Ricky writes:

I just recently started using wordpress, and I am having alot of trouble trying to design a layout for it, I was wondering if you had any references or anything to help me learn how to do this, I understand HTML and only know a little of PHP. Any help would be greatly Appreciated.

Darren recommends setting up a local LAMP stack, that is to say the web server, database and scripting language to support a Wordpress install. The easiest way to get started is with either WAMP on Windows or XAMPP on just about any platform.

The Wordpress install is dead simple.

Mostly I use PHP.net as my go to resource, but we’ll also be hooking you up with a copy of Mario Lurig’s PHP Reference: Beginner to Intermediate PHP5. Hope that helps.

The Wordpress Codex is also an invaluable resource when you really get your hands dirty when theme code. Things like the loop and trim_excerpt are well detailed. Once you start learning the Wordpress functions you’ll realize what a powerful content management platform it really is.

And finally we recommend Wordpress.org/Support for their forums. If you know of a better forum for Wordpress Theme Hacking please let us know!

Download HD Download MP4 Download XviD Download WMV

—
Title: Virtual Routers?
Time: 3:20
Keywords: virtual router, virtual machine, vm, virtualization, vmware, virtualbox, cisco, nexus, nexus switch, cisco nexus, nexus 1000v, nexus 1000

Joe Switch writes in to ask what the deal is with Virtual Routers and other such untangable networks. Matt has the answer. The way I understand it your more high end (read: expensive) Cisco and Juniper routers have virtual routers built in — much like you might have a virtual interface like eth0:1 in Linux — to manage VLANS, IP subnets and such.

Matt goes on to explain that in the vSphere product by VMware you can use the APIs to write, basically, a software based switch to compliment your existing deployments. Check out the Cisco Nexus 1000V. It’s a software implementation of a Cisco Nexus switch. I’d love to get my hands on it but at nearly $1000/year I’ll find something open source. Speaking of which, we’ve been meaning to play with a Cisco virtual network application but are in need of an ISO. If you’re privy to an open source alternative or can help out drop us a line.

Make your own Nintendo DS Games for free!

If it begins with a #include and ends in a semi-colon our friend Jason Appelbaum is all over it. This week he’s in studio covering a subject near and dear to our hearts — Nintendo DS Homebrew.

Let’s face it, the Nintendo DS is a happy little platform full of hacking potential. And with a well established homebrew community it’s the perfect device to start your next weekend project with. Jason takes you from Homebrew 101, including carts and roms, to getting the Dev tools and building your first Hello World app.

For more see JasonAppelbaum.com or email jason@hak5.org

Mac tunneling the free and easy way

Paul can’t hide behind the camera forever, and this week we’re pleased to have him break down the free and easy way to SSH Tunnel on a mac. After Hak5 viewer Lavi wrote in about SSHTunnel 1.6 Paul was happy to check out the program. Thanks for sending in your freeware picks!

SSH Tunneling the cross-platform way with Python and PHP

Another great bit of feedback from the SSH Tunneling segment in episode 614 was from Jan-Marten in The Netherlands. His Hak5 inspired cross-platform Python and PHP scripts, available from his blog johmanx.com allow you to easily configure and save SSH tunneling options. Awesome code Jan-Marteen, thanks for sending it in!

Of course if you have feedback for the show, code you’d like to send by, tips on legally acquiring a cisco IOS, freeware you want to let us know about, questions, or criticisms just write us: feedback@hak5.org

And don’t forget to check out the Hak5 Store for our holiday sale on all new Hak5 T-Shirts, hacked gadgets, pineapples, monkeys and more.

Download HD Download MP4 Download XviD Download WMV

Port Tunneling and Socks5 Proxies with a Secure Shell (SSH)

SSH Tunneling isn’t new to the show, we’ve done it before over DNS or in conjunction with VNC. Today we’re looking at two SSH tricks for tunneling just about any traffic.

First up, ssh -D. The -D option specified a local "e;Dynamic"e; application-level port forwarding. Any connection made to the specified port goes through the tunnel as a SOCKS4 or SOCKS5 proxy. Perfect for secure web browsing as demonstrated with Firefox in this segment.

