krypted.com

Tiny Deathstars of Foulness

Awhile back, I wrote a tool to rewrap ipa files that I called ipasign: https://github.com/krypted/ipasign/blob/master/ipasign.py. But I wanted to do something similar for the Mac, and specifically have it run in Linux. So looking at what you’d need to be able to do, let’s start with viewing the contents of a flattened Apple package. This command will show you the files installed as a part of the Node JS package. Why did I choose that package? It was sitting on my desktop…

pkgutil --files org.nodejs.node.pkg

Now, this logic is available because you’re running pkgutil on a Mac. But that can’t run in Linux. So what would you do if you wanted to complete that same operation? If the package hasn’t been flattened then you can simply traverse the files in the package. If it has been flattened (and it must be in order to properly be signed) then that can’t work. So to see the files installed from a Linux system will require a tad bit more work. First, we’ll create a directly to extract our package into:

mkdir node-v8.11.1.pkg

Then cd into that directory and use xar to extract the package:

xar -xf /Users/charles.edge/Downloads/node-v8.11.1.pkg

In there, you’ll see three files: Bom, PackageInfo, and Payload. The contents, which mimic the –files option to some extent are found by first changing the name of payload to Payload.gz:

mv ./node-v8.11.1.pkg/Payload ./node-v8.11.1.pkg/Payload.gz

Then unzipping it:

gunzip Payload

And viewing the contents:

cpio -iv < Payload

Or throw all that into a one-liner:

cpio -o | gzip -c > Payload

You can also use bomutils to traverse and make BOMs: http://bomutils.dyndns.org/tutorial.html

You can also see some metadata about how the package will lay down by catting the distribution file:

<?xml version=”1.0″ encoding=”utf-8″ standalone=”yes”?>
<installer-gui-script minSpecVersion=”1″>
<title>Node.js</title>
<welcome file=”welcome.html”/>
<conclusion file=”conclusion.html”/>
<background alignment=”topleft” file=”osx_installer_logo.png”/>
<pkg-ref id=”org.nodejs.node.pkg” auth=”root”>
<bundle-version/>
</pkg-ref>
<pkg-ref id=”org.nodejs.npm.pkg” auth=”root”>
<bundle-version/>
</pkg-ref>
<options customize=”allow” require-scripts=”false”/>
<license file=”license.rtf”/>
<choices-outline>
<line choice=”org.nodejs.node.pkg”/>
<line choice=”org.nodejs.npm.pkg”/>
</choices-outline>
<choice id=”org.nodejs.node.pkg” visible=”true” title=”Node.js v8.11.1″>
<pkg-ref id=”org.nodejs.node.pkg”/>
</choice>
<pkg-ref id=”org.nodejs.node.pkg” version=”v8.11.1″ onConclusion=”none” installKBytes=”37377″>#node-v8.11.1.pkg</pkg-ref>
<choice id=”org.nodejs.npm.pkg” visible=”true” title=”npm v5.6.0″>
<pkg-ref id=”org.nodejs.npm.pkg”/>
</choice>
<pkg-ref id=”org.nodejs.npm.pkg” version=”v5.6.0″ onConclusion=”none” installKBytes=”20113″>#npm-v5.6.0.pkg</pkg-ref>

If you want to make a package, check out this gist: https://gist.github.com/SchizoDuckie/2a1a1cc71284e6463b9a.

Next up, you frequently want to check the signature of a package. So to see the signature, I can simply use: pkgutil if on a Mac:

pkgutil --check-signature org.nodejs.node.pkg

Or I can use codesign:

codesign -v node-v8.11.1.pkg

The beauty of codesign is that it’s been open sourced by Apple. The bummer about codesign is that it uses multiple CoreFoundation frameworks:

otool -L /usr/bin/codesign

/usr/bin/codesign:

/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation (compatibility version 150.0.0, current version 1452.23.0)

/System/Library/Frameworks/Security.framework/Versions/A/Security (compatibility version 1.0.0, current version 58286.51.6)

/usr/lib/libc++.1.dylib (compatibility version 1.0.0, current version 400.9.0)

/usr/lib/libSystem.B.dylib (compatibility version 1.0.0, current version 1252.50.4)

April 24th, 2018

Posted In: Mac OS X, Mac Security, Mass Deployment

Tags: , , , , , ,

There are two useful commands when scripting operations that involve filenames and paths. The first of these is dirname: dirname can be used to return the directory portion of a path. The second is basename: basename can be used to output the file name portion of a path. For our first example, let’s say that we have an output of /users/krypted, which we know to be the original short name of my user. To just see just that username, we could use basename to call it: basename /users/charlesedge Basename can also be used to trim output. For example, let’s say there was a document called myresume.pdf in my home folder and we wanted to grab that without the file extension. We could run basename using the -s option, followed by the string at the end that we do not want to see to output of (the file extension: basename -s .pdf /users/charlesedge/myresume.pdf The dirname command is even more basic. It outputs the directory portion of the file’s path. For example, based on the same string, the following would tell you what directory the user is in: dirname /users/charlesedge A great example of when this gets more useful is keying off of currently active data. For example, if we’re scripting a make operation, we can use the which command to get an output that just contains the path to the make binary: which make We can then wrap that for expansion and grab just the place that the active make binary is stored: dirname `which make` This allows us to key other operations off the path of an object. A couple of notable example of this is home or homeDirectory paths and then breaking up data coming into a script via a positional parameter (e.g. $1). You can also use variables as well. Let’s say that homedir=/users/krypted ; dirname $homedir Finally, keep in mind that dirname is relative, so if you’re calling it for ~/ then you’ll see the output at that relative path.

