Parsed Participle

The tickets to the 2007 Police world tour (which, in Japan, will be 2008 by the time they get here to perform at the Tokyo Dome) just arrived. Thilo, (my colleague and more-than-occasional sufferer of my worst puns) for whom I picked up a ticket as well, is beginning to be concerned about my general euphoria, and is also getting a little tired of having to parse out-of-context Police lyrics in lieu of coherent sentences.

I'm allowing myself that smug feeling of reassured satisfaction. Looks like the Screen scraping idea paid off. These are relatively good seats (they had better be; they cost 13,000 yen each), and might I add that though I managed to get them relatively early, the previous day's show (February 13th) was already sold out.

Someone (or should I say, something, because this looks like some auto-scanning script) gained access via SSH using one of the unused user accounts on this server. Nothing very spectacular, especially since everything was easily visible with ps, and even who. the IP seems to be: 86.123.17.188.

I could see this when I ran who:

faiz     pts/3        Nov 19 13:56 (p02a702.tokynt01.ap.so-net.ne.jp)
vasanth  pts/2        Nov 18 23:37 (86.123.17.188:S.0)

Looks like it never got beyond that, though I saw some hundreds of './ssh' processes running, which, after summarily killing off, I found and archived the offending scripts: These were stored and running off of the directory /var/tmp/vi.recover/irc/ as the user 'vasanth'. I suspect a weak password lead to a brute-force SSH break-in. Not at all a bother, but nothing that can't be fixed by an iptables '-m recent' filter.

Contents of the directory the intruder was running the scripts from:

var/
`-- tmp
    `-- vi.recover
        `-- irc
            |-- 1
            |-- 10
            |-- 11
            |-- 12
            |-- 13
            |-- 14
            |-- 15
            |-- 16
            |-- 17
            |-- 18
            |-- 19
            |-- 2
            |-- 20
            |-- 209.85.ps.22
            |-- 21
            |-- 22
            |-- 23
            |-- 24
            |-- 25
            |-- 26
            |-- 27
            |-- 28
            |-- 29
            |-- 3
            |-- 30
            |-- 31
            |-- 32
            |-- 33
            |-- 34
            |-- 35
            |-- 36
            |-- 37
            |-- 38
            |-- 39
            |-- 4
            |-- 40
            |-- 41
            |-- 42
            |-- 43
            |-- 44
            |-- 45
            |-- 46
            |-- 47
            |-- 48
            |-- 49
            |-- 5
            |-- 50
            |-- 51
            |-- 52
            |-- 53
            |-- 54
            |-- 55
            |-- 56
            |-- 57
            |-- 58
            |-- 59
            |-- 6
            |-- 60
            |-- 61
            |-- 62
            |-- 63
            |-- 64
            |-- 7
            |-- 8
            |-- 9
            |-- all
            |-- common
            |-- full
            |-- go.sh
            |-- mfu.txt
            |-- pass_file
            |-- ps
            |-- r00t
            |-- skan
            |-- ss
            |-- ssh
            `-- x

Some samples from the scripts: Note: though no harm can come if you try running these binaries as a non-root user (if you are running Linux, that is), it's probably a good idea not to run the scripts in this archive - there's no easy way to be sure what they actually do.

$ cat /var/tmp/vi.recover/irc/go.sh 
./ss 22 -b $1 -i eth0 -s 6
cat bios.txt |sort | uniq > mfu.txt
./ssh-scan
rm -f bios.txt

#!/bin/bash

clear

rm -rf $1.ps.$2

echo "#=====#==================================#=====#"
echo "#= R =# SSH AUTO SCANNER BY REGELE & CO  #= R =#"
echo "#= E =#-------   #BlackCat TEAM   -------#= E =#"
echo "#= G =#----------------------------------#= G =#"
echo "#= E =# � ALL RIGHTS RESERVED TO Regele �#= E =#"
echo "#= L =#   Now Just Sit Back End Relax    #= L =#"
echo "#= E =#   IPs founder... ACTIVATING!!!   #= E =#"
echo "#Range from -> $1.0.0"
echo "#Range   to -> $1.255.255"
echo "#Looking on -> PORT $2"

./ps $1 $2

sleep 5

cat $1.ps.$2 |sort |uniq > mfu.txt

oopsnr2=`grep -c . mfu.txt`

sleep 5
echo "#---Relax ... Take it Easy---#"

cat 1 > pass_file
sleep 3
./ssh 150

cat 2 > pass_file
sleep 3
./ssh 150

#... and so on

echo "# It's over, you cand go outside and play now #"

Yup, script 'kiddie' all right.