Usage

ssh -D 8080 user@server

Second, ssh -L. The -L option enables port forwarding. Using this option tells the SSH client to listen to traffic on a specified port and forward it along through the tunnel. The server receives this data and points it to the specified destination, whether it be on the destination network or otherwise. In our example we use the -L option to securely connect to an open IRC server.

Usage

ssh user@server -L local-listen-port:destination-ip:destination-port

For more SSH-fu check out the ssh man page or Linux Journal’s interesting series on 101 uses of openssh.

Bypassing site-blocking firewalls with your own private web proxy

The age old scheme for bypassing restrictive firewalls, like those that block sites at school or work, has been to use a web proxy. Of course this is followed up by the network administrator blocking all mainstream proxies. But what if you could run your own? Well, you can and it’s really freaking easy. In this segment Darren demonstrates PHProxy

Cracking MS-CHAPv2 PPTP VPN handshakes & LM Hashes Followup from 6×12

On episode 612 we demonstrated a tool, asleap, designed to crack MS-CHAPv2, the authentication protocol commonly found in Microsoft PPTP VPNs. The final demo was unsuccessful due to the encoding of the handshake and response sniffed by Wireshark. Viewer Sc00bz was kind enough to post a PHP script that accepts the challenge, response and username and provides you with the proper asleap command to run with the properly encoded byte sequences. Sc00bz has well documented the code, which lives now on this Hak5 forum thread. Thanks Sc00bz!

Deploying Virtual Appliances in minutes the open source way

A Virtual Appliance can be though of as a software image containing a supporting stack designed to run inside a virtual machine. A quick look at vmware’s virtual appliance directory shows that there are hundreds of applications that can be quickly and easily deployed. In this segment I take the Dimdim open source virtual appliance, designed for vmware, and deploy it with VirtualBox (just becasue I can).

Download HD Download MP4 Download XviD Download WMV

Show Notes

While Matt’s away on business Eighty of Dual Core fills in with an awesome segment on extracting Windows executables from packet captures using tcpxtract.

Darren’s features some of the Gmail Badges from our recent Code Challenge.

Plus we’ve got a walk-through on winning the Easter Egg Hunt. Only *four* of over 300 submissions completed the puzzle. We’ve learned a bunch of lessons from this first hunt and will be sure to put together an even more in-depth hunt next time.

Download HD Download MP4 Download XviD Download WMV

Watch

Show Notes

HakHouse Rover – Web Enabling a RC Tank

There comes a time in every geeks life when building a web enabled, crowd sourced, remote controlled vehicle is an imperative. For us that time is now.

The HakHouse rover project kicks off this week with the basics of controlling our inexpensive RC Tank. The toy itself was a mere $15 locally and this is important because cheap RC toys usually have cheap controls. Namely micro switches to control forwards, backwards, left and right. In this segment we break open the controller and solder leads to the board that correspond to movement.

Next we connect the leads with a Phidget Interface Kit. This little board talks to our PC via USB and has programming APIs for C/C++, Python and Java.

With a little hacked together C code in Linux we’re able to control the vehicle. If you’re a C coder we’d greatly appreciate your input on the code. It’s not very pretty at the moment.

Next we toss in a little PHP on Apache and control it from the web. I had originally slapped together a simple page with a form directed at php_self with an if isset and a case switch that initiated exec but it’s already been replaced by jzman’s sweet ajaxy code.

This projected is intended to be open source so I’ve got all the code, hardware and other details on our wiki. If you’d like to build one yourself or contribute ideas, code or otherwise it’s appreciated.

In the next installment of the HakHouse Rover project we’ll be installing a wireless web camera and laser turret to annoy our cat Kerby.

–Darren Kitchen

IP Renumbering w/PHP And A Compiler

In episode 424 a viewer question led to Darren and Matt discussing renumbering a whole subnet of Windows machines using the netsh command in a script, but how would you specify an IP for each machine with only one script? PHP to the rescue, because it’s not just for web pages anymore.

Since most Windows workstations don’t have PHP installed a compiler will let you prepare your code to run on systems that don’t have PHP installed.

