antani – spaghetti, mafia, arp-spoofing

PINE64 – Run a Tor relay

March 10, 2016 by mane·2 Comments

arm

As you may know, I have recently received a PINE64 1GB board where I run ubuntu 16.04 xenial and one of the reason for which I wanted to own a PINE64 was to run a Tor relay, dedicating at least 200Mb bandwidth.

If you are interested on running a Tor node (non exit) compiling it from sources on a similar setup as mine, these are the steps you need to follow:

Download the latest version from the official website
Extract the tar.gz file

# tar zxvf tor-0.2.7.6.tar.gz

cd into the Tor directory and compile the source code

# cd tor-0.2.7.6
# ./configure && make

The compiling process will take about 20 minutes to complete

Move and edit the torrc file (Tor config file):

# sudo cp src/config/torrc /usr/local/etc/tor/torrc
# sudo vim /usr/local/etc/tor/torrc

You need to remove the hash in front of the following lines:

# RunAsDaemon 1 (if you want to run it as a deamon)
# ORPort 443 (I personally run it on port 443)
# Nickname antani.co (choose your favourite nickname)
# RelayBandwidthRate 10000 KBytes (This value depend on your internet connection capabilities)
# ContactInfo 0xFFFFFFFF mane  (It is good to specify contact details)
# ExitPolicy reject *:* (if you want the relay to run as a non-exit)

You are ready to start your Tor relay

# src/or/tor

You should get an output similar to this:

Mar 09 22:04:30.769 [notice] Tor v0.2.7.6 running on Linux with Libevent 2.0.21-stable, OpenSSL 1.0.2g and Zlib 1.2.8.
Mar 09 22:04:30.769 [notice] Tor can't help you if you use it wrong! Learn how to be safe at httpss://www.torproject.org/download/download#warning
Mar 09 22:04:30.770 [notice] Read configuration file "/usr/local/etc/tor/torrc".
Mar 09 22:04:30.778 [notice] Based on detected system memory, MaxMemInQueues is set to 733 MB. You can override this by setting MaxMemInQueues by hand.
Mar 09 22:04:30.781 [notice] Opening Socks listener on 127.0.0.1:9050
Mar 09 22:04:30.782 [notice] Opening Control listener on 127.0.0.1:9051
Mar 09 22:04:30.782 [notice] Opening OR listener on 0.0.0.0:443

Enjoy your Tor node!

PINE64 – Install ubuntu 16.04 xenial

March 9, 2016 by mane·13 Comments

pine64

My PINE64+ 1GB has arrived and, of course, I’m already playing around with it.

First of all I needed a bootable ubuntu image so I went on the official forum and checked if there was something ready to be used.

Fortunately there are a bunch of good guys there that make good things happen. One of these guys is longsleep, the only user who released a fully working ubuntu 16.04 image so far and many thanks goes to him for his work.

These are the steps you need to follow in order to install ubuntu 16.06 xenial on your PINE64 using a mac computer:

Download the latest image file from here (versions might vary with the time)
Extract the .img file
Flash the .img file into the SD card using the following commands:

*Assuming that your SD card is mounted under /dev/disk2 (otherwise change the number 2 with the appropriate of your system)

# diskutil unmountDisk /dev/disk2
# sudo dd if=/path_to_your_file/xenial-pine64-bspkernel-*.img of=/dev/rdisk2 bs=32m

The last command will take few minutes to complete so be patient

Unmount the SD from your mac
Insert the SD on your PINE64 and power it up
Wait for ubuntu to boot
Login using the following credentials:

# username: ubuntu
# password: ubuntu

Change the credential with a more secure one
Enjoy your PINE64 with the latest ubuntu version

Kudos to the fantastic PINE64’s team who kindly decided to send me a board free of charge in order to test it and document what I will run on top of it with the aim of supporting its community. Keep the good work up!

Stay tuned for more exciting how-to articles!

** Thanks to Lars Hansen for adding some details on how to flash an img file from a Windows computer.

Download Win32 DiskImager
Extract the .img from the .xz file using 7zip
Write the image to the SD card using DiskImager.
Insert SD card into Pine64, and boot up.

Onion hash generator

September 17, 2015 by mane·0 Comments

I’ve been playing around with .onion domain names for a while, tried various hash generator tools and get, more or less, custom domain names.

There are multiple tools out there to hash generate but the one that works better for me is, with no doubt, scallion.

Scallion lets you create vanity GPG keys and .onion addresses (for Tor’s hidden services) using OpenCL.

What are valid characters?

Tor .onion addresses use Base32, consisting of all letters and the digits 2 through 7, inclusive. They are case-insensitive.
GPG fingerprints use hexadecimal, consisting of the digits 0-9 and the letters A-F.

The main reason for preferring scallion to other tools is basically because it is GPU-based, obviously under Windows (linux has several issues with graphic card drivers).

