Hak5 - Technolust since 2005 » open source

Episode 703 – Free Application Sandbox Challenge and Top “Ultra” Warez

Darren — Wed, 03 Mar 2010 14:45:54 +0000

Back from Britain and bouncing off the walls Darren pits three ancient Internet Explorers against each other to see which free application sandbox can save you from yourself. Shannon joins us from Missouri for her take on the top “ultra” Windows software, and Paul… Well, Paul’s tearing down the set.

Download HD Download MP4 Download XviD Download WMV

Rogue DHCP Server Detection

Following up with last week’s discussion on Rogue DHCP Servers I found it fitting to mention Tim Ashley’s Rogue DHCP Server Detector as found on the Hak5 forums.

Free Application Sandbox Challenge

In an effort to discover whether free application sandboxing solutions from Comodo and Sandboxie can save a (L)user from themselves, Darren takes three Internet Explorer 6 Virtual Machines around the Internets famous red light district in a set of challenges put forth by the fine folks at irc.hak5.org.

The Top “Ultra” Windows Warez

Perplexed by software titles claiming to be the most elite thing since ascii art Shannon set off to round up the top “Ultra” software for Windows and see there is any merit fo their titles. The round up includes:

Episode 620 – IP Spoofing, World of Goo Mods, Linux Drive Encryption, Ultralight Notebooks and much more

Darren — Wed, 30 Dec 2009 05:39:29 +0000

On this episode of Hak5 Darren joins Jenn Cutter in Toronto to talk IP Spoofing, Tethering Terms of Service, World of Goo mods, Linux Drive Encryption, 13″ Ultralight notebooks and more.

Download HD Download MP4 Download XviD Download WMV

Tethering TOS and IP Spoofing

Brice writes “Thanks for showing how to tether Droid with Ubuntu. I use them both quite often.
I was wondering if tethering the Droid is against the TOS/Verizon contract.”

Well Brice, technically it may be a violation of your carriers terms of service. I know at least with Verizon’s Wireless business accounts there is an additional fee, around $30/mo I believe, for tethering with a smartphone like a blackberry.

I can also say from personal experience having tethered since 2001 on both Sprint and Verizon, that as long as you stay under the 5-gig cap you should be ok. Programs like June Fabrics PDAnet allow one to tether on most platforms and, from what I hear from my telco buddies, the carrier can’t tell the difference between the traffic originating from the phone or your laptop. I haven’t heard any horror stories of penalties for using such application however I’d be curious to hear from our audience if such a thing has happened in the past.

Kuroha write “I want to use Spotify, the new music service, but I keep getting this error:
Unfortunately, due to licensing restrictions we are not yet available in your country. We understand that you are currently in United States. How do I spoof my IP so it looks like I’m in Finland?”

Kuroha, there is a misconception about IP Spoofing that’s simply summed up by saying this. The source address of your computer is part of the IP packet header. There are plenty of programs out there that will let you spoof this source port, including our favorite tool nmap. However, like a return address on postage, unless you’re in a position to listen to the replies to your spoofed packets (such as on a local network) you aren’t going to get anything useful back from the server.

What you’re more likely referrencing isn’t IP Spoofing as much as it is simply bouncing your traffic off a server in another country — typically done to anonymize Internet traffic or for secure tunneling on untrusted networks. The SSH tunneling with dynamic SOCKS proxies we’ve been talking about recently will do the trick. It’s just a matter of finding a cheap shell, VPS or other server that allows tunneling in the country of your choosing.

Don’t forget this month’s LAN Party is Left 4 Dead 2. We’ll be playing at game.hak5.org Saturday and Sunday, January 2nd and 3rd. Hope to see you there!

World of Goo Mods

Recently I’ve been playing a lot of World of Goo. It’s an amazingly simple and fun game. I’ve been playing on the Wii but soon after arriving in Toronto Jenn Cutter picked up the title for her tablet and has been dabbling with the mods.

If you’re interested in making your own levels, or downloading fan-created levels and other mods be sure to check out GooFans.com — they also have a great forum on modding.

