• Choose a category
• All
• Classic-Fiction

Bookmark Management: SemanticScuttle or Insipid

I had been using Delicious for years, so I had quite the collection of bookmarks and I didn't want to lose them. Luckily, I found that there are a few projects that will fit the Delicious toolset perfectly. SemenaticScuttle ( http://sourceforge.net/projects/semanticscuttle/ ) is an open source project that aims to essentially build your own Delicious type service. This was a bit too much for my needs, but it is still an attractive option. I opted for Insipid ( https://neuro-tech.net/insipid/ ), which is really lightweight and even has Firefox plugins, so you can easily add bookmarks. It is worth noting that both of these tools support tagging importing Delicous bookmarks, so migration to these is a breeze.

Evading Content Filtering: PHProxy

Every now and then, you may come across a website that you can't view at work or at some other location (2600.com - ha! ). This wasn't originally in my needs, but it comes in handy, so I figured I'd throw it in. I also am not responsible for any trouble you get yourself into by using a tool to evade content filtering. By installing PHProxy ( http://phpr0xi.sourceforge.net/ ), you get a mini URL bar and can browse freely by having your web host proxy your browsing to you. It is worth noting that there are a million different ways to do this, but that's for another article and this works well enough in a pinch.

Webserver File Management: PHPfm

PHPfm ( http://phpfm.sourceforge.net/ ) is a great web-based file manager that has come in handy countless times. I consider this an important part of the toolbox. It is invaluable for when you are at a location that does not allow FTP or SFTP access or you need to do nearly anything else file level related.

Security

As for security, I keep all my apps in a separate directory off my main website (i.e., somesite.com/apps) and that is further protected by an .htaccess file password authentication and requires an SSL connection as to prevent snooping while using my tools. If you are shopping for a web host, I would recommend keeping that in mind or seeing if your current web host can provide this level of service. It is entirely possible to run this off of your own server as well; the beauty of all of this software is that it can all run on nearly any platform.

I hope you found this interesting and useful. Just remember: "It’s not paranoia if it’s real."

Shoutout to Jimmy Grizzle for helping me appreciate my own privacy.

* * *

Add a User With Root Privileges Non-Interactively

by Pipefish - pipefish@anonymousspeech.com | 797 words

My intent for this article is to provide several neat methods that can be used when working with *nix systems. I wanted to share this with folks because I think these are very useful. I'll not only tell you how to create a user whose privileges mirror root's, but I'll tell you how to do it in a non-interactive environment (via two methods). To perform these, you already need root/sudo privileges on the system in question. Of course, you must own the system or have permission to muck about with it! Doing illegal things is bad for Karma... probably.

Why?

Why would you want to add a root user if you're already root? There are probably many cases for this, but one I constantly find myself in is during penetration tests. I find myself with a non-interactive root shell on a Linux/UNIX system after taking advantage of some exploit. If I want to be able to install packages to the system (maybe a SOCKS proxy or nmap?), or do anything with much depth, I prefer an interactive environment, one where I can actually see what I'm doing and get the full benefit of TTY; namely stdin, stdout, and stderr. Some companies won't let you change root's password (or don't like it). Also, some distros don't allow the root account to log in via SSH/telnet (without changing conf files). So how do I get into the system via ssh or telnet if I can't change