LINUXsecure_LOGO
Issues on Linux and Security
 
-->
button Security Tasks
Protection
Detection
Reaction
 
button Description
Firewall
Packetfilter
Proxies
IDS
Policy
 
button Protection
In general
Iptables
Good Rules
SSH
Jail
 
button Detection
In general
Snort
Sniffing
Tripwire
Portsentry
Virus scanner
Rootkit scanner
Security scanner
 
button Hardening
In general
Openssh
Tinyproxy
 
button Bridging
Bridge
Bridging Firewall
Bridging IPS
 
button Other
Home
Vulnerabilities
Books
Links
F2html.pl
mp3riot
Downloads
News
Pigsparty
Gallery
Contributors
Impressum
 
button Search
Google
This Site

 
search in regular content
news
vulnerabilities
books
home
button Other --> F2html.pl
 

mp3riot (formerly known as f2html.pl)

News:

I decided to rename f2html.pl into mp3riot. the reason is, that the name f2html.pl does not clearly indicate, for what the program is best suited for. Because the program has grown so much (and because the the name should be more attractive to get more users), a renaming seems to be a must to me.

There are some important news about mp3riot / f2htmlpl. Please see the NEWS for further details.

About:

Mp3riot (formerly known as f2html.pl) is a command line utility that searches recursively through directories, builds a file list (with additional file information), and generates html files, plylists, etc. The output can be controlled, links can be corrected, and more. The script is mainly desigend to create Web pages, playlists, and databases for mp3-files, but can also used for other purposes.

Read the manual for further details.

Main Features:

  • supports playlists in m3u, pls, and xml format
  • supports sql output
  • creates html pages, templates can be used
  • supports advanced grouping methods
  • supports slection by date ranges, file extensions, and by random
  • supports renaming of mp3 files using id3tag information, templates or guessing can be used
  • advanced string manipulation methods
  • and much more ...

Download:

Latest version: mp3riot-1.3.zip

Older versions of mp3riot / f2html.pl:

For Windows-Users:

You can also download a windows executable compiled with perl2exe. Then you need not to install perl. But I have not testet the functionality of the executable in detail. So it is best to use perl and the source of mp3riot!

Windows binaries of mp3riot:

Usage:

perl mp3riot [options]
Options:

