Sunday, October 06, 2013

Restore Chrome’s New Tab Page

If you are like me, hate the latest Chrome's New Tab Page, and wish to restore it, then follow this:
  1. Goto chrome://flags
  2. Disable the "Enable Instant Extended API".
  3. Relaunch now.

Thursday, September 19, 2013

Add Google Coder to my PiBang

Google Coder is a new Node.JS-based application to help kids create web pages that include HTML, JavaScript and CSS. Google releases it as a new distribution that based on wheezy Raspbian.

I don't want to re-invent the wheel, thus I try to add Google Coder to my current PiBang.
~ # cd ~git.d
~/git.d # git clone git://github.com/googlecreativelab/coder
~/git.d # cd coder/coder-base
~/git.d # npm install

Then I modified the coder/coder-base/config.js to make ensure it starts on the TCP ports that I want. See below:
exports.listenIP = null; //Defaults to *
exports.listenPort = '9181'; //the SSL port things run on
exports.httpListenPort = '9180'; //this will all be redirected to SSL
exports.cacheApps = true;
exports.httpVisiblePort = '9080'; //forwarded http port the user sees
exports.httpsVisiblePort = '9443'; //forwarded https port the user sees

Lastly, I can start it instantly with the command below:
~/git.d # cd coder/coder-base
~/git.d # npm start
Then, from another computer, I launched the browser and browse to my RPi at the URL https://192.168.1.[my-RPi-IP]:9181/ and create the password (for 'pi'). After that I just login again the newly created password and below is the screenshot:
Google Coder on PiBang 
P/S: If you want to configure the node.js to start automatic in PiBang (which using systemd instead of sysV), you will need the below. Below is my sample at /etc/systemd/system/coder.service
[Unit]
Description=Google Coder
After=network.target

[Service]
Type=simple
WorkingDirectory=/root/git.d/coder/coder-base
ExecStart=/usr/local/bin/npm start
Restart=always

[Install]
WantedBy=multi-user.target

Tuesday, September 10, 2013

Setup KeySequences and Bindings Manually

Recently, I switch from bash to zsh, and face some keys binding issue. The [Home] and [End] keys are not working like bash.

Then I learn a manual way to setup the correct key-sequences and binding them manually that will always work. For example, here's how I test the 3 key-sequences, [Home] and [End]:
$ cat > /dev/null
^[[1~
^[[4~
^C
Then, I setup the key bindings in my $HOME/.zshrc file:
bindkey '^[[1~' beginning-of-line      # Home
bindkey '^[[4~' end-of-line            # End
bindkey '^[[2~' beep                   # Insert
bindkey '^[[3~' delete-char            # Del
bindkey '^[[5~' vi-backward-blank-word # Page Up
bindkey '^[[6~' vi-forward-blank-word  # Page Down

Monday, September 09, 2013

Backup my RPi using Google Drive

Here's how I setup gdrive in my Raspberry Pi to backup things I want to Google Drive.

Install GDrive
After update my RPi, I install some additional packages and also GDrive.
$ sudo apt-get update
$ sudo apt-get upgrade
$ sudo apt-get install git cmake build-essential libgcrypt11-dev libjson0-dev libcurl4-openssl-dev libexpat1-dev libboost-filesystem-dev libboost-program-options-dev binutils-dev libboost-test-dev libqt4-dev libyajl-dev
 
$ git clone git://github.com/Grive/grive.git
$ cd ./grive
$ cmake .
$ make
 
$ mkdir ~/google_drive
$ cp ./grive/grive ~/google_drive

The 1st time to execute grive, I use the -a option in order to authenticate with Google. (You only have to do this once).

$ cd ../google_drive/
$ ./grive -a

The terminal will print out a very long URL. Copy and paste the URL to your browser, then click Accept button. From the browser, it will then print a long authentication code for you. Copy the authentication code an paste back to your terminal. Then the 1-time authentication is done.

Usually, I perform manual backup to my Google Drive. Just copy to google_drive folder and execute grive.

