btcinfo  

Hic inserere motto

Suckless st and tabbed

July 15, 2021 — shinohai

In my quest to vpatch more things that I use regularly, I finally made a section on this site for my collection of suckless tools. While urxvt served me well for some time, it grows more and more into a bloated mess every update for so simple an iten as a virtual terminal. st + tabbed combined have far fewer lines of code, is all in C, and with a few tweaks mimics all the good functionalities I need.

The st vpatch is vanilla st with the scrollback patches and externalpipe patch applied so I get a clean genesis starting point, and tabbed is the one found at suckless.org but modified slightly to allow allow renaming of open tabs (more on that below).

Both items are pressed in the usual way using your preferred implementation of V. The `config.h` file can be adjusted further to operator preferences before building with `make`.

After the items are installed to your path, a couple of bash functions can be added to one's aliases to ease tabbed terminal startup and renaming of tabs:

function set-title() {
  if [[ -z "$ORIG" ]]; then
    ORIG=$PS1
  fi
  TITLE="\[\e]2;$*\a\]"
  PS1=${ORIG}${TITLE}
}

function term() {
xid="$(tabbed -c -d -s -r 2 st -w x)"
st -w "$xid" bash &
}

Now I have an easy way to open a tabbed terminal and quickly rename tabs to organize work. For me, it looks something like this:

These items can now be found here:

st vpatch and seals

tabbed vpatch and seals

Tags: News, Linux, Tools

A simple bip39 diceware script in common lisp

July 07, 2021 — shinohai

I'm currently bench testing a "Foundation devices" passport hardware Bitcoin wallet, because why not? While the device will happily generate bip39 seeds for you I wanted to test load a bunch of seed phrases generated offline without throwing dice all afternoon and figured a simple lisp script would suffice.

I started with this implementation of diceware. The original author provided no asdf system file or anything, but we don't need that where we're going, so a couple of quick modifications get us where we want to be here. We only need an index of 2048 for our *words* array, so we change that in the script to make it compatible with the standard bip39 wordlist.

(require 'ironclad) (defparameter *words* nil) (defparameter *prng* (ironclad:make-prng :fortuna)) (defun load-words (&optional (wd-list #P "bip39-english.txt")) "Load *words* from bip39-english.txt" (with-open-file (s wd-list) (do ((wd (read-line s nil) (read-line s nil)) ( i 0 (1+ i))) ((not wd)) (setf (aref *words* i) wd)))) (defun choose-one () "Randomly choose a single word from *words*." (aref *words* (ironclad:strong-random (length *words*) *prng*))) (defun choose-password (n) "Generate n random words for a pass phrase. Initialize *words* if needed" (unless *words* (setf *words* (make-array 2048)) (load-words)) (let (words) (dotimes (i n) (push (choose-one) words)) (reverse words)))

Grab the standard bip39 English wordlist from the "Bitcoin Core" Shithub repo, and save it in the same directory as the script naming it "bip39-english.txt".

Load up the script in your lisp REPL (I used SBCL here) and run `choose password` + the number of words you are using for your seed.

/usr/local/bin/sbcli --load diceware.lisp REPL for SBCL version 0.1.0 Press CTRL-D or type :q to exit [sbcl]> (choose-password 12) => ("bean" "humble" "bid" "put" "panda" "aunt" "color" "tilt" "discover" "two" "magic" "observe")

The device happily accepted the phrases generated via manual entry or the xpub calculated from the phrase, and freed up time for me to continue trying builds of the device firmware. More to come.

Tags: Bitcoin, Lisp, Linux

Gentoo chroot on android 10 device

June 06, 2021 — shinohai

I was in a pinch over the weekend and needed a quick gentoo env to test something but only had my stupid android 10 smartphone with me, so wat do? I'm documenting the following recipe that (so far) works for me and preserving the tarball here to my www for possible future needs.

Grab the stage3 for armv7 using curl inside termux.

`curl -sSL4 http://btc.info.gf/devel/gentoo/arm/android/stage3-arm64-20200704.tar.xz`

Gotta fucking fix hardlinks cuz of some android kernel herpderpery so we use proot, also from termux.

