This update adds the option –trim to template process-text-files.py.
python-templates_V0_0_8.zip (http)MD5: 6C845823BB8AC4DB42993B994E93AF66
SHA256: 20EC1E6540DF31939686CA4B54C5312DF3724EB756B16BA724722C3196BDF93F
Tuesday 20 September 2022
Update: My Python Templates Version 0.0.8
MD5: 6C845823BB8AC4DB42993B994E93AF66
SHA256: 20EC1E6540DF31939686CA4B54C5312DF3724EB756B16BA724722C3196BDF93F
Monday 19 September 2022
Update: strings.py Version 0.0.8
This version of my strings.py program adds option -N to select strings that end with a NUL character (C-strings).
strings_V0_0_8.zip (http)MD5: 29015239E6385FFA63C2E33755C34CD9
SHA256: 449AC9AA39A464D7C5883DED3FE9CB21A2E8E700F7763AD4199C25D37DCBD296
Sunday 18 September 2022
New Tool: split-overlap.py
split-overlap.py is a tool to split a binary file in parts of a given size.
For example: split-overlap.py 1000 test.data
When test.data is a binary file with size 2500 bytes, the above command will create 2 files of 1000 bytes and one file of 500 bytes.
It’s also possible to split a file with some overlap. Like this:
The blue block represents the original file, the yellow blocks are parts of the original file without overlap, and the green blocks represent parts of the original file with some overlap.
A command to achieve this, is, for example: split-overlap.py 100M+1M dump
This will create parts of 101 MB in size, with a overlap of 1 MB.
The main reason I developed this tool, is to be able to handle very large files, like memory dumps, by tools who can not handle such large files.
Splitting up a file in smaller, equal parts is a solution, but then you run the risk (a small risk) that the pattern you are looking for, is just at the “edge”: that the file is split in such a way, that one part contains the beginning of the pattern, and the next part contains the rest of the pattern. Then your tools are unlikely to find the pattern.
I solve this with my tool by using an overlap. You just have to make sure that the size of the overlap, is larger than the pattern you are looking for.
If you want to know more, read the man page: split-overlap.py -m
split-overlap_V0_0_1.zip (http)MD5: 77CFF0787244B3B940B07D099C26C3F1
SHA256: 3C246F35F612A43B83843F327AB4EA4EE2CADDBCEDEAD9C50540228DAB17025A
Thursday 15 September 2022
Update: virustotal-search.py Version 0.1.7
A new option was added to limit the amount of requests: -l (–limitrequests).
virustotal-search_V0_1_7.zip (http)MD5: BB6E9D480F7BCF0FD3F0CB8EED1B49FE
SHA256: AEFEB5761A5BBEE998FA20A68213316522C7554796F47EB8C7EB2A5DF1D4E73D
Wednesday 14 September 2022
Quickpost: An Inefficient Powerbank
I tested a small powerbank that I have, and it’s very inefficient.
It takes 10.07 Wh to charge:
And it delivers 5.95 Wh when I discharge it (5V at 0.250 mA).
So I only got 59% back of the energy I put in.
This powerbank is quite old, it might have become so inefficient over the years. Google searches tell me that you should get at least 85% efficiency.
Although this powerbank still works fine, and his very handy to me because of its small form factor, I’ll see if I can get a more efficient one with a similar form factor.
Quickpost info
Tuesday 13 September 2022
Quickpost: “Exploding Multimeter”
I made a mistake and destroyed my old multimeter.
It’s a 30+ year old multimeter, and it had become very dirty because of all the dust it collected while I used it in a home renovation project, years ago. It was still functional, so I used it for years like that.
But recently, after discovering YouTube “restoration videos”, I got the idea to open it up and clean it.
The result was very good. Until I used it the first time to measure a 230V cable. Then there was a big flash inside the casing, and all the lights went out.
This is how it looks now (notice the black soot marks on the orange plastic):
And the burned diodes:
What went wrong? The meter also has aluminum foil to shield the electronics:
And I was not careful enough when I put it back, and it shorted the 2 connectors:
Quickpost info
Saturday 10 September 2022
Maldoc Analysis Video – Rehearsed & Unrehearsed
When I record maldoc analysis videos, I have already analyzed the maldoc prior to recording, and I rehearse the recording.
This time, I also recorded the unrehearsed analysis: when I take the first look at a maldoc I’ve not seen before.
All in this video:
Friday 9 September 2022
Quickpost: Dolmen du roc de l’Arca
While on holiday in Feilluns (France, Pyrénées-Orientales) in September 2021, I did search several dolmens.
While the dolmen Caouno del Moro is easy to find (it is right next to a road, just follow the signs starting in the village), the nearby dolmen du roc de l’Arca is not so easy to find, as there are no signs and it’s on the top of a wooded hill.
Dolmen du roc de l’Arca:
Map:
Drone picture:
Video: walking from dolmen Caouno del Moro to dolmen du roc de l’Arca.
Video: drone view of dolmen du roc de l’Arca.
Quickpost info
Thursday 8 September 2022
Quickpost: Sun Drying Biodegradable Waste
As biodegradable waste contains a lot of water, I was wondering how much mass reduction I can achieve by exposing it to the sun (by evaporating some of the contained water).
On a sunny day in March (Belgium), I weighed these fruit peels (I had just consumed the fruit):
66 grams
Exposing it to sun & air:
After 7 hours, 24 grams left:
So we lost 42 grams, almost 2/3 of the original mass.
For those of you having to pay for their household biodegradable waste processing by the kilo, it might be something to look into.
I’ll have to figure out if this is something practical & that scales easily, or not.
Quickpost info
Wednesday 7 September 2022
Update: hex-to-bin.py Version 0.0.6
This is a small update: when non-hexadecimal characters are found, they are listed before an exception is raised.
hex-to-bin_V0_0_6.zip (http)MD5: 9939263DCF538BBF5FC98DB2EC83F247
SHA256: 94B2B23BCA5C000CA85EEE8AE1A16AEEDB77E72057111C8207A683BD4DDF4581
Didier Stevens 