This week’s trivia question is: “World of Goo developers shares the same open source physics engine as what 2007 first-person shooter?” Answer at hak5.org/trivia and be entered to win Pronobozo’s album Zero=One=Everything.

Easy Linux drive encryption with Cryptsetup

When it comes to Linux, I love super user friendly and powerful utilities. This is one such tool. Since the 2.6.4 kernel drive encryption has been built in, and this tool cryptsetup makes setting it up a breeze. Follow along in this tutorial as I keep my secret thumb drive free from prying eyes.

I’ve gotta give props to Peter Savage for sending this my way. Check out his SciFi fantasy novel Emblem Divide — it’s wicked good.

Wallpaper Contest: Best 2010 “New Years” Hak5 Wallpaper! Get creative and submit your wallpaper to Hak5.org/forums under the Community Images board.

Ultralight Notebooks

Chris writes: “I was wandering if you could suggest a laptop that is lightweight, long battery life, 13.3 inch screen, with Win 7. Budget of $1000″

Chris, I recently did just this research. I was looking for a notebook to edit the show on the go — which isn’t easy considering the heaft and hunger of those AVCHD video files. If you’ve been watching the show for a while you also know I’m the netbook boy. First with the 7″ eeePC, then the 9″ Aspire One, and more recently the 10″ Nokia Booklet 3g. The next step up to get a “real CPU” is 13.3″ — a sweet spot of performance and portability.

What I found was that ultra-light, ultra-long battery life is in. These sweet new Consumer-Ultra-Low-Voltage (culv) chips from Intel and AMD are sexy. I thought I would need a 35 watt Core i7, or at least a 25 watt 2.2GHz or faster Core2Duo to edit on the go — but I lucked out with the 10 watt 1.3ghz SU7300 Core2Duo chip from Intel.

The video editing performance of the ASUS UL-series notebook I ended up with is aided by hardware accellerated video processing in the GMA 4500 M HD. AVC, VC1 and h.264 decoding are offloaded to the graphics chip. In Windows 7 Home Premium I’m able to playback 17mbps AVCHD in WMP using only 20% CPU. Not bad at all.

So if you’re willing to live without an optical drive an ultralight notebook may be the best choice for you. The performance seems enough and the battery life is steller. I’ve seen prices in the $650 – 900 range so take a look at the ASUS UL, Acer Timeline, Dell Inspiron Z, Samsing X and Lenovo U series notebooks. Just be sure to get a Core 2 Duo — I’m not reading great things about the Core 2 Solo part. SU7xxx and SU9xxx seem to be where it’s at. For now. We’ll likely see a lot more of these slim buggers at CES.

I want to give a special thanks to our crew for being so supportive while I was in hospital. Shannon did a wonderful job of taking care of the hakshop and mailing out all the orders while I was away. Thanks Revision3 for understanding about the late episode, Sentara for their open wifi and hot nurses, and a big thanks to our loyal fans. All of well wishes on twitter, facebook and youtube, the forums and IRC brightened my day every day. And DigiPirate, thanks for the awesome USB Dalek Webcam. Exterminate!! Exterminate!!

First look at Google Chromium OS

Darren — Mon, 14 Dec 2009 07:13:33 +0000

Last week the news was a buzz about Google’s Chrome OS, and while we typically don’t cover tech news on the show I freaked out in my usual open source, cloud lovin’ Linux-y sorta way. So this week we’re taking a first look at Chromium OS — the FOSS project that Chrome is built on.

Episode 615 – Linux Hacking the Zipit, SMS Scripting Google Voice, and Chrome OS

Darren — Wed, 25 Nov 2009 18:26:25 +0000

Nothing makes us happier than hacking an inexpensive gadget to run just about any Linux app — and that’s exactly what Shannon Morse is doing this week on Hak5. We’re also joined by Jason Appelbaum for a little Google Voice SMS scripting with Java or PHP libraries, and Darren Kitchen has gone googly for Chrome OS. Prepare the popcorn it’s technolust time!

