Planeta BlogDrake

HOWTO: NULL Modem TCP/IP network connection between Linux and Windows

Paranoias del Capitan X - 26 Julio, 2019 - 14:00
HOWTO: NULL Modem TCP/IP network connection between Linux and Windows

Linux PPP server
----------------

The first step is to install the pppd demon and optionally the mgetty to use it on dialup modem, but this howto only covers the null modem (serial) part.
Once installed you must to create the following files:

/etc/sysctl.conf

net.ipv4.ip_forward=1

/etc/ppp/options

# demon persist noauth auth # compress bsdcomp 12,15 deflate 12,15 # common options proxyarp lock passive lcp-echo-interval 8 lcp-echo-failure 6 nologfd crtscts local # Windows compat connect 'chat TIMEOUT 20000 CLIENT CLIENTSERVER' # port settings /dev/ttyS0 115200

/etc/ppp/options.ttyS0

# server ip : client ip 10.0.2.15:10.0.2.100 netmask 255.255.255.0 ms-dns 77.88.8.8

/etc/ppp/pap-secrets

# user server password ip user * userPass *

You can launch the pppd demon on init or inittab.

Linux PPP client
----------------

Now in the client you must also install the pppd demon and create the following files:

/etc/ppp/options

# common options defaultroute lock passive lcp-echo-interval 8 lcp-echo-failure 6 nologfd crtscts local # Windows compat connect 'chat -v -f /etc/ppp/win.chat' # port settings /dev/ttyS0 115200

/etc/ppp/options.ttyS0

user user

/etc/ppp/win.chat

TIMEOUT 10 '' CLIENT\c

**Windows PPP client

------------------**

If you use Windows, also can connect to the network. The first step is download a null modem driver (e.g. MDMCBXNT.INF) and install it.

Now only is necessary create a new phone connection with the "NT Direct Connection" modem on 115200 bauds.

Categorías: Planeta BlogDrake

NCN2k15 CTF "CivilWar" writeup

Paranoias del Capitan X - 26 Julio, 2019 - 14:00
NCN2k15 CTF "CivilWar" writeup

In the past NCN2k15, all CTF participants received these files: a png image and a ogg sound. Listening that sound it's easily to advert that this is encoded data. Also the image is like a real WWII crypt order.

As the order said, this probably is an encoded RTTY, morse or hellschreiber. Maybe enigma crypted, because that was the WWII standard.

The first step is to convert the ogg file to a standard wav. Next, open it in Signals Analyzer

The image shows amplitude pulses, like morse but faster that a human can handle ;-)

A good ear immediately recognize it as an Hellschreiber signal but this is not fun and now we will to analyze it as a unknown signal.

All pulses seems to be in blocks of four bits, good synchronized and spaced. Also we don't see any sync signal, probably is a OOK mode based on a perfect sender timing. If we remember all those known OOK modes, the Hellschreiber is very similar. In the upper image we can see how to demodulate it, basically it is an matrix of pixels based on the amplitude value.

The fill order is from A (7 to 1), next B, etc. Here are a very good explanation.

Demodulate this file manually is a very tedious work for this we will use the fldigi.

The message is: YJIPYVQHAADFWOETWQLBRUEKMKBNNQQMMMIFXDKFCNBFPVOOOYKSECZUJRGGMQQVNCRAJBNDQTHOFGNT

Also we have the crib from the recovered document.

The enigma machine don't have space bar, and some operators used the X char as a space (others simply didn't spaced the words)

Searching for "enigma solver" shows this web page as the first result. This page does some type of black magic and have a very good result without crib.

This result is not valid because the crib is not equal ( but i must review the code and "take ideas" for my enigma-solver :p )

Now my awesome hacky-5minute-tool! (please don't review the code... is a complete mess!)

Another tools works too! for example, i'd based on this paper and code

We use the crib (X as spaces)

The "enigma-solver" program feeds from "dict/current.txt" for spell checking and give a "rank" according to number of words in the dictionary. The first message seems valid.

Sorry German girls, but my german skillz are awful.

