while :; do echo $@; eval $@ && break; sleep $time; done; pabeep; }
 
 alias    pingg='ping google.com'
 alias    pingx='ping 8.8.8.8'
diff --git a/conf/vimrc b/conf/vimrc
new file mode 100644
index 0000000..8558ea8
--- /dev/null
+++ b/conf/vimrc
@@ -0,0 +1,198 @@
+" Ressources
+" http://nvie.com/posts/how-i-boosted-my-vim/
+
+"
+" general setup
+"
+
+filetype off
+set nocompatible
+" Use pathogen to easily modify the runtime path to include all
+" plugins under the ~/.vim/bundle directory
+"call pathogen#helptags()
+"call pathogen#runtime_append_all_bundles()
+filetype plugin indent on
+
+set modelines=0
+
+let mapleader=","
+
+nmap <silent> <leader>ve :e $MYVIMRC<CR>
+nmap <silent> <leader>vr :so $MYVIMRC<CR>
+
+"
+" behavior
+"
+
+" wrapping
+set wrap
+set textwidth=79
+set formatoptions=qrn1
+set colorcolumn=81
+hi ColorColumn ctermbg=0
+set winwidth=80
+
+"set hidden
+
+"set tabstop=2
+"set shiftwidth=2
+"set smarttab
+"set softtabstop=2
+"
+set tabstop=4     " a tab is four spaces
+set expandtab
+set backspace=indent,eol,start " allow backspacing over everything in insert mode
+set autoindent    " always set autoindenting on
+set copyindent    " copy the previous indentation on autoindenting
+" set number        " always show line numbers
+set shiftwidth=4  " number of spaces to use for autoindenting
+set shiftround    " use multiple of shiftwidth when indenting with '<' and '>'
+set showmatch     " set show matching parenthesis
+set ignorecase    " ignore case when searching
+set smartcase     " ignore case if search pattern is all lowercase, case-sensitive otherwise
+set smarttab      " insert tabs on the start of a line according to shiftwidth, not tabstop
+set hlsearch      " highlight search terms
+set incsearch     " show search matches as you type
+
+set history=1000         " remember more commands and search history
+set undolevels=1000      " use many muchos levels of undo
+set wildignore=*.swp,*.bak,*.pyc,*.class
+set title                " change the terminal's title
+set visualbell           " don't beep
+set noerrorbells         " don't beep
+
+set nobackup
+" set noswapfile
+
+"
+" file type
+"
+
+filetype plugin indent on
+if has('autocmd')
+  autocmd filetype python set expandtab
+endif
+
+"
+" color
+"
+
+if &t_Co >= 256 || has("gui_running")
+  colorscheme mustang
+endif
+
+if &t_Co > 2 || has("gui_running")
+  " switch syntax highlighting on, when the terminal has colors
+  syntax on
+endif
+
+"
+" editing
+"
+
+"set list
+" set listchars=tab:>.,trail:.,extends:#,nbsp:.
+" set listchars=trail:.,extends:#,nbsp:.
+" set listchars-=tab:>.
+"autocmd filetype html,xml set listchars-=tab:>.
+
+"
+" paste
+"
+
+set pastetoggle=<F2>
+map <C-v> "+p
+vmap <C-c> "+yi
+vmap <C-x> "+c
+vmap <C-v> c<ESC>"+p
+imap <C-v> <ESC>"+p
+"nmap <F6> :!read xsel --clipboard --output<CR>
+
+"
+" mouse
+"
+
+"set mouse=a
+"XXX install vim x11
+"set ttymouse=xterm2 "to work inside tmux
+"noremap <F3> :call <SID>ToggleMouse()<CR>
+"inoremap <F3> <Esc>:call <SID>ToggleMouse()<CR>a
+
+"
+" bindings
+"
+
+nnoremap ; :
+inoremap <F1> <ESC>
+nnoremap <F1> <ESC>
+vnoremap <F1> <ESC>
+
+" Use Q for formatting the current paragraph (or selection)
+vmap Q gq
+nmap Q gqap
+
+" Jump to next line in editor, not in file
+nnoremap j gj
+nnoremap k gk
+
+" Easy window navigation
+map <C-h> <C-w>h
+map <C-j> <C-w>j
+map <C-k> <C-w>k
+map <C-l> <C-w>l
+
+" Clear search
+nmap <silent> ,/ :nohlsearch<CR>
+
+" Reopen file with sudo
+cmap w!! w !sudo tee % >/dev/null
+
+" Search with ack
+nnoremap <leader>a :Ack 
+
+nnoremap <leader>P :ToggleRaibowParenthesis
+
+"
+" Plugins
+"
+
+" * Command-t - ,t
