Author: Thomas Faddegon

Do you like my posts and want to do something back? You can buy me a beer :) Β 

Debug and Fix Android battery drain (system_server)

I previously write an article about a logd battery drain: https://blog.wapnet.nl/2021/11/android-logd-battery-drain/

But you can also have an system_server battery drain. With some easy debug steps you can find the root cause of this drain.

  • First install ADB
  • Put your phone in development mode
  • Start “adb shell”
  • Start “top”

If you have an high system_server CPU than check the PID.

Note: In my screenshot it is already fixed. But this was 30~35% CPU

In my case the PID is 1756. So now we can check logcat to find out what the reason is of the high CPU.

logcat | grep 1756

In this example you see signal is eating some CPU

With this information you can remove all the apps that is eating your CPU. In my case these apps drained my battery:

  • Spotify
  • Teams
  • MS Drive
  • Oneplus Weather

Happy debugging πŸ™‚

grantRuntimePermission: Neither user 2000 nor current process has android.permission.GRANT_RUNTIME_PERMISSIONS

I’ll was getting this issue when I try to install BetterBatteryStats on my Oneplus device.

There are 3 things to do if you want to fix this:

  1. Enable Developer mode
  2. Disable Permission Monitoring (dutch: Machtigingscontrole uitschakelen). You can find this setting in the debugger options somewhere near the bottom.
  3. You need to force quit the batteryBatteryStats app (or reboot the phone)

Then you can set the permissions:

adb -d shell pm grant com.asksven.betterbatterystats android.permission.BATTERY_STATS
adb -d shell pm grant com.asksven.betterbatterystats android.permission.DUMP
adb -d shell pm grant com.asksven.betterbatterystats android.permission.PACKAGE_USAGE_STATS
adb -d shell settings put global hidden_api_policy 1

Old 2008 Macbook Nvidia Ubuntu black screen fix

All the credits are for Andreas @ https://askubuntu.com/questions/264247/proprietary-nvidia-drivers-with-efi-on-mac-to-prevent-overheating/613573#613573

Nvidia is always a pain in the ass on Linux. Especially with a old white 2008 macbook. I have black screen issues every time so I create this article so I can easy find it when I reinstall this laptop πŸ˜‰

First find the right identifiers.

We need both the IDs for the graphics card and the PCI-E bridge that it is connected to. Issue the following command in a shell:

~$ sudo lshw -businfo -class bridge -class display
[email protected]:00:00.0              bridge         MCP89 HOST Bridge
[email protected]:00:03.0              bridge         MCP89 LPC Bridge
[email protected]:00:0e.0              bridge         NVIDIA Corporation
[email protected]:00:15.0              bridge         NVIDIA Corporation
[email protected]:00:16.0              bridge         NVIDIA Corporation
[email protected]:00:17.0     >!!<     bridge         MCP89 PCI Express Bridge
[email protected]:04:00.0     >!!<     display        MCP89 GeForce 320M

Have a look at (1) the line saying display and (2) the line with bridge right before that display line. Write down the PCI-E bus ids (format XX:YY.Z) of the bridge device (here 00:17.0) and the display device (here 04:00.0) and remember which is which. Note: Those IDs may be different on your machine, depending on your Mac model and revision.

Create a GRUB script for setting the PCI-E registers during boot

Fire up a text editor with sudo nano /etc/grub.d/01_enable_vga.conf and copy/paste the content below. Make sure to paste all 4 lines into that file! Replace 00:17.0 with the PCI-E ID of your bridge device noted in step 1. Replace 04:00.0 with the PCI-E ID of your display device noted in step 1.

cat << EOF
setpci -s "00:17.0" 3e.b=8
setpci -s "04:00.0" 04.b=7
EOF

Finally, make the created file executable and update your grub config files using the following TWO commands.

~$ sudo chmod 755 /etc/grub.d/01_enable_vga.conf
~$ sudo update-grub

Install Nvidia drivers and enjoy!

Use PowerShell Invoke-WebRequest to login on a website

To automate some tasks with PowerShell on a website you sometimes need to log in. Today I tried some curl and postman tricks but it isn’t hard if you know what to script with PowerShell and bypass all other tools.

First, find a website to log in to, then check the page source and what the submit button does. In this example, it is β€œInloggen” (dutch for login).