If you are interested on generating your own .onion domain name, you can follow these simple steps:

Download scallion
Unzip the gpg.zip file
Download and install Visual Studio Express
Download and intall mono
Open ‘scallion.sln’ in Visual Studio Express
Build the solution, I did everything in debug mode.

Once all the above steps are completed, open a terminal and use these commands:

List devices:

$ mono scallion/bin/Debug/scallion.exe -l

Generate a hash:

$ mono C:\path\scallion.exe name_you_want_to_generate

SHA1 hashing is done on the GPU. The hashrates for several GPUs that have been tested are below:

GPU	Speed
nVidia Quadro K2000M	90 MH/s
AMD Radeon HD5770	520 MH/s
AMD Radeon HD6850	600 MH/s
NVIDIA GTS 250	128 MH/s
Intel i7-2620M	9.9 MH/s
NVIDIA GTX 970	2350 MH/s

*MH/s = million hashes per second

Enjoy your vanity .onion addresses.

Tor: Choose exit node country

January 14, 2015 by mane·0 Comments

If, like myself, you need to choose from which country you get out on the internet using Tor, all what you need to do is to edit your “/etc/tor/torrc” (for Linux) – %appdata%/tor (for Windows) file adding or modifying the following settings:

StrictExitNodes 1
ExitNodes {Country_Code}

You can add comma if you’d like to use more than one exit node:

StrictExitNodes 1
ExitNodes {Country_Code_1},{Country_Code_2}

Or, if you don’t want to get out from a specific country:

StrictExitNodes 1
ExcludeExitNodes {Country_Code_1}

Here is a list of Tor country codes:

