James Wilson

Burn bootloader for Arduino Duemilanove w/ Atmega328 using avrdude 5.10

This is using a new Arduino Duemilanove board with a regular Atmega328p, with no bootloader. I wanted to do the BitBang mode, since I didn't want to get or make anything else, and the ArduinoISP, I didn't have access to another Arduino. So I pieced together 3 different guides, I finally got it working.

This assumes you have a Duemilanove with Atmega328p. Running Ubuntu 9.10, though really any distro will work, though how you get the dependencies will vary. Also, you have the Arduino IDE installed to /usr/share/arduino, which if you install using the deb source method, it will be.

First, setup the Arduino as shown here. I used the first wiring guide, but either should work.

Next, setup avrdude on Ubuntu. I followed this guide, but used avrdude 5.10, instead of 5.8. The commands remain the same, except instead of downloading 5.8, you download 5.10.

Here's what I ran:

wget http://download.savannah.gnu.org/releases-noredirect/avrdude/avrdude-5.10.tar.gz
tar xfvz avrdude-5.10.tar.gz 
cd avrdude-5.10/
for i in 8 7 6 5 4 3 2 1 0; do wget -O patch-$i.diff http://savannah.nongnu.org/patch/download.php?file_id=1851$i; done
for file in patch-*.diff; do patch -p0 < $file; done
wget http://www.ftdichip.com/Drivers/D2XX/Linux/libftd2xx0.4.16.tar.gz
tar xzf libftd2xx*.tar.gz
cp libftd2xx*/static_lib/* .
cp libftd2xx*/*.h .
cp libftd2xx*/*.cfg .
./configure 
cp /usr/share/arduino/hardware/arduino/bootloaders/atmega/ATmegaBOOT_168_atmega328.hex .

Then you edit the file, Makefile:
CFLAGS = -g -O2 -> CFLAGS = -g -O2 -DHAVE_LIBUSB -DSUPPORT_FT245R
LIBS = -lreadline -lncurses -ltermcap -> LIBS = -lreadline -lncurses -ltermcap ./libftd2xx.a.0.4.16 -lrt

Then just run make.

Third, run:

sudo ./avrdude -C avrdude.conf -c duemilanove -P ft0 -p m328p -t -B 4800

And in that:

erase
w efuse 0 0x05
w hfuse 0 0xda
w lfuse 0 0xff
q

This sets up the efuse, hfuse, and ifuse values. This has to be run at a lower baud rate.

Fourth, run:

sudo ./avrdude -C avrdude.conf -c duemilanove -P ft0 -p m328p -U flash:w:ATmegaBOOT_168_atmega328.hex

The bootloader has been flashed. Lock it by running:

sudo ./avrdude -C avrdude.conf -c duemilanove -P ft0 -p m328p -t

And enter:

w lock 0 0x0f
q

Now, your Atmega328 should be ready to use. You can try it by uploading the example Blink from the IDE.

Twitter Push Notifications with Prowl without Growl

Prowl has an API. Just found that out. Even has a python module written for it, that's already been forked many times.

So I made a twitter push notification script.

IMG_0139

Runs every minute and pushes any new timeline posts to you. Really simple. Just throw it on a server or any box that's running full time.

RSS and Gmail scripts coming.

Ubuntu Notification Daemons

The new notifications system in ubuntu is actually pretty slick, but having to run multiple apps to get the notifications is annoying.

So, time to make daemons for the notification system.

First, and only currently, is the twitter pseudo-daemon. And it's wiki page.

Currently working on switching to an actual daemon and a gmail daemon, though python-libgmail is failing hard.

Any suggestions, post them.

Paintball Headlines Theme

I said I would post the theme for headlines when I thought it was acceptable. There are still problems, but whatever.

Anyways, this theme is based upon this tutorial theme, but changed to have multiple author support, support tags and categories, and be a double right column instead of a column on both sides. There are a few other little changes in there.

Github Repository

I'll try to update the theme whenever I change anything; I just have to remember to do a svn ci each time.

To run by default and not get errors, you need do need a few plugins, like wp_dtree. There's also a classifieds plugin that I wrote just for headlines that's needed, but I don't plan on releasing that, since it contains db info and it's pretty much just a MySQL query. In sidebar.php, just comment out the get_classifieds_new(10); code.

Edit: Changed to Github, since DevjaVu went away.

Python Random Show Player

This is a pretty simple little script I coded a while back that will play an n amount of randomly picked shows from a collection of shows.