  • -h, --help: Show this screen and exit
  • -k, --mkconf:Use an assistant to write a config file
  • -o, --os win/unix: Default "unix", otherwise windows
  • -Q, --sortby value: Default is NAME (the filename). You can sort the filelist by the following criteria: URLNAME, SHOWNAME, DIR, NAME, TITLE, ARTIST, ALBUM, YEAR, COMMENT, GENRE, TRACKNUM, SIZE, MODTIME, VBR, BITRATE, FREQUENCY, MINUTES, SECONDS, FIRSTCHAR
  • -n, --doublicates: Check for doublicates of files by their filename
  • -D, --md5doublicates: Check for doublicates of files by their MD5 sum
  • -V, --seekvalues <n,+-n,n>: Three values that have to be seperated by ",". This is an useful option for --md5doublicates. The first one is the offset in bytes, the second is the number of bytes to seek (and the direction), and the last value tells the program where to start from (1 means to start from the begining of a file, 2 means to start from the end of a file. So, a combination of 1000,-1128,2 tells the programm to start 1128 bytes before the file ends (id3v1 tag is 128 bytes long!) and use 1000 bytes for calculation of md5 sums.
  • -b, --dbfile file: Write database to a file for searching it
  • -m --m3u file: Write a m3u playlist file. Directory and filename or GROUPPATH for writing m3u files for groups.
  • -X --xml file: Write a xml playlist file. Directory and filename or GROUPPATH for writing xml files for groups.
  • -L --pls file: Write a pls playlist file. Directory and filename or GROUPPATH for writing pls files for groups.
  • -W, --b4s file: Write a b4s playlist file. Directory and filename or GROUPPATH for writing b4s files for groups.
  • -t, --html file: Write a html file. Directory and filename or GROUPPATH for writing html files for groups.
  • -a, --http name: Define the http address for url
  • -r, --remove: Remove id3tags (do you know what you are doing?)
  • -i, --mp3info: Use mp3/ogg info for html output
  • -e, --ext: Remove file extensions in html output
  • -f, --filesize: Use filesize for html output
  • -c, --check ext: Select files by their extension(s) (e.g. mp3). For every extension use a seperate flag!
  • -z, --skip number: Skip n elements of mount/directories/names
  • -p, --conf file: Use a config file
  • -w, --utf8 file: File with UTF-8 code for replacements in links
  • -q, --nocs: Do sorting not case sensitive
  • -j, --statfile file: Write statistics to file
  • -d, --dir directory: Define the (multiple) directory(ies) the mp3s are stored in. For every directory use a seperate flag!
  • -g, --sql file: Filename to store sql table in (only for mp3 and ogg!)
  • -y, --replace file: Name of replacement file; in the file use <string_1>=<string_2> to transform <string_1> into <string_2>; special characters like a backslash have to be preceeded by a backslash "\\" (used for directories)
  • -s, --seperate path: Write seperate html files for every character
  • -R, --rename: Renames mp3 and ogg file using their id3tag. The use of rename_template in the configfile is optional. If rename_template is not used, the program tries to create a filename like: ARTIST - ALBUM - TRACKNUMBER - TITLE by using the id3tag. It assumes, that the filenames have a similar format and tries to guess, whether the id3tag has enough information to create a better filename. Old and new filenames are stored in RENAME.bak
  • -B, --renameback: Renames files back using the file RENAME.bak
  • -T, --templatesHtml templates are used. They have to be defined in the conmfig file using the commands html_head, html_change, html_body, html_footer, html_sep_head. See the README for avalable templates!
  • -G, --groupfile file: Filename for grouping information: <groupname1>=<TYPE>=<string1>,<string2>,...
    Prossible types are: EQUAL, NAME, DIR, TITLE, ARTIST, ALBUM, YEAR, COMMENT, GENRE, TRACKNUM, SIZE, MODTIME, VBR, BITRATE, FREQUENCY, MM, SS, FIRSTCHAR
  • -P, --grouppath path: The path, where to write the html files for group
  • -O, --older number: Only files are selected, having a modification time higher than the specified days
  • -Y, --younger number: Only files are selected, having a modification time less than the specified days
  • -I, --id3tag: Use the id3 tag to get infos
  • -S, --random number: Percentage of file to select randomly (e.g. 50 to select 50% of files/every second file)
You can use nearly all commands in a config file (and it is the best to do it this way!). The syntax then changes sligthly, so that, for example, --dir changes to dir=
Additionally, in the config file it is possible to use the commands:
  • exec= param: Execute system command. This command can be used multiple times
  • rename_template=string:string with templates for renaming files by their id3tag (to be used together with --rename)
    The following rename templates are available: **TITLE**, **ARTIST**, **ALBUM**, **YEAR**, **COMMENT**, **GENRE**. **TRACKNUM**
  • html_head= string: Html code for the head
  • html_change= string: Html code if the first character between two file names change
  • html_body= string: Html code for each filename
  • html_footer= string: Html code for the foot
  • html_sep_head= string: Html code for the head seperate html files by first character
    The following html templates are available: **SUMOFFILES**, **SUMOFMEGS**, **DATE**, **URLNAME**, **SHOWNAME**, **DIR**, **NAME**, **TITLE**, **ARTIST**, **ALBUM**, **YEAR**, **COMMENT**, **GENRE**, **TRACKNUM**, **SIZE**, **MODTIME**, **VBR**, **BITRATE**, **FREQUENCY**, **MINUTES**, **SECONDS**, **HTMLINDEX**, **FIRSTCHAR**