First we have Roadsend PHP, which is available for Linux, FreeBSD, Mac OS X and Microsoft Windows. It’s released under GNU GPL, and it’s runtime libraries are GNU LGPL so compiled programs may be used for both open source and commercial projects.

Roadsend PHP is not just to package up your PHP into nice friendly bundles, it comes with Roadsend Studio, a full development environment (IDE) with support for the Glade interface builder (*nix/Win32), to give your PHP a GUI front end.

It supports PHP 4 and 5, and so far all the code I’ve compiled with it runs just as it would if launched from the command line using the php command. The only drawback to it is the compile process seems to take a while even on relatively small projects, and the file sizes are a little large (simple scripts weighing in at over 3MB); but if you want to stay in one environment from start to finish Roadsend will do the job.

Second is the Bambalam PHP EXE Compiler/Embedder, which as the name implies is for Windows only. Like Roadsend PHP, Bambalam PHP is free to use as it’s released under the PHP license, generates code that will run without a full PHP install, and with the use of the WindBinder library can produce programs with GUI front ends. That is about where the similarities end.

Bambalam is small, consisting of a hand full of files, and is only for the actual building of the executable code. Bring your own editor, debugger, GUI builder, and project manager. That’s not what Bambalam is for. What it is for, though, is producing small, fast programs out of any PHP that will run under PHP 4.4.4. The same +3MB code that Roadsend produced came in at just over 1MB with Bambalam, and under 700KB with compression turned on.

The problem my code solves is how to write one script to renumber a whole group of machines without having to issue a different version of the script to each machine. As this is more of a proof of concept we will assume that only the last octet of the IP address will be changing.

The command is issued with the following options:

<new IP> <subnet mask> <default gateway> [DNS] [WINS]

The new IP is given as the first three octets in xxx.xxx.xxx format, subnet and gateway will be a full four octets a peice. IP, DNS, and WINS can each be assigned as DHCP (using DHCP for IP preclueds the need for subnet and gateway). DNS and WINS can also be assigned as NONE so long as IP is not DHCP. Furthermore specifying WINS requires that some value be given for DNS.

If a new first three octets are given without specifying DNS or WINS and those values were already staticly assigned then the new first three octets will be used for those values as well. Also if IP is currently assigned via DHCP that can’t not be changed at this time.

Full source and future updates are available at http://www.elder-n00b.org/2009/02/ip-renumbering-wphp-and-compilers.html

Thanks to those who’ve contributed to the success of Hak5. Your donations are greatly appreciated!

Download HD Download MP4 Download XviD Download WMV

Watch

Show Notes

When we were first approached to attend ROFLthing in NYC we were asked if we could put together some sort of interactive media installation for the after party. My first thought was a web controlled paintball gun similar to the USB Missile launcher but, well, the lawyers didn’t think it was a good idea.

So I started thinking about the whole ROFLthing concept, it’s a congregation of Internet celebrities and web 2.0 kids. And what better way to showcase the usefulness of a service like twitter with the uselessness of that clever little electronic pet the tamagotchi.

The project is split up into three parts. First a directory full of videos that we’ll control from the web using VLC, PHP and Curl. I made my tamagotchi videos using photoshop and vegas.

Second we need to be able to control VLC from the command line so fire up VLC and point it at your directory of videos with the –intf=http, –fullscreen and –repeat parameters. Now we can browse to http://127.0.0.1:8080 to hit the local http interface. Check out the /old/ directory to get the old interface. Here we find the parameters to post to the http server using curl. Try changing the item number from the command line with curl 127.0.0.1:8080/old/ -d control=play -d item=5 –G. Adjust accordingly.

Now that we’ve got VLC playing a directory of videos fullscreen and we can control it from the command line its time to duct tape together some PHP. In order to easily query Twitter for input I’m using the MagpieRSS class to parse the feed of a search query from search.twitter.com. A case and switch statement within a while loop does all of the magic, checking the input and making a system call to curl.

It may not be beautiful code but it works and for a few hours of hacking I’m somewhat proud of it. Especially considering how rusty my code is. Now I’m sure it could be replaced with 8 lines of perl so I welcome your constructive criticism on the forums where you’ll find the full source code.

I’m sure now that you’re loaded with these techniques you can find all sorts of uses for parts of this project.

