jason schaefer

I wanted a larger wordlist than the default /usr/share/john/password.lst, with only 3115 words. Openwall sells a really great wordlist, but if you don’t need anything that fancy you can follow these instructions. The apt-get bit is debian specific. I will install dictionaries and then concatenate them all into one file, remove duplicates, lower case and configure john to use the new list.

apt-get install john wamerican-huge wamerican-insane wamerican-large wamerican-small wamerican aspell
aspell dump master > custom-wordlist
cat /usr/share/john/password.lst >> custom-wordlist
cat /usr/share/dict/american-english* >> custom-wordlist

You can concatenate more wordlists into the custom-wordlist file as you find them. Debian has lots more dictionary type packages. For instance, apt-cache search wordlists. Use dpkg -L [installed-package-name] to find where the actual word list file is installed.
Lets count how many lines (words) are in our wordlist so far:

wc -l custom-wordlist

I got 1484152, There must be tons of duplicates. Lets get rid of them. We can also lowercase everything, since john toggles case automatically for us.

tr A-Z a-z < custom-wordlist.txt > custom-wordlist_lowercase

Now we remove the duplicates

sort -u custom-wordlist_lowercase > custom-wordlist_lowercase_nodups

How many lines do we have now?

wc -l custom-wordlist_lowercase_nodups
613517

Now we can set john up to use our custom wordlist file.

Edit the file /etc/john/john.conf
Wordlist = [path to custom-wordlist_lowercase_nodups]

Now we are ready to crack some passwords! First, combine the passwd and shadow files. This will allow john to use the GECOS information from the passwd file. GECOS is the user information fields such as first, last and phone. These fields will be used by john to make a more educated guess as to what that users password might be.

unshadow passwd shadow > unshadow.txt

run john against the resulting unshadow.txt file

john unshadow.txt
Loaded 15 password hashes with 15 different salts (FreeBSD MD5 [32/64 X2])

The wonderful world of motherboard BIOS updates, is still old fashioned. Updates are often still built for Microsoft Windows environments. Often requiring MS DOS. Those of us who don’t have DOS, a floppy drive, an install of Windows 98 to create a bootable floppy, cheesy Pâté, or MS Windows for that matter ….. Here is a way one can flash that BIOS of your mobo using, our favorite free software licensed, operating systems and tools.

DISCLAIMER: Don’t attempt this unless you know what you are doing. I have never had problems doing this, BUT many things can go wrong and you CAN easily “brick” your hardware. Proceed at your own risk!!

We will be using FreeDOS, a wonderfully free and royalty exempt Microsoft DOS compatible operating system. Licensed under the General Public License (GPL).
Note: As usual, my posts require some knowledge of the command line.

wget http://www.fdos.org/bootdisks/autogen/FDOEM.144.gz
gunzip FDOEM.144.gz
mkdir floppy
sudo mount -o loop FDOEM.144 floppy/
ls floppy

you should see these files:
AUTOEXEC.BAT COMMAND.COM CONFIG.SYS KERNEL.SYS README sys.com

Download your BIOS update file from the manufacturer or vendor.
Note: Sometimes, the update will be distributed as a .exe (Windows Executable) file. Most likely it will actually be a compressed zip archive. You can use unzip to extract the .exe file.

Download the update using wget, then unzip the resulting image file “FDOEM.144″ into the mounted folder: “floppy/”

wget http://path-to-your-bios-update/BIOS_UPDATE.zip
sudo unzip BIOS_UPDATE.zip -d floppy/

In this case, the following files are extracted from the BIOS_UPDATE.zip file:
inflating: BIOS.WPH
inflating: OEMPHL.EXE
inflating: OPTIONS.BAT
inflating: PHLASH16.EXE
inflating: releasenotes.txt
inflating: 1.BAT

now, move to the previous directory (cd ..), and un-mount the FDOEM.144 image:

cd ..
sudo umount floppy/

generate the iso image:

genisoimage -o flashboot.iso -b FDOEM.144 FDOEM.144

Now burn flashboot.iso to CD using wodim:

wodim flashboot.iso

Now you can boot from that cd and run your flash utility!! Read the BIOS update instructions on how to do this..

Recently, I was installing debian on a new server and grub2 would not install gave me this error:

“This GPT partition label has no BIOS Boot Partition; embedding won’t be possible! grub-setup: error: Embedding is not possible, but this is required when the root device is on a RAID array or LVM volume.”

Of course, it being grub2, I jumped to the conclusion that grub2 was the problem. I installed legacy grub and got nowhere. The final error was:
“file /boot/grub/stage1 not read correctly”
No matter what I do, it would not install. So, I went back to the original message and gave grub2 its due process. Turns out this Dell T410 uses GPT (GUID Partition Table) which is an extension of EFI. The “BIOS Boot Partition” is an actual partition on the hard drive. Grub2 embeds the core.img (multiboot boot kernel) into this BIOS boot partition instead of the MBR.
Here are two great resources on this subject:
http://www.rodsbooks.com/gdisk/index.html and
http://grub.enbug.org/BIOS_Boot_Partition

So, the solution:
I had to re-install Debian with a small partition. Apparently it can be under a few hundred KiB but space is cheap and I didn’t want to have more problems, so I made mine 10MB and put it at the beginning of the disk. In the Debian partitioner, set the partition under “use as:” to “Reserved BIOS boot area”. Then continue with the rest of your partitions and install. Grub2 installed with no problems this time!

