Administration: Backtrack 5R1 Full Disk Encryption (install to hard drive)

 Hå¢kïñg, Lïñµx, ßå¢k†rå¢k, Ubuntu, Uncategorized, §¢rïþ†§, §¥§†êm ÄÐmïñ阮rå†ïðñ  3 Responses »
Nov 302011
 

I have set up many laptops and netbooks with linux and have always used either full-disk encryption or ~/ encrypted.  Its really easy to do and ANY laptop/netbook/tablet/pad/whatever_next mobile device should be encrypted.  I won’t get into the mechanics of why, just do it.  The last article I wrote about this is no longer online (Maysville Linux Users Group, circa 2007) and it was much harder to accomplish back then, often requiring custom kernels to be compiled, etc.  Backtrack has “nearly” everything it takes right on the live cd.

Prerequisites

  1. A laptop
  2. bootable media (backtrack on usb stick, cdrom, some other distro, etc)
  3. Internet connection (backtracks only requirement is to download two files)

Continue reading »

Administration: clusterssh

 Lïñµx, Uncategorized, §¢rïþ†§, §¥§†êm ÄÐmïñ阮rå†ïðñ  No Responses »
Nov 232011
 
clusterssh

I have been using cluster ssh on and off for some time now but I have never written about it.  So first, let me tell you what my definition of it is……a huge time saver for multiple like tasks that need completed across many servers or systems.

As an example, lets say a critical update comes in and it affects 25 web servers, a lot of people will log into each web server, perform the update, log out, go to the next one, etc until completed.  That’s a huge waste of time….assuming it takes 5 minutes to log in, run the update, log out, log into the next one….that is 25 x 5 or roughly 125 minutes, slightly more than 2 hours.

Continue reading »

fluxbox, gtkpod, backtrack, ipod touch (1rst generation)

 Lïñµx, ßå¢k†rå¢k, §¢rïþ†§, §¥§†êm ÄÐmïñ阮rå†ïðñ  No Responses »
Nov 232011
 

I am finally going to add this to an article, even though I have had this 1rst generation ipod touch since release day and have used it with Linux since day 1……

To use your ipod with fluxbox requires three packages.

sudo apt-get install gtkpod libimobiledevice-utils libimobiledevice1

You then have to mount your ipod touch and since fluxbox doesn’t really have a way to do that….I made a script:

#!/bin/bash
#
# mount ipod touch script by ed wiget
sudo /usr/local/sbin/usbmuxd -v -u &
DETECTED="echo -e `ideviceinfo` | wc -l"
#echo -e "is it ok to continue with the mount command?"
#read answer
#if [ $answer == 'y' ]
if [ ${DETECTED} -ge 1 ];
	then
		echo "ipod detected...mounting"
		ifuse /media/ipod
	else
		echo "ipod detection failed....exiting"
		exit
fi

After it is mounted, you can then run gtkpod and it should auto detect it.  It will create a database of the song hashes.

During usage, if you receive an error with gtkpod during song export that says:

CRITICAL **: transfer_track_glist_between_itdbs: assertion `!new_tracks' failed
Segmentation fault

Restart gtkpod, select the playlist you were exporting and on the export dialog box, uncheck “Check for duplicates”.  Now exporting will work.

Netbook: fluxbox bliss

 Lïñµx, Netbook, ßå¢k†rå¢k, Uncategorized, §¢rïþ†§, §¥§†êm ÄÐmïñ阮rå†ïðñ  No Responses »
Nov 192011
 
fluxbox basic

I don’ t really care for the bloated kde or gnome desktops, especially on a netbook with limited memory.  I have pretty much always been a fluxbox user since about 2003 or so.  Over the years my configuration changes, partially because the way I do things changes.  This means my fluxbox environment changes….but not too often.  What bothers me is that sometimes I will lose the latest file for my fluxbox environment, as I often tweak it every couple of days.  This used to be the case, but now pretty much everything goes to external backup in real time.  But many people ask me about my fluxbox because it does look pretty damn nice, its very functional, and my entire computer runs in about 200MB of memory.  So without further wait, here it is, complete with config files.

The first image below shows my fluxbox desktop.  The middle image shows fluxbox with the slit showing that I have set to auto hide so its not viewable in the first image.  The third image shows tmux running inside of an Eterm with two splits shown.  I just started using tmux and it allows you to have multiple windows inside of a console or term window (sort of how you can split horizontally or vertically inside of terminator).  I use the default bind keys in tmux, so not really anything I can tell you about it outside of providing you this link to the tmux cheat sheet.

