macos – mv returns “Not a directory” when in a script, but runs properly from the console

I have this line in a script:

mv -f Tasting/bin/release/net5.0/osx-x64/tasting.zip /Users/thomas/Downloads

and it returns:

mv: rename Tasting/bin/release/net5.0/osx-x64/tasting.zip to /Users/thomas/Downloads/tasting.zip: Not a directory

but if I run the same line from the shell, it executes properly. Why is that?

How retrieve or recreate a delete file from the /etc/ssh directory

In Mac El Capitan in the /etc/ssh directory exists the following content:

moduli          ssh_host_dsa_key        ssh_host_ecdsa_key.pub      ssh_host_key            ssh_host_rsa_key.pub
ssh_config      ssh_host_dsa_key.pub    ssh_host_ed25519_key        ssh_host_key.pub        sshd_config
ssh_config~orig ssh_host_ecdsa_key      ssh_host_ed25519_key.pub    ssh_host_rsa_key        sshd_config~previous

I can see practically two categories:

  1. public/private keys
  2. configuration files

If any of those files for any of these categories is deleted by mistake.

How that file can be re-generated? Is possible?, How? it according of each category (1 or 2)

directory index – Best form for URLs: file-name.html or /file-name/

Running a Nibbler analysis on a static website I just built, I got the following feedback:

Avoid use of file extensions wherever possible. File extensions appear at the end of web addresses, and have several negative effects. They make the address harder to remember or type (particularly for non-technical users), and can reveal the underlying technology of the website making it very slightly more vulnerable to hackers. They also tie the implementation of the website to a specific technology, which can make subsequent migration of URLs difficult.

The above message is a result of having a flat directory structure and linking directly to the individual web pages (whatever.html). So is it really that much better to put every html file on a website in its own personal subdirectory (giving every webpage the file name index.html and relying on the directory name to identify the file) vs simply linking directly to the individual html files? I did some searching but didn’t really find anything useful. This discussion had some info but didn’t answer my question.

I’m curious to know what folks think of the two different approaches. Thanks.

tools – How to create a directory template in Unity?

How to create a directory from a template with multiple files in it which are also created from templates?

Right now, I am particularly interested in creating an Assembly directory which uses a user-entered variable ASSEMBLY_NAME, take the project name variable from the settings and would create the following simple file hierarchy:

  • ${ASSEMBLY_NAME}/
    • ${PROJECT_NAME}.${ASSEMBLY_NAME}.asmdef

where the ${PROJECT_NAME}.${ASSEMBLY_NAME}.asmdef file would contain:

{
  "name": "${PROJECT_NAME}.${ASSEMBLY_NAME}"
}

… but I would also be glad to learn any way to create whatever complex templated hierarchies, like creating a class and a companion test script together at once, create a directory with a “readme” file in it, etc.

I know this is somehow possible, because there is a default Unity UI function which does exactly the same, but for test assemblies only, so it adds extra code in the assembly definition file which I don’t need.

enter image description here

I cannot find anything on this topic apart from answers on how to create/edit a single file templates, e.g.:

active directory – Trying to reproduce petitpotam exploit, got “KDC_ERROR_CLIENT_NOT_TRUSTED (62)” error

I’m following this article to reproduce the EFS bug: https://blog.truesec.com/2021/08/05/from-stranger-to-da-using-petitpotam-to-ntlm-relay-to-active-directory/

My environment:

  1. Windows 2016 AD (Hostname: W2016$)
  2. Windows 2016 SRV01 (Running AD CS service)
  3. Windows 2016 SRV02 (Attack machine)

I’ve successfully generated the certificate with ntlmrelayx

(*) Skipping user W2016$ since attack was already performed
(*) GOT CERTIFICATE!
(*) Base64 certificate of user W2016$:
...

Then I logged in to SRV02 with a low privilege user. When I pass the ticket in kekeo, it results in KDC_ERROR_CLIENT_NOT_TRUSTED error:

# tgt::ask /pfx:xxx /user:W2016$ /domain:corp.aaron.com /ptt
...

Realm        : corp.xx.com (corp)
User         : W2016$ (W2016$)
CName        : W2016$   (KRB_NT_PRINCIPAL (1))
SName        : krbtgt/corp.xx.com    (KRB_NT_SRV_INST (2))
Need PAC     : Yes
Auth mode    : RSA
(kdc) name: W2016.corp.xx.com (auto)
(kdc) addr: 172.16.177.130 (auto)
KDC_ERROR_CLIENT_NOT_TRUSTED (62)

Does anyone know what’s wrong here?

command line – Two identical bash scripts in the same directory behave differently. What am I doing wrong?

I’m just starting on Ubuntu, trying to figure things out. I’m a little confused.

Short version of my questions:

A) Making my bash scripts executable doesn’t seem to be working reliably. It just inexplicably won’t work sometimes, even when using the same steps on identical scripts in the same directory.

B) When I can get the executability to work, sometimes two identical scripts seem to behave differently. One does its job as intended, the other throws a “Command not found” Error notification, despite both being the same scripts with different names in the same directory.

——(More details)——–

My steps for making scripts executable:

  1. Right click on the file and check Properties>Permissions>”Allow executing files as program.” (This doesn’t seem to do anything, but I do it anyway. Whenever I try to execute the script after this step, nothing happens.)

