Install certificate as System on Android

Use OpenSSL to transform the certificate to Android format (that is cert+info)
Extract ID using this command:
openssl.exe x509 -inform PEM -subject_hash -in charles.pem
It is the first line.
Name the certificate ID.0 (Ex: ce554431.0)
Extract certificate info using:
openssl.exe x509 -inform PEM -text -in charles.pem>somefile.txt
Then take the cert text and append the info and save it as ID.0

Certificate should be something like:
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
Certificate:
Data:
...

Then copy the certificate in the Android device to:
/system/etc/security/cacerts/

Or, if the certificate is already installed as user you can copy to system:
Copy it from:
/data/misc/user/0/cacerts-added/
To:
/system/etc/security/cacerts/

On both cases remember to set the permissions and user like the other certificates on the same folder, and that should be…

Notes:
– Some version of OpenSSL could give you a wrong ID, that will make the certificate not usable. In this case we used “OpenSSL 0.9.8h 28 May 2008 – GnuWin32″

AC.

Posted in Android, Security | Tagged , , , | Comments Off

jQuery lazy image loading…

Just a speed up trick, if you have lot of images or big images, to allow the browser to render and show the page before load the images you can do a “lazy” loading, that means that you load a marker or empty images with HTML, and with JavaScript/jQuery you update the resources.

HTML:
<img src="/empty.png" data-src="http://domain.com/image.jpg" alt="" width="200" height="70" />

Script:
jQuery(document).ready(function(){
//Change lazy images per real
jQuery("img").each(function() {
var $this = jQuery(this);
var imgsrc = $this.attr('data-src');
if(imgsrc!=''){
$this.attr('src', imgsrc).removeAttr('data-src');
}
});
});

Note: to minimize the in screen time while the image is loading it is recommended to use progressive encode on the images… or a loader… or the combination of both…

AC.

Posted in Medium Technical | Tagged , , | Comments Off

jQuery Playground: The base of AJAX

A very simple trick…

HTML:
<img id="some-image" src="http://domain.com/image.jpg" alt="" width="200" height="70" />

Script:
var someimage = jQuery("img[id='some-image']");
jQuery.get( someimage.attr("src"), function( ) {
// Do something
});

This (way of client requests) is the base of  AJAX/XMLHttpRequest, in this case is just an image but it can be any kind resource (code, json, java, xml, html) and can be processed asynchronous by the browser on any way to do whatever you want (send data, get data, play with the DOM, etc)…

Note: as this code is written it could cause the resource to load 2 times, so if it is not intended just use another attribute into the img tag, or other variable to get the URL…
Also for simpler things use javascript directly… or jQuery only if you already loaded it for other things… but it senseless load a 100k library to run 2 lines of code, hehe…

AC.

Posted in Basic Technical | Tagged , , , | Comments Off

Speed UP WordPress [or any site]

If you use a shitty server/network or your wordpress theme/plugins/content combination is heavy you can speed up the loading on the side of the client and server side by using a plugin like “W3 Total Cache”; it could set easily the browser needed headers to avoid hops, and also cache things like DB queries, or a in-server cache to save a static copy of the php files pre-generated as static content. The installation it just with a few clicks, the configuration the first time maybe take some time to understand, but once you do it, it is a straight forward procedure, by just enabling some type/s of cache or another according the kind of server that you are using or desired level of cache…

But beware in some cases if you server is not fast enough it can cause the adverse effect!
So here is a clean/neat solution [if you are on linux] to archive at least the browser cache.
Edit the .htaccess file and add something like:
<IfModule mod_expires.c>
ExpiresActive on
ExpiresDefault "access plus 1 day"
ExpiresByType text/html "access plus 1 week"
ExpiresByType image/jpg "access plus 1 month"
<IfModule mod_headers.c>
Header append Cache-Control "public"
</IfModule>
</IfModule>

This is just a example, as you can see you can set different expiration headers per mime types… [also by file extension, and [lot?] of other parameters]

Tech Note: the header will be constructed as:
Cache-Control: max-age=172800, public

If you need for some rare reason (External cache CDN provider compatibility, better look a like, some standard, etc ) the header like this:
Cache-Control: public, max-age=172800
Just add at the end of the .htaccess file (inside the “IfModule mod_expires.c”) this:
<IfModule mod_headers.c>
Header edit Cache-Control "max-age" "public, max-age"
</IfModule>
That will invert the order of the values…
Or directly write the full header [on the order that you want] like this:
Header set Cache-Control "max-age=172800, public"

If you are on windows I guess that there is a “rewrite” rule or something similar to address this issue, but as it weren’t the case, you will have to research by yourself…

References:
https://wordpress.org/plugins/w3-total-cache/
http://httpd.apache.org/docs/current/mod/mod_expires.html
https://paulund.co.uk/set-expire-headers-in-htaccess

AC.

Posted in Medium Technical, Wordpress | Tagged , , , , , , , , | Comments Off

Dump saved WIFI password from CMD

To dump some saved WIFI password on Windows just type:
netsh wlan show profile name=[ssid] key=clear

This will need a elevated command prompt and will also show other details that can be usefully on scripts, or similar…

AC.

