For example :
If I had http://somepage.com/somefolder/someresouce?p1=value&p2=value&p3=value
I would like to see a column that would display the value of p2 if it existed in the request.
I googled, asked people around but can't find a good answer.
If think creating a dissector might help, but I don't want to write a new dissector for http.. that's an overkill.
And there is no http.request.queryParams["p2"] syntax for use of Custom Column type.
Thanks in advance!
Edit : I solved my own Question, adding the best implementation so far in my own answer below.
Well, the solution was indeed in dissectors.
Wireshark help is not very good, the examples are ok though.
The main problem was that wireshark help defines that you can write your lua script, and place it in the plugins directory, which is searched recursively for lua files.
I did place my lua there and nothing worked, After almost 2 hours of fiddling, I found out instead of putting it in the plugins directory, it had to be in plugins//myScript.lua in order to work...
Now just to share my work :
To answer my own question :
http://pastebin.com/eANEut92
Related
I have a script which uses gcsfs to write data to Google Cloud. Most of the time it works, but fairly regularly I get the following error:
ValueError: Non-final chunk write below min size.
This error seems to come from GCSFile._upload_chunk.
I can't really find anything in the docs that explains what might be going wrong here. I read this thread which suggests it might be related to how the data is committed (should I disable autocommit?) but I'm not sure it's entirely relevant. I read through the source of that function but that didn't help too much either. Would appreciate any guidance!
My code looks like this:
with gcs.open(file_path, mode='w') as f:
f.write('\n'.join(output_data))
output_data here is a list of strings. gcs is an instance of gcsfs.GCSFileSystem.
This issue apparently no longer happens in v0.7.0. Anyone facing it should upgrade.
I obfuscated this script using some site
But i'm wondering how to deobfuscate it? can someone help me?
i tried using most decompilers and a lot of ways but none has worked
local howtoDEOBFUSCATEthis_Illll='2d2d341be85c64062f4287f90df25edffd08ec003b5d9491e1db542a356f64a488a1015c2a6b6d4596f2fa74fd602d30b0ecb05f4d768cd9b54d8463b39729eb1fe84630c0f8983f1a0087681fe4f2b322450ce07b
something like that for an example.
the whole script: https://pastebin.com/raw/fDGKYrH7
First reformat into a sane layout. a newline before every local and end will do a lot. Then indenting the functions that become visible is pretty easy.
After that use search replace to inline constants. For example: local howtoDEOBFUSCATEthis_IlIlIIlIlIlI=8480; means you can replace every howtoDEOBFUSCATEthis_IlIlIIlIlIlI with 8480. Though be careful about assignments to it. If there are any then it's better to rename the variable something sensible.
If an identifier has no match you can delete the statement.
Eventually you get to functions that are actually used.
Looking at the code it seems to be an interpreter implementation. I believe it's a lua interpreter
Which means that you'll need to verify that and decompile what the interpreter executes.
I was wondering if anyone knows how to add comments to a fasta file. I tried using the # character but it doesn't sit well with alignment algorithms/software.
Thanks,
What I usually found is that there are no comments. But in the wikipedia article it says that you could add comments after the > line if starting with ;. But I have never found anyone with this notation.
But I have never found any fasta file with comments. Usually the header or the name get this attribution so > E.coli can be converted to > E.coli X43 methanol as you can see here
But usually, as seen here, and here is added as a description as said.
You are not allowed to adds comment IN the sequence. But you could add a comment within an alternative format like one of the XML-based ones published by the NCBI.
I've got MMM-mode set up to edit .html.erb files, but indentation does not work in the ruby sections, and all the different electric behaviours of ruby-mode do the wrong thing. I've changed this sub-mode from ruby-moode to fundamental-mode, and it works much better.
I want to still use ruby-mode's font-locking though, is this possible/easy? Any hints on where to start.
Elisp is comfortable to me, but I don't have too much time right now to dig too deeply myself. Hopefully someone will have a snippet?
I see you haven't yet found an answer. Dunno whether it will be better for this, but you might consider using MuMaMo instead of MMM.
To answer the question, you would define a major mode deriving from fundamental-mode, and in its body just copy the font-lock-related lines from the ruby-mode definition body, the ones setting font-lock- variables and also syntax-propertize-function. Naturally , you need to (require 'ruby-mode) somewhere.
But for .html.erb files I can now recommend using mmm-erb, which was not available when this question was asked.
I'm writing my degree project report using the article class and I want a structure like this:
Abstract
Introduction
1. What
2. Where
3. Etc.
I was searching and I found that using \setcounter{secnumdepth}{-1} the complete numeration is eliminated. And if I use * these sections don't appear in the table of content. So what can I do? Can this be done without installing packages (like memoir)?
Note:
It was asked before, but I did not find it when I searched. Sorry :(
use:
\section*{Foo and Bar}
\addcontentsline{toc}{section}{Foo and Bar}
Using the * version of the section commands might help. Try \section*{Abstract} and see if it is close enough.