History:

mp3riot 1.3-20041220

  • extended grouping fuction for all playlistfiles
  • renaming of special characters for filenames og groups
  • support of b4s playlistformat
  • sorting of filelist by various criterias of id3tag, mp3 and
  • file information (e.g. ARTIST, BITRATE etc.)
  • extended output of doublicate function by diretory names
  • added FIRSTCHAR as a value for grouping

mp3riot 1.2-20041007

  • Fixed bug in sql output
  • Flexible search for doublicate files using md5 sums
  • search for doublicates by filenames seperated from search function
  • fixed bug in xml output
  • filesize in html output is now rouded
  • replaced progress bar by counter in percentage
  • added counter for collected files
  • fixed bug in index in html output
  • fixed bug in html output for grouping
  • extended grouping function by new type EQUAL
  • bugfix in pls output

mp3riot 1.1-20030728

  • Renamed f2html.pl into mp3riot
  • Fixed output of playlist in M3U format, so that the M3U file is now containing full information
  • Fixed bug for retreaving the TITLE of an id3tag
  • Added output of playlist in XML format
  • Added output of playlist in PLS format
  • Added random fileselection for random playlists
  • Added the tracknumber for sql output
  • Added **TRACKNUM** (tracknumber) and as a template variable for html output
  • Added TRACKNUM (tracknumber) as a variable for groupings
  • Added tracknumber and comment for db output
  • Fixed bug in renaming function when special characters are present in the id3tag
  • Added rename_template to do renaming of files using their id3tag in a flexible way
  • Fixed a bug in renameback

f2html.pl 1.0-20030319

  • Fixed some smaller bugs
  • Rebuild the internal data structure completely
  • Removed option for fast sorting (not necessary any more)
  • Implemented selection of files by their modification time (younger and/or older than days from now)
  • Implemented grouping of files by string matching between group defninitions by various types
  • Implemented variable html-code dsefinitions and templates
  • Changed definition for string replacement
  • f2html.pl now comes with a new version of Info.pm from MP3-Info-1.02 by Chris Nandor
  • The use of the id3tag for sql and html output is now optional
  • Manpage is not supported any more.

f2html.pl 0.9-20030313

  • Fixed a commandline parameter bug where the parameters were handled non case sensitive. Now there are handled case sensitive. As a result the functions RENAME and RENAMEBACK did not work when called with the short command line argument.
  • Fixed a commandline parameter bug that occured with Perl 5.8.0 and Getopt::Long 2.32. The -s flag in line 1 of the perl script causes the program to count the command line parameters in an usual way, so that command line parameters got disturbed and did not work any more.

f2html.pl 0.8-20021105

  • Some changes in the documentation.
  • New option to rename files using their id3tag.
  • New option to rename files back.
  • Some code fixes.
  • Usage of the replace option has changed.

f2html.pl 0.7-20021016

  • Bug for the option "check" in config file and configuration wizard fixed
  • Bug for the check of the mp3 extension when mp3info was enabled fixed.
  • Bug of sum of megs in html output fixed.
  • Bug in mp3table.sql fixed.
  • Basic ogg vorbis support implemented (thanks to Jens Burkal).

f2html.pl 0.6-20020718

  • New method (experimental) for faster sorting. Useful for indexing huge number of files or mp3 files with additional information.
  • New option for checking for dublicates of filenames.
  • Now f2html.pl comes wioth a new version of Info.pm from MP3-Info-1.01 by Chris Nandor.

f2html.pl 0.5-20020626

  • Fixed problem with sql data output when files contain the charakter " ' ".
  • Name of option "hex" changed to "utf8".
  • Implemeted progress bar for prepating html files.
  • More information about what the program is doing.

f2html.pl 0.4-20011127

  • Now f2html comes with a new version of Info.pm from MP3-Info-0.91 by Chris Nandor.
  • Minor Bugfixes.
  • New option to create sql database.
  • New option to create a config file.

f2html.pl 0.3-20010628

  • Some checks and corrections for pathnames.
  • Only existing characters are written out at the top of a html file.
  • Rewrite of sum of files and sizes. Important for writing seperate html files for every character.
  • The option -q has been implemented and allows for doing the procedures in a non case sensitive way.
  • The option -j has been implemented. A html file with statistics can be written out.