Then start the developer tools (F12), select the network tab, enter the credentials and login.

Now check the POST request in the developer tools.

The important things on this login form are:

  • Gebruikersnaam (username)
  • Wachtwoord (password)
  • __RequestVerificationToken

Now we can write a simple script

$LoginUri = "https://example.website.nl/versie6-0-0/mijnscore/Login"
$BackendUri = "https://example.website.nl/mijnzwemscore/inhaalles.asp"
# ==========================================
$LoginResponse = Invoke-WebRequest -Uri $LoginUri -SessionVariable "Session" 
$LoginBody = @{
    __RequestVerificationToken = $LoginResponse.InputFields[1].value
    Gebruikersnaam             = "EnterUsername"
    Wachtwoord                 = "EnterPassword"
    Submit                     = "Inloggen"
}
$LoginResponse = Invoke-WebRequest -Uri $LoginUri -WebSession $Session -Body $LoginBody -Method "POST"

Invoke-WebRequest -Uri $BackendUri -WebSession $Session

Explanation of the script:

  1. Open the website and find out what the __RequestVerificationToken must be
  2. Create a body with the credentials, the login form submit and the __RequestVerificationToken
  3. Do the actual login and save the web session (cookies and stuff).
  4. Now we can use the previous web session to check all the backend stuff

Happy Scripting πŸ™‚

Update Windows Server with powershell

This is for 2016 server. But it will work for other versions of Windows

[Net.ServicePointManager]::SecurityProtocol += [Net.SecurityProtocolType]::Tls12
Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force
Set-PSRepository -Name "PSGallery" -InstallationPolicy Trusted
Install-Module PSWindowsUpdate -Confirm:$false
Set-PSRepository -Name "PSGallery" -InstallationPolicy Untrusted
Get-WindowsUpdate -AcceptAll -Install -AutoReboot

Happy Patching πŸ™‚

Use TOR proxy with any linux command

There is an easy way to use the The Onion Router for any command under linux

First install TOR and proxychains4

$ sudo apt install tor proxychains4

You can configure proxychains.conf but the default config is good πŸ™‚

$ sudo nano /etc/proxychains.conf

Then start the tor service

$ sudo systemctl start tor

And check your ip:

$ proxychains4 curl ifconfig.me

You can use any command you want. So if you want your firefox browser over tor:

$ proxychains4 firefox

To refresh your TOR IP simply restart the TOR service

Happy proxying πŸ™‚

Configure WSUS client with Powershell and Regedit

My use case for a customer was to configure WSUS for a couple of DMZ servers. The DMZ servers are not domain-joined. So I create a PowerShell script to configure the registry so I can easily deploy the settings to the servers.

You can use this script also for non domain-joined servers

# Script for WSUS configuration on non-domain joined servers

# First stop the Windows service
Get-Service -name wuauserv | stop-service

# Variables
$registryPath = "HKLM:\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate"
$name1 = "TargetGroup"
$value1 = "Production"
$name2 = "WUServer"
$value2 = "http://wsus.domain.local:8530"
$name3 = "WUStatusServer"
$value3 = "http://wsus.domain.local:8530"
$name4 = "DoNotConnectToWindowsUpdateInternetLocations"
$value4 = "1"
$name5 = "TargetGroupEnabled"
$value5 = "1"
$registryPathAU = "HKLM:\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU"
$nameAU1 = "AUOptions"
$valueAU1 = "3"
$nameAU2 = "UseWUServer"
$valueAU2 = "1"


