Problem:

You have a file that is dynamically generated by some server side code that is triggered by a POST request but you just want the file to download and not force the user to leave the page that they are on.  Because that is how it “should” work.  Typically though you insert some form into the page and they are directed off of the page to download the file.

Solution:

By leveraging jQuery, we can perform several actions.  When the “export” button (in this example a div with the id “export search”) is clicked the following jQuery code is run. The first thing we need to do is dynamically append a form to the page where the button was clicked.  In our form we need to have the page where the file is going to be downloaded from and a hidden input type with our POST variable and value.  Once the form has been appended to the page, we want to submit it and them remove the form since we no longer need it.  After the form is submitted the file will automatically start downloading.

$(document).on('click',"#export_search", function() {
 var search_val=$("#search_input").val();
 $('<form action="./php/export.php" method="post"><input type="hidden" name="search_term" value='+search_val+'></form>').appendTo('body').submit().remove();

});

Problem:

Lets say that you have captured some traffic with tcpdump, wireshark etc and resulting file is much larger than you anticipated and you can’t analyze the capture until the original file is broken into much smaller segments.

Solution:

This is where tcpdump will come in handy.  The following command will read in your original large file and split it up into evenly sized segments of your choosing.

tcpdump -r <path_to_large_pcap> -C <size_in_MB_that_you_want_the_file> -w <path_to_where_you_want_the_files_saved>

So for instance the following command will break up the file “network.pcap” into multiple 100MB files called “output1”, “output2” and so on.

tcpdump -r ./network.pcap -C 100 -w ./output

There are sometimes where setting a firmware password is less than desirable, but protecting access to single user mode is required.

The key to this is the “lock” command.  From the man page:

lock - requests a password from the user, reads it again for 
verification and then will normally not relinquish the terminal 
until the password is repeated.  There are two other conditions
under which it will terminate: it will timeout after some interval
of time and it may be killed by someone with the appropriate 
permission.

Apple stopped including the command with the OS after 10.4.  Fortunately it is open source so we can compile a version for newer versions of the OS.  You can get the source here or download a precompiled version here.  The lock command should be installed into /usr/bin/.

Once lock has been installed it is important to set the root password. This can be done with the following command.

sudo passwd -i file root

It is important to note that this will save the password to the UNIX password file which can be recovered via target disk mode or HD removal and then brute forced so you want to choose a strong password that is only used for this purpose.

The next step is to create a .profile in /var/root/ with the contents “/usr/bin/lock -p -t 38000”.  This can be done with the following command.

sudo echo "/usr/bin/lock -p -t 38000" > /var/root/.profile

Now when you try to boot to single user mode you will be prompted for a password.

Note: The -p flag tells lock to use the root password that we set earlier and the -t flag sets the timeout in minutes (the default is 15 min).