Custom XMP data: Create namespace, or just plug it in somewhere? - xmp

If I am encoding arbitrary data into XMP is it better to use an existing namespace, or create my own? (NB:I barely know what I'm talking about)
I'm using Exempi to edit XMP meta on an AVI file:
exempi -w -n http:// TEST -s PROPERTY1 -v VALUE1 example.avi
Creates:
<rdf:Description rdf:about=""
xmlns:TEST="http://">
<TEST:PROP1>VALUE1</TEST:PROP1>
</rdf:Description>
However, I don't have a URI (not even sure what it's for) and don't think this information will be universally accessible by other programs that read XMP.
Is there a standard place I should but arbitrary data in (say a "comment" field, perhaps serialized) that I can more universally ensure is most accessible by other programs?
Using exempi to add comment:
exempi -w -s xmpDM:logComment -v "a:2:{s:5:\"TEST1\";s:6:\"VALUE1\";s:5:\"TEST2\";s:6:\"VALUE2\";}" example.avi
Yields:
<rdf:Description rdf:about=""
xmlns:xmpDM="http://ns.adobe.com/xmp/1.0/DynamicMedia/">
<xmpDM:logComment>a:2:{s:5:"TEST1";s:6:"VALUE1";s:5:"TEST2";s:6:"VALUE2";}</xmpDM:logComment>
</rdf:Description>
Which appears to be more accessible by other programs (exiftool, properties dialogue of most major video players, etc)
I'm on Ubuntu 16.04.

Related

wireshark 2.2.5 - how to set ESP preference from command line

I'm finding a way to set ESP preference, i.e. encryption keys, authentication keys, from command line. I have tried below command but wireshark always says no preference matches mine
tshark -i - -Y "sip||esp" -d tcp.port=="5000-65535",sip -d
udp.port=="5000-65535",sip -T text -l -O "sip,esp" -o
esp.enable_null_encryption_decode_heuristic:true -o
esp.enable_authentication_check:true -o
esp.enable_encryption_decode:true -o "esp.sa_1:IPv4|*|*|*" -o
"esp.encryption_algorithm_1:AES-CBC [RFC3602]" -o
"esp.encryption_key_1:0xC5DA46E7FF43C8D6C0DD3A2707E42E05" -o
"esp.authentication_algorithm_1:HMAC-MD5-96 [RFC2403]" -o
"esp.authentication_key_1:0xE5A349FCBAD409D15C766702CD400BA4" >
D:\test\dump2.txt
It's always said that "esp.sa_1" flag is unknown. Same as esp.encryption_algorithm_1 and esp.authentication_algorithm_1, and so on.
I have searched around and think that esp.sa_1 is only available in older version of wireshark.
Does anyone know how to have these preference on wireshark 2.2.5?
Thank so much!
Unfortunately, the ESP preferences wiki page is out of date. The ESP preferences have been changed to a UAT (User Access Table), so you can more simply create an esp_sa file instead of specifying individual preferences. Probably the easiest way to learn the format of the file is to create one in Wireshark first, but from the source code, you can see that each entry contains the following information:
Protocol used
Source address
Destination address
SPI
Encryption algorithm
Encryption key
Authentication algorithm
Authentication key
For example, an entry might look like:
"IPv4","","","","AES-CBC [RFC3602]","0xC5DA46E7FF43C8D6C0DD3A2707E42E05","HMAC-MD5-96 [RFC2403]","0xE5A349FCBAD409D15C766702CD400BA4"
But if you really want to specify these options on the command-line rather than creating or modifying the esp_sa file, then you can do so. From section 10.2, Start Wireshark from the command line, of the Wireshark User Guide:
User access tables can be overridden using “uat,” followed by the UAT file name and a valid record for the file:
wireshark -o "uat:user_dlts:\"User 0 (DLT=147)\",\"http\",\"0\",\"\",\"0\",\"\""
The example above would dissect packets with a libpcap data link type 147 as HTTP, just as if you had configured it in the DLT_USER protocol preferences.
So, in your case, you would use something like so:
Unix
tshark.exe -o 'uat:esp_sa:"IPv4","","","","AES-CBC [RFC3602]","0xC5DA46E7FF43C8D6C0DD3A2707E42E05","HMAC-MD5-96 [RFC2403]","0xE5A349FCBAD409D15C766702CD400BA4"'
Windows
tshark.exe -o "uat:esp_sa:\"IPv4\",\"\",\"\",\"\",\"AES-CBC [RFC3602]\",\"0xC5DA46E7FF43C8D6C0DD3A2707E42E05\",\"HMAC-MD5-96 [RFC2403]\",\"0xE5A349FCBAD409D15C766702CD400BA4\""

