Author: mario

vim

Posted on by mario

normal mode

  • [count]operation[count]{motion}
  • :q! = quit without saving
  • :x = :wq == write and quit
  • dd or D = delete line
  • d7d = delete the next 7 lines
  • . = repeat the last command
  • CTRL + o = back to last cursor position
  • p = insert (from register) / paste in line below cursor
  • P = paste obove cursor- :reg = list registers
  • "1p = paste from register 1
  • "+y = copy into system clipboard
  • "+p = pate from system clipboard
  • u = undo
  • CTRL + R = redo
  • i = enter insert mode
  • v = enter visual mode
  • y = yank / copy what was selected
  • yy = yank / copy line
  • 4yy = yank 4 lines
  • >> = indent- << = unindent
  • :E = open file explorer (works only with set nocompatible)
  • :bd = buffer delete / close buffer
  • :bn = goto next buffer
  • :bp = previous buffer
  • :ls = list of buffers
  • * = Find word unter cursor- :%s/search/replace/g g for global
  • :%!column -t spaces to columns
  • $ = goto the end of the line
  • x = delete charater under cursor
  • w = goto next word
  • dw = delete next word
  • 0 = goto start of line
  • z ENTER move view to line
  • :terminal Open Terminal in split view
  • :set rightleft right to left (exit with :set rightleft&)
  • :edit! reload file without saving or :e!
  • :set nowrap
  • :set wrap
  • :set nu Show line numbers. Reverse with nonu
    :setlocal cm=blowfish2
  • :X
  • h j k l = move cursor ( h: ← j: ↓ k: ↑ l: →
  • :sp = split screen (same file)
  • :sp filename = open other file
  • :vsp = vertical split
  • CTRL + w CTRL + w = switch between splits
  • :hide = close current window
  • :only = keep only this window
  • :help holy-grail = advanced help
  • :set rightleft = some fun

Search/Replace

  • R = enter replace mode- /pattern – search for pattern
  • ?pattern – search backward for pattern
  • n – repeat search in same direction
  • N – repeat search in opposite direction
  • :%s/old/new/g – replace all old with new throughout file
  • :%s/old/new/gc – replace all old with new throughout file with confirmations

insert mode

  • CTRL + n CTRL + p = Complete word
  • CTRL + x CTRL + l = Complete line
  • CTRL + r = insert register
  • 80i * ESC = insert 80 *
  • 5o # ESC = insert 5 rows starting with #
change EOL / line ending
  • :set ff=unix= set to unix line endings
  • How to jump back to NERDTree from file in tab
    ctrl-ww

INSERT
you can insert text from your host’s clipboard by pressing the right mouse button (default setting) or by pressing Shift + Ins. Note that this has the same effect as entering every character manually. So if you are using auto indentation in vim, this will very likely screw up your code.
To fix that, you can do the following:
Before pasting into vim, enable paste mode by entering :set paste.Press I to enter insert mode. The status bar should say -- INSERT (paste) -- now.Press Shift + Insert (The auto indentation of vim should not happen.)Press Esc to leave insert mode, and disable paste mode using :set nopaste again.

How to delete all lines of file in Vim
Type gg to move the cursor to the first line of the file, if it is not already there.Type dG to delete all the lines.

SSH Tricks

Posted on by mario

This is more for me than others. Sometimes I forget things like this.

SSH Dynamic Socks Proxy for the browser.

ssh -D 8888 mario@example.com
Browser: Socks Proxy localhost 888

SSH Tunnel to another host

ssh -L 9090:localhost:9090 user@proxyhost -i SSHKEY ssh -L 9090:localhost:9090 -N user@TARGETSYSTEM

Also SSH Tunnel Bypassing Transparent proxy using apache

Honor / huawei phone disable / remove huawei search

Posted on by mario
1) Download ADB
2) Enable USB Debugging on your device
3) Connect to computer and verify your device is listed with command “adb devices”
4) Type “adb Shell”
5) Type “pm list packages”, this will show you all packages installed on phone.
6) Type “pm uninstall -k –user 0 com.huawei.search”
7) you should see the word “Sucess” pop up
Well I removed some more bloat ware
adb devices
adb Shell
pm list package
pm list package | grep "huawei"
pm uninstall -k --user 0 com.huawei.search
pm uninstall -k --user 0 com.huawei.appmarket
pm uninstall -k --user 0 com.huawei.himovie.overseas
pm uninstall -k --user 0 com.huawei.android.mirrorshare
pm uninstall -k --user 0 com.huawei.tips
pm uninstall -k --user 0 com.huawei.wallet
pm uninstall -k --user 0 com.facebook.services
pm uninstall -k --user 0 com.facebook.appmanager
pm uninstall -k --user 0 com.facebook.system
pm uninstall -k --user 0 com.google.android.feedback
pm uninstall -k --user 0 com.huawei.android.karaoke
pm uninstall -k -–user 0 com.huawei.hifolder
pm uninstall -k --user 0 com.huawei.hwdetectrepair
pm uninstall -k --user 0 com.huawei.phoneservice
pm uninstall -k --user 0 com.huawei.hwid

pm list package | grep -v "google" | grep -v "huawei" | grep -v "com\.android"
pm list package huawei
pm list packages | grep "huawei" | sort

How to paste / insert in vim from clipboard

Posted on by mario

When ever I tried to insert text from the clipboard to vim it did either not work at all or the lines were inserted like a tree, each line more indented.