Like, "randomshow.py 5" will play 5 randomly picked episodes back to back. I usually use this to cue up some shows right before going to sleep. It's better than flipping through channels trying to find something to watch.

By default, it uses a gui-less mplayer in full screen to play the videos. You can edit the playback command to use a different video player or use different settings.
Note: It expects the video player to exit after finishing playback. Mplayer does this by default (without the gui), but VLC, Xine, etc. don't.

To use, edit the first part of the file with the location(s) of your video files and the commands if needed. Run python randomshow.py rescan to generate your collection file. Then run python randomshow.py to play a random show.

This was made and used on linux, but it should also be compatible on Windows, though you might need to edit the commands.

I'll probably edit this to have better control over collections, a playlist option that'll just generate a playlist so you can use VLC or other video players. If you have any suggestions, let me know.

I'm also making a movie version, that will also support browsing of the collection (probably just via a web interface), and support multiple CD versions and archives. It'll be more like MythTV, but allowing less overhead.

Download randomshow.txt (rename to randomshow.py) or randomshow.tar

randomshow.py –help

Random Show 1.0 – James Wilson

randomshow.py [option] [count]

For 1 random show
randomshow.py

For n random shows
randomshow.py n

Rescan your collection
randomshow.py rescan

Use different collection and play 1 show. If collection doesn't exist, it will use default. latenight.txt can be any collection text file.
randomshow.py latenight.txt

Use different collection and play n shows
randomshow.py latenight.txt n

Rescan different collection
randomshow.py rescan latenight.txt

Create new collection
randomshow.py create latenight.txt "/media/tv/"

Example rescan output:

From location(s)
['/media/My Book/downloads/tv/', '/media/hdb1/Documents and Settings/User/My Documents/My Videos/tv/Futurama', '/media/hdb1/Documents and Settings/User/My Documents/Fastlane']
Clearing collection file
Added 113 King of the Ant Hill.avi
Added 110 Keeping Up With Our Joneses.avi
Added 104 Luanne's Saga.avi
[...]
Added Fastlane – 120 – Asslane.avi
Added Fastlane – 121 – Dosed.avi
Added Fastlane – 122 – Iced.avi
Collection built – 696 files

Example collection file:

Random-Show-Collection-1.0;shows.txt;/media/My Book/downloads/tv/,/media/hdb1/Documents and Settings/User/My Documents/My Videos/tv/Futurama,/media/hdb1/Documents and Settings/User/My Documents/Fastlane
/media/My Book/downloads/tv/koth1/113 King of the Ant Hill.avi
/media/My Book/downloads/tv/koth1/110 Keeping Up With Our Joneses.avi
/media/My Book/downloads/tv/koth1/104 Luanne's Saga.avi
[...]
/media/hdb1/Documents and Settings/User/My Documents/Fastlane/Season 1/Fastlane – 120 – Asslane.avi
/media/hdb1/Documents and Settings/User/My Documents/Fastlane/Season 1/Fastlane – 121 – Dosed.avi
/media/hdb1/Documents and Settings/User/My Documents/Fastlane/Season 1/Fastlane – 122 – Iced.avi

WordPress YouTube Sidebar Video Plugin

This is a plugin based on the YouTube widget. It'll display a YouTube video, most likely in your sidebar, by calling the youtube function which you can specify the url, width, height, and if it'll autoplay. It's not much, at all, but meh.

Download youtube-plugin.zip (youtube-plugin.tar.gz)

This plugin is one function called youtube that will display a YouTube video. It's pretty much the same as copying the embed code from YouTube, but will allow you to change the width and height much easier.

I'm not going to go too much into this, so here's the whole calling it premise. You would place this in your template in php tags.

youtube(uri[,width,height[,autoplay]])

Display a video with default width and height (250×165)
youtube("http://www.youtube.com/watch?v=AYxu_MQSTTY")

Display a video with custom width and height (500×330)
youtube("http://www.youtube.com/watch?v=AYxu_MQSTTY",500,330)

Display a video with default width and height (" will cause it to default), but autoplay
youtube("http://www.youtube.com/watch?v=AYxu_MQSTTY","","",TRUE)

Display a video with custom width and height and autoplay
youtube("http://www.youtube.com/watch?v=AYxu_MQSTTY",500,330,TRUE)

Download youtube-plugin.zip (youtube-plugin.tar.gz)

You're In My Server, Looking At My Plugins

Apparently, people realized that if they have their folders indexable, they could be indexed. OMG! And that you can view you plugins directory via Google. Holy crap!

