Habaritag:lildude.co.uk,2013-02-14:atom/e1c840d837fd1378a9e02db36e6caaa75f1fb923Col's TechBut what is it good for?2013-02-08T16:15:56+00:00Solaris 10 1/13 Is Now AvailableColinlildude.co.uktag:lildude.co.uk,2013:solaris-10-13-is-now-available/13603400642013-02-08T16:15:56+00:002013-02-11T08:47:29+00:002013-02-08T16:12:05+00:00<p>Hot off the press: Solaris 10 1/13 (S10u11) is now available for download. Get downloading. Solaris 11 is much better OS though ;-)</p>Jailbreak for iOS 6.1Colinlildude.co.uktag:lildude.co.uk,2013:jailbreak-for-ios-61/13600066322013-02-04T19:38:30+00:002013-02-04T19:38:30+00:002013-02-04T19:33:38+00:00<p>Jailbreak for iOS 6.1 now available: <a class="evasi0n.com" target="_blank">evasi0n.com</a> Works for me ;-)</p>I Learnt the Logic Behind The Numeronyms g11n and i18n TodayColinlildude.co.uktag:lildude.co.uk,2013:i-learnt-the-logic-behind-the-numeronyms-g11n-and-i18n-today/13596484942013-01-31T16:13:32+00:002013-01-31T16:13:32+00:002013-01-31T15:52:47+00:00<p>I learnt something new today. I learnt the logic behind the numeronyms g11n and i18n as used when referring to locales and languages in the world of computing.</p><p><code>g11n</code> = globalisation (I speak the Queen's English as taught in colonial Africa so it's with an s)<br><code>g</code> = the first letter of globalisation<br><code>n</code> = the last letter of globalisation<br>... and there are <code>11</code> other letters between the two, which conveniently solves the problem of spelling it incorrectly with a z and correctly with an s ;-) .</p><p>The same thing applies to i11n...</p><p><code>i11n</code> = internationalisation<br><code>i</code> = the first letter of internationalisation<br><code>n</code> = the last letter of internationalisation<br>... and there are <code>18</code> letters between the two.</p><p>Simple yet so logical. Surprised it's taken me this long to learn it, especially considering DEC coined the i11n numeronym back in '70s or '80s according to <a class="en.wikipedia.org/wiki/Internationalization_and_localization" target="_blank">Wikipedia</a>.</p><p>I've just accepted these terms without looking them up. Will need to look into any other odd ones I encounter now.</p>Form Follows Function HTML5 DemosColinlildude.co.uktag:lildude.co.uk,2013:form-follows-function/13589508052013-01-23T14:20:24+00:002013-01-23T14:20:36+00:002013-01-23T14:17:45+00:00<p>For webdevs: checkout the pretty impressive HTML5 experience demos at <a class="fff.cmiscm.com/" target="_blank">fff.cmiscm.com/</a>. They work really well on tablets too.</p>Defeating AES Without a PhDColinlildude.co.uktag:lildude.co.uk,2013:defeating-aes-without-a-phd/13588535412013-01-22T11:20:13+00:002013-01-22T11:20:13+00:002013-01-22T11:12:15+00:00<blockquote cite="blog.spiderlabs.com/2013/01/defeating-aes-without-a-phd.html"><p>When I tell a developer that I broke their cryptosystem, there’s usually a pregnant pause in the conversation where they take it in, like a young child being shown a magic trick. As the initial wonder passes, though, they are not usually elated.</p><p>“I thought AES was safe. What should I use instead?”</p><p>Sorry, but AES isn’t the issue. AES, despite its very minor known flaws, isn’t considered unsafe as of this writing. 6-inch thick steel walls are difficult to break through, but that’s not generally how you get past steel walls. One goes around, under, above them, not through.<br>— <a class="blog.spiderlabs.com/2013/01/defeating-aes-without-a-phd.html">Defeating AES without a PhD - SpiderLabs Anterior</a></p></blockquote><p>Interesting little piece on decrypting what appears to be a well encrypted parameter. If you're a web developer who's passing encrypted data around through parameters, take note of the post-mortem section.</p><p><a class="lildude.co.uk/defeating-aes-without-a-phd?refer=atom">Permalink</a></p>Got My Free 50GB on MegaColinlildude.co.uktag:lildude.co.uk,2013:got-my-free-50gb-on-mega/13586796742013-01-20T11:01:28+00:002013-01-20T11:01:28+00:002013-01-20T11:00:10+00:00<p>Just signed up for my free 50GB of encrypted storage on Mega.co.nz. Not sure what I'll do with it yet.</p>What's Up With the flag Field in /etc/shadow on Solaris 11.1?Colinlildude.co.uktag:lildude.co.uk,2013:whats-up-with-the-flag-field-in-etcshadow-on-solaris-111/13572073932013-01-03T15:45:04+00:002013-01-03T15:45:04+00:002013-01-03T09:46:05+00:00<p>If you're running Solaris 11.1, and you happen check your <code>/etc/shadow</code> file, you may notice there's been a change to the flags field (the last one)...</p><pre>bob:$5$GKM8z8qP$ho7oJF3ceAoFo9sH5f.jy4UP16TvzoO7XmSYS81o6QA:15708::::::<strong>9874</strong></pre><p>Prior to Solaris 11.1, this field only contained the following a few easy to read digits which the man page explained as...