Country                               Abbrev
ASCENSION ISLAND                      {ac}
AFGHANISTAN                           {af}
ALAND                                 {ax}
ALBANIA                               {al}
ALGERIA                               {dz}
ANDORRA                               {ad}
ANGOLA                                {ao}
ANGUILLA                              {ai}
ANTARCTICA                            {aq}
ANTIGUA AND BARBUDA                   {ag}
ARGENTINA REPUBLIC                    {ar}
ARMENIA                               {am}
ARUBA                                 {aw}
AUSTRALIA                             {au}
AUSTRIA                               {at}
AZERBAIJAN                            {az}
BAHAMAS                               {bs}
BAHRAIN                               {bh}
BANGLADESH                            {bd}
BARBADOS                              {bb}
BELARUS                               {by}
BELGIUM                               {be}
BELIZE                                {bz}
BENIN                                 {bj}
BERMUDA                               {bm}
BHUTAN                                {bt}
BOLIVIA                               {bo}
BOSNIA AND HERZEGOVINA                {ba}
BOTSWANA                              {bw}
BOUVET ISLAND                         {bv}
BRAZIL                                {br}
BRITISH INDIAN OCEAN TERR             {io}
BRITISH VIRGIN ISLANDS                {vg}
BRUNEI DARUSSALAM                     {bn}
BULGARIA                              {bg}
BURKINA FASO                          {bf}
BURUNDI                               {bi}
CAMBODIA                              {kh}
CAMEROON                              {cm}
CANADA                                {ca}
CAPE VERDE                            {cv}
CAYMAN ISLANDS                        {ky}
CENTRAL AFRICAN REPUBLIC              {cf}
CHAD                                  {td}
CHILE                                 {cl}
PEOPLE'S REPUBLIC OF CHINA            {cn}
CHRISTMAS ISLANDS                     {cx}
COCOS ISLANDS                         {cc}
COLOMBIA                              {co}
COMORAS                               {km}
CONGO                                 {cg}
CONGO (DEMOCRATIC REPUBLIC)           {cd}
COOK ISLANDS                          {ck}
COSTA RICA                            {cr}
COTE D IVOIRE                         {ci}
CROATIA                               {hr}
CUBA                                  {cu}
CYPRUS                                {cy}
CZECH REPUBLIC                        {cz}
DENMARK                               {dk}
DJIBOUTI                              {dj}
DOMINICA                              {dm}
DOMINICAN REPUBLIC                    {do}
EAST TIMOR                            {tp}
ECUADOR                               {ec}
EGYPT                                 {eg}
EL SALVADOR                           {sv}
EQUATORIAL GUINEA                     {gq}
ESTONIA                               {ee}
ETHIOPIA                              {et}
FALKLAND ISLANDS                      {fk}
FAROE ISLANDS                         {fo}
FIJI                                  {fj}
FINLAND                               {fi}
FRANCE                                {fr}
FRANCE METROPOLITAN                   {fx}
FRENCH GUIANA                         {gf}
FRENCH POLYNESIA                      {pf}
FRENCH SOUTHERN TERRITORIES           {tf}
GABON                                 {ga}
GAMBIA                                {gm}
GEORGIA                               {ge}
GERMANY                               {de}
GHANA                                 {gh}
GIBRALTER                             {gi}
GREECE                                {gr}
GREENLAND                             {gl}
GRENADA                               {gd}
GUADELOUPE                            {gp}
GUAM                                  {gu}
GUATEMALA                             {gt}
GUINEA                                {gn}
GUINEA-BISSAU                         {gw}
GUYANA                                {gy}
HAITI                                 {ht}
HEARD &amp; MCDONALD ISLAND           {hm}
HONDURAS                              {hn}
HONG KONG                             {hk}
HUNGARY                               {hu}
ICELAND                               {is}
INDIA                                 {in}
INDONESIA                             {id}
IRAN, ISLAMIC REPUBLIC OF             {ir}
IRAQ                                  {iq}
IRELAND                               {ie}
ISLE OF MAN                           {im}
ISRAEL                                {il}
ITALY                                 {it}
JAMAICA                               {jm}
JAPAN                                 {jp}
JORDAN                                {jo}
KAZAKHSTAN                            {kz}
KENYA                                 {ke}
KIRIBATI                              {ki}
KOREA, DEM. PEOPLES REP OF            {kp}
KOREA, REPUBLIC OF                    {kr}
KUWAIT                                {kw}
KYRGYZSTAN                            {kg}
LAO PEOPLE'S DEM. REPUBLIC            {la}
LATVIA                                {lv}
LEBANON                               {lb}
LESOTHO                               {ls}
LIBERIA                               {lr}
LIBYAN ARAB JAMAHIRIYA                {ly}
LIECHTENSTEIN                         {li}
LITHUANIA                             {lt}
LUXEMBOURG                            {lu}
MACAO                                 {mo}
MACEDONIA                             {mk}
MADAGASCAR                            {mg}
MALAWI                                {mw}
MALAYSIA                              {my}
MALDIVES                              {mv}
MALI                                  {ml}
MALTA                                 {mt}
MARSHALL ISLANDS                      {mh}
MARTINIQUE                            {mq}
MAURITANIA                            {mr}
MAURITIUS                             {mu}
MAYOTTE                               {yt}
MEXICO                                {mx}
MICRONESIA                            {fm}
MOLDAVA REPUBLIC OF                   {md}
MONACO                                {mc}
MONGOLIA                              {mn}
MONTENEGRO                            {me}
MONTSERRAT                            {ms}
MOROCCO                               {ma}
MOZAMBIQUE                            {mz}
MYANMAR                               {mm}
NAMIBIA                               {na}
NAURU                                 {nr}
NEPAL                                 {np}
NETHERLANDS ANTILLES                  {an}
NETHERLANDS, THE                      {nl}
NEW CALEDONIA                         {nc}
NEW ZEALAND                           {nz}
NICARAGUA                             {ni}
NIGER                                 {ne}
NIGERIA                               {ng}
NIUE                                  {nu}
NORFOLK ISLAND                        {nf}
NORTHERN MARIANA ISLANDS              {mp}
NORWAY                                {no}
OMAN                                  {om}
PAKISTAN                              {pk}
PALAU                                 {pw}
PALESTINE                             {ps}
PANAMA                                {pa}
PAPUA NEW GUINEA                      {pg}
PARAGUAY                              {py}
PERU                                  {pe}
PHILIPPINES (REPUBLIC OF THE)         {ph}
PITCAIRN                              {pn}
POLAND                                {pl}
PORTUGAL                              {pt}
PUERTO RICO                           {pr}
QATAR                                 {qa}
REUNION                               {re}
ROMANIA                               {ro}
RUSSIAN FEDERATION                    {ru}
RWANDA                                {rw}
SAMOA                                 {ws}
SAN MARINO                            {sm}
SAO TOME/PRINCIPE                     {st}
SAUDI ARABIA                          {sa}
SCOTLAND                              {uk}
SENEGAL                               {sn}
SERBIA                                {rs}
SEYCHELLES                            {sc}
SIERRA LEONE                          {sl}
SINGAPORE                             {sg}
SLOVAKIA                              {sk}
SLOVENIA                              {si}
SOLOMON ISLANDS                       {sb}
SOMALIA                               {so}
SOMOA,GILBERT,ELLICE ISLANDS          {as}
SOUTH AFRICA                          {za}
SOUTH GEORGIA, SOUTH SANDWICH ISLANDS {gs}
SOVIET UNION                          {su}
SPAIN                                 {es}
SRI LANKA                             {lk}
ST. HELENA                            {sh}
ST. KITTS AND NEVIS                   {kn}
ST. LUCIA                             {lc}
ST. PIERRE AND MIQUELON               {pm}
ST. VINCENT &amp; THE GRENADINES      {vc}
SUDAN                                 {sd}
SURINAME                              {sr}
SVALBARD AND JAN MAYEN                {sj}
SWAZILAND                             {sz}
SWEDEN                                {se}
SWITZERLAND                           {ch}
SYRIAN ARAB REPUBLIC                  {sy}
TAIWAN                                {tw}
TAJIKISTAN                            {tj}
TANZANIA, UNITED REPUBLIC OF          {tz}
THAILAND                              {th}
TOGO                                  {tg}
TOKELAU                               {tk}
TONGA                                 {to}
TRINIDAD AND TOBAGO                   {tt}
TUNISIA                               {tn}
TURKEY                                {tr}
TURKMENISTAN                          {tm}
TURKS AND CALCOS ISLANDS              {tc}
TUVALU                                {tv}
UGANDA                                {ug}
UKRAINE                               {ua}
UNITED ARAB EMIRATES                  {ae}
UNITED KINGDOM (no new registrations) {gb}
UNITED KINGDOM                        {uk}
UNITED STATES                         {us}
UNITED STATES MINOR OUTL.IS.          {um}
URUGUAY                               {uy}
UZBEKISTAN                            {uz}
VANUATU                               {vu}
VATICAN CITY STATE                    {va}
VENEZUELA                             {ve}
VIET NAM                              {vn}
VIRGIN ISLANDS (USA)                  {vi}
WALLIS AND FUTUNA ISLANDS             {wf}
WESTERN SAHARA                        {eh}
YEMEN                                 {ye}
ZAMBIA                                {zm}
ZIMBABWE                              {zw}

