[linux-elitists] Fun with SirCam

Karsten M. Self kmself@ix.netcom.com
Fri Aug 3 22:33:33 PDT 2001


on Fri, Aug 03, 2001 at 10:17:50PM -0700, Rick Moen (rick@linuxmafia.com) wrote:
> begin  Karsten M. Self quotation:
>  
> > Likewise, dd, which you should already have:
> > 
> >    dd if=<attachment> bs=32 skip=4288 of=<document> 
> > 
> > ...selecting a larger blocksize (32 is the largest integer divisor of
> > 137216) lets dd run a bit faster than it would with bs=1 skip=137216.
> 
> Indeed.  Points for fb:
> 
> 1.  Runs on any platform that has a C compiler; Win32 and x86 Linux
>     binaries furnished.

Conceded, but Cygwin, UWIN, MKS, Unix services for NT, should all
include 'dd'.

> 2.  Lets you easily get the entire worm binary, in addition to the
>     document.  (Some folks have found it interesting to run it through
>     a disassembler.)

    $ dd if=attachment bs=32 count=4228 of=worm

...give or take a few bytes.

> Also, fb is a just a really nice binary-manipulation tool.  Worth having
> around, on its own merits.

I'll look at it at some point.  Not packaged for Debian.  Licensing?

-- 
Karsten M. Self <kmself@ix.netcom.com>            http://kmself.home.netcom.com/
 What part of "Gestalt" don't you understand?               There is no K5 cabal
  http://gestalt-system.sourceforge.net/                 http://www.kuro5hin.org
   Free Dmitry!! Boycott Adobe!! Repeal the DMCA!!   http://www.freesklyarov.org
Geek for Hire                          http://kmself.home.netcom.com/resume.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: not available
Url : http://allium.zgp.org/pipermail/linux-elitists/attachments/20010803/08a4be79/attachment.pgp 


More information about the linux-elitists mailing list