Saturday, December 19, 2009

More Misc Stuff

I recently came across a couple of tools that may be helpful to someone and I have created a repository for some of my stuff:


Maatkit has a lot of cool utilities that allow you greater control of MySQL. I recently found it very useful for restoring an extremely large MySQL dump by using the mk-parallel-restore. For information about its feature, either visit the website or you can check out this Linux Magazine article.


HTMLDOC allows you create PDF documents of html pages. You can convert pages one page at a time, or as a book. So you could use wget to download the pages of a website recursively, including the graphics and then pdf'ify it into one book with references... pretty useful.

Some of my stuff

Since I'm not sure how much longer I will have my academic website, I am starting to move some of the code that's been hosted there to another location. I have also added a few things that are not listed on the old code page or elsewhere on my academic site, such as a DC3 Image Assember script that worked with the last DC3 challenge (haven't looked at the current one) and a Virus Total hash checker that takes a list of hashes and posts them to Virus Total to build an html report. This last one needs some modification however, since if one is checking lots of files Virus Total starts to report errors... Hopefully I'll have some time to create a new version in the future...


bdmeyer said...

Hi Jamie,
I was trying out your script. I got zero hashes returned, which may be as expected. (about 20 hashes)

I was concered that what I am seeing on the screen may actually be that something isn't working right. I wanted to let you know just in case something changed at VT since you wrote the script.

Here is what I see on the command line (Mac)
posting to
HASH: 07a7b8518aa5450b65da22169b73b3e5
getting from
sleeping 10
processing hash: 23a5bdebf14fcb13e207397f562975ef for file
processing 23a5bdebf14fcb13e207397f562975ef
posting to
HASH: 23a5bdebf14fcb13e207397f562975ef
getting from
sleeping 5
processing hash: abd0b0b76df6ed17c4d718c73188b6db for file
processing abd0b0b76df6ed17c4d718c73188b6db
posting to
HASH: abd0b0b76df6ed17c4d718c73188b6db
getting from
sleeping 5
processing hash: 00eff02751711e3225f62f294604fbe4 for file
processing 00eff02751711e3225f62f294604fbe4
posting to
HASH: 00eff02751711e3225f62f294604fbe4
getting from
sleeping 4
processing hash: 9036fe5d486bed8f49243d220d15cf37 for file
processing 9036fe5d486bed8f49243d220d15cf37
posting to
HASH: 9036fe5d486bed8f49243d220d15cf37
getting from

In the mean time, I am going to find some hases of actual viruses and try again.
Thanks for the fantastic script though.

--Bruce D. Meyer

Jamie Levy said...

Hi Bruce,

Thanks for the comment! I'll check to see what the issue is, but the script does need some changes to make it more robust. I'll post on here when I get it updated.


bdmeyer said...

I reran on a known virus.
I did indeed get a result.
The only odd thing is, the filename was blank. Maybe it is the layout of my hash file.

I am running:
md5sum filename >hashes.txt which creates a file that looks like this:
e753a5c4970bafe846015194aa6f3b4d 000066A2.SYS

The returned index.html shows:
File name(s) Hash Value
But the Filenames column is blank.
I swapped the order around in the hashes.txt file, which broke it badly.

Just trying to help, not complaining.

--Bruce D. Meyer