Category Archives: Random Thoughts
TNG LCARS NASA HDEV live stream viewer.

So I enjoy watching the NASA’s High Definition Earth-Viewing System (HDEV) live stream on ustream and NASA’s page.

however I don’t like to have to keep a window on my browser dedicated to viewing this. So I decided to build a viewer box with a raspberry pi. So I can put it on my already cluttered desktop but have a constant view of the stream. The stream will drop out/black out depending on the position of the International Space Station (ISS). I also am a trekkie , so I decided to combine the two together. So I feel like I’m on the Enterprise of TNG watching earth , much like the movie “First Contact.”

Here is the final result:

File 4-18-16, 20 21 57

 

 

 

 

 

 

 

 

 

 

 

 

 

So what did I use?

Hardware:

  1.  Raspberry Pi B+ (cause I had some lying around from a previous project)
  2.   7 Inch HDMI Screen.  (any screen would do but I wanted a small screen factor so I could position it on my desk among the other things )

Software:

  1. Jessie Lite ( I wanted to run the Raspberry in a minimal configuration and not use the X-windows, so I went no X windows , Jessie Lite)
  2. OMX Player (this is the actual core player playing the video feed and the background. -I’ll explain more later)
  3. libav-tools (mainly avconv to create a looping video of the LCARS background)
  4. livestreamer (the grab the stream of the ustream.tv NASA channel and feed it to omxplayer)

Once it ran , it seemed simple but the process wasn’t.

Initially I thought of just building a raspberry pi with a TFT shield , running the Iceweasel browser in full screen. This was a long road into the abyss, the TFT shield I have did not like the frame buffer output , Iceweasel can’t play the ustream etc etc…Now there might be a way but I also felt it was a bit of overkill for a simple stream viewer to have a full X-windows+browser setup. So omxplayer to the rescue.  With omxplayer I can still view the stream via live streamer without having to boot fully into a x-windows environment.

So based on the Miguel Grinberg’s blog post about building a raspberry pi NASA live stream viewer , the first step it to set up  livestreamer to capture the NASA’s stream and hand it over to omxplayer.

#!/bin/bash
while true 
do
livestreamer http://www.ustream.tv/embed/17074538?html5ui mobile_478p –player omxplayer –fifo –player-args “–win \”75 110 710 564\” {filename} –layer 20″
done

So , livestreamer grabs the mobile_478p stream and passes it to the omxplayer and creates a window(size 710 x 564, at the position x=75,y=110)

Now to make the video play inside the LCARS container , its actually 2 layered videos. The lower video  is a loop video (mkv) of the LCARS interface generated by using avconv.

sudo avconv -loop 1 -i lcars.png -tune stillimage -t 10 -y -r 5 lcars.mkv

So the idea is that the lcars.mkv is playing at a lower layer and the NASA feed is on top of that video. (thanks to Brad’s Blah Blog for the idea)

lcars2

basic LCARS image. (lcars.png)

This is were the omxplayer “–layer” option comes in, the higher the number , the closer to the screen the video play is. So the LCARS video plays on layer 10 and the NASA video plays on layer 20. Now since the LCARS interface is just there as a container this video does not have to loop indefinitely , so I decided to pause it after it loads. So using FIFO file , I send a “p” to the player causing to the stream to pause. (updated: I realised I could use the fbi image viewer to layout the background  instead of using 2 instances of omxplayer, the background generating one tended to crap out randomly anyway . )

so the final script to launch the viewer is:

#!/bin/bash

while true
do

livestreamer http://www.ustream.tv/embed/17074538?html5ui mobile_478p –player omxplayer –fifo –player-args “–win \”75 110 710 564\” {filename} –layer 20″

done &

sudo fbi -T 1 –noverbose –fitwidth –autozoom /home/pi/lcars.png

#mkfifo t

#cat t | omxplayer –loop lcars.mkv –layer 10 &

#sleep 1s

#echo p >t

#rm t

 

The last step was to adjust the positioning of the NASA video feed so it would play inside the black container area of the LCAR’s video. After some tweaking I settled on on

–win (omxplayer window positioning option) \”75 110 710 564\”   = Postion the video at x=75 from the left of the screen, y=110 from the top of the screen, size 710 x 564.

added the the script to the profile of the user “pi”and enabled autologon so the viewer would automatically boot overtime I reboot the pi. And now I have a ISS HDEV LCARS viewer.

