hackerbrother

Learn Penetration Testing And Ethical Hacking Online.

facebook

  • Facebook
  • Popular Posts

     we'll look at a few high-level Python Map function: Reduce, Filter, Sorted, .


    Map Function

    Definition

    map()The function receives two parameters, one is the function and the other is Iterable to map apply the incoming function to each element of the sequence in turn and use the result as a new Iterable return.

    Example
    >>> def  f (x) : 
    ... return x*x 
    ... 
    >>> r = map(f, [ 1 , 2 , 3 , 4 , 5 , 6 , 7 , 8 , 9 , 10 ]) 
    >>> r 
    <map object at 0x0000020AAF4C1668 > 
    >>> list(r) 
    [ 1 , 4 , 9 , 16 , 25 , 36 , 49 , 64, 81 , 100 ] 
    >>> 
    >>> list(map(str, [ 1 , 2 , 3 , 4 , 5 , 6 , 7 , 8 , 8 , 9 , 10 ])) 
    [ '1' , '2' , ' 3' , '4' , '5' , '6' , '7' , '8' , '9' , '10' ]

    Reduce Function

    Definition

    reduce()The function is map()similar to that, receiving two parameters, one is a function and one is Iterable. The difference is that reduce()a function is applied to a sequence [x1, x2, x3, ...], and this function must receive two parameters, reduce()and continue to accumulate the result and the next element of the sequence, as follows:

    reduce(f, [x1, x2, x3, x4]) = f(f(f(x1, x2), x3), x4)

    Example

    >>> from functools import reduce 
    >>> def  fn (x, y) : 
    ... return x* 10 + y 
    ... 
    >>> reduce(fn, [ 1 , 3 , 5 , 7 , 9 ]) 
    13579
    # With map(), we can write a function that converts str to int 
    >>> def  char2nums (s) : 
    ... digits = { '0' : 0 , '1' : 1 , '2' : 2 , '3' : 3 , '4' : 4 , '5' : 5 , '6' : 6 , '7' : 7 , '8' : 8 , '9' : 9 } 
    ... return digits[s] 
    ...
    >>> reduce(fn, map(char 2 nums, '1234' )) 
    1234
    Using lambda expressions can further simplify:

    > from functools import reduce 
    >> 
    DIGITS = { '0' : 0 , '1' : 1 , '2' : 2 , '3' : 3 , '4' : 4 , '5' : 5 , '6' : . 6 , '. 7' : . 7 , '. 8' : . 8 , '. 9' : . 9 } 

    > DEF  char2num (S) :
    >  return the DIGITS [S] 

    > DEF  str2int (S) :
     >   return the reduce ( the lambda X, Y: X * 10 + Y, Map (char2num, S)) 
    >

    Exercise

    Use map and reduce write a str 2 float function to '123.456'convert a string to a floating point number 123.456:

    def  f (dig) :
         dict = { '0' : 0 , '1' : 1 , '2' : 2 , '3' : 3 , '4' : 4 , '5' : 5 , '6' : 6 , '7' : 7 , '8' : 8 , '9' : 9 } return dict[dig]
        
    def  g (x, y) : return x* 10 +y
        
    def  h (a, b) : return (a/ 10 +b)
        
    def  str2float (s) : return reduce(g, map(f,s[:s.find( '.' )])) + reduce(h, map(f, s[ -1 :-(len(s)- s.find( '.' )): -1 ]))/ 10
        

    Filter Function

    Definition

    And map()the like, filter()also receives a function and a sequence. And map()the difference is, filter()the function passed successively to each element, based on the returned value True is False decided to keep or discard the element. filter()The function returns one Iterator, which is a lazy sequence.

    Example
    In a list, delete even numbers and keep only odd numbers:

    def  is_odd (n) : return n% 2
        
    list(filter(is_odd, [ 1 , 2 , 3 , 4 , 5 , 6 , 7 ]))
    Delete the empty string in a sequence:

    def  not_empty (s) : return s and s.strip()
        
    list(filter(not_empty, [ 'A' , '' , 'B' , None , 'C' , '' ]))

    Exercise

    The number refers back to reading from left to right and right to left reading is the same number, for example 12321, 909. Please use the filter()filter to find the number of times:

    def  is_palindrome (n) : return str(n)==str(n)[:: -1 ]
        
    output = filter(is_palindrome, range( 1 , 1000 ))

    Sorted Function

    Definition

    sorted()In addition list to sorting functions , it can also receive a key function to implement custom sorting.

