Category Archives: Linux

GY-GPS6MV2 on Pwnagotchi

With the current available latest Release of Pwnagotchi, v1.5.3, it’s not possible to use the UART (TC / RX) GPIOs on a Raspberry PI. Thats because of the wrong compiled Waveshare V2 Display Driver.

You have to recompile it as root with a different header file.

cd /usr/local/src/gratis/
make rpi-remove PANEL_VERSION=V231_G2
make rpi-clean PANEL_VERSION=V231_G2
make rpi PANEL_VERSION=V231_G2 EPD_IO=epd_io_free_uart.h
make rpi-install PANEL_VERSION=V231_G2 EPD_IO=epd_io_free_uart.h

After installing the new driver, reboot and your UART Pins should be available again.

Xiaomi Mi5 Cyanogenmod 13

mi5I got one of this very nice mobiles. Snapdragon 820, 3GB RAM, 32GB Storage and all of this with a tiny pricetag of around 350 Euro (Shopped from Honorbuy). The only thing i don’t like is the Miui ROM…. typical chinese features and a iOS like UI, hey i bought a Android!

So the “Level Zen” Developers 😉 from XDA came together and created the Device Tree for it – There is no kernel source released so far, so they have to use the prebuild Xiaomi kernel.

 

 

Disclamer: I only show you how to use that device tree to build a fully working ROM! If you want to donate, you directly should do it to the developers of the device tree! My programming skills are way to low to contribute code :/

If you trust me, you can download my daily, weekly or whatever builds (Depends on how often the device tree and / or Cyanogenmod gets updates) directly from > here < and install it via TWRP.

In case somebody wants to build Cyanogenmod 13 for it, keep reading! But before get a fast and large  (!) cloud instance or bare metal server! It takes ages to compile when you don’t have a powerful host! I can recommend Vultr for it. I won’t cover the Ubuntu installation here, you should already know that.

  1. Do a openssh only installation of Ubuntu 16.04
  2. Login with your created user and let’s begin!

Read more »

PrivacyIDEA – 2nd Factor made easy!

privacyIDEA1Have you ever searched for a good, secure, not complex, customizable and cheap 2nd factor implementation?

Stop searching!

PrivacyIDEA is one of the candidates i searched for a long long time… i already dealt with RSA, Kobil, Stonesoft, GoogleAuth (own build solution) and much more. I can now say, this is the most perfect solution for all your 2nd factor authentication needs. The most important part is, its OpenSource and everybody can check if there is some bug or backdoor and (!) its perfectly customizable!

It has all the plugins for Apps that you already love to use and already use in your daily work. FreeRadius, PAM, Nginx, Apache2, OpenVPN, Typo3 and much more!

It can be used with a lot of authentication mechanism, TOTP (Software or Hardware based), HOTP (Software or Hardware based), Email, Yubikey, and much much more! The interesting part is, you can also use your existing LDAP server (Microsoft, OpenLDAP and simliar) or local flat file (Linux Passwd) to map users to your 2nd factor tokens.

I used it with TOTP Software or Feitian Token in a MySQL Master-Master Active/Active setup with FreeRadius to authenticate users (Very large userbase!) for VPN on our Cisco ASA. It works as expected and so far without a single problem.

Give it a try if you ever searched for a cheap (Get commercial support if you use it in your company!), OpenSource, flexible and easy to use 2nd factor solution, you will not be disappointed.

PS: No, this is not a sponsored or paid article! I’m really convinced of this software!

Synology TimeMachine and OS X 10.9

synoIf somebody ever wondered about the TimeMachine error message “This backup is already in use” or in german “Dieses Backup wird bereits verwendet”. I think the Synology has problems with PowerNap or some other suspend mode in OS X 10.9.x.

Normally the error is gone after you rebooted the Synology but would you really reboot your NAS every few days? No!

This trick assumes that you have full SSH root access to your NAS. If not please enable SSH on your Synology, you can use this guide to get it enabled.

After you enabled SSH please be sure that no other TimeMachine Backup is running and login to your NAS.

find /volume* -name com.apple.TimeMachine.Results.plist

If you know the full path to your TimeMachine folder, please replace the “/volume*” with this path, otherwise this can take some time, depending on your amount of files.

You should now know the full path to that file. Now it’s time to rename it! If your path is like “/volume1/timemachine/mbp.sparsebundle/com.apple.TimeMachine.Results.plist” You can rename it with:

mv /volume1/timemachine/mbp.sparsebundle/com.apple.TimeMachine.Results.plist \
/volume1/timemachine/mbp.sparsebundle/com.apple.TimeMachine.Results.plist.BAD

If you have multiple TimeMachine backups saved on your NAS, the directories are different! After you renamed the file, the backup should run fine again!

Edit: If this does not work for you, search for running processes on the Synology with the username of your TimeMachine User. Kill all of those processes and you should be fine.