Below is an example of bash shell script to save your time.
#!/bin/bash
tar -zcvf /root/google_drive/backup_$(date +%y.%m.%d).tar.gz /etc
 
cd ./google_drive && ./grive
You may choose to setup a cronjob to execute the script as well.

Adding Node.js into Your Raspberry Pi

Node.js is a software platform that is used to build scalable network (especially server-side) applications. Node.js utilizes JavaScript as its scripting language, and achieves high throughput via non-blocking I/O and a single-threaded event loop. 
It contains a built-in HTTP server library, making it possible to run a web server without the use of external software, such as Apache/Lighttpd/nginx, and allowing more control of how the web server works.

Here's an easy way to install/upgrade Node.js on your Raspberry Pi is to use n.
npm install -g n
and use:
n 0.10.17


Sunday, July 14, 2013

Raspberry Pwn (PenTesting with Raspberry Pi)

Raspberry Pwn (released by Pwnie Express) is turn your Raspberry Pi into a full-featured security penetration testing and auditing platform.

It is fully open-source and includes the following testing tools:
SET Fasttrack kismet aircrack-ng nmap dsniff netcat nikto xprobe scapy wireshark tcpdump ettercap hping3 medusa macchanger nbtscan john ptunnel p0f ngrep tcpflow openvpn iodine httptunnel cryptcat sipsak yersinia smbclient sslsniff tcptraceroute pbnj netdiscover netmask udptunnel dnstracer sslscan medusa ipcalc dnswalk socat onesixtyone tinyproxy dmitry fcrackzip ssldump fping ike-scan gpsd darkstat swaks arping tcpreplay sipcrack proxychains proxytunnel siege sqlmap wapiti skipfish w3af

Here's how I setup it up:
pi@raspberrypi ~ mkdir work && cd work 
pi@raspberrypi ~/work/sudo apt-get install git 
pi@raspberrypi ~/work $ git clone https://github.com/pwnieexpress/Raspberry-Pwn.git 
pi@raspberrypi ~/work/Raspberry-Pwn $ sudo ./INSTALL_raspberry_pwn.sh
Installing Raspberry Pwn

Later I'll post more articles on how the things work. Enjoy!

Saturday, July 13, 2013

Full ROM Backup on Unknown Tablet

This is a quick way to perform full ROM backup on tablets. Since those are unknown brand, I have no idea how to "root" them and perform full backup as usual.

Here's how to perform the full ROM backup and restoration on 2 identical (same brand) tablets. (Model M716D running JB 4.0.1)

[ To Backup ]
Start your tablet
Connect the USB cable to tablet
Start command prompt/shell prompt
adb shell
root@android#/ stop zygote [ this one stops android ]
root@android#/ busybox tar -cvf /mnt/sdcard/full_backup.tar /data/*
root@android#/ reboot

[ To Restore ]
Start your tablet
Connect the USB cable to tablet
Start command prompt/shell prompt
adb shell
root@android#/ stop zygote [ this one stops android ]
root@android#/ rm -r /data/*
root@android#/ cd /data/
root@android#/ busybox tar -xvf /mnt/sdcard/full_backup.tar
root@android#/ reboot

[ My Experiment ]

  • Make full backup on tablet-1.
  • Before reboot, I quit the shell and make a copy to my computer.
  1. exit
  2. adb pull /mnt/sdcard/full_backup.tar
  3. ren full_backup.tar full_backup1.tar
  4. adb shell reboot
  • After reboot, I start to install games from Play Store.
  • Then I try the method above to restore the tablet-1 back to original (first boot assistant). [ success ]
  • Make full backup on tablet-2. [ just in case ]
  • After reboot, I start to install games from Play Store to tablet-2.
  • Before the restore tablet-2, I copy tablet-1's full_backup1.tar to tablet2.
  1. adb push full_backup1.tar /mnt/sdcard/
  • Then I try the method above to restore the tablet-2 back to original (first boot assistant) using the tablet-1 backup file. [ success ]

Bypass Windows Login

Heard of Kon-Boot?