... of RSS, Web2.0 and whatnot. As much as I loved doing it back in old days, screen-scraping (parsing HTML off of web pages with a lot of guesswork) was (and is) yucky. I suppose I enjoyed it back then because I ended up learning a bit of Awk, and later Perl.

But since I've found no good way to avoid missing concerts, other than hope that there's a RSS feed with ticket/date information for bands/artists that I don't want to miss, I have to resort to such nonsense now and then:

use LWP::Simple 'get';
use HTML::TableExtract;
use Data::Dumper;

sub STATUS { 5 }  # The 5th column of table happens to be 'ticket status'

my $te = new HTML::TableExtract;
# slurp!
$te->parse(get 'https://tickets.thepolice.com/');

my ($table) = $te->tables;             # The first and only table in the 
                                       # page is a list of all gigs by city,
                                       # date, and ticket availability
my @tokyo_gigs = grep {                
                    grep /Tokyo/, @$_  # Rows with dates in Tokyo
                 } $table->rows;

# Look out for any changes; at this time, there are only 2 shows in Tokyo
die "Whoa! no gigs in Tokyo??"    unless @tokyo_gigs;
die "Whoa! *more* gigs in Tokyo??"    if @tokyo_gigs > 2;
die "Whoa! only *one* gig in Tokyo??" if @tokyo_gigs == 1;

# ... and if their status is anything other than 'Coming Soon',
# then either tickets sales have begun, or... are already sold out!
print "Whoa! somethings up!\n", Dumper @tokyo_gigs 
    if grep { ! /coming soon/i  }
       map { $_->[STATUS] } @tokyo_gigs;

This is just so I don't miss The Police live at the Tokyo Dome, scheduled in February, 2008.

So having to screen-scrape may suck, but at least there's Perl.

I suppose one could call me a fan. After years of not listening to classic rock, leave aside The Police, I suddenly find myself buying all their classic albums. In fact, I just bought almost all of them. Amazon is evil, I tell you, with their accursed 'Customers who purchased this item also purchased...' feature:

• Reggatta de Blanc
• Ghost in the Machine
• Zenyatta Mondatta
• Synchronicity

Only Outlandos d'Amour is needed now, to complete a full collection of all the band's studio albums.

And, what timing: 2007 sees Sting, Andy Summers and Stewart Copeland not only reuniting as the original 3-piece band, but with any luck, I get to see them live in Tokyo in February. If I buy the tickets on time that is. I have a horrible track record of missing out any good live music in a city that's not exactly deprived of it.

I must be a fan; I've spent all weekend watching YouTube videos of The Police, both clips from their 2007 world tour and the old music videos from the early 80's.

I only hope they don't get completely bored of playing the sames songs over and over again, by the time they get here.

Too close for comfort...
Here, it's actually touching the spokes - in fact, it's almost in the path of the spokes. 'Uncle', as we (Me and Mark) have been addressing the man at the neighborhood bicycle repair-shop, explains that the cause seems to be a damaged/bent hanger:

The frame was fixed, Uncle said the 6-7 degree bend was fixable, but apparently the hanger isn't 'right' - it's probably why the derailleur dived into the spokes last month, which was a spectacular event, still etched in my mind... the rear wheel came off, the chain broke and wedged between the largest rear gear and the wheel, and the derailleur flipped upwards, and the bike came, literally, to a grinding halt. Needless to say, the derailleur and chain, shown in these pictures are all new.

The risk of that happening again is only if I use the forward small gear, which is when the spoke-touching happens, as shown in the photos. And that, says Uncle, will be fixed once the drop-hanger arrives - and since Raleigh parts seem to be relatively scarce in Japan, that's been taking a long time...

My bicycle, which was sadly stuck at the mechanic-shop for a whole 3 weeks owing mainly to the lack of a spare part (A derailleur drop-hanger, to be precise), is now, finally road-worthy again. Or at least, almost so. So there's still a danger of the derailleur diving into the spokes like it did 3 weeks ago - but the chances, says the nice mechanic, are greatly minimized with the adjustments he's made. He was nice enough to not accept any payment until it was 'fully' fixed - i.e., after the hanger arrives. But it feels great to be cycle-borne again!

I came across a programming language called 'Beatnik': http://www.cliff.biffle.org/esoterica/beatnik.html

I happened upon it while browsing CPAN, and found a module called Acme::Beatnik.