Download HD Download MP4 Download XviD Download WMV

First look at Google Chromium OS

–Darren Kitchen

Google Voice SMS Scripting with Java and J-Bomb

Google voice is a powerful multi-use tool that could be used as a free SMS aggregator, that could be leveraged for anything you could come up that would fit into 140 charters, like a text based adventure game or a sms bbs. There are several different libraries that people have developed to take full advantage of Google voice’s features: Java Libary, PHP Libary, or for those who just want the raw unofficial API. The sky is the limit with this, the code that was showed is up on the forums, so head over there and get those idea up there.

–Jason Appelbaum

PS: Doesn’t J-Bomb sound like some sort of netbeans module?

Unlocking Linux on the Zipit Z2, a $50 hacktop

The Zipit Z2 is an inexpensive wireless handheld instant messaging device by Zipit Wireless. It sports WiFi, a color 320×240 display, backlit keyboard and similar CPU and memory to that of a last-gen smart phone.

It’s also a prime candidate for some hacking. In this segment we’ll unlock the device and install Debian, X, and Pidgin. The Z2 also has potential for emulators, video streaming and more.

Rather than repeat what has already been well documented we’ll link to these helpful Zipit Z2 hacking resources:

Hunter David’s blog – A bunch of well documented ZipIt hacks, many with videos

The Zipit Wireless Yahoo Group

Quantum Lime’s step by step Zipit Z2 Debian guide

Episode 614 – Firewall evasion, SSH and virtual appliances!

Darren — Wed, 18 Nov 2009 14:49:32 +0000

Got a restrictive firewall blocking sites at school or work? Evade ‘em easily with your own private web proxy. Want to securely tunnel any port through an SSH session? Darren’s got just the trick. Wondering how to properly use Asleap to crack MS-CHAPv2 PPTP VPN handshakes & LM Hashes? Interested in trying out neat free enterprise applications but don’t feel like spending hours in a terminal? Try deploying a virtual appliance in minutes, the free and open source way.

Download HD Download MP4 Download XviD Download WMV

Port Tunneling and Socks5 Proxies with a Secure Shell (SSH)

SSH Tunneling isn’t new to the show, we’ve done it before over DNS or in conjunction with VNC. Today we’re looking at two SSH tricks for tunneling just about any traffic.

First up, ssh -D. The -D option specified a local "e;Dynamic"e; application-level port forwarding. Any connection made to the specified port goes through the tunnel as a SOCKS4 or SOCKS5 proxy. Perfect for secure web browsing as demonstrated with Firefox in this segment.

Usage

ssh -D 8080 user@server

Second, ssh -L. The -L option enables port forwarding. Using this option tells the SSH client to listen to traffic on a specified port and forward it along through the tunnel. The server receives this data and points it to the specified destination, whether it be on the destination network or otherwise. In our example we use the -L option to securely connect to an open IRC server.

Usage

ssh user@server -L local-listen-port:destination-ip:destination-port

For more SSH-fu check out the ssh man page or Linux Journal’s interesting series on 101 uses of openssh.

Bypassing site-blocking firewalls with your own private web proxy

The age old scheme for bypassing restrictive firewalls, like those that block sites at school or work, has been to use a web proxy. Of course this is followed up by the network administrator blocking all mainstream proxies. But what if you could run your own? Well, you can and it’s really freaking easy. In this segment Darren demonstrates PHProxy

Cracking MS-CHAPv2 PPTP VPN handshakes & LM Hashes Followup from 6×12

On episode 612 we demonstrated a tool, asleap, designed to crack MS-CHAPv2, the authentication protocol commonly found in Microsoft PPTP VPNs. The final demo was unsuccessful due to the encoding of the handshake and response sniffed by Wireshark. Viewer Sc00bz was kind enough to post a PHP script that accepts the challenge, response and username and provides you with the proper asleap command to run with the properly encoded byte sequences. Sc00bz has well documented the code, which lives now on this Hak5 forum thread. Thanks Sc00bz!