.
Automatic email setup add-on: Gmail IMAP Account Setup THUNDERBIRD VERSION 3 HAS NATIVE SUPPORT FOR GMAIL.

Manual email instructions: Setup Thunderbird according to gmail’s imap instructions

At the bottom of gmail’s instructions you will see “recommended settings“. Don’t follow the first recommendation, regarding deleting. Instead of actually (permanently) deleting email we can have it moved to the Trash folder, as if you were using the gmail web interface. Gmail has strange folders structure in imap. Here are a few steps to work with gmail folders (Of course, they call them labels

Under Account settings -> Copies and Folders
1. un-check “place a copy in… sent”
2. change  “drafts and templates” to Other -> [your gmail address] -> [Gmail] -> Drafts
Note: Sent and Drafts will automatically show up in their respective folders, as long as you send mail through smtp.gmail.com.
3. Go to Options/Preferences (under tools or edit menu). Go to Advanced -> Config Editor. In the Filter box, type “mail.server.server” and look for the gmail address. Whichever number is in the X place of mail.server.serverX, is what you want to use for the new value.
Right click New -> String “enter mail.server.serverX.trash_folder_name” (X is the number that correlates to your gmail account, from above). Next enter “[Gmail]/Trash”. Restart Thunderbird. Delete something, if it does not go into the [Gmail]/Trash folder restart again. It should work after that. Now you can delete the Trash folder (represented as [Imap]/Trash in gmail)

Contact syncing: A few options.
A very popular and stable add-on Zindus Its great but does not support the address field syncing. (Enter your user/pass under Tools -> Zindus)
gContactSync has support for the address field but is very early in development. If any contacts have an empty email field it adds a @nowhere.invalid email address in Tbird. Thankfully this is not synced to your gmail account!
Also, This looks promising but does not work with Tbird3 Google Contacts.
BACKUP CONTACTS BEFORE SYNCING!

Calendar Sharing: Use the add-on Lightning (aka sunbird as a Tbird add on).  Lightning 1.0b1 does not integrate with Thunderbird 3 toolbar layout very well. It messed up the “file” “edit” and “view” menus. Although, they aren’t really missed by anyone and are sort of accessible if you really need them. Try it for yourself, its not too bad.
For native support follow the Google sunbird instructions for CalDav (recommended)
There is also another plugin called Provider for Google Calendar that can be used..

start -> run -> regedit
make a backup, if you want.
goto:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002bE10318}

look through the list of subkeys (0000, 0001, etc)
DriverDesc keyword will tell you which network adapter. For example, “NVIDIA nForce Networking Controller”
when you find it, right click and add -> new -> string value

new keyword:

Value Name: = NetworkAddress
Value Data: = your new MAC, with no space or : For example, 0019DB71C830

then type:

ipconfig /release
ipconfig /renew
ipconfig /all   (to verify the new mac took)

Now your a l33t Winblows H4|<3r. If you want to go back to your hardware MAC, remove the NetworkAddress key and restart the interface.

FYI, in gnu/linux follow these simple steps to change your MAC address

ifconfig eth0 hw ether 00:19:DB:71:C8:30

if you get this error

SIOCSIFHWADDR: Device or resource busy - you may need to down the interface

do this

ifconfig eth0 down

and try to change the MAC again.

Here is a list of free wireless spots in Santa Fe. I’m sure I will miss some or make errors, please let me know.

* Santa Fe Baking Company (one of the first and best wireless spots in town, lots of seating and ample power, food and kitchen smell can be harsh)
* Pyramid Cafe (VERY fast internet, Amazing Mediterranean food)
* Second Street Brewery (very solid reliable connection, inside or out. great beer too!)
* Counter Culture Cafe (the qwest connection goes down a lot, the ap is too far from the seating area, but great place to hang, eat and work)
* Teahouse (The best selection of teas and generally good internet, very relaxing place. great food too)
* Aztec Cafe (small but friendly environment, good coffee and sandwiches)
* Blue Corn (the bar downtown has it, ask the bar tender for password (indiapaleale). The southside is open AP and I think the essid is jaguar)
* Flying Star Cafe (the wireless is always slow, food is overpriced and not very good. They use sputnik as a captive portal, its annoying to ask users to sign up for internet. I login with user: free pass: wireless)
* Santa Fe Brewing Company (its awesome they provide internet so far out of town)
* Backroad Pizza (south side location has it, not sure about the 2nd street location)
* Cafe Dominics (Fast net and decent food)
* Joe’s Good food, friendly staff, good internet
* Body (great healthy food, limited seating in front cafe area, back dining area reserved for no computers and no cell phones

I wanted to share some notes on patching the Linux Libre kernel with realtime capabilities. The Linux-Libre project pulls out all the un-free bits from standard Linux. Contrary to popular belief, Linux has many non-free parts, small binary or obfuscated pieces of code for various hardware. I have a Lenovo T61 laptop. I removed the Intel wireless pci express card and put in a Atheros AR5008 wifi card using ath9k completely free wireless driver. Now my system (as far as I can tell:-) is completely free.

