Sunday, August 26, 2007

VIM split windows and macros quick reference

ex commands for split windows
  • :sp filename create a new split with filename
  • :vsp filename create a new vertical split with filename
  • :new create a new split with an empty buffer
  • :vne create a new vertical split with an empty buffer
  • :wa save all open files
  • :wqa save and quit all open files
Ctrl-W related commands for split windows
  • C-w h moves split to the left of current split
  • C-w j moves split below the current split
  • C-w k moves split above the current split
  • C-w l moves split to the right of the current split
  • C-w + increase the current split by one line (or, prefix this command with a number to do that many line increases)
  • C-w - decrease the current split by one line (same addendum as above)
  • C-w < decrease the current split width
  • C-w > increase the current split width
  • C-w _ Maximize the current split
Split windows in the .vimrc (taken from this page ... also see the same author's excellent Efficient Editing with VIM )
  • map <C-J> <C-W>j<C-W>_ " Hit C-j to move the current split down and maximize it
  • map <C-K> <C-W>k<C-W>_ " Hit C-k to move the current split up and maximize it
  • set wmh = 0 " allow splits with 0 lines open
  • q<register> start recording and save the macro in the specified register (use a lowercase letter, for example)
  • q (again) end recording
  • @<register> playback the macro


Screen is an awesome UNIX utility that allows you to continue running commands on a remote system even after you have logged out! Magic! Here is a nice "screen for dummies" tutorial with some links to related sites at the bottom.

On the command line
  • screen (will spew some text and then give a prompt) start a screen session
  • screen -r reattach to screen session
  • screen -d detach an attached screen session (good for logging in after network cuts out)
  • Launch screen with an alias such as alias screen='TERM=screen screen' in .bashrc to avoid your backspaces getting mangled
  • There is a ~/.screenrc file with which you can customize screen
My .screenrc

# don't mangle backspaces
termcapinfo xtermc kD=\E[3~

# no startup message
startup_message off

# set shell that launches
shell /bin/bash

# lots of scrollback
defscrollback 10000

# ignore case when searching in copy mode
ignorecase on

# make it obvious we're within screen
hardstatus string "screen%n - %h"

# vim-style bindings
bind k focus up # cycle to the above split
bind j focus down # cycle to the below split
bind l next # cycle to the next split
bind h prev # cycle to the previous split
bind n split # create a new split
bind ^N split # create a new split
bind q remove # remove the split
bind + resize +3 # increase split three lines
bind - resize -3 # decrease split three lines
bind _ resize max # maximize current split
bind = resize = # make all splits equal size
bind g info # display info on the split
bind ^G info # display info on the split

# other (some defaults, just to remind myself they exist)
bind Q only # get rid of all other splits but the current one
bind M monitor # toggle monitoring of the current window
bind t title # enter a title for this shell
bind a other # go to most recently viewed other split
bind \' windowlist -b # go to window list
bind x kill # close the current shell
bind ^X kill # close the current shell
bind \\ quit # close all shells