    Example
    >>> sorted([ 36 , 5 , -12 , 9 , -21 ]) 
    [ -21 , -12 , 5 , 9 , 36 ]
    >>> sorted([ 36 , 5 , -12 , 9 , -21 ], key=abs) 
    [ 5 , 9 , -12 , -21 , 36 ]

    Continue Reading

    Python function parameters

    Regarding the parameters of Python, the most commonly seen in various codes is def func(*args, **kw)this parameter combination. This article discusses how we can get such a parameter combination step by step.



    Overview


    Python's function definition is very simple, but its flexibility is very large. In addition to the normally defined mandatory parameters, you can also use default parameters, variable parameters, and keyword parameters, so that the interface defined by the function can not only handle complex parameters, but also simplify the code of the caller.
    Positional parameter

    Positional parameters are our most common function parameters, for example, the following pow function to complete the power operation :


     def pow (x, n) :
    s = 1 while n> 0 : n = n- 1 s = s * x returns



    pow(x, n)
    The function has two parameters: xand n, both of which are positional parameters. When the function is called, the two values ​​passed in are assigned to the parameter x and in order according to the position order n.
    Default parameter

    Since we often calculate x^2, we can set n the default value of the second parameter to 2:


     def pow (x, n = 2 ) :
    s = 1 while n> 0 : n = n- 1 s = s * x returns








    In this way, when we call pow(5), it is equivalent to calling pow(5, 2):


    >>> power ( 5 )
    25
    >>> power ( 5 , 2 )
    25



    When setting the default parameters, there are a few points to note:
    The required parameters are in the front, and the default parameters are in the back, otherwise the Python compiler will report an error;
    When the function has multiple parameters, put the parameters with large changes in the front and the parameters with small changes in the back. Parameters with small changes can be used as default parameters.
    It is also possible to provide some default parameters out of order. When some default parameters are not provided in order, the parameter name needs to be written.

    The default parameter has the largest pit, as follows:


     >>> def add_end (L = []) : 
    ... L.append ( 'END' )
    ... return L
    ...
    >>> add_end ()
    [ 'END' ]
    >>> add_end ()
    [ ' END ' , ' END ' ]
    >>> add_end ()
    [ ' END ' , ' END ' , ' END ' ]



    We found that every time a add_end()function is called with default parameters , it will "remember" the result of the previous call.

    The reasons are as follows:

    When the Python function is defined, L the value of the default parameter is calculated, that is [], because the default parameter L is also a variable, it points to the object [], each time the function is called, if L the content is changed , the default parameter is called the next time The content has changed, no longer when the function is defined [].

    Therefore, the default parameters must point to immutable objects! ! !

    The above example is modified as follows:


    def add_end (L = None) :
    if L == None:
    L = []
    L.append ( 'END' ) return L




    variable parameter


    Taking a math problem as an example, given a set of numbers a, b, c ..., please calculate a ^ 2 + b ^ 2 + c ^ 2 + ..., because the parameters are uncertain, first think of a, b, c ... as one list or tuple pass in.

     def calc (numbers) :
    sum = 0 for n in numbers: sum = sum + n * n return sum






    When passing parameters, you need to assemble one tuple or list:


    >>> calc ([ 1 , 2 , 3 ])
    14
    >>> calc (( 1 , 3 , 5 , 7 ))
    84




    If using variable parameters:


     def calc (* numbers) :
    sum = 0 for n in numbers: sum = sum + n * n return sum


    Inside the function, the parameter numbers received is a tuple, so the function code is completely unchanged. However, when calling this function, you can pass in any number of parameters, including 0 parameters:


     >>> calc ( 1 , 2 ) 
    5
    >>> calc ()
    0

    If there is already an list OR tuple, you can use *it to unpack it when passing parameters :


     >>> nums = [ 1 , 2 , 3 ] 
    >>> calc (* nums)
    14



    *nums Indicates that nums all elements of this list are passed in as variable parameters.
    Keyword parameters

    Keyword parameters allow you to pass in 0 or any number of parameters with parameter names. These keyword parameters are automatically assembled into a dict inside the function. E.g:


     def person (name, age, ** kw) :
    print ( 'name:' , name, 'age:' , age, 'other:' , kw)



    When calling this function, you can only pass in the required parameters:


    >>> person ( 'Colin' , 24 )
    name: Colin age: 24 other: {}




    You can also pass in any number of keyword parameters:

    >>> person ( 'Bob' , 35 , city = 'Beijing' )
    name: Bob age: 35 other: { 'city' : 'Beijing' }
    >>> person ( 'Adam' , 45 , gender = 'M' , job = 'Engineer' )
    name: Adam age: 45 other: { 'gender' : 'M' , 'job' : 'Engineer' }



    Keyword parameters can extend the function of functions, for example: a user registration function is being done, except that the user name and age are required, other options are all available. Using keyword parameters to define this function can meet the needs of registration.

