Letsencrypt Wildcard Certificates, with acme.sh client

Took me a bit of time to figure this out, so I thought I’d make it public. Letsencrypt announced their new wildcard certs, and because I have to add the SSL cert to a load balancer covering many subdomains, I needed to make use of it.

First thing to note is that not all clients support the new v2 API which is required for wildcard certs. I looked at the list of v2 supporting clients on the Letsencrypt site, and chose the acme.sh bash script. Not sure if I’m going to stick with it at this point but it got me going.

First thing you need to do is to run it with the –issue flag. You’ll need to run it with DNS authentication, as that’s the supported method for wildcard certs. You’ll also need to run it with both the root domain AND the wildcard.

Read moreLetsencrypt Wildcard Certificates, with acme.sh client

Realtek SD card reader problems on Ubuntu Mint 16.04 on a Dell Inspiron 3421

Pretty specific huh? Well the thing is I have the exact same card reader, OS,  version on one Lenovo laptop. The SD card works on the Lenovo, but not on the Dell Inspiron 3421.

The error it made on the Dell was the following in /var/log/syslog

Feb 14 08:30:46 raspberry kernel: [ 216.319736] mmc0: error -22 whilst initialising SD card
Feb 14 08:30:48 raspberry kernel: [ 219.151052] mmc0: tuning execution failed: -22

Lots of googling down dead ends ensued. Here’s a little more info about the device in question.

Read moreRealtek SD card reader problems on Ubuntu Mint 16.04 on a Dell Inspiron 3421

Alternative DNS servers in the Philippines

Sometimes the default DNS servers for ISPs in the Philippines don’t work. Sometimes they get overloaded, sometimes they block certain sites and not others due to internal agendas (PLDT blocking Globe sites for eg.). So here’s a list of the alternatives.

Outside the Philippines

Google DNS

8.8.8.8
8.8.4.4
2001:4860:4860::8888 (IPv6)
2001:4860:4860::8844 (IPv6)

OpenDNS (includes protection against malware)

208.67.222.222
208.67.220.220

Norton DNS

198.153.192.50
198.153.194.50

Inside the Philippines

Globe Telecom

202.52.163.6
202.52.163.7
202.52.162.39 (ns1.globeidc.com.ph)
202.52.162.40 (ns1.globeidc.com.ph)
202.52.167.70
202.52.167.71
203.127.225.10 (g-net.globe.com.ph)
203.127.225.11 (g-net1.globe.com.ph)

PLDT

210.14.4.37
112.206.232.66
119.92.150.133
122.52.136.140
119.92.233.159
58.69.254.3/58.69.254.8

Smart Bro

121.1.3.81
202.57.96.3

Sky Cable

202.78.64.83
202.78.64.84

Viber SQlite Database Extraction / Forensics

Well you can use this to pull messages out of a Viber Desktop database. I personally had to do it when I re-installed Viber and it deleted my entire message history, which wasn’t so friendly, so I pulled this out of the database so I could refer to it in a spreadsheet. Maybe there is a way of pumping it back into the new database …

I may end up putting more queries here when I discover them but below you’ll find the basic one to dump out a summary of messaging. It converts the Unix timestamp dates into readable ones, and tells you which way the messsage went too. If you have any other such queries, let me know, and I’ll include them: there didn’t seem to be much on this around the internet.

How you run the query is up to you. I previously used an SQlite extension for Firefox, but recently found the DBeaver cross platform Database app, and its working a treat across sqlite, mysql, postgresql, so that’s my favourite right now. Just run the query and export to CSV, using a strange delimiter such as ‘|’ so the message isn’t split into many fields at each comma.
You could also run the query from the commandline: copy the command to a file, say viber.sql, and then use the following, suitable for a backup script perhaps.

sqlite3 -header -csv -separator '|' viber.db < viber.sql > output.csv

On a standard install on Linux you’ll find the viber.db under ~/.ViberPC//viber.db
Obviously make a copy first if you’re nervous. Here is the query:

SELECT strftime('%Y-%m-%d %H:%M:%S',Events."TimeStamp",'unixepoch') AS Time, 
Contact.Name AS Name,
Contact.ClientName AS AltName,
Contact.Number As Cellphone,
CASE Direction WHEN 0 THEN 'rcvd' ELSE 'sent' END AS Direction,
Messages.Body AS Message
FROM Events 
INNER JOIN Contact ON Events.ContactID = Contact.ContactID
INNER JOIN Messages ON Events.EventID = Messages.EventID
ORDER BY Time;

If you have the same query for other versions of Viber and they’re different, let me know.

Command to find all image files which are not really image files!

Quick one this … so you’ve got a compromised webserver and you want to check the files on it. Many scanning tools will ignore images, but an image might not always be what it seems! Check them all with this command:

find /path/to/dir -regex ".*\.\(jpg\|png\|gif\)" -exec file {} \; | grep -i -v "image data"

If all is good, you won’t get any output. If your server is seriously borked, then you might see things like this …

./wp-content/uploads/2011/01/22.jpg: HTML document, ASCII text

This is a flag that the image is in fact a PHP file. Investigate!

If you get this kind of thing,
./wp-content/uploads/2011/01/221.jpg: Minix filesystem, V2, 46909 zones

its probably a bug in an old version of file, so check your OS version, copy the file to a more recent OS and try again.