Category Archives: Hacks

Hacks: Modifications to enhance functionality; nothing to do with real-world exploit testing. Learn the difference.

LDAP Alfresco (global properties)
Date Created: December 8, 2015  Date Modified: January 17, 2016

I found this useful so I thought I’d post it

authentication.chain=alfrescoNtlm1:alfrescoNtlm,ldap1:ldap

# This flag enables use of this LDAP subsystem for authentication. It may be
# that this subsytem should only be used for synchronization, in which case
# this flag should be set to false.
ldap.authentication.active=true

#
# This properties file brings together the common options for LDAP authentication rather than editing the bean definitions
#
ldap.authentication.allowGuestLogin=true

# How to map the user id entered by the user to that passed through to LDAP
ldap.authentication.userNameFormat=uid=%s,ou=users,dc=armundia,dc=com

# The LDAP context factory to use
ldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory

# The URL to connect to the LDAP server
ldap.authentication.java.naming.provider.url=ldap://ldap.....com:389

# The authentication mechanism to use for password validation
ldap.authentication.java.naming.security.authentication=simple

# Escape commas entered by the user at bind time
# Useful when using simple authentication and the CN is part of the DN and contains commas
ldap.authentication.escapeCommasInBind=false

# Escape commas entered by the user when setting the authenticated user
# Useful when using simple authentication and the CN is part of the DN and contains commas, and the escaped \, is
# pulled in as part of an LDAP sync

# If this option is set to true it will break the default home folder provider as space names can not contain \
ldap.authentication.escapeCommasInUid=false

# Comma separated list of user names who should be considered administrators by default
ldap.authentication.defaultAdministratorUserNames=....

# This flag enables use of this LDAP subsystem for user and group
# synchronization. It may be that this subsytem should only be used for
# authentication, in which case this flag should be set to false.
ldap.synchronization.active=true

# The authentication mechanism to use for synchronization
ldap.synchronization.java.naming.security.authentication=simple

# The default principal to use (only used for LDAP sync)
ldap.synchronization.java.naming.security.principal=cn\=ldap,dc\=armundia,dc\=com

# The password for the default principal (only used for LDAP sync)
ldap.synchronization.java.naming.security.credentials=.....

# If positive, this property indicates that RFC 2696 paged results should be
# used to split query results into batches of the specified size. This
# overcomes any size limits imposed by the LDAP server.
ldap.synchronization.queryBatchSize=0

# If positive, this property indicates that range retrieval should be used to fetch
# multi-valued attributes (such as member) in batches of the specified size.
# Overcomes any size limits imposed by Active Directory.
ldap.synchronization.attributeBatchSize=0

# The query to select all objects that represent the groups to import.
ldap.synchronization.groupQuery=(objectclass\=groupOfNames)

# The query to select objects that represent the groups to import that have changed since a certain time.
ldap.synchronization.groupDifferentialQuery=(&(objectclass\=groupOfNames)(!(modifyTimestamp<\={0}))) # The query to select all objects that represent the users to import. ldap.synchronization.personQuery=(objectclass\=inetOrgPerson) # The query to select objects that represent the users to import that have changed since a certain time. ldap.synchronization.personDifferentialQuery=(&(objectclass\=inetOrgPerson)(!(modifyTimestamp<\={0}))) # The group search base restricts the LDAP group query to a sub section of tree on the LDAP server. ldap.synchronization.groupSearchBase=dc\=roles,dc\=alfresco,dc\=armundia,dc\=com # The user search base restricts the LDAP user query to a sub section of tree on the LDAP server. ldap.synchronization.userSearchBase=dc\=users,dc\=armundia,dc\=com # The name of the operational attribute recording the last update time for a group or user. ldap.synchronization.modifyTimestampAttributeName=modifyTimestamp # The timestamp format. Unfortunately, this varies between directory servers. ldap.synchronization.timestampFormat=yyyyMMddHHmmss'Z' # The attribute name on people objects found in LDAP to use as the uid in Alfresco ldap.synchronization.userIdAttributeName=uid # The attribute on person objects in LDAP to map to the first name property in Alfresco ldap.synchronization.userFirstNameAttributeName=givenName # The attribute on person objects in LDAP to map to the last name property in Alfresco ldap.synchronization.userLastNameAttributeName=sn # The attribute on person objects in LDAP to map to the email property in Alfresco ldap.synchronization.userEmailAttributeName=mail # The attribute on person objects in LDAP to map to the organizational id property in Alfresco ldap.synchronization.userOrganizationalIdAttributeName=o # The default home folder provider to use for people created via LDAP import ldap.synchronization.defaultHomeFolderProvider=largeHomeFolderProvider # The attribute on LDAP group objects to map to the authority name property in Alfresco ldap.synchronization.groupIdAttributeName=cn # The attribute on LDAP group objects to map to the authority display name property in Alfresco ldap.synchronization.groupDisplayNameAttributeName=description # The group type in LDAP ldap.synchronization.groupType=groupOfNames # The person type in LDAP ldap.synchronization.personType=inetOrgPerson # The attribute in LDAP on group objects that defines the DN for its members ldap.synchronization.groupMemberAttributeName=member # If true progress estimation is enabled. When enabled, the user query has to be run twice in order to count entries. ldap.synchronization.enableProgressEstimation=true # Requests timeout, in miliseconds, use 0 for none (default) ldap.authentication.java.naming.read.timeout=0

