Sunday, October 28, 2012

Git diff with Meld in Ubuntu


Are you using Git in Ubuntu and want to use a visual diff viewer? Excellent. May i suggest the awesome meld. Meld is  a visual diff and merge tool targeted at developers. Meld can diff files, directories, and version controlled projects. If you don't already have Meld, then install it:

sudo apt-get install meld

Next enter enter this into a terminal:

git config --global diff.external meld

Then navigate to a Git tracked directory and enter this (with an actual filename):

git diff filename


Meld will open but it will complain about bad parameters. The problem is that Git sends the external diff viewer seven parameters but Meld only needs two of them - which are the  filenames of files to compare. One way to fix it is to write a script to format the parameters before sending them to Meld.

Create a new python script in your home directory (or wherever, it doesn't matter) and call it diff.py.

#!/usr/bin/python

import sys
import os

os.system('meld "%s" "%s"' % (sys.argv[2], sys.argv[5]))


Now we can set Git to perform it's diff on our new script (replacing the path with yours):

git config --global diff.external /home/teroz/diff.py

git diff filename

This time when we do a diff it will launch Meld with the right parameters and we will see our visual diff - Enjoy

Sunday, October 14, 2012

Mutillidae version 2.3.7 is out


A few days ago an update "Mutillidae" version 2.3.7 (Samurai 2.0 Version) was released. Mutillidae is a free, open source web application provided to allow security enthusiest to pen-test and hack a web application. Mutillidae can be installed on Linux, Windows XP, and Windows 7 using XAMMP making it easy for users who do not want to install or administrate their own webserver.

If you would like to get your  website hacking practice in this is the app to do it with.
Vulnerabilities include


  1. cross-site scripting
  2. sql injection
  3. response-splitting 
  4. html injection 
  5. javascript injection 
  6. clickjacking
  7. cross frame scripting
  8. forms-caching
  9. authentication bypass


Mutillidae has been tested/attacked with Cenzic Hailstorm ARC, W3AF, SQLMAP, Samurai WTF, Backtrack, HP Web Inspect, Burp-Suite, NetSparker Community Edition, and others.



http://www.irongeek.com/i.php?page=mutillidae/mutillidae-deliberately-vulnerable-php-owasp-top-10

Wednesday, August 16, 2006

RubySIP

Hey all am working on a 100% ruby implementation of SIP (http://rfc.net/rfc3261.html). This is because, firstly, there doesn't seem to by any freely availabe ( yes i looked - not just another excuse to implement my very own version ) and i get to learn ruby for free. Btw - if anyone knows of any such libaray , freely availabe, let me know.
While we are on the subject of open source why the hell are there one million versions of every little thing. I guess the one of the joys of open source is the every one can go out in there own direction but damn :(