About Geolizer

This is an enhanced version of the popular Webalizer HTTP server statistics generator. It's main feature is an ability to discover visitor's country by his/her IP address. Default Webalizer method is to extract host suffix from the reversal DNS query (obtained directly from log files, or by webazolver program if HTTP server doesn't reverses client IPs), which is slow and imprecise (for example, Brazilian host could be reversed as .com). Geolizer relies on the GeoIP library API to do the same thing. Thus, no more DNS queries are required, and results are much more precise. Geolizer also has some additional features: it displays file sizes in a human-readable form (bytes/KB/MB/GB/TB) instead of default kilobytes. It also compiles under MinGW/MSYS now, so you can process your UN*X log files on your Windows box. And, finally, Geolizer features a nice eye-candy: country flags!

Beware as Geolizer also has some bad features (read "bugs"): for example, webazolver won't work anymore, and already resolved hosts aren't handled well. Want to see how it looks like, at all? Take a look at some sample statistics! Or see who else uses Geolizer to produce their server stats.

Tips

• The country flag pictures can be downloaded at http://flags.blogpotato.de/. Just download and unzip world.small.zip & special.small.zip to the flags/ subdirectory in your HTML output path.
• You may enhance your Webalizer further (allowing it to identify more user agents, referrers and search engines than normal) using extended configuration files, provided by Enric Naval and available at http://griho.udl.es/webalizer/.
• It is possible to use multiple configuration files on Webalizer. Just specify them at the command line:
  

  webalizer -c common.conf -c user_stas.conf
  

• Why don't you try also AWStats & WebDruid?!

This is a tiny and highly experimental HTTP/1.0 proxy software that I have written to debug HTTP protocol & it's clients. It is very small and simple, yet useful to reverse-engineering purposes. It's interface is quite obvious. The Server frame controls the IP, port and connection limit of the proxy server. It also shows how many connections are active at moment. The Data Traffic frame shows in/out packets & bytes. Service frame allows you to stop, start and quit the proxy. These are the very minimalist controls for the very minimalist proxy server.

The interesting stuff begins at the Plugin frame. All the packet passed through this proxy server are forwarded to the selectable plugin module. By default, it is logger.dll. It simply saves every single packet into separate file, which uses the following name scheme: from_IP.from_port-to_IP.to_port.log (for example, 127.0.0.1.4322-127.0.0.1.21.log). The files can be ordered by their modification date in your file explorer, so you can track the entire session:

The logger.dll can be set up to include a sequence counter at the beginning of each packet and to output saved packets into some specific directory:

Plugin module is also capable of injecting packets. Load the replicator.dll file and check the setup screen:

When you click the Capture button and then make some action in your proxied web client, the replicator plugin will prompt you if it got a corresponding packet. This packet may be resent automatically, at the period specified in the Period box. You can capture & replicate several packets, and manipulate their resend period. A very interesting application of the replicator plugin is to flood web chats and to spin up web counters. Of course, the right way is to use logger.dll and to make a clone that imitates the "real" web client.

The final note: this is, and always will be, an alpha-state code. I do not develop this proxy application anymore. It is useful to me the way it is. But you can grab the source and make a whatever plugin you like, or even rewrite the code entirely. I don't care. Just give me the proper credits!

E1L2 near the dark room elevator: enhanced brightness

• Omniscience. You can peek at your opponents screen (using "Coop View", which now works even in the deathmatch mode!), and hear the sounds they make (you may hear them scream when hit at the long distances). You are able to see in darkness all the time, without using the night vision goggles, and without that ugly green screen tinting. You'll know when your opponent drops a holoduke, so you won't waste your ammo with it. And finally, you won't see that confusing steroids trail anymore!
  
• Aim bot features. Aim bot (which can be turned off!) will track the closest visible opponent automatically. If you're close enough to your opponent, aim bot will also try to kick him while shooting. And it will auto-activate med kit when you get shot! Another cool feature associated to the aim bot is the auto-jetpack. Jump from a high place, and jetpack will be activated automatically when you're close to the ground.
• Practical enhancements. When you find a new weapon, game won't switch to it automatically. You will always see which weapon your opponent is using, without activating the "Weapon Mode". Demo viewer doesn't switches camera automatically anymore. And game doesn't prompts you with credit screens/animations when started or finished.
• DNCROZ during multiplayer?! Even this is possible in the cheater! The only problem is: both players should type it when the game is paused, or the "Out Of Sync" condition occurs. Other cheats that work in the multiplayer game are: DNSCOTTY###; DNCOORDS, DNVIEW; DNRATE; DNBETA; DNTODD; DNSHOWMAP; DNALLEN; DNDEBUG.
• ".ANM viewer". Just type DNENDING while playing, and the game skips right to the episode ending video

1. Unpack the DN3D1666.ZIP into your Duke3D installation directory, overwriting files.
2. Configure Duke3D. Run SETUP.EXE, and go to "Controller Setup", then "Choose Controller Type", and then select "Keyboard and External". After this, select "Setup External", "Change External Program Name", and type "DUKE3D.EXE" there. Now you can save config, but DON'T LAUNCH A GAME YET!!!
   (NOTE: it would be great if you disabled Turn_Left and Turn_Right keyboard bindings, although, if you don't plan to use "AutoAimSelfCalibrate" setting in DUKE3D.666 file or won't use Auto-Aim feature at all, you don't need to do this).
3. Now, edit the file DUKE3D.666. Open it in your favorite editor (EDIT.COM ), and you'll see that it's almost self-explanatory. Note that your mouse is now configured by this file, any SETUP settings will be ignored! Also note that default mouse settings for v1.666 imitates the default settings for the original Duke3D v1.5.
   

