Tuesday, 24 September 2013

DNSLogger

Apparently, there's no in-built utility to log DNS requests in non-server editions of Windows, and I cannot seem to find any third-party tools either.

The aim here is to run a scheduled task at log on that would log DNS queries.

A simple way would be to use dumpcap (~ command line Wireshark) with arguments in Task Scheduler. But that results in an ugly console window that will pop up and stay on your screen for the remainder of your session. dumpcap will write to file in temp directory, which has a tendency to get wiped. You can specify a filename with the -w flag but that would only be useful for a single run.

Python wouldn't really help me here*. I turned to C#, in which I haven't written anything before, so that should help.

A console app's window can be hidden by setting the Output type property to Windows Application in project properties.

Processes can be started using System.Diagnostic.Process. They can be hidden too:

proc = new System.Diagnostics.Process();
proc.StartInfo.WindowStyle = System.Diagnostics.ProcessWindowStyle.Hidden;

So, dumpcap's console window is also handled.

Now to restart dumpcap whenever it unexpectedly terminates:

DNSLogger logger = new DNSLogger();
logger.createProc();
while (true)
{
    logger.proc.WaitForExit();
    logger.createProc();
}

I cannot say if this is neat, but it works.

Finally, a basic task can be added in Windows Task Scheduler to run the executable at log on.
I suppose this can be useful during malware analysis over multiple sessions and a prolonged duration.

Source is up on Github

* You could possibly make it work using wxPython / Tkinter, etc. But it would be too much work for such a small project. Besides, for distribution purposes, the compiled (py2exe, PyInstaller) binary would be huge compared to one produced by C#.

Monday, 9 September 2013

cebg.py

Chrome Extension Boilerplate Generator

A simple, interactive python script to quickly generate manifest.json and create other specified files and directories for use in a Chrome extension
This began when I was thinking of writing a Chrome extension, only to be reminded of the tiresome process of creating a manifest file, specifying permissions and creating all extra files and sub-directories, etc. etc. 
So I decided to write a python script that would write a manifest.json and create directories and files as required.
There's a webapp that does a much better job. http://extensionizr.com, so I guess I won't be updating this very often.

Thursday, 5 September 2013

Beethoven's Piano Sonatas

One can better appreciate music, especially the works of one of the greatest musicians ever, if one has better understanding of the interpreted but not necessarily implied meaning of it. I know little of music but I don't want to keep it that way.

https://www.coursera.org/course/beethovensonatas

When he lays his hands on the Steinway, the instructor, Jonathan Biss, has the look of a man who has known peace. Not everyone is capable of completely understanding his lectures consisting of a fair bit of technical jargon, but the rest of the history and background on classical music is genuinely interesting.

Here's one of, what I consider to to be, Beethoven's most emotional piece of work, made tragic by this moment.

"Over time, his hearing loss became profound: there is a well-attested story that, at the end of the premiere of his Ninth Symphony, he had to be turned around to see the tumultuous applause of the audience; hearing nothing, he wept."