Dong's Note

Aug 26, 2005 By Nalneesh Gaur
in Linux Journal

The shell script compiler, shc, obfuscates shell scripts with encryption—but the password is in the encrypted file. Could an intruder recover the original script using objdump?

shc is a popular tool for protecting shell scripts that contain sensitive information such as passwords. Its popularity was driven partly by auditors’ concern over passwords in scripts. shc encrypts shell scripts using RC4, makes an executable binary out of the shell script and runs it as a normal shell script. Although the resulting binary contains the encryption password and the encrypted shell script, it is hidden from casual view.

At first, I was intrigued by the shc utility (www.datsi.fi.upm.es/~frosal/sources/shc.html) and considered it as a valuable tool in maintaining security of sensitive shell scripts. However, upon further inspection, I was able to extract the original shell script from the shc-generated executable for version 3.7. Because the encryption key is stored in the binary executable, it is possible for anyone with read access to the executable to recover the original shell script. This article details the process of extracting the original shell executable from the binary generated by shc.

**Q: **How do I encrypt my bash shell script on Linux environment? The shell script contains password, and I don’t want others who have execute access to view the shell script and get the password. Is there a way to encrypt my shell script?

**A: **First, as a best practice you should not be encrypting your shell script. You should really document your shell script properly so that anybody who views it understands exactly what it does. If it contains sensitive information like password, you should figure out a different approach to write the shell script without having to encrypt it.

That being said, if you still insist on encrypting a shell script, you can use SHC utility as explained below. Please note that encrypted shell script created by shc is not readable by normal users. However someone who understands how this works can extract the original shell script from the encrypted binary created by shc.

For my menu of a website I want to add text-decoaration on a:hover to be the » sign/symbol.

I tried it like this:

1
2
3
4

.navbar .nav > li > a:hover:before {
    content: "»";
    color: #fff;
}

Any thoughts?

It needs to be in Unicode.

1
2
3
4

.navbar .nav > li > a:hover:before {
    content: "\00BB";
    color: #fff;
}

via:
http://stackoverflow.com/questions/13213826/use-css3-or-javascript-to-add-raquo-to-a-link-on-hover

reference:
http://stackoverflow.com/questions/8621481/removing-raquo-from-a-string-using-jquery
javascript：slicedCrumb = $(this).html().replace('/[&]raquo[;]/ ', '');
http://stackoverflow.com/questions/6202470/set-raquo-html-entity-in-javascripts-document-title
javascript：innerHTML = '»'

Dropbox 可用 hosts 清单

Charles 是一款http代理工具
同时也可以作为抓包工具

Download: http://www.charlesproxy.com/ (官网)

Registered name: anthony ortolani

License key: a4036b2761c9583fda（好孩子看不到）

数据来源 Youtube

via: http://blog.woodbunny.com/post-128.html

对于经常在 Windows 下进行 Web 开发的人来说，Fiddler 是神器。但由于它是 .Net Framework 下开发的，注定了用于 Linux 或者 Unix 之类系统上只能通过反向代理，如果不在同一个局域网内，非常麻烦。

还好在 Mac OS X 下我们还有 Charles。

和 Fiddler 相比较，二者的功能不相伯仲。优势在于 Charles 跨平台能力强，Charles 支持 Windows/Mac OS/Linux，Fiddler 只能安装在 Windows 下；劣势在于 Charles 是商业软件，最便宜也得 50 美金。

1

networksetup -listallnetworkservices

得到所有接口（interfaces）.

1

networksetup -setdnsservers {INTERFACE NAME} {YOUR DNS SERVER}

设置DNS.

1

networksetup -setdnsservers {INTERFACE NAME} {YOUR DNS SERVER} {YOUR DNS SERVER}

如果有多个DNS，那么用空格隔开。

之后就可以用ifconfig查看修改了。

networksetup更多参数可以查看:
https://developer.apple.com/library/mac/documentation/Darwin/Reference/ManPages/man8/networksetup.8.html

Versions 可以说是MAC下最好用的svn客户端了，然后它并非免费软件，官方售价59美刀，学生价也要39美刀。

目前网上的破解版只有到1.2.2的，偏偏这个版本不支持svn1.8， 只能使用试用版的，30天一过。。。纠结中。。。

本人是菜鸟一个，折腾大半个月，总算是把1.3.0成功破解了。本着不能独享的精神，放出下载。（此破解只仅体验，有能力的请支持正版，谢谢）

破解方法：

1、下载官方原版，安装，运行，你会看到软件右上角有“试用版，还剩XX天”的提示。

2、退出软件，下载本文附件，解压。

3、用Finder转到应用程序，找到versions，右键“显示包内容”，进入contents -> MacOS 目录，把下载的附件替换进去（记得先备份），OK了退出，重新打开versions，你会发现那个购买提示不见了。。。

免费下载：Versions.zip （这里鄙视下 某度论坛，破解的也好意思收费下载。。。）

备用地址：本地下载

1. 前往谷歌官方下载你喜欢的语言的组策略模板, 后缀为.adm
   这是官方的发布地址，以后更新应该也是在这里

2. Win+R gpedit.msc

3. 本地计算机策略 > 计算机配置 > 管理模板

4. 右键管理模板，选择添加/删除模板

5. 添加 chrome.adm 模板

原文内容：https://code.google.com/p/goagent/issues/detail?id=14192#c14

原文很长，具体做法就是：
1：如果使用的默认证书，请删除CA.crt、certs文件夹，并且请在cmd下输入certmgr.msc，并且选择受信任的根证书颁发机构，找到goagent的证书，删除之，然后重新运行goagent会生成一个唯一的证书并导入。
2：如果已经生成唯一的证书，请在更新goagent版本的时候保持CA.crt、certs文件夹不要被新版默认证书覆盖，也就是不要更新这两个东西。
3：每次更新都要编辑proxy.ini的[gae]片段，确保mode = https、validate = 1