Home Blog Page 4363

Piping stdout and stderr to Preview — Erica Sadun

codesanitize
-
0
Piping stdout and stderr to Preview — Erica Sadun


Some time again, I wrote about how useful it was to redirect a person web page into Preview. This lets you preserve the person web page open, search it, and usually have a greater person expertise than combating extra (or much less) to navigate by way of the data offered there.

man -t apropos | open -fa Preview

Not too long ago, somebody requested me about extra trendy command line interplay, particularly, instructions that use --help or related to offer their documentation. Might that data be opened in Preview as effectively.

So I placed on my considering hat and set to work. The primary command line utility I made a decision to work with was screencapture as a result of I’ve been utilizing it pretty closely over the previous couple of days. Nonetheless, it seems that Apple did not construct in an precise assist system past man. It was a poor option to attempt to use to render however I made a decision to maintain plugging away at it as a result of I needed to have the ability to pipe each stdoutand stderr to Preview.

What I got here up with regarded one thing like this, multi functional line in fact:

bash -c "screencapture -? &> 
    $TMPDIR/previewrendertext.txt; 
    /usr/sbin/cupsfilter -i textual content/plain 
        -D $TMPDIR/previewrendertext.txt 
        2> /dev/null | 
    open -fa Preview"

This all depends on cupsfilter, which might convert a file of textual content to a printable kind, which simply occurs to be readable by Preview as a PDF.

I’m doing fairly a little bit of conglomeration, becoming a member of the stderr and stdout streams utilizing &> and saving them into my Mac’s $TMPDIR. That file is cleaned up by the -D possibility from cupsfilter.

I additionally am eradicating the incessant debug messages from cupsfilter by redirecting them to /dev/null earlier than opening the print output in Preview.

Please notice that I’m nonetheless utilizing tcsh/zsh over bash on my major system, in order that definitely impacts issues. Since I wanted somewhat of the bash nuance, I made a decision to run all of it squished as a single -c command. (I’m positive if I spent sufficient time, I may do all of it in csh however I actually didn’t wish to spend that point.)

As you may see within the earlier screenshot, an older utility meant for man output doesn’t actually look all that scorching shoved into Preview through cupsfilter, particularly with line lengths. There’s additionally no good groffing and troffing to make every part fairly, the way in which you get with man:

So how may would this kludge work with a contemporary command-line app, similar to these produced utilizing the Swift Argument Parser (https://github.com/apple/swift-argument-parser)? First, I constructed a utility that might let me run any command (effectively, as long as it was correctly quoted) with out having to sort all the main points out every time I ran it:

#! /bin/bash

$@ &> $TMPDIR/previewrendertext.txt ; /usr/sbin/cupsfilter -i textual content/plain -D $TMPDIR/previewrendertext.txt 2> /dev/null | open -fa Preview

This allowed me to name preview "now --help" to redirect the usual assist message from my now utility (https://github.com/erica/now)  to Preview. Yeah, initially I needed to simply pipe stuff into it however I couldn’t work out the right way to get the stderr and the stdout piped collectively right into a single stream, not to mention convert them right into a file kind as a result of cupsfilter doesn’t know or do pipes.

It’s fairly readable and well-formatted as a result of computerized configuration that the Swift Argument Parser gives from my code nevertheless it simply feels, you recognize, very very plain.

So I went forward and tried to see what would occur if I groffed it up somewhat by passing it by way of /usr/bin/groff -Tps -mandoc -c as a substitute of utilizing cupsfilter:

bash -c "now --help &> 
    $TMPDIR/previewrendertext.txt; 
    /usr/bin/groff -Tps -mandoc -c 
    $TMPDIR/previewrendertext.txt" | 
    open -fa preview

And it’s…fairly meh. I attempted mandoc, mdoc, me, mm, ms, and www codecs. All of them got here out the identical, and not one of the SAP tabs actually labored. I believe it appears to be like much more “manny” than the straight printout however the indentation actually bugged:

I made a decision to cease at about this level as there’s actually a time when additional effort simply isn’t value additional funding — so I may throw it on the market and see if this was of curiosity to anybody else.

Let me know.

Lazarus Hacker Group Exploited Microsoft Home windows Zero-day

codesanitize
-
0
Lazarus Hacker Group Exploited Microsoft Home windows Zero-day


The infamous Lazarus hacker group has been recognized as exploiting a zero-day vulnerability in Microsoft Home windows, particularly concentrating on the Home windows Ancillary Operate Driver for WinSock (AFD.sys).

This vulnerability, cataloged as CVE-2024-38193, was found by researchers Luigino Camastra and Milanek in early June 2024.

The flaw allowed the group to achieve unauthorized entry to delicate system areas, posing a big menace to customers worldwide.

CVE-2024-38193: A Crucial Safety Vulnerability

The CVE-2024-38193 vulnerability is classed as an “Elevation of Privilege” flaw. It allowed attackers to bypass regular safety restrictions and entry delicate system areas which might be sometimes off-limits to most customers and directors.

Any such assault is subtle and resourceful. It’s estimated to be price a number of hundred thousand {dollars} on the black market.

The vulnerability was exploited utilizing a specialised malware referred to as “Fudmodule,” which successfully hid the hackers’ actions from safety software program.

Free Webinar on Detecting & Blocking Provide Chain Assault -> Guide your Spot

The Lazarus group focused people in delicate fields, resembling cryptocurrency engineering and aerospace, aiming to infiltrate their employers’ networks and steal cryptocurrencies to fund their operations.

Microsoft Responds with a Crucial Patch

In response to this alarming menace, Microsoft has swiftly issued a patch to handle the crucial vulnerability.

The corporate’s proactive efforts had been bolstered by the Gen cybersecurity staff, which alerted Microsoft to the difficulty and supplied detailed instance code that helped pinpoint and resolve the flaw successfully.

This fast motion has safeguarded all weak Home windows units from potential assaults. All Home windows customers should replace their techniques promptly and stay vigilant in opposition to potential threats for continued safety.

Gen’s dedication to digital freedom extends past defending its clients; it includes safeguarding your complete digital ecosystem.

By rigorous analysis and deep visibility into rising threats, their cybersecurity staff was in a position to uncover this crucial vulnerability and produce it to gentle earlier than it might trigger widespread hurt.

By sharing this info with Microsoft, Gen has protected hundreds of thousands of Home windows customers worldwide and reaffirmed its dedication to making a safer digital future for all.

This effort is a testomony to Gen’s mission of empowering and defending folks in all places, making certain everybody can navigate the digital world confidently and securely.

The vulnerability is related to the weak point CWE-416: Use After Free, with a CVSS rating of seven.8/7.2, indicating its excessive severity.

Microsoft, the assigning CNA, has categorized the utmost severity of this vulnerability as “Vital.”

Because the digital panorama continues to evolve, this incident underscores the significance of collaboration between cybersecurity consultants and expertise firms to guard customers from subtle cyber threats.

Are you from SOC and DFIR Groups? Analyse Malware Incidents & get stay Entry with ANY.RUN -> Get 14 Days Free Entry

1...4,3614,3624,363Page 4,363 of 4,363
© Newspaper WordPress Theme by TagDiv