# Updated 20111210 - several people asked about what I used on my desktop or laptops, since I sort of stupilated I didnt like bloated wm’s on my netbook, and fact is, I still use fluxbox with the exact same config.  Below are two screenshots from my Quad core desktop with 16GB memory and 1TB raid 0 drives (Images 4 and 5 in the gallery below)

Continue reading »

Squeezing some life out of my laptop battery

 Lïñµx, ßå¢k†rå¢k, Ubuntu, §¢rïþ†§, §¥§†êm ÄÐmïñ阮rå†ïðñ  No Responses »
Oct 132011
 
5

Over the years, I have tried various methods to get more life out of a laptop battery.  I generally always buy a higher capacity battery.  So my current laptop was getting about 3 hours out of a full charge and I was happy with that but lately it has dropped considerably…to about 1 hour.  Usually when I am on the road or away from home, I have my netbook which gets about 9 hours of actual battery time while working.  I wish I had a way to get that kind of battery time out of my full size laptop.

I started looking through old scripts I had from a couple years ago (I replace my laptops every two years), I found these scripts I use for management of power settings.  This has drastically increased the battery time, up to near 3 hours again.  So, I don’t know if some recent kernel update (that I did about two weeks ago) was what was killing battery time or not.

Continue reading »

§ï¢k ßå§h §hï† ¥ðµ Ððñ† wåññå Ðð

 Hå¢kïñg, Lïñµx, Satire, §¢rïþ†§, §¥§†êm ÄÐmïñ阮rå†ïðñ, þrðgråmmïñg, †êå¢hïñg, †µ†ðrïål§  No Responses »
Oct 112011
 

….I can assure you, if I can’t do it in bash, it doesn’t need to be done…..the other side of the argument was, well, bash isn’t multi-threaded…..hahahahaha …..really??? Run this……

#!/bin/bash
 
set -m # Enable Job Control
trap '' 2 # disable ctrl + c so you can't stop this bitch
rand=${RANDOM} # lets find some big random number
 
let POWEROFTWO=${rand}**2 # and since its not big enough, make it ^2
 
	for i in `seq ${POWEROFTWO}`; do # start HUGE num jobs in parallel
		echo "99999999999^99999999999" | bc
		sleep 1 &
	done
 
# Wait FOREVER for jobs to finish cause you can't stop me now nemo
while [ 1 ]; do fg 2> /dev/null; [ $? == 1 ] && break; done

þ姧wðrÐ þrð†ê¢†ïñg wþ-åÐmïñ wï†h ñgïñx

 ÇlðµÐ, Lïñµx, ñgïñx, Rê§êår¢h, §¢rïþ†§, §¥§†êm ÄÐmïñ阮rå†ïðñ  No Responses »
Sep 122011
 

This is just a quick note on how to password protect wp-admin using nginx.

You may have to fiddle with the location of the lines in the site.conf file.

Where I thought the config variables needed to go, gave me a “download file” of type bin in nginx after authentication.

So, here is how I did it:

server {
   listen 80;
   server_name domain.com www.domain.com;
   access_log /logs/domain.com-access.log;
   error_log /logs/domain.com-error.log;
   root /var/www/sites/domain.com/htdocs;
location / {
try_files $uri $uri/ /index.php?q=$request_uri;
	   }
include /usr/nginx/conf/staticfiles.conf;
include /usr/nginx/conf/php.conf;
include /usr/nginx/conf/drop.conf;
 
        # password protect wp-admin
                location ~ ^/wp-admin {
                auth_basic “Restricted”;
                auth_basic_user_file /path/to/htpasswd/file;
                try_files $uri $uri/ /index.php?q=$request_uri;
                }
}

Quick Fix for Apache CVE-2011-3192

 Apache, Lïñµx, Redhat, Rê§êår¢h, §¢rïþ†§, §¥§†êm ÄÐmïñ阮rå†ïðñ  4 Responses »
Aug 242011
 

Thought I would share this quick fix ref CVE-2011-3192 with the POC available here:
http://seclists.org/fulldisclosure/2011/Aug/175

First, if you are an apache admin, get this fixed ASAP. I was able to take down a small test server with 7 http get requests.

Login to the server and run this command to see if you have mod_headers installed:

locate mod_headers

If you see mod_headers.so in that list, you can continue to Configuring Apache.  Otherwise go to Compiling Mod_Headers

Continue reading »

Gê† ¥ð §hð¢k ðñ!

 Arch, Gêñ†ðð, Lïñµx, Redhat, ßå¢k†rå¢k, Ubuntu, §¢rïþ†§  No Responses »
Aug 112011
 

ï£ ¥ð ¢åñ’† rêåÐ ßå§h, gê† Ðå £µ¢k 𵆆å hêrê

#!/bin/bash
 
# By Ed Wiget
# This script automates downloading youtube video and converting to mp3 file
# I use it to grab new songs for my ipod that I am too lazy to insert store bought cd  
 
