a.k.a. "My Bank does not support CSVs". When I asked my bank for "machine readable" versions of my bank statements, they where like: Their website has a CSV-export function. But only data from the last three months can be exported. Of course, it would have been smart to have performed this export every two months or so, but let's talk about something else. Sure!
When I open up a file in IDA Pro, I usually want the HexRays decompiler panel to the right of the disassembly. It just so happens that I open up a lot of files in IDA Pro and I have to rearrange the panels every time. Now I finally sat down and wrote a little Python plugin that will rearrange the panels just the way I like them. You may have similar problems and may find it useful. You should be able (with only a small amount of pain) to modify the script according to your own preferred layout:
import idaapi def runonce(function): """ A decorator which makes a function run only once. """ function._first_run = True def wrapper(*args, **kwargs): if function._first_run: function._first_run = False return function(*args, **kwargs) return wrapper @runonce def position_pseudocode(): idaapi.set_dock_pos('Pseudocode-A', None, idaapi.DP_RIGHT) idaapi.set_dock_pos('Graph overview', 'Output window', idaapi.DP_TAB) idaapi.set_dock_pos('Functions window', 'Output window', idaapi.DP_TAB) class PseudoCodeTabRight(idaapi.plugin_t): flags = idaapi.PLUGIN_HIDE comment = 'Opens the PseudoCode tab in a spearate pane to the right.' help = 'The plugin triggers automatically when the decompiler is engaged for the first time.' wanted_name = 'PseudoCodeTabRight' wanted_hotkey = '' def init(self): def hexrays_event_callback(event, *args): if event == idaapi.hxe_open_pseudocode: position_pseudocode() return 0 if not idaapi.install_hexrays_callback(hexrays_event_callback): return idaapi.PLUGIN_SKIP return idaapi.PLUGIN_KEEP def run(self, arg=0): pass def term(self): pass def PLUGIN_ENTRY(): return PseudoCodeTabRight()
I have finally solved an annoying problem with my Windows 10 setup which was sortof hard to Google, so I am sharing. For quite some time, the computer had refused to go to sleep when it was not running on battery. Instead of going to sleep when instructed to, it would simply turn off the screen and mute the volume while continuing to *actually not sleep*. Moving the mouse a tiny bit would swiftly end the charade. In a recent fit of rage I decided to inspect the event log, and behold, there were some Kernel Power events that said: > _The system is entering Away Mode._ Which is entirely _not_ what I wanted when I told it to go to sleep. However, there was no option _anywhere_ in the power settings to be found that turned off this _"Away Mode"_. Well, the option actually does exist, but for some reason it is not visible unless you set the
2in the following, easily memorable registry key:
Armed with this registry tweak, you can go back to the _"advanced"_ power settings, aka:
rundll32 shell32.dll,Control_RunDLL PowerCfg.cpl @0,/editplan:
Sleepand there should be an option that says
Allow Away Mode Policyor something similar. And that policy should be set to no, not even when plugged in, never, just sleep, for crying out loud, why does this even exist.
As I [have hinted at before](/2017/09/20/just-some-friendly-advice/), the [PyCrypto library](https://www.dlitz.net/software/pycrypto/) [seems to be dead](https://github.com/dlitz/pycrypto/issues/173). The [PyCryptodome](https://www.pycryptodome.org/en/latest/) library is a fork that is promising because it is maintained and works in Python 3, but they have a bit of a finger-wagging attitude which sometimes means that you have to fight the library a bit:
They certainly mean well, but the library is no place to impose security standards, in my opinion. In malware research for example, we often have to verbatim copy the appalling use of certain ciphers, like ARC4 with a 4-byte key. It happens all the time! I have been particularly struggling with [the removal of the XOR cipher](https://pycryptodome.readthedocs.io/en/latest/src/vs_pycrypto.html). The XOR implementation of PyCrypto was very fast, and in this article I will both benchmark how fast exactly it was and give you a drop-in replacement which degrades gracefully based on your options. Do you want to know more?
>>> from Crypto.Cipher import ARC4 >>> cipher = ARC4.new(B'funk') Traceback (most recent call last): File "<stdin>", line 1, in <module> File "C:\Python37\lib\site-packages\Crypto\Cipher\ARC4.py", line 132, in new return ARC4Cipher(key, *args, **kwargs) File "C:\Python37\lib\site-packages\Crypto\Cipher\ARC4.py", line 57, in __init__ len(key)) ValueError: Incorrect ARC4 key length (4 bytes) >>> ARC4.key_size = range(1,257) >>> ARC4.new(B'funk').decrypt( ARC4.new(B'funk').encrypt( B'Hello World' )) b'Hello World'
I started to play around with ArangoDB and used Python to get some data into my first database. Long story short: if you want to set your own key for the documents, do it on the document, not on the initialization data. EDIT: this is only true for the most recent version 1.3.1 release on pypi by the time of writing. Read the longer story!
To reduce the size of some of my virtual machines, I often run the Windows cleanup tool to get rid of update artifacts and temporary files. While the
cleanmgrcommand has some undocumented options such as
/verylowdisk, I could not achive what I wanted with any combination of these: I wanted to have one command that simply cleans _everything_ without interaction. TL;DR: Put this in a batch file:
Essentially, this script manually creates the registry keys that would be created by a call to
@echo off set rootkey=HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches for /f "tokens=*" %%K in ('reg query %rootkey%') do >NUL REG add "%%K" /v StateFlags0000 /t REG_DWORD /d 2 /f cleanmgr /sagerun:0
cleanmgr /sageset:0and checking all the boxes. It then runs
cleanmgr /sagerun:0which non-interactively calls
cleanmgrperforming every cleanup task available. Remember to run this as an administrator to remove Windows update artifacts. Would you like to have that as PowerShell?
I recently wanted to buy a new Harddisk. I did not want one that uses "shingled magnetic recording" because thats awfully slow. Instead I looked for a "perpendicular magnetic recording" HDD, but I learned thats not a thing anymore. Instead I could buy CMR disks. For those getting here by google looking for a quick answer: CMR=PMR. For those who want to know why PMR was renamed to CMR and why SMR disks are slow: read on
I recently dropped my Sony Z5 Compact and the glass on its back splintered. So I bought a new phone. Sony A Z5 Compact for the horrendous amount of 70€. When I bought my last phone everything had to go quick, Cyanogen mod was just announced dead and LineageOS was not ready yet. So I just installed the stock rom and lived with it. This time I wanted to go with a custom Rom and without any Google Apps on it. Here is what i did:
Flask pretty-prints response generated by the
flask.json.jsonifyfunction. Avoiding this on a per request basis doesn't seem to be intended: There is a configuration variable for the whole application:
JSONIFY_PRETTYPRINT_REGULAR. But setting that to
Falseminifies every JSON responses. And, in general, I enjoyed the pretty printed output. So implementing
X-PrettyPrint- which seems to be a quasi-standard - also sounded like a the wrong way because it means replacing the call to
jsonifyby a custom implementation. This short story has a happy end though: Flask does not pretty-print the response if it receives an AJAX request. So one can just send the appropriate header:
curl -H 'X-Requested-With: XMLHttpRequest' "https://exmaple.com/api/endpoint.json";