    Similar to variable parameters, one can be assembled first dict, and then dictconverted into keyword parameters:

     >>> extra = { 'city' : 'Beijing' , 'job' : 'Engineer' } 
    >>> person ( 'Jack' , 24 , city = extra [ 'city' ], job = extra [ 'job' ] )
    name: Jack age: 24 other: { 'city' : 'Beijing' , 'job' : 'Engineer' }



    Can be simplified to:

     >>> extra = { 'city' : 'Beijing' , 'job' : 'Engineer' } 
    >>> person ( 'Jack' , 24 , ** extra)




    **extraIt means that extra all key-values ​​of this dict are passed into the function **kw parameters with keyword parameters , and kwa dict will be obtained. Note that the kw obtained dict is extra a copy, and kw the changes will not affect the outside of the function extra.
    Command keyword parameters

    For keyword arguments, the caller of the function can pass in any unrestricted keyword arguments. If you want to limit the name of keyword parameters, you can use named keyword parameters. For example, only accept city and job  as keyword parameters:

     def person (name, age, *, city, job) :
    print (name, age, city, job)




    **kw Unlike keyword parameters , named keyword parameters require a special separator, *and *subsequent parameters are considered named keyword parameters.

    The calling method is as follows:

     >>> person ( 'Jack' , 24 , city = 'Beijing' , job = 'Engineer' ) 
    Jack 24 Beijing Engineer




    If there is already a variable parameter in the parameter, the following command keyword parameter does not need a separator *:

     def person (name, age, * args, city, job) :
    print (name, age, args, city, job)




    Named keyword parameters must be passed in parameter names, which is different from positional parameters.
    Parameter combination

    The order of parameter definition must be: mandatory parameters, default parameters, variable parameters, named keyword parameters and keyword parameters. E.g:



     >>> def f1 (a, b, c = 0 , * args, ** kw) : 
    ... print ( 'a =' , a, 'b =' , b, 'c =' , c, 'args = ' , args, ' kw = ' , kw)
    ...
    >>> def f2 (a, b, c = 0 , *, d, ** kw) :
    ... print ( ' a = ' , a, 'b =' , b, 'c =' , c, 'd =' , d, 'kw =' , kw)



    The function call is as follows:

     >>> f1 ( 1 , 2 ) 
    a = 1 b = 2 c = 0 args = () kw = ()
    >>> f1 ( 1 , 2 , c = 3 )
    a = 1 b = 2 c = 3 args = () kw = {}
    >>> f1 ( 1 , 2 , 3 )
    a = 1 b = 2 c = 3 args = () kw = {}
    >>> f1 ( 1 , 2 , 3 , 'a' ,'b' )
    a = 1 b = 2 c = 3 args = ( 'a' , 'b' ) kw = {}
    >>> f1 ( 1 , 2 , 3 , 'a' , 'b' , x = 99 )
    a = 1 b = 2 c = 3 args = ( 'a' , 'b' ) kw = { 'x' : 99 }
    >>> f2 ( 1 , 2 , d = 99 ,ext = None )
    a = 1b = 2 c = 0 d = 99 kw = { 'ext' : None }




    A may also be used tupleand dictcalls for these functions:


     >>> args = ( 1 , 2 , 3 , 4 ) 
    >>> kw = { 'd' : 99 , 'x' : '#' }
    >>> f1 (* args, ** kw)
    a = 1 b = 2 c = 3 args = ( 4 ,) kw = { 'd' : 99 , 'x' : '#' }
    >>> args = ( 1 , 2 , 3 )
    >>> kw = { 'd' :88 ,'x' : '#' }
    >>> f2 (* args, ** kw)
    a = 1 b = 2 c = 3 d = 88 kw = { 'x' : '#' }

    to sum up

    • *args Is a variable parameter, args receive one tuple;
    • **kw Is a keyword parameter, kw receive one dict;
    • Either directly into the variable parameter: func(1, 2, 3)it can also be assembled into one list or tuple afferent: func(*(1, 2, 3));
    • Keyword parameters can be passed directly: func(a=1, b=2)can also be assembled into a dict Incoming: func(**{'a': 1, 'b': 2});
    • Named keyword parameters are to limit the parameter names that the caller can pass in, while providing default values;
    Continue Reading