Posted in Basic Technical, Learned Today, Networking | Tagged , , , | Comments Off

Disable local IP leak on Firefox – WebRTC

Avoid sites fetching your internal IP by disabling WebRTC…

The native way:
– Go to about:config and set “media.peerconnection.ice.default_address_only” to true

And the old way:
– Use a plugin like “Disable WebRTC”
https://addons.mozilla.org/en-us/firefox/addon/happy-bonobo-disable-webrtc/

What is WebRTC and what does it work for?
https://en.wikipedia.org/wiki/WebRTC

Sources:
https://wiki.mozilla.org/Media/WebRTC/Privacy
https://addons.mozilla.org/en-us/firefox/addon/happy-bonobo-disable-webrtc/

AC.

Posted in Medium Technical, Security | Tagged , , , | Comments Off

WordPress Proxy

Running WordPress on a internal network or something like that and want to handle all the internal connections with a proxy?

Just edit the “wp-config.php” and add this:
define(‘WP_PROXY_HOST’, ‘90.90.90.90’);
define(‘WP_PROXY_PORT’, ‘3128’);
define(‘WP_PROXY_USERNAME’, ‘username’);
define(‘WP_PROXY_PASSWORD’, ‘password’);
define(‘WP_PROXY_BYPASS_HOSTS’, ‘localhost, www.someurl.com’);

References:

http://wpengineer.com/1227/wordpress-proxysupport/

AC.

Posted in Medium Technical, Wordpress | Tagged , , , | Comments Off

FON2100A OpenWRT Unbrick

A small step to step on how to revive a bricked FONERA 2100A (With Redboot installed)

fon2100a

Files Needed:
Easy Redboot flash utility:

http://download.berlin.freifunk.net/fonera/ap51-flash-gui-1.0-42.exe

Previous program dependency:

http://www.winpcap.org/install/bin/WinPcap_4_1_3.exe

OpenWRT Kamikaze 8.09.2

http://downloads.openwrt.org/kamikaze/8.09.2/atheros/openwrt-atheros-vmlinux.lzma

http://downloads.openwrt.org/kamikaze/8.09.2/atheros/openwrt-atheros-root.squashfs

Hardware needed:
– PC Computer (Or VM)
– Bricked Fon2100A (Previously jailbreaked)
– Network cable
– Brain

Instructions:
Note: This only will work if the Redboot is accessible (Ex. if you previously installed OpenWRT), to check if it is working, connect the fonera to the PC while is turned off, disable all other network interfaces, set the interface where the fonera is plugged in to 192.168.1.166 subnet 255.255.255.0 gateway 192.168.1.1, turn on the fonera and while is loading (between 2-9 sec since turned on) telnet to 192.168.1.1:9000 and if you get the Reboot console, means that the fonera could be revived by this way…

1 – Disable all network interfaces and leave only the one where the fonera will be plugged.
2 – Plug the fonera to the network while is turned off
3 – Run the software “Freinkfurt AP51 EasyFlash”, select 2 image files.
4 – Turn on the Fonera, and the software using PCAP will detect the device and flash it using the Redboot.

You can do it also without the easyflash software if you “know” how to work directly with the Redboot. (Or following some other very long instructions)

And you can also use a more recent version of OpenWRT, I recommend Backfire 10.03.1 (Dic-2011), it works OK and have more features installed, like WPA.
I tested also some other recent versions like Attitude Adjustment 12.09 and Barrier Breaker 14.07; but the FON2100A is to old for that ones and will make it to be extremely slow or unresponsive.

References:

http://wiki.openwrt.org/toh/fon/fonera

-?-

AC.

Posted in Linux, Networking | Tagged , , , , , | Comments Off

WordPress – Get all posts where a meta key does not exist

Simple…

$search_values['meta_query'] = array(
'relation' => 'OR',
array(
'key' => 'psychedelics', //replace with the non existing field to query
'compare' => 'NOT EXISTS',
'value' => '' // Ignored, but needed to work...
),
array(
'key' => 'psychedelics', //replace with the non existing field to query
'value' => '2CB' //any value
)
)

Source:
http://wordpress.stackexchange.com/questions/80303/query-all-posts-where-a-meta-key-does-not-exist

AC.

Posted in Learned Today, Medium Technical, Wordpress | Tagged , , , , , | Comments Off

Generate and Test a iOS Push Certificate

Hello,

A (working) quick way to generate a working P12 Certificate using OpenSSL for push notifications on your iOS apps:

Transform the Certificate from CER to PEM
openssl x509 -in aps_production.cer -inform DER -out distrib_final.pem -outform PEM}
Transform the Key from P12 to PEM (P12 file must be exported from the “Keychain Access” application)
openssl pkcs12 -nocerts -out distrib_final_key.pem -in certificates.p12
Generate Final Certificate:
openssl pkcs12 -export -in distrib_final.pem -inkey distrib_final_key.pem -certfile CertificateSigningRequest.certSigningRequest -name "apn_developer_identity" -out distrib_final_ready.p12
A connection test to see if the certificate is working:
openssl s_client -connect gateway.push.apple.com:2195 -cert distrib_final.pem -key distrib_final_key.pem

Notes:
– This does not cover the certificate “request”…
– The right certificate to use is on your Apple Developer Account under “Certificates, Identifiers & Profiles/Identifiers/Apps IDs” (NOT THE DISTRIBUTION ONE)

AC.

Posted in iOS, Mac, Medium Technical | Tagged , , , , , , , , , , | Comments Off