Source:
https://forums.alfresco.com/forum/installation-upgrades-configuration-integration/authentication-ldap-sso/ldap-authentication-7

[MAP] Digital Attack Map
Date Created: October 30, 2013  Date Modified: October 30, 2013

Someone just shared this with me this morning so I thought I’d put it here so I can come back to it. The map represents DDoS (Distributed Denial of Service) attacls from data gathered by Google…

This rant was posted in Hacks, Internet, Maps, New Intelligence, Security, Web on by .

Open Source OBD Information
Date Created: May 12, 2013  Date Modified: May 13, 2013

Its not hard to tell that I’m a bit of a car buff, add to that my love of tech and you get this headache related to the on board diagnosis port (“ODB” or “ODB-II”, the second generation of diagnosis ports). Mechanics can invest in the expensive tools required to “communicate” with the ECU as an operational expense, however the general automotive enthusiast can’t really justify that cost–especially if you own vehicles from different car manufacturers.

There are cheap consumer level tools to perform some of the OBD functions, tho they have their limitations, such as working only with certain marques, or having no upgrade-ability–An open source solution would be better. In an ideal world there would be a huge open source community deving tools we can all use to aid us in automotive maintenance, but there are only a handful of dedicated individuals working on these projects.

This post is to put together some of the existing online resources related to OBD, it’s by no means an authoritative source on how to use, make or develop these tools.

FreeDiag,

From their website: “Freediag is a suite of vehicle diagnostic protocols and an OBD II (mostly) compliant ScanTool, currently for Linux platforms. Multiple graphical user interfaces for scantool are under development – but right now, you have to use a command-line interface to scantool.”. Currently not available on windows.
Homepage: http://freediag.sourceforge.net/
Project: http://sourceforge.net/projects/freediag/

openOBD: OBD-II Scan Tool

OpenOBD is no longer in active development, but it does have a windows installer for those users not on a linux platform. According to the projects wiki it only supports the ELM327 device.
Homepage: https://sourceforge.net/apps/mediawiki/openobd/index.php?title=OpenOBD
Project: https://sourceforge.net/projects/openobd/

OBDToolbox

OBDToolbox is in early development so its features are a bit limited. Windows installer available.
Homepage: http://obdtoolbox.sourceforge.net/
Project: https://sourceforge.net/projects/obdtoolbox/

This is by no means an entire directory of OBD resources, just some software I am currently playing with, hopefully I can put together some more detailed information soon.

This rant was posted in Cars, Free Software, Hacks, Mod, Open Source, Software, Tools on by .