f2html.pl 0.2-20010117

  • The manual has been updated.
  • The option -c has been updated. Now this option can be used more than only one time. So one is able to select file by different extensions.

f2html.pl 0.1-20001127

  • Initial release.

back to top
button Whats New
[2005-02-18] mp3riot version 1.3 released
[2004-10-08] mp3riot version 1.2 is out.
[2004-04-30] Added section Bridging
[2004-01-09] working progress on mp3riot version 1.2
Over on his blog, Harald Welte comments on GPL enforcementin light of the Busybox/Toybox controversy. "In any kind of GPL enforcement, you of course not only want the complete corresponding source code to one program, but to all of the GPL/LGPL/AGPL or otherwise copyleft licensed programs contained in the product. We at gpl-violations.org have always been requesting the complete corresponding source code to all GPL licensed software during our communication with the infringing companies. This request was typically honored by everyone, without the need to apply any pressure onto it. After all, releasing only one bit of code causes the risk to get sued by somebody else who owns the other not-yet-compliant part of the code. [...] Now there have been rumors that SFC was not only requesting non-Busybox source code, but also making it a condition for the explicit re-instatement of the license on Busybox. Whether or not there was such a hard condition is subject to debate and there are different opinions on it. For those in the field of FOSS licensing, it has always known that there are different lines of thought with regard to the requirement to explicit reinstatement. We in Germany generally think that it is not required at all, and the existing preliminary injunctions at least implicitly acknowledge that as they enjoin companies from distributing a product as long as it is not in compliance with the license. In other (particularly the U.S.), it is generally assumed that explicit reinstatement is required."
Welte: Some comments on the heated debate on SFC / Busybox / Linux GPL enforcement
CentOShas updated C5: kernel(multiple vulnerabilities). Fedorahas updated F15: firefox(multiple vulnerabilities), F15: thunderbird(multiple vulnerabilities), F15: xulrunner(multiple vulnerabilities), F15: perl-gtk2-mozembed(multiple vulnerabilities), F15: gstreamer-plugins-bad-free(multiple vulnerabilities), F15: libvpx(multiple vulnerabilities), F15: gnome-python2-extras(multiple vulnerabilities), F15: thunderbird-lightning(multiple vulnerabilities), and F15: znc(denial of service). Ubuntuhas updated openssl(multiple vulnerabilities) and php(multiple vulnerabilities).
Friday's security updates
The first official releases of the Wayland display system, now split into two pieces called "Wayland"and "Weston,"are now available. What's not immediately available is a lot of information about what capabilities are in this release or how usable it is. "Wayland is the protocol and IPC mechanism while Weston is the reference compositor implementation. The 0.85 branch in both repositories is going to be protocol and interface stable. We have a series of protocol changes on the table before 1.0 but this branch marks a stable point before we jump into that."
Wayland and Weston 0.85.0 released
The Chromium Blog has an overview of the new JavaScript featuresexpected in a major revision of the language next year. "A proxy simulates a JavaScript object or function, and can customize just about any aspect of their behaviour that you can imagine. This is a real power feature, that takes reflection to a new level and can be used to implement various advanced abstractions and interfaces."
The Chromium Blog on the future of JavaScript
Well, that was quick. The jury in a patent lawsuitagainst eight companies that use "interactive web"technologies has found the Eolas Technologies patent to be invalid, according to a reportat ars technica. "[Tim] Berners-Lee took to Twitter to cheer the decision. 'Texas jury agreed Eolas 906 patent invalid,' he wrote. 'Good thing too!' [...] Companies that depend on the open Web hailed the verdict. 'We are pleased that the court found the patents invalid, as it affirms our assertion that the claims are without merit,' a Google spokesperson told Ars."
