Python WMI2005-03-10

The Python WMI interface is very cool as it lets you write small yet functional snippets like the following print-job sniffer: 

    import wmi

    w       = wmi.WMI()
    watcher = w.watch_for(
        notification_type = "Creation",
        wmi_class         = "Win32_PrintJob",
        delay_secs        = 1)

    while 1:
    job   = watcher()
    owner = str(job.Owner)

    print "user:    %s"  % (job.Owner)
    print "printer: %s"  % (job.Name)
    print "title:   %s"  % (job.Document)
    print "pages:   %d " % (job.TotalPages)
    print "-" * 80

The above snippet will watch the network for all print jobs and print the owner, document title, printer name and page count. More information about WMI (Windows Management Instrumentation) can be found on MSDN.

Collaborative Reverse Engineering2005-03-01

I am releasing the source for IDA Sync under the GPL license. IDA Sync is implemented as an IDA Pro plugin and stand alone server for the purpose of allowing multiple analysts to synchronize their reverse engineering efforts. IDA Sync is especially useful when speed reversing malware. This project has some quirks that need to be worked out still and is being released pre-production quality in hopes of getting some support from the open source community.

Metakit if you haven't heard of it is an extremely useful, lightweight and efficient embeddable database library. I use it in many of my internal projects, including IDA Sync which was released today. In the process of bundling IDA Sync, I found that the latest Python bindings are not compatible with Python 2.4. After some googling I still couldn't find the appropriate binding so I bit the bullet and did the compile myself. To save others the effort, I am making it available here.

Metakit Python 2.4 Windows Bindings

Python Automobile Traffic Analyzer2005-02-24

It's been at least 6 months since I last looked at PyTrAn (Python Traffic Analyzer), but I came across it today and decided to organize some documentation and release it on the research/code page.

It's an interesting little side-project the goal of which was to automate traffic camera image analysis for the purpose of generating real-time traffic congestion reports. It has already reached a usable state though definitely short of my grand vision for where it could be. I'm sure at some point in the distant future I will find another burst of motivation to further it along.