GNU/Linux

How to Start/Stop or Enable/Disable firewalld on CentOS 8

12 November 2021 in GNU/Linux tagged CentOS / centos 8 / firewall / firewalld / GNU/Linux by Tux

firewalld (Dynamic Firewall Manager) tool provides a dynamically managed firewall. The tool enables network/firewall zones to define the trust level of network connections and/or interfaces. It has support both for IPv4 and IPv6 firewall settings. Also, it supports Ethernet bridges and allow you to separate between runtime and permanent configuration options. Finally, it supports an interface for services or applications to add firewall rules directly.

Disable firewalld

To disable firewalld, execute the following command as root or using sudo:

systemctl disable firewalld

Enable firewalld

To enable firewalld, execute the following command as root or using sudo:

systemctl enable firewalld

Stop firewalld

To stop (or deactivate) firewalld,execute the following command as root or using sudo:

systemctl stop firewalld

Start firewalld

To start (or activate) firewalld, execute the following command as root or using sudo:

systemctl start firewalld

Status of firewalld

To check the status of firewalld, execute the following command as root or using sudo:

systemctl status firewalld

CONCEPTS

systemd provides a dependency system between various entities called “units” of 12 different types. Units encapsulate various objects that are relevant for system boot-up and maintenance. The majority of units are configured in unit configuration files, whose syntax and basic set of options is described in systemd.unit(5), however some are created automatically from other configuration, dynamically from system state or programmatically at runtime. Units may be “active” (meaning started, bound, plugged in, …, depending on the unit type, see below), or “inactive” (meaning stopped, unbound, unplugged, …), as well as in the process of being activated or deactivated, i.e. between the two states (these states are called “activating”, “deactivating”). A special “failed” state is available as well, which is very similar to “inactive” and is entered when the service failed in some way (process returned error code on exit, or crashed, or an operation timed out). If this state is entered, the cause will be logged, for later reference. Note that the various unit types may have a number of additional substates, which are mapped to the five generalized unit states described here.
— From man systemd

The above, in a nutshell:

enabled is a service that is configured to start when the system boots
disabled is a service that is configured to not start when the system boots
active is a service that is currently running
inactive is a service that is currently stopped and may be disabled, but it can be started and become active

Some notes on how to record audio from a terminal in Ubuntu 20.04LTS

2 November 2021 in Bash / GNU/Linux tagged audio / bash / ffmpeg / GNU/Linux / linux / pactl / record / terminal / ubuntu / ubuntu 20.04LTS by Tux

Recently, we were trying to record the audio that was played on the system speakers using an Ubuntu 20.04LTS desktop. In the installation, there was no dedicated audio recorder installed and we did not want to install any. To record, we used the following command to get the list of all audio sources available to the system:

pactl list short sources;

The pactl command produced results like so:

3	alsa_output.pci-0000_00_1f.3.analog-stereo.monitor	module-alsa-card.c	s16le 2ch 44100Hz	SUSPENDED
4	alsa_input.pci-0000_00_1f.3.analog-stereo	module-alsa-card.c	s16le 2ch 44100Hz	SUSPENDED
10	alsa_input.usb-Dell_DELL_PROFESSIONAL_SOUND_BAR_AE515-00.iec958-stereo	module-alsa-card.c	s16le 2ch 44100Hz	SUSPENDED
12	alsa_output.usb-Dell_DELL_PROFESSIONAL_SOUND_BAR_AE515-00.analog-stereo.monitor	module-alsa-card.c	s16le 2ch 44100Hz	IDLE

We knew that the system was using the Dell soundbar in analog mode to play the music (as we could see in the Settings under the Sound category, which is depicted below), so we copied the following name from the line that starts with the number 12:

alsa_output.usb-Dell_DELL_PROFESSIONAL_SOUND_BAR_AE515-00.analog-stereo.monitor

Then we used that monitor name as an input device for FFmpeg like so:

ffmpeg -f pulse -i alsa_output.usb-Dell_DELL_PROFESSIONAL_SOUND_BAR_AE515-00.analog-stereo.monitor test.mp3;

When we were done recording, we pressed CTRL+C to stop the recording.

How NOT to solve the IEEE Day Badge Challenge

15 October 2021 in GNU/Linux / IEEE tagged bash / GNU/Linux / ieeeday / pdfcrack by Tux

Recently, we were taking the IEEE Day Badge Challenge in https://ieee-collabratec.ieee.org/. We wanted to give another go on solving the clues, so instead of following the clues to open the encrypted and password-protected PDFs, we got the clue that the password is composed only of numeric digits and we used pdfcrack to open the files!

We installed pdfcrack using the following command:

sudo apt-get install pdfcrack;

$ sudo apt-get install pdfcrack
[sudo] password for bob: 
Reading package lists... Done
Building dependency tree       
Reading state information... Done
The following NEW packages will be installed:
  pdfcrack
0 upgraded, 1 newly installed, 0 to remove and 28 not upgraded.
Need to get 31,0 kB of archives.
After this operation, 90,1 kB of additional disk space will be used.
Get:1 http://cy.archive.ubuntu.com/ubuntu focal/universe amd64 pdfcrack amd64 0.18-2 [31,0 kB]
Fetched 31,0 kB in 1s (40,1 kB/s)
Selecting previously unselected package pdfcrack.
(Reading database ... 452721 files and directories currently installed.)
Preparing to unpack .../pdfcrack_0.18-2_amd64.deb ...
Unpacking pdfcrack (0.18-2) ...
Setting up pdfcrack (0.18-2) ...
Processing triggers for man-db (2.9.1-1) ...