The code is "ORRMBASDHEEEHNQSHOLJVNFF" but this is not a valid key... the last process is a MD5 and TADA!

P.D: Guys, i'm so sorry about the downtime in the CTF day... in my country all electric suppliers are a fucking piece of shit. :(

Categorías: Planeta BlogDrake

HOWTO: Custom kernel and linux distro for ODROID-C

Paranoias del Capitan X - 26 Julio, 2019 - 14:00
HOWTO: Custom kernel and linux distro for ODROID-C

Prepare the environment

In this example i used a old gcc version, you can try the newer 4.8

wget https://releases.linaro.org/13.04/components/toolchain/binaries/gcc-linaro-arm-linux-gnueabihf-4.7-2013.04-20130415_linux.tar.bz2 mkdir -p $HOME/Apps/toolchains tar -xf gcc-linaro-arm-linux-gnueabihf-4.7-2013.04-20130415_linux.tar.bz2 -C $HOME/Apps/toolchains/

Next you must prepare the environment variables:

echo 'export ARCH=arm export CROSS_COMPILE=arm-linux-gnueabihf- export PATH=/home/capi_x/Apps/toolchains/gcc-linaro-arm-linux-gnueabihf-4.7-2013.04-20130415_linux/bin:$PATH' > $HOME/Apps/arm.sh chmod a+x $HOME/Apps/arm.sh

And load it in every session what you want cross-compile

. $HOME/Apps/arm.sh

Also we need the u-boot tools

apt-get install u-boot-tools

Now we will make a temporal folder.

mkdir -p /tmp/odroidc/boot mkdir -p /tmp/odroidc/root

Next download the linux 3.10.x based kernel for odroidc (or check if we have a new odroidc-xxx branch)

git clone https://github.com/hardkernel/linux.git -b odroidc-3.10.y

And compile it!

Prepare the image

cd linux make odroidc_defconfig make uImage -j8 make dtbs

And the kernel modules for the root file system.

make ARCH=arm INSTALL_MOD_PATH=/tmp/odroidc/root modules_install

And copy the compiled elements to the boot temporal folder.

cp ./arch/arm/boot/uImage /tmp/odroidc/boot cp ./arch/arm/boot/dts/meson8b_odroidc.dtb /tmp/odroidc/boot

For prepare the initrd we can use other valid initrd image (e.g. from the default ubuntu img)

# fdisk ubuntu-14.04.1lts-lubuntu-odroid-c1-20150102.img Welcome to fdisk (util-linux 2.25.2). Changes will remain in memory only, until you decide to write them. Be careful before using the write command. Command (m for help): p Disk ubuntu-14.04.1lts-lubuntu-odroid-c1-20150102.img: 4.6 GiB, 4930404352 bytes, 9629696 sectors Units: sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disklabel type: dos Disk identifier: 0x000cde21 Device Boot Start End Sectors Size Id Type ubuntu-14.04.1lts-lubuntu-odroid-c1-20150102.img1 3072 266239 263168 128.5M 6 FAT16 ubuntu-14.04.1lts-lubuntu-odroid-c1-20150102.img2 266240 9629695 9363456 4.5G 83 Linux Command (m for help): q # mount -o loop,offset=1572864 ubuntu-14.04.1lts-lubuntu-odroid-c1-20150102.img /mnt/loop

The last files on boot...

cp /mnt/loop/boot.ini /tmp/odroidc/boot/ mkimage -A arm -O linux -T ramdisk -C none -a 0 -e 0 -n initramfs -d /mnt/loop/uInitrd /tmp/odroidc/boot/uInitrd

In this point you have all files to make a custom linux distribution for ODROID-C.

For example, you can take the ubuntu img, mount the boot (FAT16) and replace the files with the content of "/tmp/odroidc/boot/" and modify the boot.ini to have other root.

