Content here is by Michael Still mikal@stillhq.com. All opinions are my own.
See recent comments. RSS feed of all comments.


Thu, 04 Dec 2008



gtalkbot 1.4

    Its been a while between gtalkbot releases, and that's mainly because the current version "just works" and no one has reported any bugs or feature requests. However, the other day I was running a lot of long lived commands, and started getting annoyed at not knowing when they were finished. I thought it would be nice to get sent an IM when a command had completed. So, I implemented that in this new release.

    There is a simple shell script called notify.sh, which you need to modify to have the right path for an outbox directory. This directory is watched by gtalkbot, and files in the directory are processed as part of the idle loop. The format for files in the directory is the jabber ID to send to on the first line, and then the message on the remaining lines. I guess that means you don't have to use the shell script at all if you want, just have something dump files in the magic directory.

    You then need to add this line to the gtalkbot config file:

      connectwith	myaccount@gmail.com
      password	mypassword
      pluginsdir	/data/src/gtalkbot/plugins
      outboxdir	/data/src/gtalkbot/outbox
      authfile	/data/src/.gtalkbot-passwd
      


    So, there you go. I now get IMs when commands are completed, by running them like this:

      $ longcommand; echo "long command done" | notify mikaljabber@gmail.com
      


    The source for gtalkbot 1.4 is here.

    Tags for this post: gtalkbot release
    Related posts: RemoteWorker v74; Another version of blather; MythNetTV release 2; MythNetTV release 7; PNGtools 0.4; MythIpTV Beta 1

posted at: 17:25 | path: /gtalkbot | permanent link to this entry


Sat, 07 Apr 2007



gtalkbot 1.3

posted at: 21:56 | path: /gtalkbot | permanent link to this entry


Wed, 31 Jan 2007



Hey look, Secunia reads FreshMeat!

    I hope no one is paying Secunia for their security advisories. I release gtalkbot 1.0 (where you had to pass the GTalk user name and password on the command line), and then changed that behaviour in 1.1. The Secunia rocket scientists figured out all by themselves that this was bad. Bad enough for a security advisory?

    A security issue has been reported in gtalkbot, which can be exploited by malicious, local users to disclose sensitive information.

    The problem is that certain user credentials are passed to the application as arguments on the command line. This can be exploited to gain knowledge of usernames and passwords of other services via the process list.

    The security issue is reported in versions prior to 1.1.


    Ummm, the GTalk account is created for the purpose, and so it's not uber secure anyways. In fact, it's only visible to local users, who are presumably trusted anyways given that gtalkbot also needs the unauthenticated telnet interface to MythTV enabled to work. Wow. I assume that Secunia just reads every FreshMeat security release, and makes an announcement about it. Oh, and those three nearly paragraphs took over two weeks!

    Update: but wait, there's more! I made it into the US Federal Government's vulnerability database too, complete with an incorrect "Authentication: Not required to exploit". I guess the Feds can't read python code?

    Update: perhaps Secunia is just reprinting this lame advisory? Do these people just reprint each other's work all the time? Again with the hoping people aren't earning money by making suckers think they're helping...

    The fun continues: yay for SecWatch and systembodyguard!

    Tags for this post: gtalkbot secunia security advisory
    Related posts: Security Hyperventilating; Anyone for a little light WEP cracking?; What US address should I give?; Collisions in MD5 sums; A letter to Kensington; Theorising on Kensington lock insecurity

posted at: 22:08 | path: /gtalkbot | permanent link to this entry


Sun, 14 Jan 2007



gtalkbot 1.2

posted at: 21:14 | path: /gtalkbot | permanent link to this entry


Fri, 12 Jan 2007



gtalkbot 1.1

posted at: 20:33 | path: /gtalkbot | permanent link to this entry


Fri, 29 Dec 2006



Renaming mbot to gtalkbot

posted at: 19:39 | path: /gtalkbot | permanent link to this entry


Sun, 19 Nov 2006



mbot: new hotness in Google Talk bots

posted at: 16:56 | path: /gtalkbot | permanent link to this entry