It is an application which will silently bypass the authentication process of Windows based operating systems. Without overwriting your old password! Easy to use and excellent for tech repairs, data recovery and security audits.

Currently, Kon-boot supports following operating systems:

  • Microsoft Windows XP 32Bit/64Bit (all versions since SP2) 
  • Microsoft Windows Server 2003 32Bit/64Bit (all versions) 
  • Microsoft Windows Server 2008 32Bit/64Bit (all versions) 
  • Microsoft Windows Vista 32Bit/64Bit (all versions) 
  • Microsoft Windows 7 32Bit/64Bit (all versions including EFI) 
  • Microsoft Windows 8 32Bit/64Bit (all versions including EFI, local authorization only) 


Friday, July 12, 2013

My Respberry Pi Starts

 (Model B) BCM2835 700MHz ARM1176JZF-S CPU, 512MB RAM, 8GB SD card, and 10Mbps

Wednesday, June 26, 2013

networkscanner.py 1.4

The is a TCP port network scanner. It takes a CIDR network range as input and perform the network TCP scan. Optionally, you can:

  • Change the default TCP port [22] to others. Such as 22,80,443
  • Take input from a text file [1/line]
  • Can specify the number of threads.

This version uses function, queue (for synchronization), threading (for speed), and class (OO).

Comments:
  • Lack of accuracy. May miss out some ports.
  • Slow. Have to wait till timeout for joining the queue and threads.

IP Geolocator (Python Script)

Here's the 1st modified python script to perform geolocation checking on whois. By supplying an IP address, it will locate the country and the whois[OrgName].

import re
import sys
import urllib2
import BeautifulSoup
 
usage = "Run the script: ./geolocate.py IPAddress"
if len(sys.argv)!=2:
    print(usage)
    sys.exit(0)
if len(sys.argv) > 1:
    ipaddr = sys.argv[1]
 
geody = "http://www.geody.com/geoip.php?ip=" + ipaddr
html_page = urllib2.urlopen(geody).read()
soup = BeautifulSoup.BeautifulSoup(html_page)
# Filter paragraph containing geolocation info.
paragraph = soup('p')[3]
# Remove html tags using regex.
geo_txt = re.sub(r'<.*?>', '', str(paragraph))
print geo_txt[32:].strip()

Thursday, June 20, 2013

dnsresolver1.py

This script helps to resolve DNS to IP address.

1st, it prompts to input a text file name that contains list of FQDN. Then it resolves them into IP address.

Comments:

  • Simple.
  • Planning to add in whois option.

Friday, June 14, 2013

networkscanner.py 1.3

The is a TCP port network scanner. It takes a CIDR network range as input and perform the network TCP scan. Optionally, you can:

  • Change the default TCP port [22] to others. Such as 22,80,443
  • Take input from a text file [1/line]

This version uses function, and threading (for speed).

Comments:

  • Fast, reliable and high accuracy. 
  • Planning to improve with OO and threads control.

networkscanner.py 1.2

The is a TCP port network scanner. It takes a CIDR network range as input and perform the network TCP scan. Optionally, you can:
  • Change the default TCP port [22] to other.
  • Take input from a text file [1/line]


This version uses function, and threading (for speed).

Comments:
  • Fast, reliable and high accuracy. 
  • Planning to improve it by allow to specify multiple ports.

networkscanner.py 1.1

The is a TCP port network scanner. It takes a CIDR network range as input and perform the network TCP scan. Optionally, you can:

  • Change the default TCP port [22] to other.


This version uses function, and threading (for speed).

Comments:

  • Fast, reliable and high accuracy. 
  • Planning to improve it by allow to specify input file [1/line].

Thursday, January 31, 2013

Facebook Friends Mapping

Just completed testing the python code and it works fine now!

The script is able to:

  • Connect to Internet via authenticated proxy.
  • Login to Facebook.
  • Map friends name and emails. (very slow due to restriction from FB)

References:
  • https://gist.github.com/716622