$ cat boot.ini ODROIDC-UBOOT-CONFIG # Possible screen resolutions # Uncomment only a single Line! The line with setenv written. # At least one mode must be selected. # setenv m "vga" # VGA 640x480 # setenv m "480p" # 480p 720x480 # setenv m "576p" # 576p 720x576 # setenv m "800x480p60hz" # WVGA 800x480 # setenv m "720p" # 720p 1280x720 # setenv m "800p" # 800p(WXGA) 1280x800 # setenv m "sxga" # SXGA 1280x1024 setenv m "1080p" # 1080P 1920x1080 # setenv m "1920x1200" # 1920x1200 # HDMI/DVI Mode Configuration setenv vout_mode "hdmi" # setenv vout_mode "dvi" # HDMI BPP Mode setenv m_bpp "32" # setenv m_bpp "16" # UHS Card Configuration # Uncomment the line below to __DISABLE__ UHS-1 MicroSD support # This might break boot for some brand/models of cards. setenv disableuhs "disableuhs" setenv bootargs "console=ttyS0,115200n8 root=/dev/sda3 rootfstype=ext4 rootwait ro no_console_suspend vdaccfg=0xa000 logo=osd1,loaded,0x7900000,720p,full dmfc=3 cvbsmode=576cvbs hdmimode=${m} m_bpp=${m_bpp} vout=${vout_mode} ${disableuhs}" setenv bootcmd "fatload mmc 0:1 0x21000000 uImage; fatload mmc 0:1 0x22000000 uInitrd; fatload mmc 0:1 0x21800000 meson8b_odroidc.dtb; bootm 0x21000000 0x22000000 0x21800000" run bootcmd
  • Remove "console=ttyS0,115200n8" from bootargs if you don't will use the serial on boot (otherwise it didn't boot)

For example, if you have the root in the mmc partition 2 you can use the root=/dev/mmcblk0p2

Later you can put a root image (e.g. debian armhf image, arch linux ARMv7, etc.) as a partition in the img file mount it and copy the contents of /tmp/odroidc/root on it.

To write the image, you can use the micro-sd adapter from Kingston (some are saying bullshit about that it's wrong on forums... fuck off!) Kingston MicroSD adapter

And i recommend to write the image to the microSD card using dd on byte by byte copy mode.

Serial port

If something goes wrong or you need the boot output or have an a shell, you can use the serial port. ODROID-C board

Ok this is the pin set. (Hardkernel, don't piss me off and label the fucking pins the next time)

_____ | | | * | 4. GND | * | 3. RX | * | 2. TX | * | 1. VCC \__|

It uses 3v3 and you can use a cheap ebay usb to serial and remember to not wire the VCC between adapter and board.

OT. The board design and the soldering work are very good quality. Hardkernel, good work! :-)

P.S. You can download my custom image (only boot). (12MB)

Categorías: Planeta BlogDrake

Qt Tutorial

Paranoias del Capitan X - 26 Julio, 2019 - 14:00
Qt Tutorial

This article is a introductory tutorial for the Qt language.

Qt is a cross-platform application framework that is widely used for developing application software with a graphical user interface (GUI) (in which cases Qt is classified as a widget toolkit), and also used for developing non-GUI programs such as command-line tools and consoles for servers.

Qt uses standard C++ but makes extensive use of a special code generator (called the Meta Object Compiler, or moc) together with several macros to enrich the language. Qt can also be used in several other programming languages via language bindings. It runs on the major desktop platforms and some of the mobile platforms. It has extensive internationalization support. Non-GUI features include SQL database access, XML parsing, thread management, network support, and a unified cross-platform application programming interface (API) for file handling.

[Extracted from the Wikipedia]

SLOTS

In QT a slot is the receiver from a signal or an a event (like mouse click on a button)

To create a slot for a widget in QT designer:

Later you will see a new function, this is an slot.

When you click the button the slot will be activated and the code executes.

SIGNALS

A signal is a special callback to call a defined slot. You can define signals between dialogs:

The first is to create a new slot, for example textValue (defined in the receiver .h file)

Later write this method in the .cpp receiver file

The next step is to define the sender signal in the .h

Now in the sender dialog define the caller slot

In this slot we will use "emit" to send the signal

To link the receiver slot and the sender signal we must to add a connect to the dialog object.

