I've read alot but cant find the answer. I am curious as to how to obtain the command line interface wallet for crypto coins given fresh source code. For example litecoin. I'm willing to bet the steps are the same for bitcoin and others?
Anyway what I've tried is.
git clone https://github.com/litecoin-project/litecoin.git
cd litecoin
make -f makefile.unix USE_UPNP=
I also (dont know why) tried:
qmake "USE_UPNP=-"; make
To obtain the litecoin-cli from the source tree you must clone/fork https://github.com/litecoin-project/litecoin/tree/exp-0.9.3-preview4.
The github reached via a search engine is out of date in this respect.
Also I learned that the rpc api code was simply copied in to a different binary (copied, it's still in litecoind - allcoind's)
So this means I can simple to things like
litecoind getnewaddress
Instead of
litecoin-cli getnewaddress
This applies to all coins.
Related
I am trying to verify a signature of a file using my windows 10 and I believe I might have reached an egg and chicken problem, looking forward some pros advices.
I was trying to verify the signature of the Maven binary (https://maven.apache.org/download.cgi), so I found this documentation https://infra.apache.org/release-signing#verifying-signature
However, I am using Windows 10, that do not come built in with the gpg: 'gpg' is not recognized as an internal or external command.
So I need to download the GNUPG so that I can use it to verify the signature of my Maven binary.
However, to install the GNUPG (https://www.gnupg.org/download/index.html) I should also verify the .sig file from the GNUPG.
Does anyone know how can I do the verification of the GNUPG file using any Windows 10 built in command line? Or the most advisable strategy?
Thank you a lot
Regards
Personally I think you have to draw the line somewhere.
For me, I would either, compile GPG from source (where if you wish you can/others can audit the code), or use the published SHA-1 (not sure why they still use SHA-1) hashes:
d928d4bd0808ffb8fe20d1161501401d5d389458 gnupg-2.2.27.tar.bz2
9f2ff2ce36b6537f895ab3306527f105ff95df8d gnupg-w32-2.2.27_20210111.exe
5e620d71fc24d287a7ac2460b1d819074bb8b9bb libgpg-error-1.42.tar.bz2
6b18f453fee677078586279d96fb88e5df7b3f35 libgcrypt-1.9.3.tar.bz2
740ac2551b33110e879aff100c6a6749284daf97 libksba-1.5.1.tar.bz2
ec4f67c0117ccd17007c748a392ded96dc1b1ae9 libassuan-2.5.5.tar.bz2
3bbd98e5cfff7ca7514ae600599f0e1c1f351566 ntbtls-0.2.0.tar.bz2
f9d63e9747b027e4e404fe3c20c73c73719e1731 npth-1.6.tar.bz2
b8b88cab4fd844e3616d55aeba8f084f2b98fb0f pinentry-1.1.1.tar.bz2
5ae07a303fcf9cec490dabdfbc6e0f3b8f6dd5a0 gpgme-1.15.1.tar.bz2
3f8a0ba9c7821049d51b982141a2330a246beb55 scute-1.7.0.tar.bz2
61475989acd12de8b7daacd906200e8b4f519c5a gpa-0.10.0.tar.bz2
e708d4aa5ce852f4de3f4b58f4e4f221f5e5c690 dirmngr-1.1.1.tar.bz2
a7d5021a6a39dd67942e00a1239e37063edb00f0 gnupg-2.0.31.tar.bz2
13747486ed5ff707f796f34f50f4c3085c3a6875 gnupg-1.4.23.tar.bz2
d4c9962179d36a140be72c34f34e557b56c975b5 gnupg-w32cli-1.4.23.exe
Then, from there on in, you can retrospectively verify the signature.
You're right to a degree it becomes a chicken and egg problem, which is a recurring theme in cryptographic engineering, again, whereby, you have to draw the line somewhere.
I mean, are you going to be able to verify that the p and q primes used by GPG's private key (that's signing the binaries) have been validated using a correct implementation of Miller-Rabin primality test?
Or should it be an elliptic curve based key that the entropy used to generate the private scalar was high? ...
No! so don't worry too much, you're already an order of magnitude beyond the average user's OpSec.
I want to write a program that parses yum config files. These files look like this:
[google-chrome]
name=google-chrome - 64-bit
baseurl=http://dl.google.com/linux/chrome/rpm/stable/x86_64
enabled=1
gpgcheck=1
gpgkey=https://dl-ssl.google.com/linux/linux_signing_key.pub
This format looks like it is very easy to parse, but I do not want to reinvent the wheel. If there is an existing library that can generically parse this format, I want to use it.
But how to find a library for something you can not name?