Jury rules that Eolas's "interactive web"patent is invalid (ars technica)
The Lima driver projecthas released the codefor its open source graphics driver supporting the Mali-200 and Mali-400 GPUs. "The aim of this driver is to finally bring all the advantages of open source software to ARM SoC graphics drivers. Currently, the sole availability of binary drivers is increasing development and maintenance overhead, while also reducing portability, compatibility and limiting choice. Anyone who has dealt with GPU support on ARM, be it for a linux with a GNU stack, or for an android, knows the pain of dealing with these binaries. Lima is going to solve this for you, but some time is needed still to get there."(Thanks to Paul Wise.)
Lima driver code for the Mali GPU released
CentOShas updated squirrelmail(C4; C5: multiple vulnerabilities) and mysql(C6: multiple unspecified vulnerabilities). Debianhas updated icedove(multiple vulnerabilities) and cvs(remote code execution). Fedorahas updated ettercap(F15; F16: insecure settings file), mysql(F16: multiple unspecified vulnerabilities), maniadrive(F16: PHP remote code execution), php(F16: remote code execution), php-eaccelerator(F16: remote code execution), and samba(F16: denial of service). Mandrivahas updated wireshark(multiple vulnerabilities). openSUSEhas updated firefox(multiple vulnerabilities), curl(authentication bypass), powerdns(denial of service), kernel(11.3; 11.4: multiple vulnerabilities), kvm(two vulnerabilities), tomcat6(multiple vulnerabilities), apache2(11.3; 11.4: multiple vulnerabilities), squid3(denial of service), gnutls(denial of service), dovecot20(certificate spoofing), xorg-x11-server(two vulnerabilities), ruby(multiple vulnerabilities), curl(multiple vulnerabilities), firefox(multiple vulnerabilities), nginx(code execution), lighttpd(denial of service), sysconfig(code execution), and opera(multiple vulnerabilities). Oraclehas updated squirrelmail(OL4; OL5: multiple vulnerabilities) and mysql(OL6: multiple unspecified vulnerabilities). Red Hathas updated squirrelmail(RHEL 4&5: multiple vulnerabilities), libxml2(RHEL 5.6: code execution), mysql(RHEL 6: multiple unspecified vulnerabilities), and kernel(RHEL 5: multiple vulnerabilities). Scientific Linuxhas updated squirrelmail(SL4&5: multiple vulnerabilities) and mysql(SL6: multiple unspecified vulnerabilities). SUSEhas updated xulrunner(SLE 11 SP1: multiple vulnerabilities) and firefox(SLE 10 SP4: multiple vulnerabilities).
Security advisories for Thursday
Here's a variant on the "untrustworthy SSL certificate authority"theme: this ComputerWorld storydescribes how Trustwave issued a "subordinate root"certificate to a private company. That allowed said company to stamp out certificates for any domains it liked and conduct man-in-the-middle attacks against SSL traffic from its internal network. "Trustwave defended itself by saying that the issuing of subordinate roots to private companies, so they can inspect the SSL-encrypted traffic that passes through their networks, is a common practice in the industry."
Trustwave admits issuing man-in-the-middle digital certificate (ComputerWorld)
Ars technica is reporting on a patent trialtaking place in ... you guessed it ... East Texas that could have quite an impact on the web as we know it. Eolas Technologies is suing eight companies including Google and Yahoo for $600 million in a series of four trials, the first of which (to determine the validity of the patents) could go to the jury today. "Today, Doyle and his lawyers say he?s owed royalty payments for the use of a stunning array of modern Web technologies. Watching online video, having a "search suggestion"pop up in a search bar, or even rotating an image of a sweater you might want to buy on an online shopping site?all are said to infringe on the idea-space of Doyle and his company, Eolas Technologies."
Patent troll claims ownership of interactive Web?and might win (ars technica)