3fb2924c8fb8098dbc8260f69824e9c437d28c68  FC4-i386-disc1.iso
31fdc2d7a1f1709aa02c9ea5854015645bd69504  FC4-i386-disc2.iso
032455cdf457179916be3a739ca16add75b768b7  FC4-i386-disc3.iso
f560f26a32820143e8286afb188f7c36d905a735  FC4-i386-disc4.iso
736e1555e88740d6131c5c84fbe69ed1073ba82d  FC4-i386-rescuecd.iso

D:\_INSTALL_\stentz-binary-i386\FC4-i386-rescuecd.iso

expected:	736e1555e88740d6131c5c84fbe69ed1073ba82d
computed:	736e1555e88740d6131c5c84fbe69ed1073ba82d

SHA1 checksum OK!

Installation:

1. Unzip the "checksum.wcx" to the Total Commander or Windows Commander plugins directory
2. In Windows Commander 4.0 (or newer) or Total Commander, choose 'Configuration => Options'
3. Open the 'Packer' page
4. Click 'Configure packer extension WCXs'
5. Type md5 as the extension
6. Click 'New type', and select the "checksum.wcx" file
7. Click OK and then 'Configure packer extension WCXs'
8. Now type sha as the extension
9. Click 'New type', and select the "checksum.wcx" file again
10. Click OK
    

Usage:

(This section uses MD5 checksums as example; for SHA1 the procedure is the
same, just replace every "md5" you see by "sha" )

1. Generate MD5 checksum:
   1. Select files you wish to compute checksum.
   2. Then go to "Files => Pack".
   3. Select "md5" as packer.
   4. PLEASE NOTE THAT ARCHIVE PATH WILL BE IGNORED!!! ".md5" 'archive' is ALWAYS generated in current directory (where checked files are), and NOT in the opposite panel! The only exception is creating checksum of the files stored on CD-ROM media as there's no way to create files there.
   5. Press OK and check CURRENT directory for ".md5" list generated.
2. Verify MD5 checksum:
   1. Certify that ".md5" list is in it's right place (filenames listed in it should be relative to the current directory).
   2. Select it and do "Files => Test Archive(s)".
   3. If any file doesn't matches stored MD5 checksum then "CRC error" message box appears.
   4. If everything is clear Total Commander remains quiet.
3. Browse MD5 checksum list:
   1. Certify that ".md5" list is in it's right place (filenames listed in it should be relative to the current directory).
   2. Select it and enter it as it were a normal archive.
   3. If any file is present in the ".md5" list but wasn't found in the current directory then "?" is displayed instead of file date/time and size.
   4. PLEASE NOTE THAT FILES CAN NOT BE EXTRACTED TO YOUR DISK! ".md5" isn't an archive, it stores only the hash of the file.
   5. Select file you wish to check and press F3 (call Lister).
   6. Lister will show complete file name, expected checksum and generated checksum. If both checksum matches then the last line is "MD5 checksum OK!".

Installation:

1. Unzip rio.wfx & rio.cfg files to Total Commander directory
2. Choose "Configuration => Options => Operation => FS-Plugins"
3. Choose rio.wfx
4. Click OK.
5. You can now access the plugin in the "Network Neighborhood"
6. Open rio.cfg file and set the correct LPT port address (see below for more details)
   

Configuration:

# Assume that Rio is connected to LPT1
IOPort		0x378

# default
IODelayInit	20000
IODelayTx	100
IODelayRx	2

# "turbo" mode (UNSAFE!!!)
#IODelayInit	5000
#IODelayTx	1
#IODelayRx	1

"Process Stack Faker" (psf for short) is able to hide the real executable name and it's parameters from the output of "ps auwx", "ps -ef" & "top" (on UN*X machines), without any superuser privileges. Why should one wish to hide the stuff he/she executes is a complete different topic
Let's take a look at the options that psf itself accepts:

$ ./psf
Process Stack Faker (a.k.a. Fucker) v0.03
Coded by Stas; (C)opyLeft by SysD Destructive Labs, 1997-2003

Usage: psf [options] command arg1 arg2 ...
Where options can be:
-s string fake process name
-p filename file to write PID of spawned process - optional
-d try to start as daemon (in background, no tty) - optional
-l DO NOT exec through link (detectable by 'top'!!!) - optional
-u uid[:gid] (format just like in chown(1)) reset UID/GID - optional
-n priority renice process - optional

Example: psf -s "pine -i" -d -n 19 ./john -session:websrv
$

$ psf -s "pine -i" sleep 30 &
[1] 440
$ ps auwx
...
stas 84 0.0 0.6 2012 1232 pts/0 S 19:12 0:00 bash -rcfile .bashrc
stas 440 0.0 0.1 1204 376 tty2 S 20:09 0:00 pine -i

stas 450 0.0 0.4 2544 816 tty2 R 20:12 0:00 ps auwx
...

Screenshot:

SSH:

LOGIN_PROGRAM="/sbin/ttysnoops"
export LOGIN_PROGRAM

// #ifndef SSHDIR
#define SSHDIR	ETCDIR "/ssh"
// #endif

./configure --prefix=

Bugs:

• DOS (DJGPP, Turbo C)
• Windows 9x/NT/2K/XP (Borland C, Microsoft Visual C, MinGW)
• Linux (gcc)
• FreeBSD (gcc)

This one looks like and feels like the popular "Microsoft ® Registry Editor" (A.K.A. regedit.exe ), specifically one that comes from Win2k default installation.
It only has one (significative) difference... It will never prompt you with following message box, when started:

"Registry editing has been disabled by your administrator."

REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableRegistryTools"=dword:00000001

regedit.exe

P.S. - reg3dit has nothing to do with the leaked Win2k source!!! I've created it by my own.