HOAB - History of a bug

Fast browsing and DNS

Rédigé par gorki 06 février 2023 Aucun commentaire

Problem :

I was surfing on some sites blocked by my DNS provider (no, not yggtorrent. Absolutely not).

So Firefox provide DNS over HTTP with NextDNS, sometimes slower than my provider DNS but well, not so bad.

Then for some reason, I tried to host a local DNS resolver. Well, it WAS slow.

Solution :

Unbound is DNS resolver :

easy to install
cache request locally, so save a few ms for a lot of requests !
and support DNS over https, etc…

Setup is quite simple thanks to internet knowledge :

Installation :
(https://memo-linux.com/debian-installer-le-serveur-dns-unbound/)

apt install unbound
cd /var/lib/unbound/ 
wget ftp://ftp.internic.net/domain/named.cache
mv named.cache root.hints && chown unbound:unbound root.hints
mv /etc/unbound/ 
unbound.conf.d/root-auto-trust-anchor-file.conf root-auto-trust-anchor-file.conf.original
mkdir /var/log/unbound
chown unbound: /var/log/unbound
# modify apparmor (see at the end)
systemctl restart unbound

My configuration file :

server:
statistics-interval: 0
extended-statistics: yes
statistics-cumulative: yes
verbosity: 3
interface: 127.0.0.1
port: 53
do-ip4: yes
do-ip6: yes
do-udp: yes
do-tcp: yes
access-control: 127.0.0.0/8 allow ## j'autorise mon serveur
access-control: 0.0.0.0/0 refuse ## j'interdis tout le reste de         l'Internet !
auto-trust-anchor-file: "/var/lib/unbound/root.key"
root-hints: "/var/lib/unbound/root.hints"
hide-identity: yes
hide-version: yes
harden-glue: yes
harden-dnssec-stripped: yes
use-caps-for-id: yes
cache-min-ttl: 3600
cache-max-ttl: 86400
prefetch: yes
num-threads: 6
msg-cache-slabs: 16
rrset-cache-slabs: 16
infra-cache-slabs: 16
key-cache-slabs: 16
rrset-cache-size: 256m
msg-cache-size: 128m
so-rcvbuf: 1m
unwanted-reply-threshold: 10000
do-not-query-localhost: yes
val-clean-additional: yes
#use-syslog: yes
#val-log-level:2 (0: default, nothing, 2: full)
logfile: /var/log/unbound/unbound.log
harden-dnssec-stripped: yes
cache-min-ttl: 3600
cache-max-ttl: 86400
prefetch: yes
prefetch-key: yes

And an additional apparmor configuration to be able to write in a dedicated file :
(https://b4d.sablun.org/blog/2018-09-27-when-unbound-wont-write-logs/)

vim /etc/apparmor.d/local/usr.sbin.unbound

# Site-specific additions and overrides for usr.sbin.unbound.
# For more details, please see /etc/apparmor.d/local/README.
/var/log/unbound/unbound.log rw,

Lire la suite de Fast browsing and DNS

Wordpress API refuse python rest request

Rédigé par gorki 27 janvier 2023 Aucun commentaire

Problem :

Simple test :

response=requests.get('https://wordpress.site/wp-json/wc/v3/products/attributes',headers=hdr,    
						auth=requests.auth.HTTPBasicAuth('login', 'password'))

But for any reason I received a 403 command.

Same command with curl works :

curl -vvvv -u login:password https://wordpress.site/wp-json/wc/v3/products/attributes

Well…

Solution :

Simple, but don't know why.

Default user agent for Python :

User-Agent: python-requests/2.28.1

Default user agent for curl

user-agent: curl/7.86.0

Well it works with (add a space before the /) :

User-Agent: python-requests /2.28.1

Still a mystery. Not from python side, maybe from planethoster.com side or wordpress ? One day, I will have time to go further…

Lire la suite de Wordpress API refuse python rest request

Bash and the empty optional arguments on command line

Rédigé par gorki 17 janvier 2023 Aucun commentaire

Problem :

Well, I know that having named parameter is better “-file=” etc..

But for a simple task, I wanted to give :

./mycommand arg1 arg2 ‘’ ‘’ arg5

And pass those parameters to a function…

Solution :

Not so lost in internet but easy to do at the end !

