lspgn

Intercept Unix Socket

Wireshark/TCPdump can be used to intercept a Unix socket and read the content that passes through. The socket must be transformed into a TCP socket and then back into a Unix socket.

To transform a Unix socket into a TCP socket (port 55000), use the following:

socat TCP-LISTEN:55000,reuseaddr,fork UNIX-CONNECT:/path/to/existing/socket

lspgn

tcpreplay and tcprewrite quick commands

Whether you capture packets either with tcpdump or Wireshark you often get a pcap file containing all the packets.

You can use tools to replay the packets on the interface. When debugging software, it may be necessary to edit the IP and mac addresses inside the pcap. To not rely on the network, it is also possible to use the local interface (lo0 on MacOS).

lspgn

package main

import (
	"fmt"
	"net"
	"log"
	"flag"
	"context"
	"syscall"
	"time"

lspgn

{
  "format": "3.0",
  "replacements": {
    "warp_text": {
      "find": "(.{42})",
      "replace": "\\1\n",
      "greedy": true
    },
    "hex_text": {
      "find": "(.{2})",

lspgn

Use a serial port to connect to a Linux VM in VirtualBox

Configure VirtualBox

Go into a VM Settings > Ports > Serial Ports Set the port into Host Pipe. Uncheck Connect to existing pipe socket For this gist, we will use /tmp/mysocket

Check for serial on guest Linux

lspgn

Sign a file with a Yubikey PIV

First you have to install ykman and opensc. We assume there is already a certificate in slot 9c.

Extract public key from 9c slot of the Yubikey

$ ykman piv export-certificate 9c - | openssl x509 -noout -pubkey > pubkey.pem