Deploying Virtual Appliances in minutes the open source way

A Virtual Appliance can be though of as a software image containing a supporting stack designed to run inside a virtual machine. A quick look at vmware’s virtual appliance directory shows that there are hundreds of applications that can be quickly and easily deployed. In this segment I take the Dimdim open source virtual appliance, designed for vmware, and deploy it with VirtualBox (just becasue I can).

Episode 604 – WiFi Network Scanners and Windows VPN services

Darren — Wed, 09 Sep 2009 12:47:50 +0000

This week Matt reviews an open source WiFi network scanner for Windows while Darren convinces a Windows server into treating a VPN connection as a service.

Download HD Download MP4 Download XviD Download WMV

Merge folders with Winmerge

This open source Windows tool allows you to easily identify inconsistencies between two would-be identical directories and quickly make corrections, complete with keyboard shortcuts. Check out Winmerge

inSSIDer, an open source Windows WiFi Scanner

So in my never ending search for better and better utilities to make my life easier, I came across inSSIDer by metageek.

Which is basically a stripped down version of their Chanalyzer software.

Stripped down maybe, but extremely useful none the less? YES!

After performing a scan of my boss�s house who was plagued with signal drops and slow speeds, I came across the reason.

Interfering access points. His router was on channel 6, surrounded by half a dozen other access points.

So using the easy to read inSSIDer software I decided to put him on channel 11, where there were no other AP�s in range.

As soon as I made the switch, I had vastly improved signal strength, and no longer had drops walking through the house.

We�ll be running a review of the Wi-Spy products and metageek�s Chanalyzer in an upcoming episode.

LAN Party

This month’s LAN Party is Team Fortress 2 on Saturday, October 3rd, at game.hak5.org. Find all the LAN Party details at hak5lan.squarespace.com

Windows VPN connection as Service

One of the nice things about Windows Server is the built in VPN service — RRAS or Routing and Remote

Access. In this segment I demonstrate a way to connect one Windows Server to another utilizing a PPTP VPN

connection as a service. The built in VPN connection manager isn’t half bad.

A nifty feature is >the rasdial.exe program

which allows you to connect/disconnect a VPN profile from the command line. Pairing that with the AutoExNT service from the Windows Server

Resource Kit and you’ve got a VPN connection on boot, even before login.

Contest

This month’s contest is for the scatter brained and design concious desktop users. Share your desktop’s

over at Hak5.org/screenshot and be entered to

win leet Hak5 swag and Ashley Schwartau’s Hackers Are People Too DVD.

Episode 525 – Sea Salt for your Hashes

Darren — Wed, 05 Aug 2009 17:59:52 +0000

While on Vacation at the beach Darren and Shannon talk password security. Shannon covers her favorite free open source password safe, Keepass, and how it can take the nightmare out of remembering a different password for every site. Then, Darren goes over salting and what it does to protect your password’s hash on the back end.

Download HD Download MP4 Download XviD Download WMV

With the dozens–or in the case of many administrators hundreds–of passwords one must use and remember every day, how is one to ensure a secure and original password every time? Sure you could come up with some crazy algorythm that involves information in the WHOIS record of the domain you’re logging into, or you could live in normal land and get a password safe. Shannon goes over her favorite free open source offering KeePass.

Using industry standard encryption to keep your passwords safe, KeePass is the most full featured password safe we’ve tested. With versions for just about every OS under the sun, including many smart phones, there is no reason to ever reuse a password again.

If you’re a fan of KeePass and have a story or plugin you want to sare with us be sure to hit up feedback@hak5.org!

When it comes to storing passwords on the back end, whether they be in a database or flat file, it’s important to keep ‘em salted. In this episode Darren goes over what Hash salting is — what it means to users, administrators, and would-be password crackers.

Don’t forget about our first ever official Hak5 Meetup at Busch Gardens Williamsburg on August 15th. Find all the details at hak5meetup.squarespace.com or RSVP on Facebook.

Episode 523 – Return of the Matt: Physical to Virtual and Apache Tomcat3

Darren — Wed, 22 Jul 2009 05:31:11 +0000

Matt Lestock returns and brings us the skinny on converting physical servers into virtual servers and piping ‘em right into your ESXi box while Darren takes the scenic route on a Linux Apache Tomcat install with some Java and bash lovin’.