Run metasploit on Yosemite with ruby 2.1.4

November 11, 2014 by mane·2 Comments

Once again I’ve been playing around with metasploit and ruby on Yosemite and as a result I can run metasploit with ruby 2.1.4.

All I have to say is that it has been quite tricky but at the end I’ve got it working!
Here is an explanation, step by step, of what needs to be done to achieve the goal:

Assuming Homebrew is already installed into the system, use the terminal to run the following commands:

# brew update
# brew install rbenv ruby-build
# rbenv install 2.1.4
# rbenv global 2.1.4

To be sure the above commands had worked as expected a check is necessary running:

# ruby -v

The output must be:

ruby 2.1.4p265

Once ruby is configured to use 2.1.4 version, metasploit needs to be updated running the following command:

# msfupdate

This command will take a while to be executed but at the will be possible to run metasploit with:

# msfconsole

Enjoy the new setup.

Jailbreak for iOS 8.1

October 22, 2014 by mane·1 Comment

The Chinese “pangu team” has achieved its goal. The jailbreak for iOS 8.1 is now available in its Chinese.

pangu.io

Apple and its SSL certificate

October 20, 2014 by mane·0 Comments

It seems like Oracle is not the only one to screw up its SSL certificate this week. Apple has screwed up its main certificate in fact httpss://apple.com looks like this:

Who is next?

Install Homebrew on Yosemite

October 20, 2014 by mane·0 Comments

Homebrew installs the stuff you need that Apple didn’t put it into their own directory and then symlinks their files into /usr/local.

Here is a simple how-to install brew on Yosemite:

Download and install Xcode 6.1
Open your Terminal
Download the latest Java SE JDK from Oracle

Run the following commands:

ruby -e "$(curl -fsSL httpss://raw.githubusercontent.com/Homebrew/install/master/install)"

brew doctor

At this point, brew is installed and ready to use. To install some of the tools/packages it has available, a command “brew install” will be needed.
For example:

brew install nmap

Enjoy your new little bit of freedom.

OSX Custom terminal

October 18, 2014 by mane·0 Comments

I’ve never liked the standard colour path of OSX terminal and, not surprisingly, I didn’t like even the one that comes within Yosemite.

If you are like myself and you want to add some colours in your terminal, here is how you can do it:

open the Terminal
create a file called “.bash_profile” using your favourite text editor
add these lines into it:

export CLICOLOR=1
export LSCOLORS=ExFxBxDxCxegedabagacad
export PS1="\[\e[00;31m\][\h@\u]\[\e[0m\]\[\e[00;37m\] > \[\e[0m\]\[\e[00;32m\]\w\[\e[0m\]\[\e[00;37m\] : \[\e[0m\]"
alias ll='ls -ltr'

save and close the file
restart your Terminal

The final result will be a Terminal coloured like the following one, showing “[hostname@user] > path :”

If you want to make your own combination of colours you can easily get your config using this web app https://bashrcgenerator.com/

Oracle and its SSL certificate

October 18, 2014 by mane·0 Comments

After the last upgrade, OSX is asking me to upgrade java to a newer version so I went to the oracle website and what I could see was a poor “identity not verified” on their SSL certificate placed on download.oracle.com.

Nobody is perfect.