wget appends query string to resulting file

I'm trying to retrieve working webpages with wget and this goes well for most sites with the following command:
wget -p -k http://www.example.com
In these cases I will end up with index.html and the needed CSS/JS etc.
HOWEVER, in certain situations the url will have a query string and in those cases I get an index.html with the query string appended.
Example
www.onlinetechvision.com/?p=566
Combined with the above wget command will result in:
index.html?page=566
I have tried using the --restrict-file-names=windows option, but that only gets me to
index.html#page=566
Can anyone explain why this is needed and how I can end up with a regular index.html file?
UPDATE: I'm sort of on the fence on taking a different approach. I found out I can take the first filename that wget saves by parsing the output. So the name that appears after Saving to: is the one I need.
However, this is wrapped by this strange character â - rather than just removing that hardcoded - where does this come from?
If you try with parameter "--adjust-extension"
wget -p -k --adjust-extension www.onlinetechvision.com/?p=566
you come closer. In www.onlinetechvision.com folder there will be file with corrected extension: index.html#p=566.html or index.html?p=566.html on *NiX systems. It is simple now to change that file to index.html even with script.
If you are on Microsoft OS make sure you have latter version of wget - it is also available here: https://eternallybored.org/misc/wget/
To answer your question about why this is needed, remember that the web server is likely to return different results based on the parameters in the query string. If a query for index.html?page=52 returns different results from index.html?page=53, you probably wouldn't want both pages to be saved in the same file.
Each HTTP request that uses a different set of query parameters is quite literally a request for a distinct resource. wget can't predict which of these changes is and isn't going to be significant, so it's doing the conservative thing and preserving the query parameter URLs in the filename of the local document.
My solution is to do recursive crawling outside wget:
get directory structure with wget (no file)
loop to get main entry file (index.html) from each dir
This works well with wordpress sites. Could miss some pages tho.
#!/bin/bash
#
# get directory structure
#
wget --spider -r --no-parent http://<site>/
#
# loop through each dir
#
find . -mindepth 1 -maxdepth 10 -type d | cut -c 3- > ./dir_list.txt
while read line;do
wget --wait=5 --tries=20 --page-requisites --html-extension --convert-links --execute=robots=off --domain=<domain> --strict-comments http://${line}/
done < ./dir_list.txt
The query string is required because of the website design what the site is doing is using the same standard index.html for all content and then using the querystring to pull in the content from another page like with script on the server side. (it may be client side if you look in the JavaScript).
Have you tried using --no-cookies it could be storing this information via cookie and pulling it when you hit the page. also this could be caused by URL rewrite logic which you will have little control over from the client side.
use -O or --output-document options. see http://www.electrictoolbox.com/wget-save-different-filename/

wget to exclude certain naming structures

My company has a local production server I want to download files from that have a certain naming convention. However, I would like to exclude certain elements based on a portion of the name. Example:
folder client_1234
file 1234.jpg
file 1234.ai
file 1234.xml
folder client_1234569
When wget is ran I want it to bypass all folders and files with "1234". I have researched and ran across ‘--exclude list’ but that appears to be only for directories and ‘reject = rejlist’ which appears to be for file extensions. Am I missing something in the manual here
EDIT:
this should work.
wget has options -A <accept_list> and -R <reject_list>, which from the manual page, appear to allow either suffixes or patterns. These are separate from the -I <include_dirs> and -X <exclude_dirs> options, which, as you note, only deal with directories. Given the example you list, something along the lines of -A "folder client_1234*" -A "file 1234.*" might be what you need, although I'm not entirely sure that's exactly the naming convention you're after...

How can I view output of tshark -V via Wireshark or similar?

Recently updated my Wireshark on a server, and lost the ability to use -R and -w from the CLI. Since I'm tracing SIP and RTP calls, I need to use -R and not -f.
I found out using -V is very useful (shows the packet tree on screen) and then I can redirect the output to a file. Unfortunately I'm not able to open that file through Wireshark to view properly (contains too muh text to easily scroll through).
I tried using -x t add the hex dump (removed -V), but still that is not openable through Wireshark when copying the text file to my PC.
Any ideas how I can trace using -R (with or without -V), copy the file to my PC and still be able to read it through Wireshark? I don't have issues to convert the file to a readable format.. Just need anything to view the files and share them :)
Thanks all,
//M

CVS command to get brief history of repository

I am using following command to get a brief history of the CVS repository.
cvs -d :pserver:*User*:*Password*#*Repo* rlog -N -d "*StartDate* < *EndDate*" *Module*
This works just fine except for one small problem. It lists all tags created on each file in that repository. I want the tag info, but I only want the tags that are created in the date range specified. How do I change this command to do that.
I don't see a way to do that natively with the rlog command. Faced with this problem, I would write a Perl script to parse the output of the command, correlate the tags to the date range that I want and print them.
Another solution would be to parse the ,v files directly, but I haven't found any robust libraries for doing that. I prefer Perl for that type of task, and the parsing modules don't seem to be very high quality.