Day by day…

If You have MSI file, its some sort of archive\, that Microsoft Installer use to pack installation files.
to analyze it, You need to extract them
Under Windows, in command line You run:
msiexec /a PathToSourseMSI /qb TARGETDIR=DirectoryToStoreExtractedFiles

Under *nix systems
1. rename file.msi to file.msi.zip
2. Extract as regular zip or  use 7zip unpacker.

Well, sometime You need to get local copy (or not local:) ) of some folders with Directory Listing enabled. It usually looks like basic webpage with “Index of …” at title

wget for each folder that mirrored, create multiple file copies of dynamically created Index page:

index.html 
index.html?C=D;O=A 
index.html?C=D;O=D 
index.html?C=M;O=A 
index.html?C=M;O=D 
index.html?C=N;O=A 
etc... 

Annoying, a lot of useless request to server (that already overloaded by Your good will) and not nice for eye to watch Your local copy.
Don't found simple solution on Google, so here is mine:

 wget -r -p -np -e robots=off -U mozilla -R index.html* http://website/file_archive/ 

Explanation: 
-r - recursive 
-p - get all 
-np - don’t ascend to the parent directory 
-e robots=off - don't care about what robots.txt say

-U mozilla - I am Mozilla!  )

-R index.html* - reject files index.html* (dangerous if files in subfolder include index.html files, but I am talking about archives)

Have fun and try to respect those whom sites You dump.

Well, sometimes things just stop working.

VirtualBox – error about modules not running + require to run as root:

 /etc/init.d/vboxdrv setup 

Well, Google will at 99% of places  recommend You to 

# yum install gcc kernel-devel kernel-headers

And it is help... But if not? 
Then it recommended to define KERNEL_DIR=
Well. sometimes it helps too, but what if not?

Well, let's cut here...
Here what I found as additional problem on RHEL & CentOS (& Fedora)
Nothing help? 

$ uname -a

Do Your kernel have .PAE ?
If Yes - then under root:

# yum install kernel-PAE-devel

and then

# /etc/init.d/vboxdrv setup 

Done.

Looks like common task – run wget via tor. No? Just me?
Apparently, when You google it, it send You to forums, man pages, or whatever workarounds possible, because wget don’t support SOCKS proxy natively, and Tor is not HTTP\HTTPS proxy.
As a matter of fact, it’s easy
We’ll need tor and proxychains to accomplish our goal

1. Add Tor repository if You not done this yet:

https://www.torproject.org/docs/rpms.html.en

2. Then install tor and proxychains
$ sudo yum install tor proxychains

3. Start tor service
$ sudo service tor start

4. Check that proxychains config contain proper string for folowing data to Tor network
$ sudo nano /etc/proxychains.conf
in the bottom verify that line is present, if not – add it.
socks4  127.0.0.1 9050

5. test the config:
$ proxychains wget http://whoer.net/extended

and open extended page in any html viewer, check what IP logged.
Working.

Suddenly, one day jsunpack.jeek.org became unavailable due some internal error, and I had few samples to decrypt.
So – Google found for me jsunpack-n project

Well, nice one, but as usual, installation instructions ported for Ubuntu (mainstream )

Here is small guide for those who will need to use this awesome tool under Fedora\RHEL or even CentOS (not tested, update me if You did)

After You got all files in jsunpack-n folder, go and open INSTALL file, written by Blake Hartstein. I will  refer to this INSTALL file each time we can proceed with original install instructions.

1. Let’s install all packets required for successful compilation

# yum install libpcap-devel pkgconfig python-devel gtk2-devel libnet-devel  pcre-devel pcre gcc-c++ gcc

2. Good. Now we need to install libnids-1.24 (or – at least CONFIGURE and MAKE it) from folder  depends/pynids-0.6.1/libnids-1.24

$ cd depends/pynids-0.6.1/libnids-1.24

$ ./configure

$ make

# make install

p.s. If You will install libnids from Your repositories, pynids-0.6.1 will fail to setup itself – error:

gcc: error: libnids-1.24/src/libnids.a: No such file or directory

3. Install dependencies, as mentioned in INSTALL file, one by one.

4. Try to run

$ python jsunpackn.py  -u http://google.com

5. see result in temp/files

Known issues:

1. Yara error

In case You got message ImportError: libyara.so.0: when run jsunpackn.py, run the following commands:

# echo “/usr/local/lib” >> /etc/ld.so.conf
# ldconfig

2. ZLW error

In case You have error: ImportError: No module named lzw when run jsunpackn.py:

Go to website http://pypi.python.org/pypi/lzw/

Download, unpack and perform install of LZW  package:

$ cd lzw-0.01.11/
$ python setup.py build
# python setup.py install

Cheers!

Today Dimitris Glynos released bug that affect my favorite IM client Pidgin with OTR plugin.
It require user-level access for attacker to listen to DBUS messaging of victim.

Interesting fact is that vuln was reported about 2 month ago to development team, and no update since…

Is it mean that Pidgin development finished?

upd1: You can try to reinstall pidgin from tar with   --disable-dbus option in ./configure script, or wait for solution from developer.