    If your goal is to encrypt the transmitted data so that your Internet provider could not analyze it, then both Tor and your VPN, which you yourself set up , can come up with ! I would not recommend using any third-party VPNs, since their owner can see all the transmitted traffic + client IP (that is, your IP address). If you use a third-party VPN service, then you are guaranteed to get a spyware who, at a minimum, also knows your real IP address! If this is a paid VPN, then it is absolutely not suitable for anonymity, since the VPN service does not only know your IP and has access to all transmitted data, then it knows who you are by your payment details.

    The self-configured OpenVPN allows you to encrypt the transmitted traffic and integrate your devices into a virtual private network. You can also hide your real IP address and bypass site blocking. But for anonymity, this option is not suitable, because for the operation of OpenVPN you need to rent a VPS, for which you have to pay. Although if you use cryptocurrency or other anonymous methods for payment, OpenVPN will help you to be anonymous.

    Using a single proxy has the same disadvantages as a VPN: the eavesdropper + proxy service knows your real IP address. An additional drawback in the absence of encryption is that your ISP can still analyze your traffic and even block access to websites.

    The situation with IP concealment improves if a proxy chain is used, because (depending on the settings), each next proxy knows the IP address of the previous node (always) and the IP address of 1 node before the previous one (sometimes). If we consider that traffic is not encrypted at any stage, and a certain part of public proxies is just honeypots (intended for the exploitation of users), then the proxy option is not the best way to ensure anonymity.
    Continue Reading
    What is Tor

    There are several different components and products in the name of which is the word "Tor". To clearly understand what we're talking about, let's start by defining the terms.
    Tor is a program that you can run on your computer to connect to the Tor network.

    The Tor network is a multitude of volunteer computers that process web site requests and redirect the response to the Tor user.


    tor
    The Tor browser is a complex of programs whose main components are: Tor + Firefox browser + plugins and settings to increase the level of anonymity.

    What is Tor used for?

    Tor can be used for various purposes:

    • data encryption so that it cannot be analyzed by an Internet service provider or by unauthorized persons on your local network or when using open networks (example of the “ Intercept and analyze traffic in open Wi-Fi ” attack ).
    • hiding your IP address from the final website
    • access blocked websites in your area
    Continue Reading
    top 25 most important software weaknesses

    There are many vulnerabilities that can affect security in our day to day. Many failures that make the software we use, network connections or the devices we use can be a threat. In this article we echo a list published by MITER that shows the 25 main software weaknesses that are the cause of the serious vulnerabilities that can affect our security. Let's talk about it.

    25 most important software weaknesses

    There are many errors that can affect the programs we use, the tools that our devices have. It is something that is present in our day to day. However, there are times when these vulnerabilities may represent a more important threat.

    MITER , an American company dedicated to systems engineering, research and development, has released a list of the 25 most important software vulnerabilities. They indicate that these errors can be easily exploited and, ultimately, be used by a possible attacker to have control of a system.

    Due to these vulnerabilities that are considered important, an attacker could steal confidential data, make the proper functioning of certain software impossible, or cause various attacks.

    The main objective of MITRE in making this list public is that software developers have it as a guide to control these vulnerabilities . This way they can create more secure software that does not put the security of users at risk, or at least reduce it as much as possible.

    Keep in mind that these 25 vulnerabilities are not the result of chance or what they believe. To reach this conclusion they have applied a formula that uses different scores to give a final assessment to each one. In this way they can draw up the definitive list with which they can have a higher level of prevalence and also represent a greater danger.

    To create this list have been based on vulnerabilities around the world. They have given a denomination to each of them and together with each one they have put the valuation, the CVSS score, which is what allows to know which are the most dangerous and, in short, with which the developers have to be more careful.


    Main vulnerabilities according to MITER

    If we start with the top 5 we can say that the most important vulnerability for MITRE and the one with the highest CVSS score is the incorrect restriction of operations within the limits of a memory buffer . He has been assigned the name of CWE-119 and has a score of 75.56.

    The second is the inappropriate neutralization of the input during the generation of the website . It has a rating of 45.69 and has been referred to as CWE-79.

    The following are, respectively, the incorrect input validation , which has qualified it with a score of 43.61 and has called it CWE-20; the exposure of information , called CWE-200 and a score of 32.12 and, closing the top 5, the vulnerability CWE-125 called reading out of bounds and with a score of 26.53.