Resize and layout

To make a good layout and a good resizing:

Use the "spacer" and use the horizontal layout to align widgets.

Later we need an a vertical layout to finish the align.

By default the centralWidget don't have a layout

As our application main layout is vertical we select it for MainWindow.

Now uses the vercial layout

The app is well aligned

To have a good resizing policy we must select "sizePolicy" to Expanding

QToolbar

The designer is very limited on the toolbar management, and we must to code:

Remember to delete all objects in the dialog destructor.

New modal dialog

We created a new dialog, but... ¿How show it?

Define the dialog (modal) and use exec()

QT resource file

The first is to create a new resource file

Add: QT -> QT resource file

It will be in the Resources project section

Later is possible to add a file to it

Categorías: Planeta BlogDrake

OTPNitro project

Paranoias del Capitan X - 26 Julio, 2019 - 14:00
OTPNitro project

OTP Nitro

About: OTP Nitro is a secure One Time Pad implementation to use on computers or as assistant on manual operations.

You can download it here:

CLI Usage

  • Generate OTP pages on the "TST" book:

    C:\> .\otpnitro.exe -g -r TST OTP Nitro 0.1 ------------- [I] Generating OTP: TST. OK
  • Encrypt message:

    C:\> otpnitro.exe -e -s CPX -r TST -m "ESTO ES UNA PRUEBA" OTP Nitro 0.1 ------------- [I] Encrypted msg: TST DE CPX 11 = RHJQG AKZQV RUMKV IYHJY YQYVT =
  • Decrypt message:

    C:\> otpnitro.exe -d -p 11 -s CPX -r TST -m "RHJQG AKZQV RUMKV IYHJY YQYVT" OTP Nitro 0.1 ------------- [I] Decrypted msg: TST DE CPX 11 = ESTO ES UNA PRUEBA =
  • Decrypt formated message:

    C:\> otpnitro.exe -d -f "TST DE CPX 11 = RHJQG AKZQV RUMKV IYHJY YQYVT =" OTP Nitro 0.1 ------------- [I] Decrypted msg: TST DE CPX 11 = ESTO ES UNA PRUEBA =
  • Burn a page:

    C:\> otpnitro.exe -b -p 11 -r TST OTP Nitro 0.1 ------------- [I] Burn page 11. OK

GUI Usage

  1. Introduction OTPNITRO is a secure One Time Pad implementation to use on computers or as assistant on manual operation.

  2. Concepts In this chapter we describe the basic concepts to use in this app.

    1. **Books** The cipher data is stored on books, every book have "pages" where the data is generated. The books usually have very short names, from 3 to 5 characters. 2. **Pages** The pages store the cipher to crypt and decrypt, every page is unique and after use it you must burn the used page. 3. **From field** The recipient is anyone who have the same book than you used to crypt the message and you must identify yourself as sender in the from field. The IDs usually have very short names, from 3 to 5 characters. 4. **Formatted message** To have a send/receive standar format, please use this one: <BOOK> DE <FROM> <PAGE> = <MESSAGE> =

Example:

TST DE CPX 2 = QSZBO IGFIY NVTVY BFXCB KROAP =
  1. Operations In this chapter we describe the basic operations.

    1. **Generate a book** The first operation is generate a book, to do this, please use the menu: Books -> Generate Book or press CTRL + G keys. 2. **Crypt** To crypt a message you must provide a valid book in the selector, an arbitrary ID in the form field and a message unformated to crypt. The page will be selected automatically. Later you must use the menu: Crypto -> Crypt or press CTRL + E keys. 3. **Decrypt** To decrypt a message you can provide a formatted message, in this case you only must select the "Formatted msg" option. If you dont have the format, you can enter all fields manually. Later you must use the menu: Crypto -> Decrypt or press CTRL + D keys. 4. **Burn page** It is recommended to burn the page after use, but if you want to do this manually (or later) you can use the menu: Crypto -> Burn page or press CTRL + B keys. 5. **Refresh books** If you modify or delete any book in the filesystem you must refresh the books in the app. To do that you can use the menu: Crypto -> Refresh books or press CTRL + R keys.
  2. Internals In this chapter we describe internal operations, know bugs or missing features.