To crack the files, we used the following commands that limited the input to the numeric digits and got the password back in seconds on a normal CPU:

pdfcrack -f IEEE+Day+2021+Clue++3.pdf -c 0123456789;

bob@Linux:~$ pdfcrack -f IEEE+Day+2021+Clue++3.pdf -c 0123456789
PDF version 1.7
Security Handler: Standard
V: 2
R: 3
P: -1060
Length: 128
Encrypted Metadata: True
FileID: 79c15a021438224ba4df58b0e7fa9a20
U: 4990feee0d63f411cf4eba3c1346ff2100000000000000000000000000000000
O: cc5e6a95577573cac6f6683d4c7f02d6605fe42e5622feb6dc36636263ba838e
found user-password: '490000'

bob@Linux:~$ pdfcrack -f IEEE+Day+2021+Clue++5.pdf -c 0123456789
PDF version 1.7
Security Handler: Standard
V: 2
R: 3
P: -1060
Length: 128
Encrypted Metadata: True
FileID: cf72bd9b3fb24145a6d2b578fa52c0e4
U: 8cd5ea45b59168ca10674bdd81f06f5800000000000000000000000000000000
O: 70301a6ff93ac7a91c28895180e8ad57a41388d2b7f3a813b83f4b3fd5274945
Average Speed: 49297.7 w/s. Current Word: '348478'
found user-password: '1470000'

Information on the version we used is below:

$ apt info pdfcrack
Package: pdfcrack
Version: 0.18-2
Priority: optional
Section: universe/utils
Origin: Ubuntu
Maintainer: Ubuntu Developers <[email protected]>
Original-Maintainer: Joao Eriberto Mota Filho <[email protected]>
Bugs: https://bugs.launchpad.net/ubuntu/+filebug
Installed-Size: 90,1 kB
Depends: libc6 (>= 2.14)
Suggests: pdf-viewer
Homepage: http://pdfcrack.sf.net
Download-Size: 31,0 kB
APT-Manual-Installed: yes
APT-Sources: http://cy.archive.ubuntu.com/ubuntu focal/universe amd64 Packages
Description: PDF files password cracker
 PDFCrack is a simple tool for recovering passwords from pdf-documents.
 .
 It should be able to handle all pdfs that uses the standard security handler
 but the pdf-parsing routines are a bit of a quick hack so you might stumble
 across some pdfs where the parser needs to be fixed to handle.
 .
 The main PDFCrack features are:
 .
   - Supports the standard security handler (revision 2, 3 and 4) on all known
     PDF-versions.
   - Supports cracking both owner and userpasswords.
   - Both wordlists and bruteforcing the password are supported.
   - Simple permutations (currently only trying first character as Upper Case).
   - Save and load a running job.
   - Simple benchmarking.
   - Optimised search for owner-password when user-password is known.
 .
 This program can be used in forensics investigations or similar activities,
 to legal password crack.

Ubuntu: The file content is encrypted, but currently not supported

11 October 2021 in GNU/Linux tagged 7zip / encrypted / password / ubuntu by Tux

While trying to extract a password protected/encrypted 7-Zip archive on a fresh Ubuntu 20.04 LTS, we got the following error:

An error occurred while extracting files. The file content is encrypted, but currently not supported.

To fix the problem, we just installed the p7zip-full package using the apt command.

sudo apt-get install p7zip-full;

After that, we were prompted as expected to input the decryption password and we were able to extract the archive.

Below is the information of the package that was retrieved by apt info.

sudo apt info p7zip-full
[sudo] password for bob: 
Package: p7zip-full
Version: 16.02+dfsg-7build1
Priority: optional
Section: universe/utils
Source: p7zip
Origin: Ubuntu
Maintainer: Ubuntu Developers <[email protected]>
Original-Maintainer: Robert Luberda <[email protected]>
Bugs: https://bugs.launchpad.net/ubuntu/+filebug
Installed-Size: 4887 kB
Depends: p7zip (= 16.02+dfsg-7build1), libc6 (>= 2.14), libgcc-s1 (>= 3.0), libstdc++6 (>= 5)
Suggests: p7zip-rar
Breaks: p7zip (<< 15.09+dfsg-3~)
Replaces: p7zip (<< 15.09+dfsg-3~)
Homepage: http://p7zip.sourceforge.net/
Task: kubuntu-desktop, kubuntu-full, xubuntu-desktop, lubuntu-desktop, ubuntustudio-desktop, ubuntukylin-desktop, ubuntu-mate-core, ubuntu-mate-desktop
Download-Size: 1187 kB
APT-Manual-Installed: yes
APT-Sources: http://cy.archive.ubuntu.com/ubuntu focal/universe amd64 Packages
Description: 7z and 7za file archivers with high compression ratio
 p7zip is the Unix command-line port of 7-Zip, a file archiver that
 handles the 7z format which features very high compression ratios.
 .
 p7zip-full provides utilities to pack and unpack 7z archives within
 a shell or using a GUI (such as Ark, File Roller or Nautilus).
 .
 Installing p7zip-full allows File Roller to use the very efficient 7z
 compression format for packing and unpacking files and directories.
 Additionally, it provides the 7z and 7za commands.
 .
 List of supported formats:
   - Packing / unpacking: 7z, ZIP, GZIP, BZIP2, XZ and TAR
   - Unpacking only: APM, ARJ, CAB, CHM, CPIO, CramFS, DEB, DMG, FAT,
     HFS, ISO, LZH, LZMA, LZMA2, MBR, MSI, MSLZ, NSIS, NTFS, RAR (only
     if non-free p7zip-rar package is installed), RPM, SquashFS, UDF,
     VHD, WIM, XAR and Z.
 .
 The dependent package, p7zip, provides 7zr, a light version of 7za,
 and p7zip, a gzip-like wrapper around 7zr.

Bytefreaks.net – a place for hacks