    • These are the five main vulnerabilities according to MITER. However, in total they have released a list with 25. The remaining 20 are the ones mentioned below:
    • CWE-89 Incorrect neutralization of special elements used in an SQL command ("SQL Injection") 24,54
    • CWE-416 Use after free version 17.94
    • CWE-190 Entire Overflow 17,35
    • CWE-352 cross-site request forgery 15.54
    • CWE-22 Incorrect limitation of a path name to a restricted directory 14.10
    • CWE-78 Incorrect neutralization of special elements used in an operating system command 11,47
    • CWE-787 Writing out of bounds 11.08
    • CWE-287 Incorrect authentication 10.78
    • CWE-476 No cursor reference 9.74
    • CWE-732 Incorrect permission assignment for critical resource 6.33
    • CWE-434 Unrestricted upload of files of dangerous type 5.50
    • CWE-611 Incorrect XML restriction External entity reference 5.48
    • CWE-94 Improper control of code generation ("Code injection") 5.36
    • CWE-798 Use of coded credentials 5.12
    • CWE-400 Consumption of uncontrolled resources 5.04
    • CWE-772 Resource release is lacking after life 5.04
    • CWE-426 Unreliable search path 4.40
    • CWE-502 Deserialization of unreliable data 4.30
    • CWE-269 Inadequate privilege management 4.23
    • CWE-295 Incorrect validation of certificate 4.06
    Continue Reading
     new Linux malware Mines cryptography remains undetectable



    Two analysts threats recently hit a new Linux malware that conceals its cryptocurrency mining operations.

    On 16 September, Augusto Remillano II and Jakub Urbanec revealed in a news post on Trend Micro, a security intelligence blog, they have discovered a new malware. According to analysts, this malware is particularly notable for the way it loads malicious kernel modules to mask its mining operations of crypto-time data.

    Malware provides full access hackers to the infected machine


    Analysts have found that Skidmap hid his cryptocurrency extraction using a rootkit, a program that installs and executes code on a system without the consent or knowledge of the end user. This makes its malicious components undetectable by infected system monitoring tools.

    In addition to launching a crypto-piracy campaign on the infected machine, the malware would give attackers a "unfettered access" to the affected system. Analysts add:

    "Skidmap aussi olefins has a backdoor way to get access to the engine and replaces the file system aussi pam_unix.so by His Own malicious release. This malicious file Accepts a specific password for all users, Allowing attackers to log in As Any use of the machine. " 

    cryptojacking campaigns up 29%

    Cryptojacking is a term used in the industry to designate crypto-exploration stealth attacks which consist of malicious software or any other way to computer processing power to operate without the consent or cryptomoney the knowledge of the owner.

    In August, the McAfee Labs cybersecurity company released a report on threats in the first quarter of 2019. According to the report, the cryptojacking would have increased, with an increase of 29% cryptojacking campaigns.
    Continue Reading
    Vulnerability of Simjacker allows hackers to hack into any phone simply by sending SMS

    Vulnerability in SIM-cards, how to protect against Simjacker


    The vulnerability of Simjacker can spread to more than 1 billion mobile phone users worldwide.

    A new and previously unrecognized critical vulnerability has been discovered in SIM cards, which could allow remote attackers to compromise targeted mobile phones and spy on victims simply by sending an SMS message.

    This vulnerability, dubbed “SimJacker,” is located in certain software called S @ T Browser (a dynamic toolkit for SIM cards) embedded in most SIM cards that is widely used by mobile operators in at least 30 countries and can be used no matter what phones the victims use.

    Well, what's wrong with that? A special private company that works with governments has been actively exploiting the SimJacker vulnerability for at least the past two years to conduct targeted monitoring of mobile phone users in several countries.

    S @ T Browser, short for SIMalliance Toolbox Browser, is an application that installs on various SIM cards, including eSIM, as part of the SIM Tool Kit (STK) and is designed to enable mobile operators to provide some basic services, subscriptions, and additional wireless services for its customers.

    Because the S @ T Browser contains a number of STK instructions — such as sending a short message, setting up a call, launching a browser, providing local data, launching on command, and sending data — that can be caused by simply sending an SMS message to the device, the software offers a runtime environment to run malicious commands on mobile phones.

    How does the Simjacker Vulnerability work?