Monday, August 06, 2007

Things I learned at DEFCON 15

I just went to DEFCON in Las Vegas for the first time this year and it was a blast. Tons of smart people, cool hacks, great speakers, fun activities and stuff to learn. Here's a brief summary of some of the things I picked up this past weekend (in no particular order):
  • Virtually any lock that you have bought can be picked, easily. Even the (supposedly) secure Medeco locks that they have on the white house and other high-security areas can be broken by a 12-year-old girl. For more, see the blog entry (by the guys that made this presentation, Marc Weber Tobias and Matt Fiddler) here. Gun locks, also, are completely trivial for a kid to break as this amazing video proves (more on this subject: blog, report). Also from the talk: most hotel safes are terribly insecure. To break those that use your credit card to open/lock them, the code of the master card that unlocks all of them in stored in memory inside the safe. All you have to do is open the safe (legitimately) and then dump that code and write it to a card to have a "master card" for all the safes in the hotel... yikes!
  • SCADA systems, the systems that run critical infrastructure such as water treatment plants, electrical grids and nuclear power plants have an overwhelming number of vulnerabilities. Scary. Nationwide emergency alert systems also have relatively easy attack vectors (from the talk by Ganesh Devarajan).
  • There is always a motive for Internet crimes, just like ones off the net. The motive for the attack on the Dolphin Stadium website prior to the 2007 Super Bowl was particularly interesting because the attack, which was made on several other lower-profile websites, was linked to a Chinese syndicate that wanted users' World of Warcraft online credentials to acquire additional WoW gold! This is the first attack of its kind. (From the Internet Wars 2007 panel)
  • One interesting way of getting malware on a user's computer is to set up a website and register malware to be downloaded on that website as a codec with Microsoft. That way, when a victim visits the attacker's site, he is prompted with a "Additional codecs are required to display content on this page... would you like to download them?" message. If he does, he downloads the malware onto his computer. (From the Internet Wars 2007 panel)
  • If you're a NBC Dateline reporter, don't refuse a press pass and then try to brew up some sensationalist report about hackers at DEFCON. You will get owned.
  • Even the badges at the conference were a hack unto themselves (video). How cool is that? And there is a rap about the conference, too!
  • If you want to start up an advocacy organization, the most important thing you can do is have a paid person sitting by the phone who knows what expert to contact (and how to contact them) when called by reporters. PledgeBank is a good site to help organize the effort to raise this money. (Funny quote from the same Danny O'Brien talk: "[Imitating a typical clueless reporter that calls EFF] People will call and say, 'I heard that such-and-such technology can make someone's penis fall off; can this be done with Ruby on Rails?' ... In this way, EFF operates as a clearinghouse for idiots")
  • Sam Bowne offers a class at San Francisco City College called "Ethical Hacking and Network Defense" ... sweet! (He recommends Hack this Site and as good references)
  • Brendan O'Connor gave a really good talk about the extra layer of "security" that banks are now layering onto their authentication services and how this layer improves neither the user's privacy nor his security -- in fact, it may be degrading both. Bruce Potter similarly lambasted "Defense in Depth" for being a lame attempt at covering up bad code with extra layers of "security."
  • Bruce Potter of the Shmoo Group gave a talk about how the dynamics of vulnerability disclosure are changing: instead of informing the vendor of the weakness in their product, hackers are often now selling information about those vulnerabilities to third parties (who may or may not have good intentions). Potter called for a discussion on whether this was ethical and/or good for the security community.
  • Thomas J. Holt presented on the economics and dynamics of the malware marketplace. This market is mainly organized around forms based in Russia and Eastern Europe where sellers start forum threads advertising their product. Moderators of the forum then test the software to see if it does what the seller says it does and then give their opinion of it on the same thread. If the opinion is good, and the seller has a good reputation, then buyers start asking questions about the software and perhaps buy it. The final step is the reviews of the software by the buyers which attest to the malware's quality (or lack therof). Some sell not only hacking tools like Pinch, Nuclear Grabber and PG Universal Grabber but the data obtained by using these hacking tools. Some forums maintain lists of sellers who are "rippers" -- rip off artists -- and blacklist them.
  • AgentX gave a whirlwind talk about "22 Things that Keep me up at Night." Among these: "Shrinking the Gap" (based off of ideas of Thomas Barnett), low cost pervasive bandwidth, open source warfare (the terrorists are all sharing techniques -- why aren't we?), the security industrial complex (complacency = bad), homogeneity of the hacker (all white males, but starting to change -- he notes good progress at DEFCON 15), why aren't you encrypting all your communications? (because the NSA is listening)
  • Mike Murray had some interesting things to say about social engineering/NLP/hypnotism. Such as: you are four times more likely to follow a command following a non-grammatical sentence, you wouldn't do something hypnotized that you wouldn't do in the first place (such as kill a commanding officer -- study), tag questions ("won't you?" "right?") are convincing, confusion is the key!, the right tone can be categorized as "artfully vague," stories are more powerful than reasoning, questions are more powerful than statements, Milton Erikson = best hypnotist ever
  • I missed Bruce Schneier's talk, but someone posted a video of it here. The whole presentation is interesting, but probably the most stimulating is his discussion of how you DON'T need an ID to fly on an airplane; you just get a little extra screening.
Other notable moments/events include the Guitar Hero contest, Brew Wars, Phreaking Challenge, Capture the Flag, Hacker Jeopardy, TCP/IP Drinking Game, Lockpicking Village, automated airgun target contest, the Wall of Sheep and the Wireless Village. Definitely going next year!

Videos of all of the presentations have been posted here.