The file extension is no help here. The term ".repo" does not yield any general results besieds yum itself.
So, please teach me how to fish:
How do I effectively find the name of a file format that is unknown to me?
Identifying an unknown file format can be a pain.
But you have some options. I will start with a very obvious one.
Ask
Showing other people the format is maybe the best way to find out its name.
Someone will likely recognize it. And if no one does, chances are good that
you have a proprietary file format in front of you.
In case of your yum repository file, I would say it is a plain old INI file.
But let's do some more research on this.
Reverse Engineering
Reverse Engineering maybe your best bet if nobody recognizes your format.
Take the reference implementation and find out what they are using to parse the format.
Luckily, yum is open source. So it is easy to look up.
Let's see, what the yum authors use to parse their repo file:
try:
ini = INIConfig(open(repo.repofile))
except:
return None
https://github.com/rpm-software-management/yum/blob/master/yum/config.py#L1304
Now the import of this function can be found here:
from iniparse import INIConfig
https://github.com/rpm-software-management/yum/blob/master/yum/config.py#L32
This leads us to a library called iniparse (https://pypi.org/project/iniparse/).
So yum uses an INI parser for its config files.
I will show you how to quickly navigate to those kind of code passages
since navigating in somewhat large projects can be intimidating.
I use a tool called ripgrep (https://github.com/BurntSushi/ripgrep).
My initial anchors are usually well known filepaths. In case of yum, I took /etc/yum.repos.d for my initial search:
# assuming you are in the root directory of yum's source code
rg /etc/yum.repos.d yum
yum/config.py
769: reposdir = ListOption(['/etc/yum/repos.d', '/etc/yum.repos.d'])
yum/__init__.py
556: # (typically /etc/yum/repos.d)
This narrows it down to two files. If you go on further with terms like read or parse,
you will quickly find the results you want.
What if you do not have the reference source?
Well, sometimes, you have no access to the source code of a reference implementation. E.g: The reference implementation is closed source.
Try to break the format. Insert some garbage and observe the log files afterwards. If you are lucky, you may find
a helpful error message which might give you hints about the format.
If you feel very brave, you can try to use an actual decompiler as well. This may or may not be illegal and may or may not be a waste of time.
I personally would only do this as a last resort.
I am doing command-line BLAST with BioPython. I need to search against TrEMBL, but I have not been able to find how to do that. I know I can select db="nr", and that works, but I want to search only against TrEMBL, which constitues a subset of nr sequences. Also, I need to be able to do that on-line, not remotely!
EDIT: If anyone ever encounters the same problem: After much experimentation, the only way that I managed to make this work was to download NCBI BLAST+ and do a remote search on a stand-alone prepared library. Get in touch with me if in doubt.
I have a master password set up on my mac, and I have forgotten it. I found the file path /etc/master.passwd though I am not sure if this is the right file. I do not want to reset the master password, only figure out what it is.
It is probably possible to try, especially if you recall something of the password. But it will take time to have the right tools and to do it, even weeks. Nobody can say that before trying. And some basic linux understanding is needed for the following instructions.
One of the best tool to try is this one http://www.openwall.com/john/doc/FAQ.shtml and you can find it in the KALI Linux distribution http://www.kali.org/
Once you upload your /etc/passwd and your master.passwd on KALI Linux, you can use unshadow to create a single file from the two (call it crackable.passwd) and then you can run
john --rules -w:/path/to/my/wordlist crackable.passwd
In a file called /path/to/my/wordlist you need to put as much words (newline separated) you can remember on your password. The --rules option does some mangling and permutations for you (on single words mostly, uppercase/lowercase, adding some numbers, adding special chars, etc...) but you might need to customize them. This is why I say it needs time to understand what you are doing.
I'd like to be able to determine what music album CD is in a CD drive. For example, if someone claims that the CD in their drive is Eminem - The Eminem Show, I would like to be able to verify that the CD is indeed The Eminem Show.
Any ideas? I've applied for a Gracenote developer license, but they won't get back to me for five days.
Also, how does this work? Is there some GUID or other unique identifier that music discs are encoded with?
Lastly, might this be possible with data CDs, like, say, the Diablo II install Disc 1? If so, any directions you can point me in, for accomplishing this?
You may want to look a the Wikipedia article to learn how CDDB work. Then you can look at libcddb to implement what you want in C. The source code should give you plenty of clues in case C is not your language of choice.
You probably want to use something like libcddb to get/verify music CD information. I don't know if there is a similar database for program discs.
As for music CDs, Gracenote works by analyzing the actual waveform data of every track on the CD. It does this is a format-neutral way. It talks about it here.
I'd also recommend last.fm, MusicBrainz, and discogs.