[REPORT] Crisis and Escalation in Cyberspace
Date Created: January 10, 2013  Date Modified: January 10, 2013

RAND released this report Crisis and Escalation in Cyberspace, which focuses on state sponsored cyberoperations…

In the past 20 years, there have been plenty of instances of cybercrime and cyberespionage. But there have been only three and a half cyberattacks that could even conceivably rise to the level of a cyberwar: the DDOS attacks against Estonia in 2007, a similar attack on Georgia in 2008, the Stuxnet worm (2009–2010), and perhaps a cyberattack on Syria radar prefatory to an Israeli air strike on a supposed nuclear reactor in 2007. 20 Of these, all but one (Stuxnet) was unaccompanied by violence, which tends to create its own tensions. In part for this reason, none of these engendered a cybercrisis of the sort discussed here. As for generalizations about computer intrusion, they are based on reported cases; they exclude unreported proprietary or classified material.http://www.rand.org/content/dam/rand/pubs/monographs/2012/RAND_MG1215.pdf

I feel that they are ignoring a few other incidents, but it is RAND so they would be unlikley to bring up Fukishima.

The first instinct of the policymakers was to get ahead of the crisis by taking ownership of it; this they did by constantly pressing for new powers. Extraordinary powers, of course, require extraordinary circumstances to justify…

False flag much??

I’ll wait for it to come out on eBook in the past
Date Created: October 7, 2012  Date Modified: October 7, 2012

The Idiot BoxSome folk are still end-users of the 20thC technology known as television, I dont hold too much animosity to those users as we cant always be connected to an IP. Anyway, those folk may have seen a program Underground on one of the networks last night, about a young software developer and activist known as Julian Assange.

Not being one to make use of the broadcast protocol, I will wait for the story to come out on eBook in the past.

From the Forward (Pastward?)

By releasing this book for free on the Net, I’m hoping more people
will not only enjoy the story of how the international computer
underground rose to power, but also make the journey into the minds
of hackers involved. When I first began sketching out the book’s
structure, I decided to go with depth. I wanted the reader to
think, ’NOW I understand, because I too was there.’ I hope those
words will enter your thoughts as you read this electronic book.

http://suelette.home.xs4all.nl/underground/Underground.pdf
Copyright © 1997, 2001 Suelette Dreyfus & Julian Assange

I’m intending to spend a good deal of the day researching Australian Defamation laws involving politicians… because I dont have enough experience in that already.

[VIDEO] Assange speech at UN
Date Created: September 26, 2012  Date Modified: September 26, 2012

Just came across this today, I have linked both the Wired article and the RT article if you are intersted in further analysis.

From Wired:

Assange was speaking as part of a panel that was supposed to focus on the legal and ethical issues around diplomatic asylum, but instead veered off for a lengthy discussion about U.S. President Barack Obama’s speech at the U.N. this week, which he called “fine words” that needed to be followed up with “fine deeds.”

“It is time for Obama to do the right thing and join the forces of change, not in fine words, but in fine deeds,” he said.

Watch the speech below:

A sad week for freedom(s)…
Date Created: August 16, 2012  Date Modified: August 20, 2012

Earlier today I noticed a tweet from Wikileaks press mentioning a helicopter above the Ecuadorian Embassy. I had bee at uni all morning and had been in communication with business stakeholders most afternoon (tho I DID get time to do some work on the car). I had not checked Google Reader, Heard a television, smelled a newspaper of digested any form of media other than the multitude of billboard advertising decorating the bus shelters along South Street. This tweet was the first I had heard of what was part of one of the worst weeks for our online freedoms. I was aware earlier in the week of the governments willingness to push through parliament the Cybercrime Legislation Amendment Bill 2011 on Wednesday (turns out I had the date incorrect, its Wednesday the 22nd). But then to have one of, not only Australia’s, but the worlds pioneering hacktivists this was surely one sad week for online freedom.

The implications extend beyond the protocol, IRL will suffer too. The implications of the UK revoking the Ecuadorian Embassy’s status, not only would be seen as an act of war by the Ecuadorians; As their Foreign Minister was quoted on the BBC as saying:

“If the measure announced in the British official communication is enacted, it will be interpreted by Ecuador as an unacceptable, unfriendly and hostile act and as an attempt against our sovereignty. It would force us to respond.