</p><pre> flag Failed login count in low order four bits; remainder reserved for future use, set to zero.</pre><p>... and this started at 0 and incremented by one every time there was a failed login attempt. Now I'll let you into a secret, the above excerpt was actually taken from Solaris 11.1 which means the documentation hasn't been updated to reflect what you now see in the shadow file. That's correct.</p><p>The documentation has deliberately NOT been updated at this stage (Jan 2013) as it is still currently an unstable/private interface and thus not really ready for public consumption. That said, you can easily workout what the rest of the information stored in this field is by looking at the <code>/usr/include/shadow.h</code> file...</p><pre>/* * The spwd structure is used in the retreval of information from * /etc/shadow. It is used by routines in the libos library. */ struct spwd { char *sp_namp; /* user name */ char *sp_pwdp; /* user password */ int sp_lstchg; /* password lastchanged date */ int sp_min; /* minimum number of days between password changes */ int sp_max; /* number of days password is valid */ int sp_warn; /* number of days to warn user to change passwd */ int sp_inact; /* number of days the login may be inactive */ int sp_expire; /* date when the login is no longer valid */ unsigned int sp_flag; /* currently low 15 bits are used */ <strong>/* low 4 bits of sp_flag for counting failed login attempts */ #define FAILCOUNT_MASK 0xF /* next 11 bits of sp_flag for precise time of last change */ #define TIME_MASK 0x7FF0</strong> };</pre><p>And there's your answer. The last line tells us that the rest of the flag field is used to store the time of the last password change, with the date of that change being stored in the lastchg (3rd) field.</p><p>So how do you use that figure?</p><p>Well, before I tell you, I must warn...</p><p><strong>This is an unstable interface. It can and will most likely change at any time without any notice, so do NOT come to rely on this information.</strong></p><p>Right, with that out of the way, lets see how we can interpret this field.</p><p>From the shadow.h file we know the last 4 bits are the number of failed login attempts, which can be obtained using (all commands are run at a Bash shell prompt):</p><pre>$ echo "obase=2;9874" | bc 1001101001<strong>0010</strong> $</pre><p>I've emboldened the last 4 bits. It should be obvious how many failed login attempts there have been, but lets switch these back to decimal to be sure:</p><pre>$ echo "ibase=2;0010" | bc 2 $</pre><p>Now for the next 11 bits. To get these we shift up 4 bits:</p><pre>$ a=9874;((a>>=4));echo $a 617 $</pre><p>This doesn't tell us much, but I can tell you this is the number of minutes into the day that the password was changed, so lets print this number in base-60:</p><pre>$ echo "obase=60;617" | bc 10 17 $</pre><p>Which is correct. I change this user's password today at 10h17, aka 10:17am.</p><p>The last two steps can be put into a single command:</p><pre>$ a=9874;((a>>=4));echo "obase=60;$a" | bc 10 17 $</pre><p>And there you have it. That is what is going on with the flag field in the /etc/shadow file on Solaris 11.1 and let me reiterate...</p><p><strong>This is an unstable interface. It can and will most likely change at any time without any notice, so do NOT come to rely on this information.</strong></p><p>I am providing this information just for information's sake and to provide you with a little explanation of what you might see.</p>Welcome to 2013Colinlildude.co.uktag:lildude.co.uk,2012:welcome-to-2013/13569719872013-01-01T00:00:35+00:002013-01-01T00:00:35+00:002013-01-01T00:00:01+00:00<p>Guess what folks, it's...</p><p><img src="/img/spacer.gif"> Merry Christmas 2012Colinlildude.co.uktag:lildude.co.uk,2012:merry-christmas-2012/13563428532012-12-25T09:01:21+00:002012-12-25T09:01:21+00:002012-12-25T09:00:00+00:00<p><img src="/img/spacer.gif"> Great Solaris and SPARC InfographicsColinlildude.co.uktag:lildude.co.uk,2012:great-solaris-and-sparc-infographics/13522816192012-11-07T10:49:49+00:002012-11-07T10:49:49+00:002012-11-07T09:40:09+00:00<p>This year sees the 25th anniversary of the SPARC processor and there's a fair amount of fan fair about it. To commemorate the occasion, Oracle has released two great infographics:</p><figure><p><a class="www.oracle-downloads.com/sparc25info/" target="_blank"><img src="/img/spacer.gif">
Related searches:
lildude strong change shadow password
gipoco.com is neither affiliated with the authors of this page nor responsible for its contents. This is a safe-cache copy of the original web site.