  2. Run “chmod +x ” in the terminal.

I have got this to work on two different scripts, but on no others. I have no idea what I’m doing wrong. When executability isn’t working, I can run the script through the terminal, and it works just fine.

Here’s an example of the script I’m trying to run:

#!/bin/bash

cd Desktop/Projects/Zemmings V3/NeoLemmix_V12.12.1
wine NeoLemmix.exe

This script works, and is executable. Now I want to duplicate it and change the paths and programs for different windows apps.

I copy and paste the file, change the name, run through the executability steps above, double click it, and I get an error saying “Command not found”. However, this is before changing the script, so it should do exactly the same thing as the original. Despite having identical contents, it give an error while the original still works.

So, if anyone has an answer or tip for me, let me know.

——-(Summary of questions)————

Why does checking Properties>Permissions>”Allow executing files as program.” on a file seem to do nothing?

Why doesn’t “chmod +x ” work sometimes?

Why are two identical scripts in the same directory behaving differently?

Thanks!

active directory – ADFS with SAML: Error MSIS7075

I’m currently seting up a dev environment to test SAML Login for our web app. Since many customers use Microsoft AD, I’m now trying to setup ADFS with a simple SAML provider.

The SAML Redirect from my app to the AD Server works but after I login with my User Account, error MSIS7075: SAML authentication request for the WebSSO profile must not specify any SubjectConfirmations pops up in the ADFS eventlog.

I’ve checked the signedsamlrequestsrequired Parameter, which is set to False.
(as noted here: SAML authentication fails with error MSIS7075)

My request does not include any SubjectConfirmations Nodes. The Auth Request works with KeyCloak. I have to set the saml:Issuer to http://... instead of https://... (see below), though that might be because I missed the s somewhere in the configuration. The SAML Target URL begins with https://...

I followed https://docs.microsoft.com/en-GB/windows-server/identity/ad-fs/deployment/set-up-the-lab-environment-for-ad-fs-in-windows-server-2012-r2, but setup everything on the same virtual machine (IIS, ADFS, …) because I need a simple setup that may be startet as a single machine. I don’t need anything production ready but mearly a working dev environment for development tests.

Any Idea how to fix this? Or is there any Windows2012R2 guide on how to set up ADFS together with SAML?

Here is the SAML Request im sending:

<samlp:AuthnRequest
      xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
      xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
      ID="S__51Jp6QVjDy0frJ45N9GkABTAN8QJDMumDOi"
      Version="2.0"
      IssueInstant="2021-09-02T09:19:22Z"
      >
      <saml:Issuer>http://****/adfs/services/trust</saml:Issuer>
</samlp:AuthnRequest>

Linux find utility to start search directory in a file

How do we have find utility to start search directory listed in a file ?

find "cat a.txt"

can’t go right

bash – ds4mac – directory switcher for macOS/Linux: the installer script

In this post, I present the bash script for installing the ds4mac:

#!/usr/bin/env bash

script_magic="alias ds='source ~/.ds/ds_script'"

echo "Installing ds..."

grep "$script_magic" ~/.bashrc 

if ( $? != 0 ); then
    echo "$script_magic" >> ~/.bashrc   
    echo "~/.bashrc updated!"
else
    echo "~/.bashrc is already updated."
fi

# Create files:
echo "Creating files..."
mkdir -p ~/.ds
echo "Created the .ds directory."
make > /dev/null
cp ds_engine ~/.ds/ds_engine
echo "Built the ds_engine."
tag_file=~/.ds/tags
touch $tag_file

add_tag_to_file () {
    grep $1 $tag_file > /dev/null
    if ( $? != 0 ); then
        echo $1 $2 >> $tag_file
        echo Setting the tag $1 to directory $2 done.
    fi
}

# Populate the default 
echo "Populating the tag file with default tags..."

add_tag_to_file "docs" "~/Documents"
add_tag_to_file "down" "~/Downloads"
add_tag_to_file "root" "/"
add_tag_to_file "home" "~"
add_tag_to_file "ds"   "~/.ds"

echo "Done populating the tag file with default tags."
echo "Copying the script..."

cp ds_script ~/.ds/ds_script

echo "Done! ds will be available for use in your next shell session. :-)"

(The entire project is here.)

See also

  1. The main script
  2. The tag engine

Critique request

Please, tell me anything that comes to mind. ^^

active directory – Can any local domain controller authenticate NTLM or do they pass it on to the primary domain controller?

When a Windows server needs to authenticate a domain user with NTLM it asks the local domain controller.

My question is whether that domain controller (assuming the user is in that domain) can process NTLM authentication entirely locally, OR, does it have to forward the request to the primary domain controller to do part of the authentication?

I would have assumed it does it entirely locally but NTLM has been around since NT 4 and the PDC carries PDC Emulator responsibilities. Furthermore DCs are meant to be in constant contact with the PDC otherwise weird things can happen, but that weirdness is not well defined.

The reason I ask is to determine whether specific authentication issues between servers and a DC (that I won’t go into here) could be influenced by WAN failures between the DC and the PDC.

Thanks.