# set this variable to the location of your scripts:
BASE_DIR=~/scripts
 
# this sets the location of the python youtube-dl script, relative to above
YOUTUBE_DL=${BASE_DIR}/youtube-dl/youtube-dl
 
# this sets the path of the downloaded files and temp directory
DL_FILES=~/Downloads
 
# this sets the path to were the final mp3 is stored
MP3_LOCATION=~/Music
 
# this checks for the youtube-dl script and if it doesn't exist, it gets it
# if it does exist, it checks to make sure its the latest version
if [ ! -d ${BASE_DIR}/youtube-dl ];
then
echo "grabbing the youtube-dl script"
cd ${BASE_DIR}
git clone git://github.com/rg3/youtube-dl.git youtube-dl
else
echo -e "youtube-dl already exists\n\nMaking sure we have the latest version"
${YOUTUBE_DL} -U
fi
 
# this checks to make sure we have ffmpeg and lame installed, and if not, grabs them
FFMPEG1=`which ffmpeg | wc -l`
LAME1=`which lame | wc -l`
 
if [ ${FFMPEG1} = 1 ];
then
echo "ffmpeg already exists"
else
echo "grabbing ffmpeg"
# for ubuntu based distros, use this line
sudo apt-get install ffmpeg
# for redhat based distros, use this line
#sudo yum install ffmpeg
# for arch
#pacman -S ffmpeg
fi
 
if [ ${LAME1} = 1 ];
then
echo "lame already exists"
else
echo "grabbing lame"
# for ubuntu use this line
sudo apt-get install lame
# for redhat use this line
# sudo yum install lame
# for arch linux
#pacman -S lame
fi
 
# next we ask the user for the video file, it should be in format like:
# http://www.youtube.com/watch?v=6E2hYDIFDIU
echo -e "What is the video to download, ie. http://www.youtube.com/watch?v=6E2hYDIFDIU"
read VIDEO_URL
 
echo "You entered ${VIDEO_URL} is this correct? ( y / n )"
read ANS
        if [ ${ANS} = "y" ];
                then
                        cd ${DL_FILES}
                        # grab the song title
                        SONG_TITLE=`${YOUTUBE_DL} --get-title ${VIDEO_URL}`
                        echo -e "the song title is ${SONG_TITLE}"
                        # downloading video
                        echo "downloading video....please wait"
                        ${YOUTUBE_DL} ${VIDEO_URL}
                        # we need to convert the dl url to a filename for later processing
                        # the url is like:  http://www.youtube.com/watch?v=6E2hYDIFDIU
                        # the downloaded file will be 6E2hYDIFDIU.mp4
                        MP4_FILE=`echo ${VIDEO_URL} | awk -F/ '{print$4}' | awk -F= '{print$2}'`
                        # get the downloaded file extension
                        FILE_EXT=`ls ${DL_FILES}/${MP4_FILE}* | awk -F. '{print$2}'`
                        echo "your video is located in ${DL_FILES}/${MP4_FILE}.${FILE_EXT}"
                        echo ""
                        echo "converting ${DL_FILES}/${MP4_FILE}.${FILE_EXT} to wav.....please wait"
                        # ffmpeg -i 6E2hYDIFDIU.flv 6E2hYDIFDIU.wav
                        ffmpeg -i ${DL_FILES}/${MP4_FILE}.${FILE_EXT} ${DL_FILES}/"${SONG_TITLE}".wav
                        echo "video converted to wav file....converting wav to mp3"
                        lame -b 128 ${DL_FILES}/"${SONG_TITLE}".wav ${MP3_LOCATION}/"${SONG_TITLE}".mp3
                        echo "${SONG_TITLE} is now available at ${MP3_LOCATION}/${SONG_TITLE}.mp3"
                        echo -e "\n\nmoving video download file ${DL_FILES}/${MP4_FILE}.${FILE_EXT} to ${MP3_LOCATION}/${SONG_TITLE}.${FILE_EXT}"
                        mv ${DL_FILES}/${MP4_FILE}.${FILE_EXT} ${MP3_LOCATION}/"${SONG_TITLE}".${FILE_EXT}
                        echo "video file is now at ${MP3_LOCATION}/"${SONG_TITLE}".${FILE_EXT}"
                        echo -e "\n\ndone .... and enjoy"
        else
                echo "there was an error...."
                exit
fi

ßå¢k†rå¢k: ߆5 årå¢hñï ïñ§†ållêr åñÐ åµÐï† §¢rïþ†§

 Hå¢kïñg, Lïñµx, ßå¢k†rå¢k, §¢rïþ†§, §¥§†êm ÄÐmïñ阮rå†ïðñ  No Responses »
Aug 052011
 

Here is a simple installer script for arachni for backtrack 5.  It clones the git directory and builds from source.

#!/bin/bash
 
# Ed Wiget <security at rhpstudios dot com>
# Install arachni
# 20110801 - Initial script
 
sudo apt-get install libxml2-dev libxslt1-dev libcurl4-openssl-dev libsqlite3-dev
cd /pentest/enumeration
sudo git clone git://github.com/Zapotek/arachni.git arachni
cd arachni
sudo rake install

And this is a script I use to audit multiple domains from a list, 1 domain per line

Continue reading »

 Older Entries  Newer Entries