Thanks for downloading. Remember you can find subscription links and our new iTunes HD feed at hak5.org.

Keep the constructive feedbacks coming, we’ve seen a lot of great stuff lately on the forums so thanks for that.

Don’t forget we’ve got brand new sticker packs as thanks for your donations at www.hak5.org/stickers. We really appreciate your support!

February 6-8 we’ll be in DC for Shmoocon

If you’re in the area we’ll be attending the anual podcasters meetup come out meet the crew and lots of other great podcasters from PaulDotCom, Securabit, Sploitcast, Cyber Speak, Security Justice and more.

Get all the details at podcastersmeetup.com

Special shout out to the hacker hound from Hoboken, Brandi, and her pet Jon for all the generosity in NYC this weekend.

Watch

Show Notes

Chris Gerling joins us at the top of the show via skype from a SANS conference where he is currently getting schooled in forensics.

Matt is obsessed with Clicky Keyboards. I’m a fan of the Model M and the PC-XT’s 83 Key Keyboard.

Our next LAN Party game will be Quake 3 on Saturday, January 10 at q3.hak5.org. Check out all the details at our brand spankin’ new Hak5 LAN Site (with leetness by Squarespace)

Darren mentions Post_Break’s article on Mubix’s Room362 site about ways to detect nearby Jasagers.

Setup an SSH SOCKS proxy!

For episode 416 of HAK5, I showed how easy it really is to tunnel all kinds of traffic from HTTP, FTP, and more over a secure SSH Socks proxy.

Some of you may be thinking to yourself… “HOLY CRAP WHAT ARE THESE TERMS?!” And I’m here to assure you that it’s going to be OK! Really it is.

What you’ll need

• An SSH server to act as your proxy.
  Simple enough really! If you’re using windows I highly recommend freeSSHd. If you’re on a mac check out this page for instructions on how to enable remote logon. Linux users, you should know how to do this.
• An SSH client on the computer you’re using.
  Mac and *nix machines have SSH built right in at the command line. Windows users can do like I did in the episode and download plink (available here). There are other people out there that will recommend Cygwin, but for this purpose, it’s really overkill.

How proxies work

In a nutshell, what you’re doing with a proxy is setting up a middle-person (no not a pineapple, but close) between you and the internet. Using the proxy, your browser hands off web page requests to the proxy server, which handles the request and fetches the page for you from the internet. The web site actually thinks the request is coming from the proxy server, not your computer, which is a good way to obscure your originating IP address.

Additionally, the connection between your computer and the proxy happens over SSH, an encrypted protocol. This prevents wifi sniffers from seeing what you’re doing online.

Start your SSH tunnel

So you’ve got your ssh server setup at your house or workplace. Great! To connect to it we’re going to setup a local proxy server on your client that you’ll be browsing the internet from, which will then “tunnel” web traffic from your local machine to the remote server over SSH. The command to run on your linux / mac client in a terminal window is :

ssh -ND 9999 you@example.com

For Windows it’s as simple as browsing to the directory you saved plink to and running

plink.exe -N -D 9999 you@example.com

Of course, you’re going to replace the you with your username on your SSH server and example.com with your server domain name or IP address. What that command does is accept requests from your local machine on port 9999 and hands that request off to your server at example.com for processing.

When you execute either of those commands, you’ll be prompted for your password. After you authenticate, nothing will happen. The -N tells ssh not to open an interactive prompt, so it will just hang there, waiting. That’s exactly what you want.

Set Firefox to use SOCKS proxy

Once your proxy’s up and running, configure Firefox to use it. From Firefox’s Tools menu, choose Options, and from the Advanced section choose the Network tab. Next to “Configure how Firefox connects to the Internet” hit the “Settings” button and enter the SOCKS information, which is the server name (localhost) and the port you used (in the example above, 9999.)

Save those settings and hit up a web page. When it loads, visit http://www.ipchicken.com to see if it’s using your remote ssh server to tunnel traffic. If you are, GOLDEN!

If you feel there’s something I’ve missed, hit me up here (http://www.mattlestock.com)

PS: Remember that you’ll need to open your firewall a bit by cracking open port 9999 on your local machine and port 22 on your server for SSH.