    1. **Settings** The settings/config file must be located on %APPDATA%/.otpnitro/otpnitro.ini or $HOME/.otpnitro/otpnitro.ini 2. **Book storing** By default the books are stored on %APPDATA%/.otpnitro/PAGES or $HOME/.otpnitro/PAGES (this can be changed in the config file) 3. **Max pages parameter** Is the number of pages generated for book. (this value limits the number of messages to be crypted on a book) 4. **Max chars parameter** Is the number of characters generated for page. (this value limits the number of text to be crypted) 5. **Project URL** For more information, updates, etc. you can visit the project [homepage](https://code.haibane.net/crypto/otpnitro).
  3. License This program is under the GPLv3 license.

  4. Authors * @capi_x <capi_x@haibane.net>

  5. Acknowledges * @Mario_vilas - Thanks for GUI and crypto testing. * @sha0coder - Thanks for CLI and GUI testing. * @AloneInTheShell - Thanks for CLI and LIB testing.

CLI compile guide
Compile:

  1. Generic / Debian:

    make
  2. FreeBSD:

    CXX=clang++ gmake

Install:

  1. Generic:

    make install
  2. FreeBSD:

    CXX=clang++ gmake freebsd-cli
  3. Debian:

    make debian-cli

GUI compile guide

First you must install the U++ enviroment. Once installed you must add the otpnitrogui project. (Windows users also must install MinGW)

Next you must put the otpnitro path in the package textbox.

Click on the output mode button.

Fill all settings as in the image.

Next select "Build methods" menu

Again fill all options and add the otpnitro path to "lib directories"

Ok, you can build all now pressing the F7 key.

Install:

  1. Generic:

    make install
  2. FreeBSD:

    CXX=clang++ gmake freebsd
  3. Debian:

    make debian

Bindings

OTP Nitro supports bindings to other languages using SWIG

  1. Python

    1. **Compile**: make bindings 2. **Install**: make python-otpnitro ( Install the .deb or .tzx package ) 3. **Usage** Once installed: >> import otpnitro >> page = otpnitro.Page() >> print page.list()

API

The API documentation is located here:

Features

  • Generate pages and books
  • Encrypt messages
  • Decrypt messages
  • Burn pages (secure delete)
  • Automatic text format (header)
  • GUI using Ultimate++
  • API and library
  • Bindings

TODO

  • Automatic file parse daemon
  • Print pages

License

OTP Nitro is released under the GPLv3 license.

Categorías: Planeta BlogDrake

z/OS Install and configure RMF Distributed Data Server

Paranoias del Capitan X - 26 Julio, 2019 - 14:00
z/OS Install and configure RMF Distributed Data Server

Configure RMF Distributed Data Server:

PERMIT BPX.DAEMON CLASS(FACILITY) ID(START2) ACCESS(READ) RDEFINE APPL GPMSERVE UACC(READ) RDEFINE PROGRAM GPM* ADDMEM('SYS1.SERBLINK'//NOPADCHK) UACC(READ) RDEFINE PROGRAM ERB* ADDMEM('SYS1.SERBLINK'//NOPADCHK) UACC(READ) RDEFINE PROGRAM CEEBINIT ADDMEM('CEE.SCEERUN'//NOPADCHK) UACC(READ) RDEFINE PROGRAM IEEMB878 ADDMEM('SYS1.LINKLIB'//NOPADCHK) UACC(READ) RDEFINE PROGRAM GPMDDSRV ADDMEM('SYS1.SERBLINK'//NOPADCHK) UACC(READ) RDEFINE PROGRAM ADME000O ADDMEM('GDDM.SADMMOD'//NOPADCHK) UACC(READ) SETROPTS WHEN(PROGRAM) REFRESH

START DDS, RMF and RMFGAT (commands in console or SDSF panel)

/S GPMSERVE /S RMF /F RMF,START III

Now download and install the RMF pm for Windows or Linux.

