Here and Now: 2016

Friday, March 4, 2016

Parsing PDFs

I am trying to code up a PDF parser in order to parse and sort my huge directory of academic and conference papers. I tried most of the PDF reference manager and organizer(maybe a forthcoming blog post review), but none of them were intuitive, did exactly what I wanted, and did not move or create new files.

I wanted to write a parser in .NET C#, here are my preliminary search results:

iTextSharp - GOOD

PDFSharp - FAIL

Apache PDFBox - MAYBE

http://pdfbox.lehmi.de/

http://www.antoniob.com/pdfbox-121-for-net-binaries.html

Do you have a open-source PDF parser you can recommend?
Please comment below, thanks!

Monday, February 29, 2016

Static link .NET assemblies/DLL

Get ILMerge or ILRepack
or
Jeffrey Richter resource load

For ease of use and if you don't want to modify existing code then use ILMerge. Otherwise use the code reflection method.

Method 1:

Note: ILMerge is not able to merge WPF assemblies.

ilmerge /target:winexe /out:SelfContainedProgram.exe 
        Program.exe ClassLibrary1.dll ClassLibrary2.dll

Method 2:

Embed DLLs as resources using Visual Studio, then add code,

AppDomain.CurrentDomain.AssemblyResolve += (sender, args) => {  
   String resourceName = "AssemblyLoadingAndReflection." +  
      new AssemblyName(args.Name).Name + ".dll";  
   using (var stream =

      Assembly.GetExecutingAssembly().GetManifestResourceStream(resourceName)) {  
      Byte[] assemblyData = new Byte[stream.Length];  
      stream.Read(assemblyData, 0, assemblyData.Length);  
      return Assembly.Load(assemblyData);  
   }  
};

TIP: make sure registering the callback comes before everything
TIP: make sure the resource name is correct, esp. if its in a folder

There's a lot of information out there, let me know if I missed anything.

References
http://www.codeproject.com/Articles/9364/Merging-NET-assemblies-using-ILMerge
http://www.digitallycreated.net/Blog/61/combining-multiple-assemblies-into-a-single-exe-for-a-wpf-application

Saturday, February 27, 2016

Android File Monitoring

Lately I been doing some Android reversing so I have been trying to catch up on the latest Android tools. I immediately tried to find the SysInternal's tool equivalent on Android. Process monitor/File monitor/Registry monitor is a very powerfull anaytic tool that I use all the time on Windows.

Here is what I found for Android

logcat
strace
application specific instrumentation/injection

Frida
DBI

inotify/FileObserver - monitor specific file/directory for filesystem events
systrace
fsmon - monitor specific file/directory for filesystem events

Wanting to expand my search, I also looked at Linux

auditd
strace/ptrace/dtrace
htop

includes lsof
includes strace
includes perfmon

top
lsof
inotify
kprobes
perf
Monks- Procmon alternative for Linux - most promising for Linux

TLDR; so in conclusion I did not find anything that was a equivalent replacement for Android, the closest was Monks for Linux.

Please comment if I am missing something obvious.

If I see enough interest/page hits/comments, I will write one, I will probably write one any way ...

COMING SOON

Sunday, February 7, 2016

Offline Simple and Elegant Bill Reminder

Simplicity, Elegance, and Ease of Use.

Studies have shown that being online and connected with mobile phones actually make you LESS productive.

I pay my bill in batches to save time and worry. Why use bill reminder web sites that send you a email alert the day before, you just end up ignoring them or despising the sight of them.

I developed a offline (Windows only) desktop application to help me keep track of the bills I paid. You just have to set it up once by telling it all your monthly due dates, then when you pay it off, just click on the bill item and check paid.

Requires: Windows and .NET 4.0 or greater

Download Now for FREE

Features
Import from a file
Export from a file
History of payments

Limitations
Only monthly tracking
Only highlight dates a month in advance

Future additions
Refresh calendar on add and save
Icon
Minimize to system tray
Notification

Let me know of any improvements you would like or any help or documentation.