First off, their google dork isn't even right. Index of /wp-content/plugins should clearly be intitle:"Index of /wp-content/plugins" or else I'll get your's and this shitty post in the results.

But that's not even that good. It only applies to people with their blog hosted in the root directory. If you have it in the blog/ directory, you don't get hit.

So now, the query should be intitle:"Index of"+intitle:"/wp-content/plugins". This returns about 50k more results.

But what about the usefulness of this?

Let's say there is a vulnerability in the "Share This" plugin.

We can try the directory way that's supposedly so vulnerable. intitle:"Index of /wp-content/plugins" share-this.php 40 hits

Or a better method. We know that the plugin adds a link called "Share This" to every post. Don't believe me? Scroll down a bit and you'll see it. So we can search for "Share This" on pages with the word wordpress, since that's usually in the footer, but not if it uses the word plugin, since it's probably talking about the plugin itself or have wordpress or Share This in the title since it's likely to also just be talking about the plugin itself. wordpress+"Share This" -plugin -intitle:"wordpress" -intitle:"Share This" 3.3 million hits.

Sure, there will be false positives, but there's a much greater changes of having a much bigger impact. Who cares about the false positives? If it doesn't work, it doesn't work. Just move on. You could start it at night and have tried all the sites before even waking up, well, maybe, probably not, but you'll have a lot more than 40.

I'm thinking the severity of the whole directory being exposed is a little dramatic. Yeah, it's probably better if it wasn't indexed, but it's not killing anyone. Now, if you have a password in there, that's a different case.

In fact, here is my plugin directory. (I have indexes off by default, mainly because netfirms doesn't use Apache's indexing thing)

% ls -lA wp-content/plugins
total 1400
drwxr-xr-x  2 2701791  552     512 May  8 18:41 404-notifier
-rw-r--r--  1 2701791  552    4667 May  8 18:41 404-notifier.tar.gz
drwxr-xr-x  3 2701791  552     512 May  7 22:18 PostToTwitter
-rw-r--r--  1 2701791  552    2134 May  7 22:16 PostToTwitter.tar.gz
drwxr-xr-x  2 2701791  552     512 Apr 21 16:03 akismet
drwxr-xr-x  2 2701791  552     512 May  8 18:41 comment-relish
-rw-r--r--  1 2701791  552    3536 May  8 18:35 comment-relish.tar.gz
drwxr-xr-x  2 2701791  552     512 May  7 22:18 easy-auctionads
-rw-r--r--  1 2701791  552    7542 May  7 22:16 easy-auctionads.tar.gz
-rw-r--r--  1 2701791  552   54904 Apr 21 15:20 goog.tar.gz
drwxr-xr-x  2 2701791  552    1024 Apr 21 16:20 google-sitemap-generator
drwxr-xr-x  5 2701791  552     512 Apr 21 16:49 gregarious
-rw-r--r--  1 2701791  552  109199 Apr 21 15:49 gregarious.tar.gz
-rwxr-xr-x  1 2701791  552    2025 Oct 25  2006 hello.php
-rw-r--r--  1 2701791  552    5152 Nov 16  2006 ol_feedburner.php
-rw-r--r--  1 2701791  552    1861 Jul 24  2006 sem-unfancy-quote.php
drwxr-xr-x  2 2701791  552     512 May  8 18:40 share-this
-rw-r--r--  1 2701791  552   14032 May  8 18:35 share-this.tar.gz
drwxr-xr-x  2 2701791  552     512 May  7 22:17 stats
-rw-r--r--  1 2701791  552    5213 May  7 22:16 stats.tar.gz
drwxr-xr-x  3 2701791  552     512 May  8 18:41 subscribe-to-comments
-rw-r--r--  1 2701791  552   16017 May  8 18:36 subscribe-to-comments.tar.gz
drwxr-xr-x  2 2701791  552     512 May  8 18:40 twitter-tools
-rw-r--r--  1 2701791  552   17148 May  8 18:36 twitter-tools.tar.gz
drwxr-xr-x  4 2701791  552     512 Apr 21 21:47 widgets
-rw-r--r--  1 2701791  552   26579 Apr 21 20:48 widgets.tar.gz
drwxr-xr-x  2 2701791  552     512 Apr 21 16:20 wp-cache
-rw-r--r--  1 2701791  552   47104 Apr 21 15:21 wp-cache.tar
-rw-r--r--  1 2701791  552   31091 Jul 26  2006 wp-db-backup.php
drwxr-xr-x  4 2701791  552     512 Apr 25 12:54 wp-syntax
-rw-r--r--  1 2701791  552  309747 Apr 25 12:56 wp-syntax.tar.gz

Yes, I download the zips then convert them to tarballs, that's why all of my widgets are available in both formats.