Once installed, execute and connect to your z/OS system. You must view something similar to that:

Categorías: Planeta BlogDrake

z/OS SUBMIT JOBS in FTP

Paranoias del Capitan X - 26 Julio, 2019 - 14:00
z/OS SUBMIT JOBS in FTP

List datasets...

ftp> dir 200 Port request OK. 125 List started OK Name VV.MM Created Changed Size Init Mod Id HELLO 01.01 2013/10/22 2013/10/24 22:06 13 13 1 CAPI HELLO2 01.02 2013/10/22 2013/10/24 22:06 13 12 5 CAPI LISTDS 01.02 2013/10/22 2013/10/24 22:07 15 10 8 CAPI MSGCON 01.01 2013/10/22 2013/10/24 22:07 8 8 1 CAPI 250 List completed successfully.

Now change to JES2 mode

ftp> QUOTE SITE FILETYPE=JES 200 SITE command was accepted

Now (in JES mode) when we GET a dataset, really we make a SUBMIT.

ftp> GET 'CAPI.JCL.TEST(HELLO)' 200 Port request OK. 125-Submitting job 'CAPI.JCL.TEST(HELLO)' FIXrecfm 80 125 When JOB00865 is done, will retrieve its output
Categorías: Planeta BlogDrake

z/OS CLIST tutorial (DRAFT)

Paranoias del Capitan X - 26 Julio, 2019 - 14:00
z/OS CLIST tutorial (DRAFT) CLIST
  1. Language definition:

1.0 Comments

/* THIS IS A COMMENT */

1.1 Header

PROC 0 /* PROC [NUM PARAMETERS] */ PROC 1 XXXXXXXX /* New rutine PARAMETER1 = XXXXXXXX */

1.2 Variables

PROC 1 INPUT SET VARIABLE = &INPUT SET STRING = HELLO WORLD

1.3 Conditional

IF &VARIALBE = TEST THEN + WRITE TEST ELSE IF &VARIABLE = PROD THEN + WRITE PROD ELSE IF &VARIABLE ¬= NEGA THEN + WRITE OTHR ELSE DO + WRITE ERR1 EXIT END

1.4 While

SET WHILE = &STR(ABC) DO UNTIL &WHILE = &STR(ABC) WHILE (&COUNT<5) SET &COUNT = &COUNT + 1 END

1.5 Strings

IF &SUBSTR(1:4,&SYSUID) ¬= TEST AND + &SUBSTR(1:3,&SYSUID) ¬= DEV AND THEN DO WRITE "NOT ALLOWED" END

1.6 Execute commands

LISTUSER SELECT PGM(ISRUDL) PARM(ISRUDLP) SCRNAME(DSLIST)

1.7 ISPF panels

ISPEXEC SELECT PANEL(XXX)
  1. Execute a CLIST

2.0 TSO EXEC

TSO EXEC 'DATASET.CLIST(PROGRAM)'

2.1 Alloc to SYSPROC

TSO ALLOC FILE(SYSPROC) DATASET('DATASET.CLIST') SHR REUSE TSO %PROGRAM
Categorías: Planeta BlogDrake

z/OS create user (DRAFT)

Paranoias del Capitan X - 26 Julio, 2019 - 14:00
z/OS create user (DRAFT) RACF panel parameters Change Account (ACCTNUM) ACCT#________________________________ Change Logon Procedure Name (PROC) ISPFPROC Change Command (COMMAND) ISPF____________________________________ User permits TSO PE ACCT# CLASS(ACCTNUM) ID(WEBSRV) ACCESS(READ) TSO PE ACCT CLASS(TSOAUTH) ID(WEBSRV) ACCESS(READ) TSO PE JCL CLASS(TSOAUTH) ID(WEBSRV) ACCESS(READ) TSO PE OPER CLASS(TSOAUTH) ID(WEBSRV) ACCESS(READ)
Categorías: Planeta BlogDrake

1 Enero, 1970 - 01:00
Feed