+" * snipMate - for<TAB>
+
+"
+" Autosave on focus out
+"
+au FocusLost * :wa
+
+" ----
+" MINE
+" ----
+
+" set hlsearch
+set guifont="Monospace 9"
+
+" version using tabs
+"set tabstop=4
+"set shiftwidth=4
+"set smarttab
+"set expandtab
+"set softtabstop=4
+"set autoindent
+"im :<CR> :<CR><TAB>
+
+" version using spaces
+"set tabstop=2
+"set shiftwidth=2
+"set smarttab
+"set expandtab
+"set softtabstop=2
+"set autoindent
+"im :<CR> :<CR><TAB>
+
+" filetype plugin indent on
+
+imap <F4> ===============================================================================<CR>
+nmap <F4> a===============================================================================<CR>
+imap <F5> ===============================================================================<CR><C-R>=strftime("%Y%m%d-%H%M")<CR><CR>
+nmap <F5> a===============================================================================<CR><C-R>=strftime("%Y%m%d-%H%M")<CR><CR>
+
diff --git a/skylog/README.txt b/skylog/README.txt
index b88bba8..8769335 100644
--- a/skylog/README.txt
+++ b/skylog/README.txt
@@ -1 +1,3 @@
 skylog - log online/offline skype status of contacts
+
+runskype_skylog.sh: Run skype and skylog, and shows you skylog output in tmux
diff --git a/skylog/runskype_skylog.sh b/skylog/runskype_skylog.sh
index 3b0daf5..90abaa1 100644
--- a/skylog/runskype_skylog.sh
+++ b/skylog/runskype_skylog.sh
@@ -18,4 +18,11 @@ sleep 2
 echo "[-] running skydbg"
 skydbg.py >> $LOGDIR/skydbg.csv &
 
+echo "[-] create tmux skylog watcher"
+tmux new-session -d -s skylog "tail -f $LOGDIR/skydbg.csv"
+tmux new-window -t skylog "tail -f $LOGDIR/skylog.csv"
+
+echo "[-] attach to tmux skylog watcher"
+tmux attach-session -t skylog
+
 echo "[*] running !"
diff --git a/tools/qvm-copy-to-vm.sh b/tools/qvm-copy-to-vm.sh
new file mode 100644
index 0000000..29e9a68
--- /dev/null
+++ b/tools/qvm-copy-to-vm.sh
@@ -0,0 +1,40 @@
+#!/bin/sh
+
+# Copy files from Qubes Dom0 to AppVM
+# 2013, Laurent Ghigonis <laurent@p1sec.com>
+
+APPVM_DEST_DIR="/home/user/QubesIncoming/dom0"
+
+usage() {
+	echo "$program [-hn] dest_vmname file [file]+"
+	echo -e "\t-n : run nautilus in dest_vmname"
+}
+
+program="`basename $0`"
+mode_nautilus=0
+opts="$(getopt -o hn -n "$program" -- "$@")"
+err=$?
+eval set -- "$opts"
+while true; do case $1 in
+	-h) usage; exit 1 ;;
+	-n) mode_nautilus=1; shift ;;
+	--) shift; break ;;
+esac done
+[[ $err -ne 0 || $# -lt 2 ]] && usage && exit 1
+
+appvm="$1"
+shift
+
+echo "[-] copy to AppVM $appvm"
+qvm-run $appvm "mkdir -p $APPVM_DEST_DIR"
+for f in $@; do
+	echo "[-] copying $APPVM_DEST_DIR/$f"
+	cat $f |qvm-run --pass-io $appvm "cat > $APPVM_DEST_DIR/$f"
+done
+
+if [ $mode_nautilus -eq 1 ]; then
+	echo "[-] running nautilus in AppVM"
+	qvm-run $appvm "nautilus $APPVM_DEST_DIR"
+fi
+
+echo "[*] done"
diff --git a/tools/qvm-screenrecord.sh b/tools/qvm-screenrecord.sh
new file mode 100644
index 0000000..57a7199
--- /dev/null
+++ b/tools/qvm-screenrecord.sh
@@ -0,0 +1,90 @@
+#!/bin/sh
+
+# Record desktop in Qubes Dom0 and copy video to AppVM
+# Dependencies: recordmydesktop (sudo qubes-dom0-update recordmydesktop)
+# If you want create a keyboard shortcut you should run it in Konsole
+# Example: konsole -e qvm-screenrecord.sh -s -n
+# 2013, Laurent Ghigonis <laurent@p1sec.com>
+
+DOM0_SHOTS_DIR=$HOME/shots
+APPVM_SHOTS_DIR=/home/user/shots
+QUBES_DOM0_APPVMS=/var/lib/qubes/appvms/
+
+usage() {
+	echo "$program [-hns]"
+	echo -e "\t-n : after capturing, run nautilus in AppVM"
+	echo -e "\t-s : select window to capture"
+}
+
+program="`basename $0`"
+mode_nautilus=0
+mode_select=0
+opts="$(getopt -o hns -n "$program" -- "$@")"
+err=$?