Download HD Download MP4 Download XviD Download WMV

Matt Lestock uses VMware Converter to take that ugly power hungry idle beast and turn it into a sleek and slim virtual machine, piped stright into your ESXi host.

Send your questions and feedback to matt@hak5.org

Darren Kitchen is cooking up a Linux based Java servlet container and HTTP web server with Apache Tomcat. While never distributions and package repositories can make setting up a Tomcat server a breeze, it’s nice to have an understanding of the manual process.

Don’t forget about our first ever official Hak5 Meetup at Busch Gardens Williamsburg on August 15th. Find all the details at hak5meetup.squarespace.com or RSVP on Facebook.

Episode 516 – Roll your own VMware ESXi Server and more

Darren — Wed, 03 Jun 2009 05:26:59 +0000

Building your own VMware ESXi Server in under an hour with parts you may have lying under your bed. Extreme sports cameras and mounts and mounts can be expensive. Why not build your own for about 5 bucks. And light video editing that’s both easy and free? Avidemux may be the answer.

Download HD Download MP4 Download XviD Download WMV

Darren’s on a mission to mount a digital video camera to his motorcycle. While commercial options such as the $300 Vholdr Contour HD and $150 Oregon Scientific AT3K are available, why not build your own universal camera mount for about 5 bucks.

Continuing with the theme of rolling your own, why not build your own ESX/ESXi compatible virtual machine host? Matt builds one that fits inside a gym bag and walks us through setting up ESXi in about 10 minutes (give or take a few progress bars).

Rounding out the nearly free and useful bits this episode, Shannon shows us an open source video editing application that may be perfect for your light video editing needs. Avidemux is a light weight editor perfect for simple video trimming, filtering and encoding. It sports some really nice automation and job queing features and comes with profiles pre-configured for common formats such as MP4 for iPod, PSP, or Apple TV.

Episode 515 – Build your own SAN, PSP Hacking, Net Grep

Darren — Wed, 27 May 2009 06:54:21 +0000

Jenn Cutter of Open Alpha fame joins us to talk about recent developments in PSP hacking and homebrew. Matt’s got answers to your questions about rolling your own Storage Area Network for all your virtualization needs, and Darren’s filtering packets in the console with ngrep.

Download HD Download MP4 Download XviD Download WMV

While Shannon’s on vacation our friend Jenn Cutter from Open Alpha joins us to talk about the recent developments in PSP hacking and homebrew.

The PSP homebrew scene has grown more interesting over the past little while since the user base has been sectioned off into different camps based on the particular unit they purchased and whatever firmware they are using. Thanks to the efforts of Team Typhoon, ChickHEN (homebrew enabler) permits owners of all models to run the unofficial apps and games they’ve grown to love without touching the flash of the PSP, so there’s no worrying about turning it into a brick. No one likes expensive bricks. Keep in mind that ChickHEN is not a piracy tool so don’t expect to run any type of backups though it. Davee has the lowdown on the latest release which can be downloaded here. If you are curious or sceptical, feel free to check out video proof that it works on PSP 3000s.

–Jenn Cutter

Matt answers your questions about storage area networks and recommends QNAP. If you’re feeling hands on rolling your own is a great option too. Matt points out his favorite hardware like 3Ware RAID cards, Transcend IDE Flash Modules, and the Intel Storage Server SSR212MC2. Software wise it’s worth investigating Freenas, and SAN Melody.

Continuing on with Eighty’s segment on extracting windows executables from packet captures and Mubix’s segment on network tap analizers, Darren’s taking a look at the open source tool ngrep. If you’re familiar with grep you’ll be at home with this tool. Darren demonstrates using the tool to filter packets from a live capture using a Network Monkey. Alternatively it can be used with pcap files.

