Monthly Archives: March 2013

Hacking contest on a Live CD

I built a remastered Linux Live CD that should be interesting, educational, and highly entertaining for any self-respecting programmer: a security challenge with 6 levels based on the online contest created by Stripe in early 2012.

The CD contains a very light Linux system (based on Tiny Core), the ISO image is less than 30 megabytes. You can download it from here:

The easiest way to use the Live CD is with a software like VirtualBox: create a virtual machine with no hard disk and 256MB memory and point the CD device to the ISO file and that’s it, start the VM! The Live CD uses US qwerty keyboard by default, you can change that by passing a boot parameter at the boot prompt, for example:

boot: kmap=azerty/fr

Alternatively you can use the shortcuts frjp or hu for French, Japanese or Hungarian keymap, respectively.

When the system starts you are logged in as user level00. You will be presented with a hint that should help you gain access to the password of user level01. Your mission, should you choose to accept it, is to find and exploit the vulnerabilities presented at each increasingly difficult level, advancing forward until you reach level06 (and celebrate!)

By completing this challenge you will become a better programmer:

  • You will increase your awareness of the importance of security, and probably write more secure, more robust code in the future.
  • You will improve your skill of finding problems and weaknesses, which is the critical first step in optimization tasks.
  • You will have a wonderful time, and come out enlightened!

The source code of the scripts used to build this CD is available on GitHub:

Have fun!

Gource is a cool VCS visualization tool

Gource is a really cool open-source software to visualize the revision history of your projects, whether you’re using Git, Bazaar, Mercurial or Subversion.

The project website has many cool example screenshots generated from the repositories of famous projects such as the Linux kernel or Git.

Here’s what some of my projects look like in gource:

1. Revision history of Bash One-Liners:

2. Revision history of the RecipeNotes App:

To generate these videos I used the following commands on Mac OS X:

gource --file-idle-time 0 --seconds-per-day .3 -640x480 -o gource.ppm
ffmpeg -y -r 60 -f image2pipe -vcodec ppm -i gource.ppm -vcodec libvpx -b 10000K gource.webm

Cloning a remote Subversion repository using Git through a proxy server

To clone a remote Subversion repository using Git through a proxy server, edit the ~/.subversion/servers file appropriately:

# http-proxy-exceptions = *,
# http-proxy-host =
# http-proxy-port = 7000
# http-proxy-username = defaultusername
# http-proxy-password = defaultpassword

Note that even in Windows, the correct path is actually ~/.subversion/servers when using git-svn, even though this is NOT the normal configuration directory for the native svn.exe. For example in Windows 7 svn.exe typically uses the path C:\Users\YOURUSER\AppData\Roaming\Subversion.

This was quite confusing to me at first, because after I got svn checkout working well by editing C:\Users\YOURUSER\AppData\Roaming\Subversion\servers I was surprised to find that git clone svn still had the proxy issue.

In case you were wondering, the http_proxy and https_proxy environment variables are ignored by both Git and Subversion.