+eval set -- "$opts"
+while true; do case $1 in
+	-h) usage; exit 1 ;;
+	-n) mode_nautilus=1; shift ;;
+	-s) mode_select=1; shift ;;
+	--) shift; break ;;
+esac done
+[[ $err -ne 0 ]] && usage && exit 1
+
+mkdir -p $DOM0_SHOTS_DIR ||exit 1
+d=`date +"%Y%m%d-%H%M"`
+tmpname=$d.ogv
+
+if [ $mode_select -eq 1 ]; then
+	echo "[-] select window to record"
+	echo "Press <enter> when ready to select"
+	read a
+	unset x y w h
+	eval $(xwininfo | \
+		sed -n -e "s/^ \+Absolute upper-left X: \+\([0-9]\+\).*/x=\1/p" \
+		       -e "s/^ \+Absolute upper-left Y: \+\([0-9]\+\).*/y=\1/p" \
+		       -e "s/^ \+Width: \+\([0-9]\+\).*/w=\1/p" \
+		       -e "s/^ \+Height: \+\([0-9]\+\).*/h=\1/p" )
+	record_opts="-x $x -y $y --width $w --height $h"
+	echo "[-] recording zone at ${x} ${y} size ${w} ${h}"
+else
+	echo "[-] recording root window"
+	echo "Press <enter> when ready to record"
+	read a
+	record_opts=""
+fi
+
+echo
+echo "============================="
+echo "Hit Crtl-C to end the capture"
+echo "============================="
+echo
+recordmydesktop --no-sound -o $DOM0_SHOTS_DIR/$tmpname $record_opts $@
+size=`ls -hs $DOM0_SHOTS_DIR/$tmpname |cut -d' ' -f1`
+
+title=`kdialog --inputbox "Enter capture title ($size)" --title "$program"`
+[[ X"$title" = X"" ]] && exit 1
+vidname=${d}_${title}.ogv
+
+echo "[-] saving $DOM0_SHOTS_DIR/$vidname ($size)"
+mv $DOM0_SHOTS_DIR/$tmpname $DOM0_SHOTS_DIR/$vidname
+ls -lh $DOM0_SHOTS_DIR/$vidname
+
+choice=`ls $QUBES_DOM0_APPVMS |sed 's/\([^ ]*\)/\1 \1/g'`
+appvm=`kdialog --menu "Select destination AppVM" $choice --title "$program"`
+
+if [ X"$appvm" != X"" ]; then
+	if [ $mode_nautilus -eq 1 ]; then
+		echo "[-] running nautilus in AppVM"
+		qvm-run $appvm "nautilus $APPVM_SHOTS_DIR"
+	fi
+
+	echo "[-] copy to AppVM $appvm"
+	qvm-run $appvm "mkdir -p $APPVM_SHOTS_DIR"
+	echo "[-] copying $APPVM_SHOTS_DIR/$vidname"
+	cat $DOM0_SHOTS_DIR/$vidname \
+		|qvm-run --pass-io $appvm "cat > $APPVM_SHOTS_DIR/$vidname"
+else
+	echo "no AppVM name provided"
+fi
+
+echo "[*] done"
diff --git a/tools/qvm-screenshot.sh b/tools/qvm-screenshot.sh
new file mode 100644
index 0000000..8ece02f
--- /dev/null
+++ b/tools/qvm-screenshot.sh
@@ -0,0 +1,86 @@
+#!/bin/sh
+
+# Take screenshot(s) in Qubes Dom0 and copy to AppVM
+# Dependencies: scrot (sudo qubes-dom0-update scrot)
+# My KDE shortcuts:
+# Meta-C       : qvm-screenshot.sh -s -n
+# Meta-Shift-C : qvm-screenshot.sh -s -n -m
+# Meta-Alt-C   : qvm-screenshot.sh -s -q
+# 2013, Laurent Ghigonis <laurent@p1sec.com>
+
+DOM0_SHOTS_DIR=$HOME/shots
+APPVM_SHOTS_DIR=/home/user/shots
+QUBES_DOM0_APPVMS=/var/lib/qubes/appvms/
+
+usage() {
+	echo "$program [-hlmqs]"
+	echo -e "\t-m : take multiple shots"
+	echo -e "\t-n : after screenshot, run nautilus in AppVM"
+	echo -e "\t-q : only take screenshot, no blabla"
+	echo -e "\t-s : select window"
+}
+
+program="`basename $0`"
+mode_multi=0
+mode_nautilus=0
+mode_select=0
+opts="$(getopt -o hmnqs -n "$program" -- "$@")"
+err=$?