–Matt

Congrats to VickiWong who correctly answered last week’s trivia. Answer: Stiletto as it is not a submarine launched ballistic missile like the other two. We would have accepted the fact that Polaris and Trident are US ICBMs while Stiletto is a USSR ICBM.

Update multiple blogs with Ping.fm and custom URLs

I don’t know about you guys but keeping up with all the latest blogs, social networks, and micro messaging services is a lot of work! And I don’t know how many times I’ve neglected my blog(s) because I was simply too lazy to login and update, login and update, login and update.

In my segment this week I’ll be showing you how to use ping.fm’s Custom URL feature to update blogs by email. Ping.fm is great for updating multiple status services like Twitter and Identica, but I’m just concerned with blogs.

I personally use three blogging services; Posterous, Tumblr, and Wordpress hosted on my own domain, DarrenKitchen.net.

The first two are easy to update with a Ping.fm Custom URL since they feature rich posting via email. Wordpress on the other hand is a bit lacking. Sure Wordpress has a built in post via email feature but it’s severely lacking. To alleviate this I recommend installing the Wordpress Postie plugin. This little guy is awesome, with features like roles, authorized addresses, photo and file upload, signature removal and custom CSS just to name a few.

Once installed and configured all we need to do is edit some the sample PHP code, upload it to our web server, rename the file to something obscure, and add the URL to Ping.fm as a custom URL.

Resources:

• http://www.ping.fm
• http://www.economysizegeek.com/wp-mail/
• http://groups.google.com/group/pingfm-developers/

–Darren

2009 Independent Games Festival Student Entries

The Independent Games Festival is an annual festival awarding students and independent developers $50,000 in prizes. This year, IGF will happen March 23-27 in San Francisco.

In my segment, I test out a few student entries that were free for download.

The first one was City Rain, which is sort of like Sim City in a way. You play the mayor of a new town, and have to make quick choices as to what kind and where new buildings will go. Buildings quickly fall out of the sky and you have to make your decisions quickly.

I also tried out Froggle. In Froggle, you play a, well… froggle. You’re incredibly long tongue is used to eat flies and fling yourself over cartoony environments. I really liked the shading and humor aspect of this game.

The third game was Blazar, which really brings me back to the old school arcade games! You control a ship which has the ability to destroy asteroids or bounce them away. Your goal is to grow a black hole from tiny to huge.

The last game I demo’ed was Glitch. Glitch is a first person shooter that exists in a large cube arena. The environment is constantly moving and the enemies are made out of little cubes themselves. This game was fun!!

The last game which I didn’t demo but mentioned was Akrasia. I liked Akrasia because of it’s educational touch. This is the description from the IGF website:

Akrasia is a single-player game that challenges game conventions and is intended to make the player think and reflect. It is based on the abstract concept of addiction, which is expressed metaphorically throughout the game.

The game is set in a maze that represents the mind. The maze has two states – a normal and a psychedelic state. To enter the game, the player collects a pill-shaped object and thus enters the game as “addict”. From “chasing the dragon” to working through “cold turkey”, this game models the essential dimensions of the addiction gestalt as identified by its creators.

–Shannon

Questions

We answer view question about password protecting applications and feature a program called Empathy

Until next week we welcome your feedback and remind you to Trust your Technolust

Plus an interview with the guys from Podzinger.com, a parody we’ve dubbed ‘the token’, an intro from Sean Carruthers of labrats.tv, leet-hack interviews from Karen Johnson, and Leo Laporte of twit.tv shows his evil side.

Sponsors

Get awesome web hosting from the pros at Dreamhost and receive $25 off your order when you enter coupon code HAK5! Plans start at $7.95/mo including 500 GB storage, 5 TB bandwidth, and one-click installs of popular software like Wordpress, phpBB, and MediaWiki.

Keep your personal information away from spammers, hackers and your crazy ex-evilserver. Private Domain Registration from GoDaddy.com protects your privacy by keeping your address, phone number and more out of the public database. Get an additional 10% on your order when you enter coupon code HAK.

Download Xvid

Watch on Youtube

Watch on Stage6

Length: 26:13