References:

File 4-18-16, 20 22 19

 

Rantings of a madMan about books and the future

So last week I was having a discussion about how back in the days there were some great influential books that discussed philosophical issues surrounding the cyber domain. There are so many books that shaped my ideas of the digital area from the “dude everybody read those” like “Being Digital” by Negroponte to “Barbarians at the door” etc etc. However among them 3 stand out as truly influential to me and I still go back to them once in awhile.

1.Cyberspace: First Steps Hardcover – November, 1991
This is one of the books that I picked up at my university bookstore back in the days I lived like a true slacker in a college town. Truly a great collection of essays regarding the then emergent concept of “virtual worlds.” It covered conceptional and philosophical issues and future predictions. I loved this book so much after coming back to Japan and working in the industry I went back to search for an used version of this book to keep in my bookshelf. I gave my original copy to the dorm library. Although it has been years since the last time I opened it still sits proudly in my bookshelf.

2.High Noon on the Electronic Frontier – Conceptual Issues in Cyberspace
Another great book by MIT Press that covers a wide range of essays from privacy, individual rights, hacking and other cyber related issues still relevant today. I have traveled with this book on many business trips as my companion for long flights.

3.Computers: An Illustrated History
Not a philosophical or conceptual book regarding the cyber domain, it is one of my favorite books regarding the product design of various computers. Computers covered in this book range from old military computers to some of the conceptual models of the  90s. It truly is a visual encyclopaedia of product design of computers and digital gadgets. A german friend I was visiting in Berlin had a copy of this book and saw me drooling over the pages as he showed me his copy. After seeing me ogling over every page in the book at the end he just gave me his copy. This book is one of the books I still open on a regular basis just to feel inspired or motivated. Granted that  modern computers have a much more mature product designs, some of the older machines just have more character and style. The Connection Machine by Danny Hillis still one of my most favorite physical computer designs ever.

A small stone:
With the word “cyber” becoming more and more diluted and connectivity becoming an essential part of our daily lives there are a lot of discussions among applied practical issues about our current environment. But as a lover of philosophy I fear that we as humans are now loosing part of our humanity by avoiding the discussion regarding conceptual issues that would be critical in forming our ideas and perception of how we as humans will progress. Applied knowledge is only truly applied and useful if at least some of us spend time discussing the foundations and the conceptual aspects that form the applications of technology. Knowing what the “next big thing” is great and very usefull, however if we do not engage in a deeper rooted discussion of how and what the next big thing will bring to us, how can that be truly “the next big thing?”  There are many academic-commercial collaborative environments where the current seemingly out of control applications of technologies are discussed but many of them focus too much on the current status and the direction of applied knowledge and not enough on deep rooted core conceptual aspects. As a participant in this cyber domain I am as guilty as anyone else of neglecting the conceptual foundations of human progress or regress and its relationship with technology. However we as people in the industry do owe it to the future generation to seriously discuss and leave evidence of our discussions so that future historians and anthropologists do not face the same daunting tasks of deciphering what we meant to say as modern historians/anthropologists do with ancient cultures.

I would love to see a conference series or even a journal that brought together academics, industry leaders,philosophers,theologists,anthropologists,artists and other people to contribute in journaling our current journey as mankind in adopting technology. Not only as proof to the future generations that we did our best in assessing our voyage into a new era but also we did consider as best as we could what the impacts could have been.

Thankfully to the “nothing disappears from the internet” phenomenon me writing this blog post might be a small stone in a vast ocean of human history but I hope that hundreds of years from now somebody would find this text and say “Dude, this guy at least wrote something on how he thought about the fucked up situation he left us with.” Truly the day mankind stops discussing conceptual issues is the day we as occupants of this vast universe will stop being contributors and become true parasites.

 

同時通訳機詳細/Translation Receiver.

毎回、セミナーで同時通訳レシーバーを持って帰る人がいる。前回もやっぱり、数台が不明に。参加者は、「お、これ面白そう、持って帰って見よう。」という軽い気持ちだろうが、実はこのレシーバーはとてもコストが高い。1台でパソコンが買えるぐらいのコスト。

無くなった台数分の費用をイベント主催側は払わなければいけない。当然この費用は運用費用や参加費へ反映される。また、送信元となるシステム無しではこのレシーバーは全く役に立たない上、個体単価が高い割には質屋での引き取りもしてくれない。

個人的には1台も無くならない日が来る事を待ち望む、その道のりとして今回はよく使われる同時通訳レシーバーに関する情報をここで紹介する事にした。基本的には魔法の無線を使ってる訳ではなく、赤外線レシーバー。だからこそ配信元の赤外線配信システムが無いと役に立たない。だから、持って帰っても何もできない。

Every conference I have worked on , somebody decides to take home the translation receiver. The last con I worked once again somebody decided to take one home. Ok I can see the temptation , you paid for the con and there is a sexy piece of hardware , you think “Hey its a security hacker con, this looks like fun let me take it home.”

However these devices are EXTREMELY expensive, if I told you how much they cost you would go “WTF?? I can buy a bunch of PCs for that price!!” yes they are that expensive. So for every one that gets lost during a con, the organizing body has to pay for them .

Did I mention they are INSANELY expensive?

Yes so your fun time is gonna costs the organizers and operating costs for the con and at the end toward the ticket price. Also without the basic transmitter these receivers are useless, trust me no pawn shop will buy them.

So rather than me yelling every time about not taking the receivers I decided to put this post up that lists documents for you to read to learn about them. Its an infrared receiver, not wireless , not radio INFRARED so without the infrared transceiver the receiver is useless.

I have also added a link to ebay , however the price listed here is not what the organizers pay, its way more than the price listed.

DO NOT TAKE THE RECEIVER. IF YOU DO YOU ARE NOT A HACKER, YOU ARE JUST A JACKASS (持ち帰るなよ、持ち帰るヤツはハッカーではなくウンコ野郎。)

Here is my challenge to you:

  • If you build one with raspberry or arduino or whatever and prove to me it works, I will buy you a beer.
  • raspberryやarduinoとかを使って実働するレシーバーを作って俺に見せたらビールを奢ります。

製品情報:Product Information

Bosch Integrus System

Screen Shot 2014-12-11 at 1.23.30 PM

 

Product Page/製品ページ: Bosch Integrus

 

日本語資料:Japanese Documents

LBB 4540 ポケットレシーバー(データシート日本語/Datasheet Japanese)

 

英語資料:English Documents

インストール/運用マニュアル(English/Install and operations manual)

ユーザーマニュアル (User Manual)

 

入手方法/Get one

ebay: Bosh Integrus

MannaPi V.01

After seeing the Sensepost’s Dominic White and Ian de Villiers presenting their new Manna attack video I thought it would be great if this attack could be ported to a smaller form factor.

I have an old laptop that has Kali installed on it with a Alfa awus036nha wifi-adaptor. So first I tried to replicate the demo shown in the video on the laptop. With some  sleepless nights and lots of caffeine and bad food choices I finally got it up and running.

Next I needed to find a smaller form factor, I knew about the wifi-pineapple from Hak5 but didn’t pick one up at this year’s DEFCON. (No particular reason,figured I could order it later online, only to find out they don’t ship to Japan. Dumb me should have been obvious) So I ordered a alfa ap121u from a vendor in HK on ebay.com . A week later I got the hardware , flushed the firmware installed the Pineapple Mark IV firmware on it. I figure maybe I could port the Manna-hostapd to the Pineapple but my coding skills are no where near to do this. Nor do I think the Mark IV platform could handle the current Manna implementation.

So I knew Kali could run on a Raspberry Pi and that a newer version just came out so I picked one up installed the latest Kali 1.0.9 Pi Image file on a SD card and the Pi came up and running.

IMG_2091

From there it was just replicating the steps I took on the original laptop Kali to get Manna up and running on the Pi. And MannaPi was born.

Here is shot of Manna running:

IMG_2086

 

The Setup:

IMG_2089

  1. Raspberry Pi B+ model.
  2. Offensive Security Kali 1.0.9 IMG
  3. Class (4) SD 16GB card.
  4. Self powered USB HUB
  5. Antenna extending pigtail
  6. Aterm W500P mobile router. <- upstream on eth0
  7. Alfa Awus036nha <- Connection point on wlan1

IMG_2093

I chose the Aterm W500P mobile router because it can be powered with a micro-usb cable and it has an ethernet-converter mode which can convert the on-board ethernet of the Pi and turn it into a wireless point. I could have added another wifi-adaptor on the usb but this particular mobile router has an interesting mode pre-installed. Its called the public-hotspot wifi mode and it allows you to preconfigure the router to connect to public wifi-spots when they are available. Now this might not be something spectacular however, the configuration allows you to disable automatic web-login. i.e.) when the router detects a http request it pops up the public wifi spot’s weblogin page….(hint: no need to evil portal cause the traffic is already coming from wlan1 to eth0->public wifi spot)

So when the Manna attack happens:

User device’s NPL list sends out probing beacon -> Manna Replies -> User Device Associates with Manna-hostapd -> traffic bridged to eth0 -> Aterm W500P mobile router -> either tethered internet or Public Wifi weblogin -> to the internet.

wlan1< -> Manna -> eth0 <-> W500p <-> Internet

Ideally if I can find a way to power this whole setup from a mobile battery that would make this one evil rogue AP. However , after some fiddling around drawing power from the Pi board to power both the Alfa and upstream router seemed a bit too much for the Pi. Once manna starts to run the Pi would just drop the usb hence killing the whole process.

-70mA for the keyboard
-500mA for the Alfa
-100mA for the ethernet converter

IMG_2081

Theoretically this whole setup could be powered with a laptop mobile battery like HyperJuice or GoalZero’s Sherpa line. Since I don’t have either there is no way for me to test this.

I got some other ideas regarding this implementation and will continue to explore some more stuff. Like I said this is MannaPi V.01.

References:

Manna from Heaven; Improving the state of wireless rogue AP attacks – Dominic White & Ian de Villiers:

-SensePost Manna Github

Security Tube’s Wifi Security Mega Primer
This is a great primer even if you think you know wifi.

Do not use against equipment you don’t own. Doing so is usually illegal and can get you in serious legal trouble. I can’t be responsible for any legal trouble you get in.

===============Japanese================

ここ数週間の間、国内でwifiの盗聴が話題になっていたので、悪のAPを作ってみようと思った。そこで、思い出したのが今年のDEFCONのワイヤレスビレッジでSensepostのDominic White to Ian de Villiersがkarma攻撃の新しい形を発表してたのでこの攻撃方法を使う事にした。この攻撃は端末のwifiの接続先リストを元に、端末からの問い合わせに対して必ず答えるKarma攻撃をアップデートしたもので、現在の多くの端末では従来のKarma攻撃が通じない問題(?)を解決している。Manna攻撃では積極的に問い合わせビーコンに対して応答することで以前に繋がった事のあるAPが近くにあるように騙す事で端末が自動的に接続する問題点をついている。

ハードウェアには最近発売になったRaspberry Pi B+を使い、Offensive Security から出てるKali 1.0.9 イメージをOSとして使ってる。

インターネットへの接続はNECが出してるW500Pを使ってる、もちろんPiからのUSB経由でテザリング等を使う事も可能だがManna攻撃のためのリソースを最大限にする為にあえて有線からの上流リンクという選択肢を取った。ちなみにこのモバイルルータには面白いモードが2つあり、一つはコンバータモード(有線の無線化)ともう一つは公衆Wifiモード。とくに公衆wifiモードでは、公衆無線に自動接続する設定をオフにする事ができるので、Manna攻撃で繋がっていてもウェブログインが表示される事からエンドユーザーはManna経由で接続してる事が気がつかない危険性がある。

全部をモバイル電源で駆動できれば良いのだが、やはりAlfaのカードが500mAぐらい引くのでPiのオンボードでは無理だった。通常の接続には十分つかえるがManna攻撃を実行するとすぐに電力不足でusbが強制的に切断される。

まぁ、ラップトップ用モバイル電源を使えば可能だろうなと思うもの、手元に無いので実験が出来ない。

とりあえずバージョン0.1ということで、今後も研究を続ける。(かも)

自分のシステム、許諾を得たシステムのみで実験するようにしてください。他人のシステムへの事項は攻撃として法的な措置対象になる可能性があります。この投稿は実験の報告として掲載しており、この投稿内容を利用した結果、問題が発生しても一切責任は負いかねるのでご了承管さい。

 UPDATE/ 追記:

Sept.7.2014:04:00 JST.

After some thinking I figured out that I could probably power the whole setup if I could find a decent high capacity mobile battery. So I got hold of an Anker Astro Pro 2 (15000mah). Then I grabbed an old usb cable gutted it to create a usb-to-power frankenstein cable. So now MannaPi is fully mobile running of the Astro Pro.

[ ASTRO PRO] -> charges powered usb hub (via FrankenCable) -> Powers MannaPi and provide power for the wireless mobile router/converter (eth0)

 

歯を磨きながら、考えてたら、ある程度の容量のモバイルバッテリーで駆動が可能かもと思い、古いUSBケーブルからハブへ電源供給できるケーブルを作った。これでMannaPiはコンセントが不必要になり完全にモバイルな形に出来た。電源に使ったのはAnker Astro Pro2 という15000mahのモバイルバッテリ。

 

IMG_2102

Closed/ケースを閉じた状態 (MBA:13 inch for reference)

IMG_2107IMG_2108

ps. The cigarette pack is for reference and not intended as a advertisement or endorsement of particular brand of cigarette or the habit of smoking.
追伸:タバコはサイズの目安のためであり、広告もしくは喫煙を推奨する物ではありません。

 UPDATE Sept.9th

Current startup script. simple-start.sh


upstream=eth0
phy=wlan0

#conf=conf/hostapd-karma.conf
conf=../hostapd-manna/hostapd/hostapd.conf
hostapd=../hostapd-manna/hostapd/hostapd


#service network-manager stop
#rfkill unblock wlan

ifconfig $phy up

sed -i "s/^interface=.*$/interface=$phy/" $conf
$hostapd $conf | tee /var/log/Mana-simplerun.log&
sleep 5
ifconfig $phy 10.0.0.1 netmask 255.255.255.0
route add -net 10.0.0.0 netmask 255.255.255.0 gw 10.0.0.1


dhcpd -cf conf/dhcpd.conf $phy

echo '1' > /proc/sys/net/ipv4/ip_forward
iptables --policy INPUT ACCEPT
iptables --policy FORWARD ACCEPT
iptables --policy OUTPUT ACCEPT
iptables -F
iptables -t nat -F
iptables -t nat -A POSTROUTING -o $upstream -j MASQUERADE
iptables -A FORWARD -i $phy -o $upstream -j ACCEPT

echo "Hit enter to kill me"
read
pkill dhcpd
pkill sslstrip
pkill sslsplit
pkill hostapd
pkill python
iptables -t nat -F

If you need/want to download all images from a webpage.

Yea yea I know, curl+some reg expressions would do the same damn thing,
but for the non-coding people here is a super simple(i.e.:dump) way to get
all images from a webpage  using Automator. It has no filters, no input etc etc.

Just keep the page you want to download from open in the front in Safari
and hit this workflow either as an app or service or workflow script.
And it should download all images to a folder on your desktop with the url as a folder
name.

 

Screen Shot 2014-09-01 at 2.39.41 PM

 

In case you still not sure here is a app from this workflow.

Next Page