+eval set -- "$opts"
+while true; do case $1 in
+	-h) usage; exit 1 ;;
+	-q) mode_quick=1; shift ;;
+	-m) mode_multi=1; shift ;;
+	-n) mode_nautilus=1; shift ;;
+	-s) mode_select=1; shift ;;
+	--) shift; break ;;
+esac done
+[[ $err -ne 0 ]] && usage && exit 1
+
+shotslist=""
+mkdir -p $DOM0_SHOTS_DIR ||exit 1
+while true; do
+	d=`date +"%Y%m%d-%H%M"`
+	tmpname=$d.png
+	if [ $mode_select -eq 1 ]; then
+		echo "[-] making shot, click on a window"
+		scrot $@ -s -b $DOM0_SHOTS_DIR/$tmpname ||break
+	else
+		echo "[-] making shot of root window"
+		scrot $@ $DOM0_SHOTS_DIR/$tmpname ||break
+	fi
+	[[ $mode_quick -eq 1 ]] && exit 1
+
+	title=`kdialog --inputbox "Enter screenshot title" --title "$program"`
+	[[ X"$title" = X"" ]] && break
+	shotname=${d}_${title}.png
+
+	echo "[-] saving $DOM0_SHOTS_DIR/$shotname"
+	mv $DOM0_SHOTS_DIR/$tmpname $DOM0_SHOTS_DIR/$shotname
+
+	shotslist="${shotslist}${shotname}:"
+
+	[[ $mode_multi -eq 1 ]] && kdialog --yesno "Other shot ?" || break
+done
+
+choice=`ls $QUBES_DOM0_APPVMS |sed 's/\([^ ]*\)/\1 \1/g'`
+appvm=`kdialog --menu "Select destination AppVM" $choice --title "$program"`
+
+if [ X"$appvm" != X"" ]; then
+	if [ $mode_nautilus -eq 1 ]; then
+		echo "[-] running nautilus in AppVM"
+		qvm-run $appvm "nautilus $APPVM_SHOTS_DIR"
+	fi
+
+	echo "[-] copy to AppVM $appvm"
+	qvm-run $appvm "mkdir -p $APPVM_SHOTS_DIR"
+	IFS=":"; for shot in $shotslist; do
+		echo "[-] copying $APPVM_SHOTS_DIR/$shot"
+		cat $DOM0_SHOTS_DIR/$shot \
+			|qvm-run --pass-io $appvm "cat > $APPVM_SHOTS_DIR/$shot"
+	done
+else
+	echo "no AppVM name provided"
+fi
+
+echo "[*] done"
diff --git a/wireshark_dechunk/README.txt b/wireshark_dechunk/README.txt
new file mode 100644
index 0000000..ab00663
--- /dev/null
+++ b/wireshark_dechunk/README.txt
@@ -0,0 +1,48 @@
+IDEA STAGE - 04/2013
+
+Add an option to Wireshark (libwireshark / epan) to give hability to dissectors
+to dechunk frames, by creating multiple fake frames each containing part of the
+data from one frame.
+
+Goal is to dechunk SCTP and TCAP on the fly.
+
+===============================================================================
+Options presented to Wireshark / tshark
+
+* dechunk SCTP (default True)
+* dechunk TCAP (default True)
+* save PCAP as dechunked (default False)
+
+===============================================================================
+Code: Insert fake dechunked frames instead of chunked frame
+
+file.c:
+add_packet_to_packet_list(frame_data *fdata, capture_file *cf,        
+    dfilter_t *dfcode, gboolean create_proto_tree, column_info *cinfo,
+    struct wtap_pkthdr *phdr, const guchar *buf,                      
+    gboolean add_to_packet_list)                                      
+
+after epan_dissect_run_with_taps(&edt, phdr, buf, fdata, cinfo);
+if edt.fake_frames:
+  for each edt.fake_frame:
+    packet_list_append(cinfo, fdata, &edt.pi);
+
+Data passed in frame_data (epan/frame_data.h)
+New methods from frame list manipulation in frame_data_sequence.c
+
+Actual Callgraph
+read_packet
+  frame_data_sequence_add
+  add_packet_to_packet_list # target function
+    epan_dissect_run_with_taps
+    dfilter_apply_edt
+    packet_list_append
+rescan_packets
+  add_packet_to_packet_list # target function
+
+===============================================================================
+Code: Create fake dechunked frames from chunked frame
+
+epan/dissectors/packet-sctp.c
+dissect_sctp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
+pinfo->fd (frame_data)