Tuesday, February 2, 2016

10 time saving tips for DIYers

Q. Why DIYers?
A. DIYers are motivated to overcome initial hurdles to save time/money in the long run.

Get a network attached storage device
NAS (Network Attached Storage)
USB 3.0, 1 TB Hard Drive for a router
Get fast internet (50 Mbps minimum)
FIOS - Fiber optic
Cable - Coax cable
Get a local network password manager
Password Safe
Stay offline; more and instant is not always better.
Get Amazon Prime
Includes 2 free Kindle book
Includes same day or 2 day shipping
Includes music library
Includes videos
Includes charity donation
Includes discount on game pre-orders
Pay bills in batches
Buy in bulk
Cut finance aggregation sites i.e. Mint.
DON'T make financial decisions using your phone.
Limit to 2 credit cards. Divide, conquer, and profit!
Use 1 computer for 1 specific task

If you are on a extremely tight budget or in debt, these tips do not apply, in that scenario
I recommend paying off the highest interest one first or alternatively paying off the lowest
principal one first.

Good Luck!

Sunday, January 31, 2016

Jenkins on Raspberry Pi

Installation
dpkg - l
sudo apt-get install jenkins

Browse to http://your-raspberry-ip:8080

Enable authentication
Manage Jenkins -> Configure Global Security ->
Jenkins Own User Database -> Allow users to sign up
Sign Up
Now disable Allow users to sign up

Plugins
You will probably want the greenball plugin, because success is indicated by a blue ball.
You will also want the msbuild plugin if you use Microsoft Visual Studio.
You will also want to enable the SVN plugin or GIT plugin.
Disable un-needed plugins to speed up loading.

Verdict

Jenkins runs pretty slow on the Raspberry Pi, so you are probably better off running all your tasks on a slave node machine.

A simple Linux build on the Pi through Jenkins took 2 minutes and 38 seconds.
On a slave Windows machine it took 10 seconds.

Wow, so it runs fast on slave node, the only problem is the Jenkins Web UI responds slow to click and any page refreshes. It may be faster to go through the Jenkins CLI, but I haven't tried that yet.

Let me know if you know of any tips to get the Jenkins Web UI to respond faster or if you have any other experience running another CI (continuous integration) application (Bamboo, ...) on the Raspberry Pi.

Tuesday, January 26, 2016

Using Volatility with Hyper-V

Assuming you have a Hyper-V image with Win7x64 and you want to use Volatility to do
memory forensic analysis.

1. Set _NT_SYMBOL_PATH=srv*c:\symbols*https://msdl.microsoft.com/download/symbols

2. Install debugging tools for Windows
     Microsoft make it hard to just get the debugging tools by itself, you will need to download
     the SDK setup, run it, and from the component selection menu select only the debugging
     tools option. You may also get it from this site, CodeMachine downloads.

3. Install SysInternals LiveKD
     We will use LiveKD to dump memory from RAM for analysis

4. Run your Hyper-V VM

5. List currently running VMs (Administrative privilege required)
     >livekd.exe -hvl

6. Use previous listed name to dump memory
    >livekd.exe -hv name -p -o c:\memory.dmp

If you get any errors about kdversionblock or cannot resolve symbols for ntoskrnl, make sure your
    symbols are correct. You may also have to start up livekd in debugging mode and force
    downloading of symbols
    >livekd.exe -hv name
              >>.reload /f

    Verify your symbols folder contain the symbol files.

7. Convert from memory to raw dump (OPTIONAL, try if first with the memory dump)
    >volatility-X.X.standalone.exe -f c:\memory.dmp --profile=Win7SP1x64 imagecopy
-O c:\memory.dd

8. Run Volatility commands
    >volatility-X.X.standalone.exe -f c:\memory.dd --profile=Win7SP1x64 psscan

References
www.wyattroersma.com
Good blog with various post on Volatility and VMs