LIBTYPE=dylib # instead of 'so'
SOFLAGS=-dynamiclib -flat_namespace -undefined supress # instead of '-shared'
LDRFLAGS=         # instead of -Wl,...
DLDFLAGS=-bundle  # instead of -rdynamic, -Wl,...

Host your.host.name
  HostName your.host.name
  User username

# Quick basic proxy, just strips accept-encoding header and dumps
# to files in the local directory using the WebScarab naming convention
# (0-request, 0-response ...)
require 'net/http'
require 'webrick/httpproxy'

s = WEBrick::HTTPProxyServer.new(
  :Port => 9999, 
  :RequestCallback => Proc.new{|req,res| 
    $count ||= 0
    req.header.delete('accept-encoding')
    open("#{$count}-request", "wb+") { |f|
      f << "#{req.request_line}#{req.raw_header}\r\n#{req.body}"
    }
  },
  :ProxyContentHandler => Proc.new{|req,res|
    open("#{$count}-response", "wb+") { |f|
      f << res.status_line
      res.header.keys.each { |k|
        f << "#{k.capitalize}: #{res.header[k]}\r\n"
      }
      f << "\r\n#{res.body}"
    }
    $count += 1
  }
);
trap("INT"){
  s.shutdown
}
s.start

• VI or emacs?
• How do you prefer to arrange your source repository and what SCM do you prefer?
• Python or Ruby or?
• Favorite programming font?
• Tabs vs spaces?
• Braces on the end of the line or on a new line and how do you indent?

print "Getting Profile Nodes.."
for p in ['ProfileMusic', 'ProfileGeneral', 'ProfileBooks', 'ProfileHeroes']:
  try:
    v = self.soup.first('td',id=p).string
    setattr(self, p, v)
  except:
    setattr(self, p, None)

(page/"td").each do |t|
  tid = t.attributes['id']
  if /Profile([.]*)/ =~ tid
    pname = tid[7..-1].downcase
    pname = pname.gsub(/[ \/]/, "_").gsub(/[^\w]/, "").squeeze('_')
    instance_variable_set("@"+pname, t.inner_html)
    eval("class << self; attr_accessor :#{pname}; end")
  end
end

I used to use FreeBSD way back in the day, but switched to OpenBSD as my preferred Unix sometime in late 1996 or early 1997. I always had a PC running some version of Windows as well since there was always something I needed or (post vmware) that didn't quite work in a VM.

I made a couple of forays into the Linux world, but various things just didn't work properly. RedHat *almost* got it right, just before they abandoned desktop Linux and spun off the Fedora project. Mandrake got my hopes up for a little while and I had a file server using Loop AES that was a major improvement over my prior OpenBSD/cfs setup. But there was always some major issue with desktop Linux that made it unbearable for me. And while OpenBSD and FreeBSD were OK, they just didn't keep up with the apps I wanted. (For instance, OpenBSD gave up on VMWare ages ago and VMWare 3 is the latest they seem to support.)

I looked seriously at the Mac laptops, but the screen resolution and weight factors just didn't compare to PC laptops. The latest screens have some promise, but I've gotten pretty offended by Apple's treatment of the security community (Maynor et al) and their relationship with the RIAA/MPAA and their stance on DRM. (BTW, if you can get a DRM fix out in hours, you can do the same with security fixes...). But I digress ...

I've been running Ubuntu on my laptop (a Thinkpad X60 Tablet) and I can't say how much I like it. No major problems. VMWare 6 works beautifully. Disk crypto (in the form of Loop AES and TrueCrypt) are both happy. Video is solid. Drivers, including the one for my pre-N wireless card, work. The only thing that doesn't work is the pressure sensitivity for the pen interface in virtual machines, and that *does* work if I plug in a USB tablet instead of using the built in tablet, which isn't as good as the external Wacom tablet I use anyway...

Given my experience, I'm probably days away from killing my last physical Windows box and moving to Windows in VM's only.

OpenBSD will continue to be my server OS and run my mail/web servers, but I have to say that desktop wise, Ubuntu is my favorite.

On *nix - edit /usr/share/firefox/chrome/toolkit/content/mozapps/profile/profileSelection.xul around line 91

<listbox id="profiles" rows="10" seltype="single"
    ondblclick="onProfilesDblClick(event)"
    onkeypress="onProfilesKey(event);">
</listbox>

On Windows you have to jump through a few more hoops. Go to \Program Files\Mozilla Firefox\chrome and unzip toolkit.jar, then edit content\mozapps\profile\profileSelection.xul the same as above. I also changed the dialog style (around line 60) to read:

  style="width: 30em; height:400px;"

Then re-zip using store instead of deflate and replace the existing toolkit.jar file.

You can also download my firefox-2-toolkit.jar, if you don't want to do it yourself. All Firefox sessions have to be closed in order to replace toolkit.jar.

The most fascinating thing is that this technique seems to have originated with the pay-tv hacking community, not from academics or conventional crypto researchers.

I started looking at supporting other proxies a little while ago and have a couple cool demos for BlackHat planned.

The upshot is that the proxy interface is pretty well defined now and since I'm not just targeting WebScarab a rename made sense.

I've also decided on hosting. The tool will be up at Google Code because they have a nice wiki/bug tracker and support for subversion.

ProxMon's home @ Google Code

The one thing they don't have is a way to track downloads, so the distributions will be released off the iSEC tools page. It will be available the day I speak, which will be March 30th.

blackhat OR scarabmon in:spam -/windows vista.*download/

You can check out the ScarabMon abstract

I hope to have the web site up soon, but if you have questions, just email me (jwilkinsatbitlanddotnet). I'll also be looking for beta testers pretty soon.

• IE (358/365)
• Opera (65/365)
• Mozilla (59/365)

    RewriteEngine On
    RewriteCond %{REQUEST_METHOD} ^TRACE
    RewriteRule .* - [F] 

    RewriteEngine on                                                            
    RewriteCond %{REQUEST_METHOD} !^(GET|HEAD)                                  
    RewriteRule .* - [F]