The February 2012 issue of ;login:has a detailed overview of Btrfs [PDF]written by developer Josef Bacik. "Btrfs?s snapshotting is simple to use and understand. The snapshots will show up as normal directories under the snapshotted directory, and you can cd into it and walk around like in a normal directory. By default, all snapshots are writeable in Btrfs, but you can create read-only snapshots if you so choose. Read-only snapshots are great if you are just going to take a snapshot for a backup and then delete it once the backup completes. Writeable snapshots are handy because you can do things such as snapshot your file system before performing a system update; if the update breaks your system, you can reboot into the snapshot and use it like your normal file system."
Btrfs: The Swiss army knife of storage (;login:)
The 3.3-rc3prepatch is out. "No big surprises, which is just how I like it. About a third of the patches are in ARM, but the bulk of that is due to the removal of the unused DMA map code form the bcmring support. So no complaints."
Kernel prepatch 3.3-rc3
The LWN.net Weekly Edition for February 9, 2012 is available.
[$] LWN.net Weekly Edition for February 9, 2012
Here is a posting on the Intel software networkdescribing the "transactional synchronization extensions"feature to be found in the future "Haswell"processor. With transactional synchronization, the hardware can determine dynamically whether threads need to serialize through lock-protected critical sections, and perform serialization only when required. This lets the processor expose and exploit concurrency that would otherwise be hidden due to dynamically unnecessary synchronization. At the lowest level with Intel TSX, programmer-specified code regions (also referred to as transactional regions) are executed transactionally. If the transactional execution completes successfully, then all memory operations performed within the transactional region will appear to have occurred instantaneously when viewed from other logical processors. A processor makes architectural updates performed within the region visible to other logical processors only on a successful commit, a process referred to as an atomic commit. Needless to say, there should be interesting ways to use such a feature in the kernel if it works well, but other projects (PyPy, for example) have also expressed interest in transactional memory.
Intel's upcoming transactional memory feature
Today's update pile is gratifyingly small: Ubuntuhas updated thunderbird(multiple vulnerabilities) and xulrunner(multiple vulnerabilities).
Wednesday's security updates
[XBMC home screen]XBMC, the open source media center, has steadily grown from its humble origins as an X-Box only replacement environment into the cross-platform, de factoplayback front-end for multimedia content. It merges the file-centric approach taken by traditional video players with an add-on scripting environment that handles remote web content. The project is currently finalizing its next major release, version 11.0 (codenamed Eden), which includes updates to the networking and video acceleration subsystems, broader hardware support, and numerous changes to the APIs available to add-on developers. Click below (subscribers only) for the full review.
[$] XBMC 11 "Eden"
Pligg CMS 'status' Parameter SQL Injection Vulnerability
Vuln: Pligg CMS 'status' Parameter SQL Injection Vulnerability
Apache HTTP Server 'mod_proxy' Reverse Proxy Security Bypass Vulnerability
Vuln: Apache HTTP Server 'mod_proxy' Reverse Proxy Security Bypass Vulnerability
Apache HTTP Server 'httpOnly' Cookie Information Disclosure Vulnerability
Vuln: Apache HTTP Server 'httpOnly' Cookie Information Disclosure Vulnerability
Apache HTTP Server 'mod_proxy' Reverse Proxy Information Disclosure Vulnerability
Vuln: Apache HTTP Server 'mod_proxy' Reverse Proxy Information Disclosure Vulnerability
[ MDVSA-2012:016 ] glpi
Bugtraq: [ MDVSA-2012:016 ] glpi
CubeCart 3.0.20 (3.0.x) and lower | Open URL Redirection Vulnerability
Bugtraq: CubeCart 3.0.20 (3.0.x) and lower | Open URL Redirection Vulnerability
Kloxo LxCenter Server CP v6.1.10 - Multiple Web Vulnerabilities
Bugtraq: Kloxo LxCenter Server CP v6.1.10 - Multiple Web Vulnerabilities
Dolibarr CMS v3.2.0 Alpha - SQL Injection Vulnerabilities
Bugtraq: Dolibarr CMS v3.2.0 Alpha - SQL Injection Vulnerabilities
News, Infocus, Columns, Vulnerabilities, Bugtraq ...
More rss feeds from SecurityFocus
-->