`proot --link2symlink tar -C $GENTOO/data -xf stage3-arm64-20200704.tar.xz`

Now make a script that starts up the chroot inside termux and fire it off:

`cat >chroot.sh << EOF #!/usr/bin/env bash set -eu set -o pipefail unset LD_PRELOAD export GENTOO=/data/data/com.termux/gentoo export EPREFIX=/data/gentoo64 proot --link2symlink -r $GENTOO -0 -w / \ -b /dev -b /proc -b /sys \ $EPREFIX/bin/sh -c \ "HOME=$EPREFIX/root $EPREFIX/startprefix" EOF chmod +x chroot.sh sh chroot.sh

Now from inside the chroot, fix your `/etc/resolv.conf` since this can't be copied from android system. Then source your profile and set ENV.

source /etc/profile export PS1="(chroot) $PS1"

Normally this is the step where one sets up portage, but resist the temptation to `emerge-webrsync` here. I'd simply crossdev the packages I needed on a much more capable machine and set up my `/etc/portage/make.conf` to emerge packages from a local binhost.

CAVEATS

This thing will bitch about `proc/` not being mounted on most devices. However, I'm able to see chroot processes inside htop in another termux session.

Because of the extreme minimal size of the environment, user is expected to be capable of building their own env using crossdev as explained above

UPDATE: I forgot to mention that I mounted one of these Kingston 8GB microsd cards before unpacking the fs:

Tags: News, Gentoo, Linux

warez addition 'calc' sim

May 16, 2021 — shinohai

After recovering from my initial shock of finding something useful on "Hacker" "News", I immediately set about cloning this lightweight calculator sim for future hacks.

Now available in my warez section, you can try this handy tool here: [CALC].

That is all.

Tags: News, Math, Python, Linux

Spring projects I: Gentoo distfiles mirror.

February 03, 2021 — shinohai

One of the more useful items I had not gotten around to mirroring is asciilifeform's historic Gentoo distfiles which is, as far as I can tell, possibly one of the only places on the internet to get these. These will now live here: http://btc.info.gf/devel/gentoo/distfiles/.

The Gentoo section of this www has suffered from a bit of neglect over the past year, and this is something I hope to remedy by this Summer. Possible upgrades will include a collection of guides for various boards, mirrors of historic .iso's (which also are getting harder to locate) and addition of various musl patches I have scattered about from past experiments.

Tags: News, Gentoo, Linux

Essential kit items: Building SBCL on Gentoo with musl

November 08, 2019 — shinohai

Steel Bank Common Lisp is another must-have tool in my kit, since I use it to run my hybrid irc/Telegram bot and many other daily use items. In my previous post I documented how I managed to get gcc-4.9.4 massaged into shape, so this post will serve as a reference on how to do the same for SBCL so in the future I don't have to spend the day researching fixes and locating obscure patchsets.

When building many things using musl, one will often run into "undefined reference to `memcpy@GLIBC_*'" type errors, since glibc uses versioned symbols and musl does not. SBCL is no different, but fortunately a little digging turned up a working patchset on the SBCL mailing list which works beautifully, so I didn't have to spend the better part of a day cobbling one together as I did for gcc. I have preserved a copy of the patchset here and will definitely do my best to maintain these into the future should any major changes occur.

Much like Ada, SBCL requires itself or another ANSI common lisp to build. I decided to use CLISP (version 2.49.92) to perform this task, as it can be quickly built from sources using gcc only (and I didn't want to use a pre-built sbcl binary of unknown provenance). After getting clisp in place, building SBCL is mostly painless using the following steps:

I downloaded the 1.5.7 sources from my site and verified the checksums:

curl -O http://btc.info.gf/devel/gentoo/distfiles/dev-lisp/sbcl/1.5.7/sbcl-1.5.7-source.tar.bz2
curl -O http://btc.info.gf/devel/gentoo/distfiles/dev-lisp/sbcl/1.5.7/Manifest.sha512

Unpack the sources and enter the directory:

tar xjf sbcl-1.5.7-source.tar.bz2 && cd sbcl-1.5.7

Get the musl patchset and apply them:

wget -q -r -nd -N --no-parent -R "index.html*" http://btc.info.gf/devel/gentoo/distfiles/dev-lisp/sbcl/patches/
for i in *.patch; do patch -p1 < $i; done

Build using CLISP and install:

./make.sh "clisp" --fancy
./install.sh

The above recipe has so far worked quite nicely, having been tested by running the above mentioned irc bot and a few other essential lisp programs. I will update this post if/when any bugs are found or if any changes are made.

