Friday, August 14, 2015

Extract layer 7 data from packet capture

If you want to extract the tcp payload of a set of packets (A tcp stream for example) Below command comes handy.

tshark -r test.pcap -2 -R"tcp.port==444" -T fields -e data  | tr -d '\n' | xxd -r -p > layer7_data

xxd converts ASCII hex to binary.

Friday, April 12, 2013

Get openerp working from source

  • Run openerp from source
    • Download source using bazaar
      • Install bazaar
      • Configure bazaar for launchpad repository
      • download(branch) source
    • Get the server running from source
      After getting the sourced using bzr, run
    • Get the web client running from source
      install python-cherrypy python-formencode This error can be seen at the core (server): [2013-04-11 16:00:31,280][template1] ERROR:db.connection_pool:Connection to the database failed Traceback (most recent call last): File "/home/advaith/openerp/bzr/openerp/server/bin/", line 303, in borrow result = psycopg2.connect(dsn=dsn, connection_factory=PsycoConnection) File "/usr/lib/python2.7/dist-packages/psycopg2/", line 179, in connect connection_factory=connection_factory, async=async) OperationalError: FATAL: role "advaith" does not exist
    • Get GTK Client running from source.
      ./configure make make install /usr/local/bin/openerp-client
    • Install and configure postgresql for openerp
      Follow steps from this link : The links talks about creating role openerp. But I created role 'advaith' as suggested in error message
    • Once postgresql is installed and configured,you can access create database.

Friday, February 8, 2013

Share files using remote desktop

You can share a folder on the client machine so that it's available for read and write on the server to which you do remote desktop.

use the -r option of rdesktop.

rdesktop -r disk:share=/tmp

On remote machine, you can see an new drive with name 'share on '. You can read/write files from the drive.

Wednesday, June 29, 2011

Test HTTPS sites using openssl

We often use telnet to connect to a web server and test it.
But telnet cannot be used when the site is HTTPS (SSL).
openssl command can be used to do this.

For example:
openssl s_client -connect

-quiet can be used if you want the connection to be closed once done. This is useful when you use this within scripts.

Wednesday, December 23, 2009

shell script to download youtube video

Here is a shell script that I wrote to download youtube video (given the video URL)

This is based on youtube-dl (that's in python) tool that is available in ubuntu software repository.

I came to know that across the globe use my tool. The get in touch whenever it stops working.

Thursday, July 16, 2009

How to generate and examine windows core dumps

How to generate and examine windows core dumps

Look at help-->contents (.chm) for detailed reference

You will not be able to see symbols in the dump file if you don't have the symbol database (.pdb) file for your application. The /Z7 option that puts the symbol information in the .obj files did not help.

gotcha : when /Zi option is used and code compiled through ssh session, the com,piler fails. Running the build through windows command prompt works !

I had to compile the product with /Zi (for cl.exe) option that created vc80.pdb file.
Then during linking, use /DEBUG /PDB:/path/to/.pdb . The .pdb file generated in the link step can be used with windbg


you can also extract pdb from an executable that is compiled with /Z7 option (as documented here) . did not work for me though

Thursday, June 18, 2009

gratuitous ARP

what is ARP?

Arp is a protocol that is used to map ip addresses to corresponding MAC addresses. This is referred to as neighbour discovery. (ipv6 uses icmpv6 instead of ARP).
Arp is used by a machine when it wants to send an ip packet to another machine on the same LAN segment (physical LAN).
  • The sender issues a 'Who has' ARP broadcast query. The machine that owns the IP address responds with the corresponding MAC address.
  • The sender uses this MAC address as the destination address in the datalink packet and injects the packet on to the wire.

gratuitous ARP

gratuitous ARP is an ARP reply that is sent when there is no request. And it is a broadcast while normal ARP replies are not broadcast. This results in all machines in the segment updating their ARP cache.

Why is gratuitous ARP important

gratuitous ARP is useful to let other machines on the same subnet know any change in IP address configurations. This is particularly relevant in High Availability scenario where the active machine goes down and the standby machine takes over the new IP. If a gratuitous ARP is not sent here, the gateway(of this subnet) will continue to forward the IP packets to previously active machine.

Generally when an IP address is configured on a machine, the machine's network stack will send a gratuitous ARP.But some OSes(Like Linux) don't do that. This can be overcome on Linux by manually sending a gratuitous arp using arping command's '-A' option as follows.

arping -q -c 3 -A -I

AIX issues a gratuitous ARP when ip is configured on one of it's interfaces using ifconfig.