I make music and the realtime patch makes the latency of my system and soundcard very low. This is a unique advantage that the gnu/linux operating system gives its users. I highly recommend a realtime patch for anyone working with audio and video on gnu/linux.

Start by getting the rt patch http://www.kernel.org/pub/linux/kernel/projects/rt/ for the kernel version you want to compile.
Then get the corresponding Linux-Libre version http://www.linux-libre.fsfla.org/pub/linux-libre/releases/

tar xfvj linux-2.6.29.6-libre1.tar.bz2
cd linux-2.6.29.6
bzcat ../patch-2.6.29.6-rt23.bz2 | patch -p1

Now Linux is patched with realtime
now its time for

make menuconfig

from the RT How to:
* enable CONFIG_PREEMPT_RT
* activated the High-Resolution-Timer Option (Attention, the amount of supported platforms by the HR timer is still very limited. Right now the option is only supported on x86 systems, PowerPC and ARM Support are however in queue.)
* disabled all Power Management Options like ACPI or APM (not all ACPI functions are “bad”, but you will have to check very carefully to find out which function will affect your real time system. Thus it’s better to simply disable them all if you don’t need them. APM, however, is a no-go.) NOTE: Since rt patch 2.6.18-rt6 you will probably have to activate ACPI option to activate high resolution timer. Since the TSC timer on PC platforms, as used in the previous versions, are now marked as unsuitable for hrt mode due to many lacks of functionalities and reliabilties, you will need i.E. pm_timer as provided by ACPI to use as clock source. To activate the pm_timer, you can just activate the ACPI_SUPPORT in menuconfig and deactivate all other sub modules like “fan”, “processor” or “button”. If you have an old pc, which lacks ACPI support, you migh have problems using the high resolution timer.

I personally have not removed my power management options, as I use a laptop and want these features. I don’t notice any problems but have not tried it without them to know what I’m missing.

then compile the kernel, the debian way

fakeroot make-kpkg kernel_image

sudo dpkg -i linux-image-2.6.29.6-libre1-lapkah_2.6.29.6-libre1-lapkah-10.00.Custom_i386.deb

Here is my latest config and the debian package for libre realtime for lenovo t61

~ May your kernel build and your modules have your back ~

Moonlight is a Free implementation of Microsoft Silverlight. Its a Mono project, http://www.mono-project.com/Moonlight. I have read rumors that 2.0 will have support for Netflix. I went to install the 2.0 dev (currently 1.99.5). Logged into netflix and was denied. I was confused because moonlights dev website says that 1.99.5 is complete except for bug testing and a security audit. I did more reading and found that its not a limitation of moonlight at all, its the DRM (Digital Restrictions Management) that Netflix licenses from Microsoft called Play Ready. This is why we can’t watch Netflix with Moonlight. Another case where the end user suffers at the hands of DRM. The industry again is trying to control the user and hope no one cares. So what, if people save the movie streams from Netflix, you can copy as many dvd’s as you want when they show up in the mail! What happened to Fair Use? The move to hosted content is highly desireable by these industries. Now they can tell you what, how and when. Since its hosted on their servers, you can’t do a thing about it (other than not use it). Ugghh. I am disappointed…

A while ago Second Street Brewery asked for a good stable public wireless internet connection. Of course, the solution was obvious, openwrt on a linksys wrt54gl. The office, point of sale and public networks all share the same gateway. The problem was segregating the public wireless network from the private office lan. Sam (http://thepromisedlan.org) and I set out to setup a firewall to protect them. This is what we came up with:

check if the following is in /etc/config/firewall otherwise, add it

config include
option path /etc/firewall.user

and in /etc/firewall.user we put:

#Insert this into the chain, so 10.1.10.0/24 (office) can connect to public 192.168.10.0/24.
#This rule gets repeated by the setup script /etc/init.d/firewall.
iptables -I FORWARD 1 -m state --state RELATED,ESTABLISHED -j ACCEPT

#block all traffic to any possible private network address (10.*.*.*, 172.16-32.*.*, 192.168.*.*)
iptables -I FORWARD 2 -d 192.168.0.0/16 -j DROP
iptables -I FORWARD 2 -d 172.16.0.0/12 -j DROP
iptables -I FORWARD 2 -d 10.0.0.0/8 -j DROP

If you would like to have remote administration on the openwrt so you can access the luci web interface and ssh from the wan side of the router, you can change /etc/config/firewall wan zone to allow it. !!WARNING!! If you are directly connected to the internet, this will expose your open ports to the world. You should take precautions to secure them before changing this firewall rule.

config 'zone'
option 'name' 'wan'
option 'input' 'REJECT' #<- change this to ACCEPT
option 'output' 'ACCEPT'
option 'forward' 'REJECT'
option 'masq' '1'