Tags: News, Linux, Lisp

Building gcc 4.9.4 with musl on Gentoo

November 05, 2019 — shinohai

Lately I have been experimenting a lot more with musl as a replacement for the continually shitty glibc. While musl was a standard part of cuntoo, it appears that particular project is mostly abandoned by it's author and I want to be more responsible for my own toolkit anyway. So starting with the most recent vanilla musl gentoo stage3, I decided getting my preferred compiler working would be first order of business. I tried the portage route with a simple `emerge -av =sys-devel/gcc-4.9.4-r1` which sang along happily for a while until hitting "configure: error: cannot run C compiled programs." and a few other errors.

After spending some time researching the errors and trying various fixes, I managed to produce a patch that will allow me to manually perform the ebuild steps and get a working gcc for musl. I used the following steps:

Download the sources:

ebuild /var/db/repos/gentoo/sys-devel/gcc/gcc-4.9.4-r1.ebuild fetch

Configure:

ebuild /var/db/repos/gentoo/sys-devel/gcc/gcc-4.9.4-r1.ebuild configure

Go to the source work directory (located at /var/tmp/portage/sys-devel/gcc-4.9.4-r1/work/gcc-4.9.4) and download this patch (sig) and verify, then patch:

patch -p1 < gcc-4.9.4-musl.patch

After patching, complete the manual ebuild steps:

ebuild /var/db/repos/gentoo/sys-devel/gcc/gcc-4.9.4-r1.ebuild compile

ebuild /var/db/repos/gentoo/sys-devel/gcc/gcc-4.9.4-r1.ebuild install

ebuild /var/db/repos/gentoo/sys-devel/gcc/gcc-4.9.4-r1.ebuild merge

Enjoy your shiny new compiler.

(chroot) shinohai ~ # gcc-config -l
 [1] x86_64-gentoo-linux-musl-4.9.4 *
 [2] x86_64-gentoo-linux-musl-8.3.0

Next order of business will be trying a fellow named ave1's Ada build for musl and making a POST1 on the results, in addition to publishing the steps I used to get SBCL working in this environment as well.

Read more...

Zerodium offering increased rewards for UNIX 0day exploits

June 29, 2018 — shinohai

Zerodium, a company that brokers exploits to governments and "law enforcement" is now offering rewards of up to one half million USD for zero days in UNIX operating systems. The company's website states that payments can be processed in Bitcoin and other "cryptocurrencies".

ZERODIUM evaluates and verifies all submitted research within one week or less. Payments are made in one or multiple installments by wire transfer or using crypto-currencies e.g. Bitcoin.

Zerodium only accepts submissions encrypted with their GPG KEY and claims to take one's privacy "very seriously", though they require a researchers personal information that they promise not to share with anyone, ever.

Tags: News, Bitcoin, Insecurity, Linux

Defeating adblock detectors: popularmechanics.com

June 23, 2018 — shinohai

While viewing websites in a graphical web browser, occasionally I find a site that hates when one uses adblock plus and prevents viewing unless it is turned off or the user pays for an "ad-free" pass. popularmechanics.com is one such website, and the nag screen remained despite the fact I was also running NoScript. What do?

As it turns out, the solution was baby simple. PopularMechanics uses a 3rd-party site to detect users running adblock, so all I had to do was add the following to /etc/hosts:

127.0.0.1 hearstapps.com

I was then able to smugly continue my research without sharing the page with hundreds of crappy ads, or being forced to pay for a pass on a website that I visit at most twice a year.

Feliz Sabado, mis amigos.

Tags: Linux, Webshit