But it also raises another question, how many of those do I have enabled?

404Notifier? No. PostToTwitter? No. akismet? Yes. Comment-relish? No. Easy-auctionads? Hell no. Google Sitemaps? Yes. Gregarious? No. Hello Dolly? Fuck no. Feedburner? Yes. Unfancy quote? Hell yes. Share this? Yup. Stats? Yes. Twitter tools? I had to check, but yes apparently. WP Cache? Yes, WordPress is too slow without it. DB Backup? Yup. WP Syntax? Yes, I likes me fancy highlighting.

10 out of 16 enabled. Does it mean that they can't be exploited without being enabled? Not necessarily, but to an extent, yes. It should die when it gets to an add_action call, unless someone allows it to execute other PHP code or include other files before calling add_action. Though they probably shouldn't do it in the first place. include($_GET['file']); comes to mind.

And if anyone is wondering where all the scripts are, I'll have a couple of widgets soon and another couple of python scripts.

New Paintball Blog

Eh. A little self promotion never hurt anyone.

I've launched a new paintball blog on the grounds that all others suck. (Paintball Journal, you aren't that bad, just the site itself sucks. If you were self hosted and less ad-ridden, you would have my support).

It's available over at PaintballHeadlines.com, or you can subscribe to the feed.

It's not too much now, but hopefully it'll grow into something more.

If you want to write for it, you can. You need to have some knowledge about paintball, or at least some interest in it. Just tell me some info about you, make an account over there, and I'll promote you to an author. Currently, there's no monetary incentive. If I do happen to put ads on it and make a profit, it'll be split between everyone.

WordPress Reddit Widget

Number 8 in Widget-A-Day is a reddit widget.

It'll display your latest liked items on reddit.com. You can edit the display, count, and username.

Not much of widget (can be kinda done via the RSS widget), but it'll be the closer in Widget-A-Day. I might have one on Saturday, but there's no guarantee. It's been fun. Hopefully someone has found these useful. I'll do it again sometime. If you have any problems, suggestions, or whatever, let me know

Download reddit.zip

SVN Checkout
svn co http://svn.wp-plugins.org/reddit-widget/trunk

Default display:
reddit1cropped.png

Admin panel:
reddit2cropped.png

Requirements

Installation

  1. Download reddit.zip
  2. Extract and upload reddit.php to the plugins/ directory
  3. Enable reddit Widget in the Plugin admin panel
  4. In widget admin panel, place reddit in the sidebar, and edit it to enter your username

Features

  • Displays your latest liked items (on reddit.com)
  • Completely customizable display
  • Caching for large traffic sites

Formatting

There are 3 parts needed to format the output.

The first part, called items start in the admin panel, is the first part of the widget after the title. For the default formatting, this is just <ul>.

The second part, called items end, is the ending of the widget. By default, this is:
</ul>
<a href="%profile%" style="float:right;">%username%</a>


The third part is what is called for each item. By default, this is:
<li style="list-style-type: none;"><a href="%link%">%title%</a> (<a href="%more%">more</a>)</li>

The premise of calling each value is this:

  1. start
  2. item
  3. item
  4. item
  5. end

The formatting for items is:

  • %title% – Title of the item
  • %link% – Link to the item
  • %desc% – Description of the item – Just [link] [more] links
  • %date% – Date the item was submitted (ISO)
  • %more% – More link – The link to the comments
  • %number% – The number of the current item

The formatting for start and end is:

  • %username% – Your username
  • %profile% – Link to your profile
  • %rss% – Link to your profile's RSS feed
  • %count% – Number of items shown

Download reddit.zip

WordPress YouTube Widget

Number 7 in Widget-A-Day is a YouTube widget.

It'll display a YouTube video in the sidebar. Just enter the URL of the video, and it'll show in the sidebar. You can change the width and height, and make it autoplay or not.

Download youtube.zip

SVN Checkout
svn co http://svn.wp-plugins.org/youtube-widget/trunk

Default display:
youtbe1cropped.png

Admin panel:
youtube2cropped.png

Requirements

Installation

  1. Download youtube.zip
  2. Extract and upload youtube.php to the plugins/ directory
  3. Enable YouTube Widget in the Plugin admin panel
  4. In widget admin panel, place YouTube in the sidebar, and edit it to enter the YouTube URL, not the embed code

Download youtube.zip