Don’t forget to check out our latest contest at Hak5.org/yourlan where the most creative network will win cozy Hak5 gear from our newly opened HakShop

Episode 511 – Netcat, Brute Force, Virtualization and Pimping Wordpress

Darren — Wed, 29 Apr 2009 15:24:01 +0000

Darren shows off some nifty tricks for Netcat and a targeted brute force attack dictionary generator. Matt continues his series on Virtualization with redundancy and Shannon pimps the blog with her Wordpress plugin picks. Plus the results of our Monkey Contest, the Code Challenge and this weeks easter egg hunt

Download HD Download MP4 Download XviD Download WMV

Show Notes

Common User Password Profiler

The Common User Password Profiler from Remote-Exploit is a password/passphrase generator specifically targeted as an individual user. Feed it some info like names, birth dates, spouce, children and pets and it will generate individually, or along with an existing dictionary, thousands of potential passwords. Just add water, feed to your favorite brute forcer and enjoy.

From personal experience I can vouch that, while simple sounding, this would have a HIGH success rate on some of my _former_ (L)users. Administrators take note and enforce BOFH password requirements

netcat – “The Swiss-army knife for TCP/IP”

When it comes to sending and receiving TCP and UDP any which way from the console nothing is more versatile or easy to use than netcat.

With a few simple commands you can use netcat to initiate chat, file transfer or even shell access in either direction between a “server” and a “client”.

The tool can be set to listen or broadcast on any port and tied together with some shell-fu almost anything is possible.

Some listener favorites include cloning hard drives over a network with dd and netcat, tailing a log across the network, port scanning, IP redirecting, or even spoofing user-agents and referrers. Internet Explorer 22 anyone?

Digininja points to this great netcat cheat sheet (PDF 128K).

What kind of crazy stuff have you done with netcat? Feedback@hak5.org

Shannon’s Wordpress Plugin Picks

Twitme

This plugin allows you to automatically post your new posts on the twitter website. This is good because the iPod and iPhone for example have a large amount of twitter clients to pick from. Your blog posts will arrive to people while they are walking the streets.

Socialite

Socialite allows your Wordpress posts to publish to Twitter, Facebook, and MySpace. Each social networking site can be enabled or disabled for publishing, and each is configured separately with their own options. Support for Short URL services such as zz.gd and Tinyurl.com is also supported.

Sociable

Automatically add links to your favorite social bookmarking sites on your posts, pages and in your RSS feed. You can choose from 99 different social bookmarking sites!

MobilePress

MobilePress is a WordPress plugin that will render your WordPress blog on mobile handsets, with the ability to use customized themes. The plugin also allows specific themes for specific devices / mobile browsers, such as iPhone, Opera Mini, Windows CE Mobile and other generic handset browsers.

Resize at Upload Plus

The plugin will automatically resize an image upon upload, depending on the maximum width and height that you define. Gone are the days when you, or your client, will ruin a site’s layout by uploading a huge file with 25 megapixels. Be advised: there is no backup, no copy of the originally uploaded image.

WP-Cache 2.0

WP-Cache is an extremely efficient WordPress page caching system to make your site much faster and responsive. It works by caching Worpress pages and storing them in a static file for serving future requests directly from the file rather than loading and compiling the whole PHP code and then building the page from the database. WP-Cache allows to serve hundred of times more pages per second, and to reduce the response time from several tenths of seconds to less than a millisecond.

Wordpress Backup

Backup the upload directory (images), current theme directory, and plugins directory to a zip file. Zip files optionally sent to email.

WP Security Scan

Scans your WordPress installation for security vulnerabilities and suggests corrective actions.

WP Ban

It will display a custom ban message when the banned IP, IP range, host name or referer url trys to visit you blog. You can also exclude certain IPs from being banned. There will be statistics recordered on how many times they attemp to visit your blog. It allows wildcard matching too.

pixelstats

Count every viewer and every article view for each blog entry, no matter how and where it is read: pixelstats tracks views of each blog post or page, not only on a single article page but also on each other page where the complete article is shown, i.e. the blog front page, category pages, search result page, archive pages and even RSS fee

Thanks for watching, subscribing, and most of all supporting the show. Custom commissioned WiFi Pineapples running Jasager are still available.