But also this action, the evoking of the Diplomatic and Consular Premises Act 1987 UK, would in effect undermining the authority of protection offered to all diplomatic envoys, regardless of host nation or nation of origin. I would like to follow this story more but am a bit time precious tonight, I hope I dont start consuming media again on the weekend and find out that–EVERYTHING IS FINE, PLEASE CARRY ON WITH YOUR DAILY ROUTINE.

UPDATE: the following url is to the wikileaks insurance file, all 64Gb of it!:
https://thepiratebay.se/torrent/7050943/WikiLeaks_Insurance_release_02-22-2012. I will be following this story on twitter and be re-tweeting support messages for Assange (While trying to fit some required reading form my Law workshop tomorrow.)

8-Bit Maps [LINK]
Date Created: April 9, 2012  Date Modified: May 2, 2012

Google released this as their 2012 April Fool’s joke, I know Im late to publish it but I keep refering back to it and so I want a quick place to find it (I should have tweeted it last week!).

http://maps.google.com/?t=8

This rant was posted in Google, Hacks, Links, Maps, Web on by .

Finally Its Released! (no, not Skyrim)
Date Created: November 20, 2011  Date Modified: May 2, 2012

I have to admit, the last week my major focus has been Skyrim–tho Im not here to mention that!. No the other big release recently (and its not Saints Row 3 or MW3 either!) was Android 4.0, and my reaction is a bit mixed.

Not all Android compatable devices can take this upgrade OOTB, so Im carefully looking into what can take it and what wont. I doubt I will be utting Android on my Sony E-Reader, but Im itching to get an update on my phone–even if I have to h@x the core (to use a Drupal colloquialism)..

So what will this new Android offer me over the last version, well for me the biggest letdown with the Android OS was multitasking. The new version aims to rectify this, according to Android’s own site:

Multitasking is a key strength of Android and it’s made even easier and more visual on Android 4.0. The Recent Apps button lets you jump instantly from one task to another using the list in the System Bar. The list pops up to show thumbnail images of apps used recently — tapping a thumbnail switches to the app.

http://www.android.com/about/ice-cream-sandwich/

So there is the claim that it will multi-task better, however you just cant go by what the developers managers marketing assistants say so I will be eagerly awaiting any improvement with the Android OS.

Hacked WP? for some reason this was saved as a draft?
Date Created: September 10, 2011  Date Modified: September 10, 2011

“Πάλιν τὸ παραπέτασμα τῆς εἰς τὰ ἅγια τῶν ἁγίων παρόδου, κίονες τέτταρες αὐτόθι, ἁγίας μήνυμα τετράδος διαθηκῶν παλαιῶν, ἀτὰρ καὶ τὸ τετράγραμμον ὄνομα τὸ μυστικόν, ὃ περιέκειντο οἷς μόνοις τὸ ἄδυτον βάσιμον ἦν*λέγεται δὲ Ἰαουε, ὃ μεθερμηνεύεται ὁ ὢν καὶ ὁ ἐσόμενος. Καὶ μὴν καὶ καθʼ Ἕλληνας θεὸς τὸ ὄνομα τετράδα περιέχει γραμμάτων.”

google translate tells me the above reads:

“Again the veil of the Holy of Holies Lane, columns tettares ibid, holy message quartet wills old, ATAPI and tetragrammon name secret, the periekeinto ois monois sanctuary merits not * said he Iaoue the translates is and is esomenos . And do not and during the Greek god name contains four letters. “

I didnt notice the draft prior to migrating to the new domain, but it could have been imorted from the blogger accounts I merged into here… I dont have time nor inclination to investigate. Surviving a new city is my prority

This rant was posted in CMS, Hacks, Wordpress on by .

I dont belive in cheating…
Date Created: April 11, 2009  Date Modified: April 11, 2009

…but Im not against those that feel they need a bit of a hand–really if your stuck on a level then yoour not going to experience the whole game, so If you feel you need tocheat–in whatever form it may be then, so be it.

that said, I found this site that has save games for the PS3, they also have some other more interesting downloads if your feeling a bit more adventurous.

check out there download section to see what they have to offer.

This rant was posted in Hacks, PS3, PS3 hacks on by .