    Discovered by researchers from AdaptiveMobile Security in a new study published on September 12, 1919, the vulnerability can be exploited using a GSM modem for $ 10 to perform several tasks listed below on a target device by simply sending an SMS message containing a certain type of spy code .
    • Retrieving the location of the target device and IMEI information,
    • Spreading false information by sending fake messages on behalf of the victims,
    • Performing premium rate fraud by dialing premium rate numbers,
    • Spy on the surroundings of victims by ordering the device to call the attacker’s phone number,
    • The spread of malware, forcing the victim’s phone browser to open a malicious web page,
    • Perform denial of service attacks by disconnecting the SIM card and
    • Getting other information, such as language, type of radio, battery level, etc.
    During the attack, the user is completely unaware that he received the attack, that the information was extracted and that it was successfully deleted,” the researchers explain.

    This attack is also unique in that the Simjacker attack message can be logically classified as carrying full malware load, especially spyware. This is because it contains a list of instructions that the SIM card must follow. Simjacker is the first real attack in which spyware is sent directly to SMS.


    Although technical details, a detailed document and proof of concept of the vulnerability are planned to be published in October this year, the researchers said they observed real attacks on users with devices from almost all manufacturers, including Apple, ZTE, Motorola, Samsung, Google, Huawei and even IoT with SIM cards.


    It turns out that all manufacturers and models of mobile phones are vulnerable to SimJacker attacks, since this vulnerability uses outdated technology built into SIM cards, the specification of which has not been updated since 2009, which potentially puts more than a billion people at risk.
    Simjacker Wildlife Vulnerability


    Researchers say that the Simjacker attack worked very well and has been used successfully for many years, "because it used a combination of sophisticated interfaces and obscure technologies, showing that mobile operators cannot rely on standard installed security features."


    Simjacker is a clear danger to mobile operators and subscribers. This is potentially the most sophisticated attack that has ever existed on major mobile networks. ”
    said Ketal MacDade, CTO at AdaptiveMobile Security, in a press release.



    “This is the main alarm signal that shows that hostile actors are investing heavily in increasingly sophisticated and creative ways to undermine network security.” This threatens the security and trust of customers, mobile operators and affects the national security of entire countries. "

    Moreover, now that this vulnerability has been publicly disclosed, researchers expect hackers and other attackers to "develop these attacks in other areas."

    Researchers have responsibly revealed the details of this vulnerability of the GSM Association, a trading organization representing the community of mobile operators, as well as the SIM alliance, representing the major manufacturers of SIM cards / UICC.

    SIMalliance acknowledged the issue and provided recommendations for security SIM card manufacturers for S @ T push messages.


    Mobile operators can also immediately eliminate this threat by setting up the process of analyzing and blocking suspicious messages containing S @ T browser commands.


    We, as a potential victim, as a user of a mobile device, can do nothing if we use a SIM card with S @ T Browser technology deployed on it, except for a request to replace our SIM card on which patented security mechanisms are installed.


    More information about Simjacker can be found at www.simjacker.com, and Katal MacDade, CTO of AdaptiveMobile Security, will introduce Simjacker at the Virus Bulletin Conference, London, October 3, 2019.
    Continue Reading



    What's more pleasant when you change distribution to have available his configuration files carefully preserved?

    When you spend time tweaking the configuration of the display server or its favourite text editor, the idea of ​​losing these famous files gives cold sweats.

    Only when we want to make a backup of these files we must do everything by hand and especially we always tend to forget some.

    This for this reason that I tinkered a little script Bash that collects your conf files and makes a nice tar.bz2 archive ready to be copied away from crashes.

    You can download the script in question here: saveconfig.sh

    This script is very easily customisation. It is divided into two sections: the first contains the commands (the script itself) and the second part is a list of files to save.


    You can add filenames as well as directories. In all cases we must give the full path from the root (/). If you indicate a directory, all its content will be copied ... so think about what you add! It may be best to give filenames belonging to the same directory rather than giving the entire directory (I am thinking in particular of the hidden directories used by browsers which contain the cache of your navigation).

    Launched as a lambda user, saveconfig.sh saves the system configuration files (in / etc, / usr ...).

    Launched in root, the script will additionally record the configuration of each "human" user (whose uid is greater than or equal to 500)


    User configuration files must be indicated using the keyword _USER_ which will be replaced when using the script by the home directory of this user (nothing very complicated, you will easily understand by looking at the list of files by default).

    Small note: saveconfig.sh does not keep the file permissions in memory ... but it is easily modifiable by modifying the arguments passed to tar and cp.

    The script needs bash, awk, tar and bzip2 to work.

    Continue Reading