April 5th, 2017

Posted In: Mac OS X, Mac OS X Server, Mac Security, Mass Deployment

Tags: , , , ,

So I comment a lot of lines out in my /etc/hosts file. This usually means that I end up with a lot of cruft at the top of my file. And while I write comments into files and scripts here and there, I don’t always want to see them. So I can grep them out by piping the output of the file to grep as follows: cat /etc/hosts | grep -v "^#" You could also do the same, eliminating all lines that start with a “v” instead: cat !$ | grep -v "^v"

February 13th, 2017

Posted In: Mac OS X, Unix

Tags: , , , , , ,

Installing MySQL on Linux is pretty easy. You can use yum (or your favorite package manager for most installs. Here, we’ll pull a list of packages from yum using repolist: yum repolist enabled | grep "mysql.*-community.*" You’ll then get a list of community edition MySQL packages that are available. Then let’s say you’re installing on RHEL 6, we’ll pull a string from the repolist of an appropriate package and then do a localinstall of it: sudo yum localinstall mysql57-community-release-el6-157.noarch.rpm We could also grab mysql and all the other stuffs we want to have with it: yum install mysql mysql-server mysql-libs mysql-server And then start it up: service mysql start

March 3rd, 2016

Posted In: SQL

Tags: , ,

The first step to reset a password is to stop the MySQL daemon. This will cause mysqld to accept no new connections and terminate existing connections. But this can all be done in a matter of seconds, usually. To stop MySQL on Mac, use the System Preference pane or launchctl. To stop on Linux, use init.d: sudo /etc/init.d/mysql stop Or if it’s mysqld instead: sudo /etc/init.d/mysqld stop Then start the SQL daemon using the –skip-grant-tables option: sudo mysqld_safe --skip-grant-tables & Next, login to mysql, which won’t require a password running in this mode: mysql -u root And use the UPDATE USER statement to set a new password: UPDATE USER set password=PASSWORD("mysecretpassword") WHERE USER='root'; Then flush the privileges: flush privileges; Viola, start things back up normally and you’re off to the races.

February 22nd, 2016

Posted In: SQL

Tags: , , , , , ,

You can easily accept user provided input in bash by using the read command in bash for Linux and OS X. Here, we’ll echo out a choice to a user in a script, read the output into a variable called yn and then echo out the response: echo "Please enter y or n: " read yn echo "You chose wrong: $yn" Here, we used echo to simply write out what was chosen in the input. But we could also take this a little further and leverage a case statement to then run an action based on the choice selected: read -p "Should the file extension change warning be disabled (y/n)? " yn case ${yn:0:1} in y|Y ) defaults write com.apple.finder FXEnableExtensionChangeWarning -bool false echo "The warning has been disabled" ;; * ) defaults write com.apple.finder FXEnableExtensionChangeWarning -bool true echo "The warning has been enabled" ;; esac The options when scripting are pretty much infinite and chances are, if you’ve written any scripts, you’ll know of a better way to do this than how I’ve always done it. One of the great things about scripting is the fact that there’s always a better way. So feel free to throw any of your examples into the comments!

July 28th, 2015

Posted In: Mac OS X, Mac OS X Server, Mac Security, Ubuntu, Unix

Tags: , , , , , , , ,

The cd command has lots of fun little shortcuts. One I use frequently is the -. The ~ always takes you to your home directory, but using cd – will take you to the last directory you were in. For example, if you do the following on a Mac: cd ~ Then you do .. (which is a shortcut for the directory above the one you’re in): cd .. Then pwd will show that you’re in /Users. But, if you cd to – again: cd - Now you’re back in your home folder. The – expands to OLDPWD. Quick tip. Nothing more to see here.

July 20th, 2015

Posted In: Mac OS X, Ubuntu, Unix

Tags: , , , , ,

The mkdir command is used to create directories. Sometimes, in testing, you need to have a lot of directories. So, you can use the following command to create 10,000 5 digit directories, named 00001 to 10000: mkdir $(printf '%05d\n' {1..10000})

July 13th, 2015

Posted In: Mac OS X, Mac OS X Server, Mac Security, Ubuntu, Unix

Tags: , , , ,

The following command will remove all empty lines from a file called badcommand.sh: sed '/^$/d' badcommand.sh

July 12th, 2015

Posted In: Mac OS X, Mac OS X Server, Ubuntu

Tags: , , , ,

The wc command is used to count words, characters and lines. Here, we’ll run it a few different ways. -l shows the number of lines in a file. For example, in my home directory, I can use it to see how many lines are in my .gitconfig file: wc -l .gitconfig This would output something like the following: 11 .gitconfig Or count the number of characters with -c: wc -c .gitconfig Or check the number of words: wc -w .gitconfig You can also run it against multiple files. For example, here I’ll check the number of lines in both my .gitconfig file and my .gitignore_global files: wc -l .gitconfig .gitignore_global Let’s say I have a list of numbers and I want to take an average of them. I can use this to quickly figure out how many numbers I have (and so will divide by) before tallying them up.

July 4th, 2015

Posted In: Mac OS X, Ubuntu, Unix

Tags: , , , , , , ,

Next Page »