When all items are selected with -s A and option -d from this new version on, items are decoded and dumped to stdout en separated by end-of-line character(s).
base64dump_V0_0_27.zip (http)I got a cheap Geiger counter from Aliexpress:
This picture was taken on an airplane: you have more radiation (cosmic rays) at high altitude.
I figured out how to interface with this counter in Python to log real time data:
#!/usr/bin/env python
from __future__ import print_function
__description__ = "Program for geiger meter"
__author__ = 'Didier Stevens'
__version__ = '0.0.1'
__date__ = '2024/05/11'
"""
Source code put in the public domain by Didier Stevens, no Copyright
https://DidierStevens.com
Use at your own risk
History:
2024/05/11: start
Todo:
"""
import optparse
import serial
import time
def FormatTime(epoch=None):
if epoch == None:
epoch = time.time()
return '%04d%02d%02d-%02d%02d%02d' % time.localtime(epoch)[0:6]
def FindCOMPorts():
ports = []
for number in range(1, 10):
try:
comport = 'COM%d' % number
with serial.Serial(comport) as oSerial:
ports.append(comport)
except serial.serialutil.SerialException as e:
if 'PermissionError' in e.args[0]:
ports.append(comport)
return ports
def LogToCSV(comport):
ser = serial.Serial(comport, 115200, timeout=0, write_timeout=0)
ser.write(b'\xAA\x05\x0E\x01\xBE\x55\x00')
alldata = b''
fOut = open('geiger.csv', 'a')
while True:
data = ser.read(1000)
if data != b'':
alldata += data
lines = alldata.split(b'\xaaU\x0e')
alldata = lines[-1]
lines = lines[:-1]
for line in lines:
if line != b'':
out = FormatTime() + ';' + line.decode('latin')
print(out)
fOut.write(out + '\n')
if alldata.endswith(b'U') and not alldata.endswith(b'\xaaU'):
out = FormatTime() + ';' + alldata.decode('latin')
print(out)
fOut.write(out + '\n')
alldata = b''
time.sleep(0.40)
def Main():
oParser = optparse.OptionParser(usage='usage: %prog [options]\n' + __description__ , version='%prog ' + __version__)
oParser.add_option('-l', '--listports', action='store_true', default=False, help='List ports')
(options, args) = oParser.parse_args()
comports = FindCOMPorts()
if options.listports:
print('Available ports:')
for comport in comports:
print(' %s' % comport)
return
if len(args) == 1:
LogToCSV(args[0])
elif len(comports) == 1:
print('Using %s' % comports[0])
LogToCSV(comports[0])
else:
print('Provide the COM port as argument')
print('Available ports:')
for comport in comports:
print(' %s' % comport)
if __name__ == '__main__':
Main()
This is a bugfix version.
base64dump_V0_0_26.zip (http)This small update brings support for ZIP 2.0 via the pyzipper module.
strings_V0_0_10.zip (http)This is a post for version updates 0.0.8 and 0.0.9.
Added command officeprotection and option -j for pretty.
xmldump_V0_0_9.zip (http)This small update brings support for ZIP 2.0 via the pyzipper module and fixes a /ObjStm parsing bug.
pdf-parser_V0_7_10.zip (http)This small update brings support for ZIP 2.0 via the pyzipper module.
pdfid_v0_2_9.zip (http)–prefix and –suffix can now also be filenames.
cut-bytes_V0_0_17.zip (http)
MD5: 86D0692C6303248639A740E7A2AC4525
SHA256: D4FCFBD2305D7E5E97AB993741DF95B4565A882B0CD7DBA061D09578A1DDADA7
This is an update for plugin plugin_biff.py.
Protected xls files (workbook protection, sheet protection) are protected with a password, but are not encrypted.
The password is hashed to a 16-bit hash called verifier, such a short hash gives ample opportunity for hash collisions.
I calculated passwords for all possible hash values (32768, or 0x8000) mostly with letters and digits, some with special characters (verifier table). This verifier table is not a rainbow table, because the table contains all possible hash values and a corresponding password.
If a verifier can not be cracked with a provided password list, the password will be taken from the verifier list.
Example: this spreadsheet has a sheet protected with password azeqsdwxc, which is not in the embedded password list (obtained from John The Ripper); thus the password from the verifier table is taken (bbbbhz):
Passwords azeqsdwxc and bbbbhz both hash to the same verifier value (0xd9b1), thus there is a hash collision, and both passwords can be used to unprotect the sheet.
oledump_V0_0_77.zip (http)This is a bugfix release for @files.
hash_V0_0_13.zip (http)
Didier Stevens 