So basically, as simple as :

# Solution OK : use arrau
all_args=("$@");
myfunction "${all_args[@]}"

# Loop over parameters
for i in "${@}"; do
   echo "$i"
done
for i in "${all_args[@]}"; do
   echo "$i"
done

From :

https://linuxcent.com/bash-how-to-pass-array-to-function/

#!/bin/bash

all_args=("$@");

myfunction() {
 arg1=$1
 arg2=$2
 arg3=${3:-'default3'}
 arg4=${4:-'default4'}
 arg5=${5:-'default5'}

 echo "arg1=$arg1"
 echo "arg2=$arg2"
 echo "arg3=$arg3"
 echo "arg4=$arg4"
 echo "arg5=$arg5"
}

echo "--------------- args hard-codede"
myfunction 1 2 "" "" yes
echo "--------------- explode array with quote"
myfunction $(printf ""%s" " "${all_args[@]}")
echo "--------------- working just expand array"
myfunction "${all_args[@]}"

With the following command line :

./test.sh 1 2 "" "" yes
--------------- args hard-codede
arg1=1
arg2=2
arg3=default3
arg4=default4
arg5=yes
--------------- explode array with quote
arg1="1"
arg2="2"
arg3=""
arg4=""
arg5="yes"
--------------- working just expand array
arg1=1
arg2=2
arg3=default3
arg4=default4
arg5=yes

Introscope intrumentation static / final method

Rédigé par gorki 24 octobre 2022 Aucun commentaire

Problem :

It seems that I have no metric on one particular method while it works for all the others.

This is method is :

public final boolean myMethod(myArgs)

Does the fact that this method is final is a problem for bytecode instrumentation of Introscope ?

Solution :

No. It works :) As usual. My problem is somewhere else.

3 classes :

Parent

package com.test.caapm.finalmethodtest;

public class ParentClass {
    public void finalMethod() {
        System.out.println("parentFinalMethod");
    }
}

Middle

package com.test.caapm.finalmethodtest;

public class TestFinalMethodAgent extends ParentClass {

    public static void staticMethod() {
        System.out.println("staticMethod");
    }

    public final static void finalStaticMethod() {
        System.out.println("finalStaticMethod");
    }

    public final void finalMethod() {
        System.out.println("finalMethod");
    }

    public static void main(String... args) {
        TestFinalMethodAgent test = new TestFinalMethodAgent();

        while(true) {
            test.finalMethod();
            TestFinalMethodAgent.staticMethod();
            TestFinalMethodAgent.finalStaticMethod();
            try {
                Thread.sleep(1000);
            } catch (InterruptedException e) {
                throw new RuntimeException(e);
            }
        }
    }

}

Child

package com.test.caapm.finalmethodtest;

public class ChildClass extends TestFinalMethodAgent{
}

Pbd

SetFlag: TestFinalMethod
TurnOn: TestFinalMethod

IdentifyDeepInheritedAs: com.test.caapm.finalmethodtest.ParentClass TestFinalMethod

TraceAllMethodsIfFlagged: TestFinalMethod PerIntervalCounter "{classname} - {method}"

OVH mutualisé et owncloud

Rédigé par gorki 03 octobre 2022 Aucun commentaire

Le problème :

J'essaie d'utiliser Owncloud avec un OVH mutualisé.

J'ai déplacé des fichiers dans cette arborescence, et il faut maintenant faire de la ligne de commande… qui n'est pas disponible en OVH mutualisé.

Solution :

Ligne de commande à exécuter :

./occ files:scan <mon chemin> <mon user>

Quelques difficultés :

Accès à la ligne de commande, on utilise un shell PHP, par exemple P0wnyShell
Trouver le binaire occ : il est à la racine :)
Droit d'exécution sur occ : chmod 744 occ
Identifier l'exécutable PHP : ps -aef | grep php

2617  9693  0 09:44 ?        00:00:00 php7.4 -c /usr/local/php7.4/etc/php-cgi.ini -d display_errors=0 -d session.force_path=1 -- p0wnyshell.php

Modifier le fichier occ pour mettre le bon chemin : #!/usr/bin/env /usr/local/php7.4/bin/php
Executer :

./occ files:scan <mon chemin> <mon user>

Lire la suite de OVH mutualisé et owncloud

Problem :

Solution :

Installation :(https://memo-linux.com/debian-installer-le-serveur-dns-unbound/)

My configuration file :

Problem :

Solution :

Problem :

Solution :

Problem :

Solution :

Parent

Middle

Child

Pbd

Le problème :

Solution :

Installation :
(https://memo-linux.com/debian-installer-le-serveur-dns-unbound/)