# Inject registry
IF(!(Test-Path $registryPath))
{
    New-Item -Path $registryPath -Force | Out-Null
    New-ItemProperty -Path $registryPath -Name $name1 -Value $value1 -Force | Out-Null
    New-ItemProperty -Path $registryPath -Name $name2 -Value $value2 -Force | Out-Null
    New-ItemProperty -Path $registryPath -Name $name3 -Value $value3 -Force | Out-Null
    New-ItemProperty -Path $registryPath -Name $name4 -Value $value4 -PropertyType DWORD -Force | Out-Null
    New-ItemProperty -Path $registryPath -Name $name5 -Value $value5 -PropertyType DWORD -Force | Out-Null
}
ELSE
{
    New-ItemProperty -Path $registryPath -Name $name1 -Value $value1 -Force | Out-Null
    New-ItemProperty -Path $registryPath -Name $name2 -Value $value2 -Force | Out-Null
    New-ItemProperty -Path $registryPath -Name $name3 -Value $value3 -Force | Out-Null
    New-ItemProperty -Path $registryPath -Name $name4 -Value $value4 -PropertyType DWORD -Force | Out-Null
    New-ItemProperty -Path $registryPath -Name $name5 -Value $value5 -PropertyType DWORD -Force | Out-Null
}
IF(!(Test-Path $registryPathAU))
{
    New-Item -Path $registryPathAU -Force | Out-Null
    New-ItemProperty -Path $registryPathAU -Name $nameAU1 -Value $valueAU1 -PropertyType DWORD -Force | Out-Null
    New-ItemProperty -Path $registryPathAU -Name $nameAU2 -Value $valueAU2 -PropertyType DWORD -Force | Out-Null
    }
ELSE
{
    New-ItemProperty -Path $registryPathAU -Name $nameAU1 -Value $valueAU1 -PropertyType DWORD -Force | Out-Null
    New-ItemProperty -Path $registryPathAU -Name $nameAU2 -Value $valueAU2 -PropertyType DWORD -Force | Out-Null
}

# Start the Windows service
Get-Service -name wuauserv | start-service

# Find updates and report to the WSUS server
$updateSession = new-object -com "Microsoft.Update.Session"; $updates=$updateSession.CreateupdateSearcher().Search($criteria).Updates
Start-sleep -seconds 10
wuauclt /detectnow
wuauclt /reportnow
c:\windows\system32\UsoClient.exe startscan

I save this file on the WSUS server itself at http://wsus.domain.local:8530/script.txt so I can download and run it from the DMZ environment.

invoke-webrequest -uri http://wsus.domain.local:8530/script.txt -outfile script.ps1
.\script.ps1

Happy updating πŸ™‚

Powershell better tab autocomplete

With Powershell ISE you can use CTRL + SPACE for auto completion.

Powershell ISE Completion

But when you work in a native Powershell window you don’t have this option. And many often you cycle with tab completion trough the powershell and because you press the TAB button too soon you have to remove characters and cycle again trough all the commands.

Unit now πŸ˜‰

There is an easy fix you can implement so the Powershell have the same auto completion like bash.

  • Type notepad $profile for Windows or gedit $profile for Linux
  • Add the line Set-PSReadlineKeyHandler -Key Tab -Function MenuComplete
Add line in $profile
  • Save the file and restart Powershell
  • And now you have a much better working tab completion
Linux Example
Windows Example

Happy coding πŸ™‚

Add Powershell 7 to your Powershell ISE

I find this code snippet somewhere on the internet and I like it πŸ™‚

Swtich Powershell version in ISE

Just open ISE and paste these code and you are ready to rock!

$ErrorActionPreference= 'silentlycontinue'
$psISE.CurrentPowerShellTab.AddOnsMenu.Submenus.Clear()
$psISE.CurrentPowerShellTab.AddOnsMenu.Submenus.Add("Switch to PowerShell 7", { 
        function New-OutOfProcRunspace {
            param($ProcessId)
  
            $ConnInfo = New-Object -TypeName System.Management.Automation.Runspaces.NamedPipeConnectionInfo -ArgumentList @($ProcessId)
            $DefaultType = [System.Management.Automation.Runspaces.TypeTable]::LoadDefaultTypeFiles()
  
            $Runspace = [System.Management.Automation.Runspaces.RunspaceFactory]::CreateRunspace($ConnInfo, $Host, $Default)
  
            $Runspace.Open()
            $Runspace
        }
  
        $PowerShell = Start-Process PWSH -ArgumentList @("-NoExit") -PassThru -WindowStyle Hidden
        $Runspace = New-OutOfProcRunspace -ProcessId $PowerShell.Id
        $Host.PushRunspace($Runspace)
}, "ALT+F5") | Out-Null
  
$psISE.CurrentPowerShellTab.AddOnsMenu.Submenus.Add("Switch to PowerShell 5", { 
    $Host.PopRunspace()
  
    $ChildProc = Get-CimInstance -ClassName win32_process | where {$_.ParentProcessId -eq $Pid}
    $ChildProc | ForEach-Object { Stop-Process -Id $_.ProcessId }
  
}, "ALT+F6") | Out-Null

Happy coding!