To fix that, you can do the following:
Before pasting into vim, enable paste mode by entering :set paste.
Press I to enter insert mode. The status bar should say — INSERT (paste) — now.
Press Shift + Insert (The auto indentation of vim should not happen.)
Press Esc to leave insert mode, and disable paste mode using :set nopaste again.
This works from windows terminal, putty, linux terminal and WSL.

Fight CBC ciphers with 256 bit alias crypto wars part ten

Posted on by mario

Since a few weeks the ssllabs server tests marks three more ciphers as CBC ciphers. Block ciphers are not secure. And flagged orange in the test results.

The candidates are

ECDHE-RSA-AES256-SHA384
ECDHE-RSA-AES256-SHA
DHE-RSA-AES256-SHA

Removing them form the configuration also means removing the support for several older browsers.

The new recommended cipher suite is:

SSLCipherSuite SSL ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384
SSLCipherSuite TLSv1.3 TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384

 

Thanks to Gregg for showing the other POLY 1305 ciphers that I didn’t know of until today. I saw you post at AL.
Update: I had to remove ECDHE-RSA-CHACHA20-POLY1305 and DHE-RSA-CHACHA20-POLY1305 since they are not HIPAA nor NIST compatible.

The TLS_AES_128_GCM_SHA256 ciphers is mandatory for TLS 1.3, but I kindly ignore that since I want only 256 bit encryption. This is not madness, this is crypto wars.

The whole configuration

<If "%{SERVER_PORT} == '443'">
        <IfModule mod_headers.c>
                Header always set Strict-Transport-Security "max-age=15553000; preload"
        </IfModule>
</If>
SSLUseStapling On
SSLSessionCache shmcb:/opt/apache2/logs/ssl_gcache_data(512000)
SSLStaplingCache shmcb:/opt/apache2/logs/ssl_stapling_data(512000)
SSLOptions +StrictRequire +StdEnvVars -ExportCertData
SSLProtocol -all +TLSv1.2 +TLSv1.3
SSLCompression Off
SSLHonorCipherOrder On
SSLCipherSuite SSL ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384
SSLCipherSuite TLSv1.3 TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384

SSLOpenSSLConfCmd ECDHParameters secp384r1
SSLOpenSSLConfCmd Curves sect571r1:sect571k1:secp521r1:sect409k1:sect409r1:secp384r1:sect283k1:sect283r1:secp256k1:prime256v1

H2Direct On

Wild card domain to localhost because development matters

Posted on by mario

I have an A record for *.local at my test domain to 127.0.0.1

For web development it is often required to have a domain name rather than a subfolder in localhost. A vhost for a (sub)domain is easy to set up on my local apache instllation. I can have even a free, valid SSL certificate for that vhost. Wait, what? How can I have a valid certificate for free for a local domain? I use Let’s encrypt with DNS chalange. Sure every time I have to update the certifacte I have to change a DNS txt record, but that is easy.

Another reason why I have a wild card record to 127.0.0.1 is that I can add as many vhosts for testing to apache and don’t have to add or change the DNS settings. Also I can use it on every computer as long as it can query the DNS server on the internet. I can even give my co worker my vhost config and it works without changes.

So *.local.apachehaus.de is free for development. But you can’t have a SSL certificate. If you want that, you can do the same trick with your domain.  Happy development.

Back to the front. Bootstrap with composer

Posted on by mario

After a long while I had to something with frontend coding. I wanted to used composer like in my PHP projects. But how the heck to get the composer files to the public / frontend folder on each update? Luckily composer knows a post update command. So here we go

{
  "require": {
    "twbs/bootstrap": "4.3.1"
  },
  "scripts": {
    "post-update-cmd": [
      "rm -rf public/bootstrap",
      "cp -R vendor/twbs/bootstrap/dist public/bootstrap"
    ]
  }
}

with composer update the files will be copied to public/bootstrap. Easy!

Apache log as JSON

Posted on by mario

It is often required to parse the apache log, but the normal log format requires special handling like: https://github.com/JBlond/apache_log_parser
It is easier to have a direct output like JSON format.

LogFormat "{ \"time\":\"%t\", \"remoteIP\":\"%a\", \"host\":\"%V\", \"request\":\"%U\", \"query\":\"%q\", \"method\":\"%m\", \"status\":\"%>s\", \"userAgent\":\"%{User-agent}i\", \"referer\":\"%{Referer}i\" }" json

Now we have an easy to read log file.

Author Archive

Archives by Month: