Category Archives: stuff
Bash based hastebin client for Pineapple Nano

I have been a fan of the haste-server by @seejohnrun for a while, basically its a pastie server, maybe a bit more prettier. I use it to move code around.

Recently I was fortunate enough to receive a Wifi Pineapple Nano from the @hak5 crew.

So I wanted to be able to use my haste-server via the Pineapple  too. Now for regular environments there are multiple cli clients for the haste-server. But most of them require either python or ruby etc etc. Now thats fine if you have a large filesystem but the filesystem on the Pineapple is somewhat limited. So I wrote a pure-bash version of the client to use on the Pineapple.


#!/bin/bash
#config server detailsx
server_ip=<SERVER ADDRESS>
port=<SERVER PORT>
# end of server config
#-------read output per line---
while read OUT
do
finalOUT="$finalOUT
$OUT"
done
#the above weird formating is to force a new line in the variable holding the data posted to the server.
#--post it to the haste server--
getkey=$(wget -qO- --post-data "$finalOUT" http://$server_ip:$port/documents)
#--parse the returned json to get the key
uri=`echo $getkey | grep -m 1 "key" | sed -E 's/^ *//;s/.*: *"//;s/",?//;s/}//'`
#--echo out the full url
echo "http://$server_ip:$port/$uri"

 

So , replace the <SERVER ADDRESS> and <SERVER PORT> with whatever server you use and you can now post any command output to the haste-server. Save the file and call it whatever.  And add it to your /etc/profile.

alias pinehaste=’/sd/customs/Pinehaste.sh’

( I saved it to the sd card so I won’t loose it everytime I flashed the Pineapple.)

Using Pinehaste:

So to take a command output just pipe it to the pinehaste (or whatever alias you set it to )

example:
[email protected]:~# cat pwettykitten.txt | pinehaste
which will return:
http://<SERVER ADDRESS>:<SERVERPORT>/<SOMEKEY>

all you have to to is now to send the url or copy it or do whatever with it.

I’m sure there are better ways to do it but it works, so no need to fix it.

Cheerios!

 

 

Posted on 2016年10月1日, 10:18 PM By
Categories: stuff
TNG LCARS NASA HDEV live stream viewer.

So I enjoy watching the NASA’s High Definition Earth-Viewing System (HDEV) live stream on ustream and NASA’s page.

however I don’t like to have to keep a window on my browser dedicated to viewing this. So I decided to build a viewer box with a raspberry pi. So I can put it on my already cluttered desktop but have a constant view of the stream. The stream will drop out/black out depending on the position of the International Space Station (ISS). I also am a trekkie , so I decided to combine the two together. So I feel like I’m on the Enterprise of TNG watching earth , much like the movie “First Contact.”

Here is the final result:

File 4-18-16, 20 21 57

 

 

 

 

 

 

 

 

 

 

 

 

 

So what did I use?

Hardware:

  1.  Raspberry Pi B+ (cause I had some lying around from a previous project)
  2.   7 Inch HDMI Screen.  (any screen would do but I wanted a small screen factor so I could position it on my desk among the other things )

Software:

  1. Jessie Lite ( I wanted to run the Raspberry in a minimal configuration and not use the X-windows, so I went no X windows , Jessie Lite)
  2. OMX Player (this is the actual core player playing the video feed and the background. -I’ll explain more later)
  3. libav-tools (mainly avconv to create a looping video of the LCARS background)
  4. livestreamer (the grab the stream of the ustream.tv NASA channel and feed it to omxplayer)

Once it ran , it seemed simple but the process wasn’t.

Initially I thought of just building a raspberry pi with a TFT shield , running the Iceweasel browser in full screen. This was a long road into the abyss, the TFT shield I have did not like the frame buffer output , Iceweasel can’t play the ustream etc etc…Now there might be a way but I also felt it was a bit of overkill for a simple stream viewer to have a full X-windows+browser setup. So omxplayer to the rescue.  With omxplayer I can still view the stream via live streamer without having to boot fully into a x-windows environment.

So based on the Miguel Grinberg’s blog post about building a raspberry pi NASA live stream viewer , the first step it to set up  livestreamer to capture the NASA’s stream and hand it over to omxplayer.

#!/bin/bash
while true 
do
livestreamer http://www.ustream.tv/embed/17074538?html5ui mobile_478p –player omxplayer –fifo –player-args “–win \”75 110 710 564\” {filename} –layer 20″
done

So , livestreamer grabs the mobile_478p stream and passes it to the omxplayer and creates a window(size 710 x 564, at the position x=75,y=110)

Now to make the video play inside the LCARS container , its actually 2 layered videos. The lower video  is a loop video (mkv) of the LCARS interface generated by using avconv.

sudo avconv -loop 1 -i lcars.png -tune stillimage -t 10 -y -r 5 lcars.mkv

So the idea is that the lcars.mkv is playing at a lower layer and the NASA feed is on top of that video. (thanks to Brad’s Blah Blog for the idea)

lcars2

basic LCARS image. (lcars.png)

This is were the omxplayer “–layer” option comes in, the higher the number , the closer to the screen the video play is. So the LCARS video plays on layer 10 and the NASA video plays on layer 20. Now since the LCARS interface is just there as a container this video does not have to loop indefinitely , so I decided to pause it after it loads. So using FIFO file , I send a “p” to the player causing to the stream to pause. (updated: I realised I could use the fbi image viewer to layout the background  instead of using 2 instances of omxplayer, the background generating one tended to crap out randomly anyway . )

so the final script to launch the viewer is:

#!/bin/bash

while true
do

livestreamer http://www.ustream.tv/embed/17074538?html5ui mobile_478p –player omxplayer –fifo –player-args “–win \”75 110 710 564\” {filename} –layer 20″

done &

sudo fbi -T 1 –noverbose –fitwidth –autozoom /home/pi/lcars.png

#mkfifo t

#cat t | omxplayer –loop lcars.mkv –layer 10 &

#sleep 1s

#echo p >t

#rm t

 

The last step was to adjust the positioning of the NASA video feed so it would play inside the black container area of the LCAR’s video. After some tweaking I settled on on

–win (omxplayer window positioning option) \”75 110 710 564\”   = Postion the video at x=75 from the left of the screen, y=110 from the top of the screen, size 710 x 564.

added the the script to the profile of the user “pi”and enabled autologon so the viewer would automatically boot overtime I reboot the pi. And now I have a ISS HDEV LCARS viewer.

References:

File 4-18-16, 20 22 19

 

ヴァセリンで作る簡単な固形燃料

ボクシングの試合でも使われ、傷の手当から皮膚の乾燥からの保護などワセリンは多種多様な使い方が出来る。そこで、今回はワセリンを使って固形燃料を作る方法を紹介。(火遊びは危ないので気をつけましょう)この使い方で、緊急時等の時に簡単な固形燃料が作れる上に、ちまたで売っている○○ファイヤースターターより遥かに安く、よくも燃えるバーベキューやキャンプファイヤーの火をおこすスターターが出来る。

材料:

1.ワセリン。(無香料のヤツ)

2.ティーキャンドルの使用済みのアルミ缶

3.化粧用具もしくは傷の手当等に使うコットン(100%綿)

道具:

1.ワセリンを湯煎する為の器

2.ワセリンを溶かす為の空き瓶

3.割り箸

手順:

1.ワセリンを湯煎で溶かす。もっとも、鍋で直接溶かす方法もあるが、沸騰させないように気をつけたりしなければいけないし、あとで食事を作るのに同じ鍋を使うのは気が引けるだろうから、湯煎を使った方が楽。

ワセリンを湯煎で溶かす

Figure 1: ワセリンを湯煎で溶かす

2.ワセリンが解けたら、ほぐしたコットン(脱脂綿)をワセリンの溶液に付ける。コットンがワセリンを吸収するように割り箸でコットンを持つと一定に浸透する。

IMG_3005

Figure 2:コットンにワセリンを吸わせる

 

3.ワセリンを吸ったコットンをティーキャンドルの空容器に移して圧縮する。この時にアルミフォイルを敷いた皿などに逆さまにして押し付けるときれいな平らな面が出来るが、押しすぎると容器がつぶれたり、ワセリンが漏れたりするので注意。

これでワセリン固形燃料が出来上がり。

実際に燃やしてみた:

使う時には真ん中をほぐして、ロウソクの芯の様にすると着火が簡単。

Figure 5: コットンをほぐして芯を作る。

Figure 3: コットンをほぐして芯を作る。

実際に燃やして実験してみたところ、5分ほど燃やしても上部2ミリぐらいしか焼けてないから、かなりの長時間燃える事が予測できるが、1個を燃やしきる時間がなかったので途中で消火した。

IMG_3013

Figure 4: 一旦火がつけば、多少の風でも消えない

 

薬局とかで売ってる、クリーム詰め替え容器に入れたらぴったりで簡単にバッグの中に放り込んでおける。

クリーム詰め替え容器に収納

クリーム詰め替え容器に収納

くれぐれも、火元に注意するように。

———-English—————-

There are many multiple uses for vaseline from preventing cuts during a boxing match to protect the skin from drying up etc etc. But you can also make a cheap and very effective fire starter.  Beside the fact that this could be helpful during a SHTF event these make a very good and easy to light fire starter, much better than some of the “shit to start your barbecue grill easier” type of fire starters.

You need:

1. Vaseline , petroleum jelly. (make sure its 100% pure and unscented)

2. Empty tea candle aluminium cup.

3. Cotton balls. (for make up or other uses, just make sure its 100% cotton)

equipment:

1.A bowl to put hot water into where you would place another jar into to melt the vaseline.

2. A jar to melt the vaseline in.

3. Chopsticks or any other device that would allow you to soak the cotton while keeping your hands clean.

Method:

1. Melt the vaseline by putting it into the jar and put the jar into an another bowl containing hot water. Now theoretically you could use a pan and melt the vaseline directly , however you have to avoid boiling it and it could cause a mess not to mention we are making fire starters so safety first! (or if you are a redneck, safety third!). By using hot water to melt the vaseline much like you would melt chocolate for baking its safer and easier, it just takes a bit longer but you can wait.  – See Figure 1 .

2. Dipp the cotton ball into the melted vaseline. make sure you soak up the vaseline into the cotton ball and not only on the surface of the cotton ball. – See Figure 2.

3.Place the dipped cotton ball into the empty tea candle cup. Theoretically you do not need to do this but it makes handling the cotton balls easier. Remember, use a cup to easily handle balls. (some of you will get the joke) ,After the vaseline has cooled down a bit if you put the container upside down on a flat surface it will even out the the top to give a nice flat top.

How to use them :

1. Just fluff up the middle to create a wick to start the fire. -See Figure 3

2. Once it starts burning a little breeze will not put out the fire – See Figure 4.

After experimenting , I extinguished the pod after the first 5 minutes but the pod only burned a fraction of the top layers , from the results I can say that it will burn for a very long time. Enough to get your barbecue or camp fire going I think , if you can’t get your campfire or barbecue going while the pod burns you need to up your fire starting skills. Next time I’ll try to see if there is enough heat to boil water or actually cook something.

Remember folks SAFETY THIRD! (no not really , safety is always first)

Raspberry Pi. Eth->Wlan connection

I needed to configure the network in reverse what others were doing, run a dhcpd server on eth0 then allow access from the eth0 to the internet via the wlan interface. If you struggled to do this here is a simple script:

Prerequisites:

1.Wlan gets IP via wpa_supplicant from upstream.
2.Eth0 distributes dhcp-leases to stuff connected to the eth0 interface.

 

#!/bin/sh
#get the ip assigned by the upstream dhcpd server to wlan interface (in my case wlan3) 
MYIP="$(/sbin/ifconfig wlan3 | grep 'inet addr' | cut -d: -f2 | awk '{print $1}')"

dhcpd &&
IPT=/sbin/iptables
LOCAL_IFACE=eth0
INET_IFACE=wlan3
INET_ADDRESS=$MYIP

# clean out all the tables
$IPT -F INPUT
$IPT -F OUTPUT
$IPT -F FORWARD

$IPT -t nat -P PREROUTING ACCEPT
$IPT -t nat -P POSTROUTING ACCEPT
$IPT -t nat -P OUTPUT ACCEPT

# Allow forwarding packets:
$IPT -A FORWARD -p ALL -i $LOCAL_IFACE -j ACCEPT
$IPT -A FORWARD -i $INET_IFACE -m state --state ESTABLISHED,RELATED -j ACCEPT

# Packet masquerading
$IPT -t nat -A POSTROUTING -o $INET_IFACE -j SNAT --to-source $INET_ADDRESS

Posted on 2014年12月8日, 7:29 PM By
Categories: MannaPi, stuff, WBDM
Point and shoot wifi scanner

So my adventures in Wifi land continues.

As seen in a previous post I build the WBDM wifi pod. The pod is great but I live in Tokyo a highly urbanized city with wifi everywhere, it seems that everybody and their cat have their own wifi network. This poses an interesting challenge in locating a specific AP when you don’t know what the essid or bssid is.

One of those times when too much wifi is a bad thing.

I needed something like an old skool frequency counter, you know the ones you see in old spy movies where you click a button and it shows the strongest frequency in the vicinity.

I needed a better solution to pinpoint a wifi spot. I realized that earlier this year I build a wifi Pineapple Mark IV clone. If you don’t know what a wifi Pineapple is then head over to https://wifipineapple.com and check it out , basically is a wifi pen testing kit in a box. The current version is Mark V , and Mark IV is the previous version.

The Mark V is a completely new platform and runs in a unique hardware environment.

However the previous version Mark IV is based of an access point called Alfa AP121U. Its a regular wifi access point , well sort of. Getting this AP in Japan is nearly impossible so I needed to find one online, there are vendors who sell this however many of them will not ship them to Japan.

So time to ebay, sure enough I found a vendor in Hong Kong that would send me one. So off I go, first I needed a burner credit card thankfully my online bank gives me a debit/cc card number that is different that my regular cc number. So ordered it and waited, the unit arrive in a couple of days. Now I needed to flash the rom with the Pineapple ROM,

Step 1. Flash ROM.

Equipment needed:
1. Alfa AP121U. Make sure its the U version which has an USB port.
2. USB to TTL serial Cable. Could also be the Alfa Console board but this cable is easier to get.

3. A computer with a tftp server running. I decided to use my mac with TftpsServer which is graphical front end to the internal tftpserver of Mac OS X.

Connect the USB/TTL cable to AP121U. You need to hook up the TX,RX,GND to the cable. DO NOT CONNECT THE VDD IT WILL BRICK YOUR AP.

USB to TTL serial cable connectors:
1 - Black:GND 
2 - Blue:CTS 
3 - Red:5V 
4 - Green:TXD 
5 - White:RXD 
6 - Yellow:RTS 

So you connect the cable’s TXD to the AP121U’s RXD and visa versa. and the GND to the GND.

connections

connections (click to see actual image)

OH YEA DID I MENTION: DO NOT CONNECT THE VDD!

Also connect an ethernet cable to the PoE/LAN port of the AP and your computer (TFTP server ) and set your computer eth interface to 192.168.2.7 or something.

Now connect to the AP via the USB/TTL cable( 115200 baud, 8 data bits, no parity, 1 stop bit, no flow control.) execute the next commands:

setenv bootargs "board=ALFA console=ttyATH0,115200 rootfstype=squashfs,jffs2 noinitrd"
saveenv
tftp 0x80600000 kernel.bin
erase 0x9f650000 +0x190000
cp.b 0x80600000 0x9f650000 d695a
tftp 0x80600000 rootfs.bin
erase 0x9f050000 +0x600000
cp.b 0x80600000 0x9f050000 23d004
bootm 0x9f650000
reboot

Once you are inside issue the passwd command to change the password then start dropbear (/etc/init.d/dropbear start)
Now scp the firmware to /tmp inside the AP.

From the AP’s console issue:

scp firmware.bin [email protected]1:/tmp/
(192.168.2.1 is the IP of the AP21U)

then issue a system upgrade call

sysupgrade -n -v /tmp/firmware.bin

And now you have your own WIFI Pineapple Mark IV clone!!

We gotz zie pineapple

We gotz zie pineapple

Theoretically you can now build the rest however there is one caveat the AP121U was never meant to host something more complex than a basic operating system its internal flash is a whooping 8MB. So we need to give it a bigger storage space. So I grabbed a 8GB thumb drive .

Here is a link to Darren’s post on formatting a drive to be used with the Pineapple:

https://forums.hak5.org/index.php?/topic/25882-how-to-enable-usb-mass-storage-with-swap-partition/

Now thats all on building the basics. In the pineapple configuration you can set the WPS button to execute a script I decided to use the WPS infusion cause it would add a bit more scripting capabilities to the button.

WPS infusion config screen

WPS infusion config screen

Initially I installed a kismet server to take the dump but then I realized that it would be a bit of overkill for basic wardriving since especially this one was more to locate an access point.

I also needed a way to figure out by looking at the Pineapple to see if I was capturing or not so I added the led control commands to the script.

If it was capturing all leds would light up , if not just the power and wlan would light up. The following is the actual script:

#!/bin/sh
#Custom Script 1
export LD_LIBRARY_PATH='/lib:/usr/lib:/usb/lib:/usb/usr/lib'
export PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usb/usr/bin:/usb/usr/sbin

if [ ! -f /tmp/kissing.touch ]; then
ifconfig wlan0 down
ledcontrol lan off
ledcontrol usb off
ledcontrol wan off
wait
iwconfig wlan0 mode monitor
wait
ifconfig wlan0 up
wait
filename=$(date '+%d_%b_%Y_%H_%M_%S')
airodump-ng -c 1 -w /usb/tcpdump/$filename wlan0 >/dev/null 2>/dev/null &

#above I'm suppressing all output of airodump-ng to the screen captures are all written to a file with a date prefix
touch /tmp/kissing.touch
# I named the file kissing.touch cause initially I was using kismet server.
ledcontrol lan on
ledcontrol usb on
ledcontrol wan on
else
#if [ -f /tmp/kissing.touch ]; then
iwconfig wlan0 txpower 20
pkill airodump-ng &&
rm /tmp/kissing.touch
ledcontrol lan off
ledcontrol usb off
ledcontrol wan off
fi

 

LEDs galore

LEDs galore

So now the AP is ready for deployment but I still need a mobile power source, I love my Anker Astro Pro 2 batteries but I wanted a more narrow solution. So I picked up a RAVPower 158000mAh mobile battery. Which has a 12v dc output , perfect for the Wifi Pineapple also the DC power cable that comes with the RAVPower battery fits perfectly to the Pineapple so no need to hack together some zombie DC cable. Some industrial velcro binds both of them together like they were meant to be together.

After some initial tests I realized that the omni directional antenna still was picking up way too much wifi AP noise, so digging through my box of “wifi shit I collected” I dug up a 8dbi wifi panel antenna. Now the setup is truly a point-and-shoot wifi scanner.

Compare the following : clearly the panel antenna reduces noise coming from the back of the device.

Click to see larger image

Click to see larger image

 

The point and shoot wifi scanner:

IMG_2746

 

it totally looks like I’m just texting on my smartphone…well sort of….

 

texting

Posted on 2014年12月3日, 2:00 PM By
Categories: stuff, WBDM

Next Page