Thursday, August 02, 2007

My .vimrc file

Thanks to Evan Klitzke and others at Yelp; a lot of this is ripped from their .vimrc's. All hail vim!

set modeline " Respect other people's options (when a modeline is present)
set encoding=utf-8 " Use UTF-8 (8-bit variable width Unicode)

" indenting options
set autoindent " Keep the indent level when hitting Return
set smartindent " Use smart indenting (mostly useful for C/C++ files)
set cindent " Don't indent Python really poorly
set tabstop=4 " Make tabs appear four spaces wide (default is 8 spaces)
set shiftwidth=4
set noexpandtab " Use hard tabs please! Watch out for files with soft tabs
" that don't have a modeline present, especially Python files.
set fo=tcoqan " Options for formatting text (i.e. for use with gq)

" UI stuff
set showmatch " Show matching parens as they come up
set ruler " Show the column number in the status bar
set incsearch " Find as you type
set lz " Don't redraw the screen in the middle of executing macros
set nohlsearch " Highlighting search terms is _really_ annoying
behave xterm " Just in case...
set wrap " Display files with word wrap, but don't actually insert newlines
" (Set by default)... so lines don't go off edge
set lbr " Wrap only at word boundaries (default is at any character)
syntax enable " Who wouldn't want syntax highlighting?

" Only allow folds that are manually set
set foldmethod=manual

" Make our folds look like how they were when we exited vim last time.
set viminfo=s1,<1024,'1024,/1024,:1024,@1024,c,f1,%,n~/.viminfo
autocmd BufReadPost *
\ if expand("<afile>:p:h") !=? $TEMP |
\ if line("'\"") > 0 && line("'\"") <= line("$") |
\ exe "normal g`\"" |
\ let b:doopenfold = 1 |
\ endif |
\ endif
" Need to postpone using "zv" until after reading the modelines
autocmd BufWinEnter *
\ if exists("b:doopenfold") |
\ unlet b:doopenfold |
\ exe "normal zv" |
\ endif

set nocompatible " Don't act like SysV vi
set shell=/bin/bash " Use this shell to execute commands
filetype plugin indent on " ability to run different vimrcs on different filetypes
set autoread " When a file has been detected to have been changed outside of Vim and
" it has not been changed inside of Vim, automatically read it again.
set mouse=a " Have mouse operate in all modes -- disable mouse by holding the shift key
set ttyfast " Tell vim to optimize for a fast terminal; will be on by
" default if your $TERM is xterm or screen, but could be
" turned off if you use a weird terminal (e.g. 'screen-bce').
" Set 'nottyfast' for slow SSH connections.
set history=50
set showmode " show what mode (e.g. INSERT) you're in
set showcmd " Show (partial) command in status line
set backspace=indent,eol,start " explicitly makes the backspace work when at the beginning of a line
nmap <C-N><C-N> :set invnumber <CR> " Press Ctrl-N twice to toggle line numbers in the left margin

set wmh=0 " allow splits with 0 lines open
map <C-J> <C-W>j<C-W>_ " Hit C-j to move the current split down and maximize it
map <C-K> <C-W>k<C-W>_ " Hit C-k to move the current split up and maximize it

" cycling through tabs
map <C-H> <C-PageUp>
map <C-L> <C-PageDown>
imap <C-H> <C-PageUp>
imap <C-L> <C-PageDown>

set title " sets title of terminal in menubar to that of file currently being edited
set ignorecase " perform case-insensitive searches...
set smartcase " ... unless there are capitalized characters in the search pattern
set mousehide " hide the mouse when editing
set exrc " eliminates the possibility of another .exrc getting confused with mine on multi-user systems
set bg=light "this almost always looks better -- take this out or set it to dark if things look funny

" for common typos
command! Q quit
command! W write
command! Wq wq
cabbrev Set <c-r>=(getcmdtype()==':' && getcmdpos()==1 ? 'set' : 'Set')<CR>

Or, say you want soft tabs instead of hard ones (see converting tabs to spaces):
set expandtab     "soft tabs
set tabstop=2 "set tabstops
set shiftwidth=2 "set shiftwidth
set softtabstop=2 "delete this many spaces upon deleting soft tab

More stuff from Rajiv:

set directory=/var/tmp,/tmp " put all the backup stuff in tmp directories
set shortmess+=A " no swap file complaints
set nobackup " don't litter directories with swap files

" move across rows, not lines
noremap j gj
noremap k gk
noremap gk k
noremap gj j

set display=lastline " ??????????????
syntax sync fromstart " always render syntax from the beginning of the file
au! BufRead,BufNewFile * lcd %:p:h " cd into the directory of the file you're editing
set vb t_vb= " no visual bell