Search for this PID (My user is “tm“, yours is very likely different):

ps | grep tm | grep -v root

Output should like this:

17465 tm 23380 S /usr/syno/sbin/afpd -g guest -c 256 -n pandora6 AFPServer -l default log_error

Now kill that process with the PID (Yours is different!):

kill 17465

HP iMC Software on CentOS 6

Just for everyone who have the same problems with installing that Java software on CentOS6. The database config is really strange… if the Deploy fails for you, just open your desired MySQL Database manager, or do it directly on the cli. Open the user management, or just the table, change the hostfield  from “%” to “localhost” of each iMC added user. In my case this was:

imc_aclm
imc_config
imc_icc
imc_monitor
imc_perf
imc_syslog
imc_vlan
imc_vnm

“iMC deploy” adds all users with “%” but later iMC trys to connect with e.g. imc_config@localhost and gets a Access denied from mysql. Thats the reason why all deploy jobs fails on CentOS 6 and iMC 5.2 :/ If you need the password, which is a randon generated one, from each user you can get it with:

/opt/iMC/deploy/pwdmgr.sh -query 127.0.0.1 config_db <username>

Arch Linux – Linux-Mainline (Mirror)

arch-linux-logoHey folks, i have mirrored the (sometimes) very slow download host of “arch.miffe.org” which has the linux-mainline kernel package for Arch Linux for both architectures (i686 and x86_64).

So if anybody out there needs the mainline kernel and also had problems with the arch.miffe.org host, you can also use this server string:

 

http://mirror1.shade.sh/arch.miffe.org/$arch

in your pacman.conf (or Mirrorlist or wherever you have it on your arch setup). The updates are running every day.

Fedora 18 Rasberry PI Remix

fedoraIf anyone cares, i have mirrored the, only badly reachable, rpfr-f18-final.zip file. You can download it here if you need Fedora on your tiny Raspberry Pi. It seems to run very well, Jan from RedHat already installed and tested it 😉

There is also a Torrent available, don’t know how good its seeded but you can give it a try.

 

Fedora 18 Rasberry Pi Remix (SHA1 b224d80b2887352eda82bbd19a3a86430e878cb2)
Fedora 18 Rasberry Pi Remix Torrent

Update: DNS Bug (Test) in 12D50? (Constant 127.0.0.1 DNS query)

Software bug 04Ich glaube fast Apple hat einen fiesen Bug in der 10.8.3 Build 12D50 eingebaut. Seit dem Update bekomme ich wie aus der Kanone geschossen DNS Requests auf meine DNS Server geschossen:

client <IP MacBook Pro>#58044: query: 1.0.0.127.in-addr.arpa IN PTR + (<IP DNS Server>)

Ich hab bisher noch nicht rausgefunden warum in aller Welt immer Anfragen an den PTR Record von 127.0.0.1 gestellt werden. Es könnte jedoch etwas mit dem DNSBUGTEST des mDNSResponders zu tun haben. Allerdings antwortet mein DNS Server korrekt. Ausserdem ist es egal ob er nun für die 127er Zone zuständig ist oder nicht, die Anfragen gehen immer raus, egal ob sich dafür zuständi fühlt oder nicht 🙁

Ein TCPDump zeigt auch dass er sich dafür zuständig fühlt und, meiner Meiung nach, korrekt antwortet:

19:27:30.247585 IP (tos 0x0, ttl 255, id 27538, offset 0, flags [none], proto UDP (17), length 68)
   macbookpro.netz.net.49534 > services.netz.net.domain: [udp sum ok] 11729+ PTR? 1.0.0.127.in-addr.arpa. (40)
19:27:30.250204 IP (tos 0x0, ttl 64, id 59476, offset 0, flags [none], proto UDP (17), length 149)
    services.netz.net.domain > macbookpro.netz.net.49534: [udp sum ok] 11729* q: PTR? 1.0.0.127.in-addr.arpa. 1/1/2 1.0.0.127.in-addr.arpa. [1w] PTR localhost. ns: 127.in-addr.arpa. [1w] NS localhost. ar: localhost. [1w] A 127.0.0.1, localhost. [1w] AAAA ::1 (121)

Hat jemand ein ähnliches Problem mit der 12D50 feststellen können? Konstante PTR 127.0.0.1 Anfragen an die eingetragenen DNS Server?

Update: Ich habe das Rätsels Lösung gefunden! Der Übeltäter unter 12D50 ist Logmein :/ Startet Logmein und ist aktiv (Daher es können Zugriffe erfolgen) überschwemmt es den ersten verfügbaren DNS Server mit diesen Anfragen. Deaktiviert man den Zugriff (Logmein ist aber noch offen) erfolgt das selbe. Erst denn Logmein komplett geschlossen wird, ist es vorbei mit den Anfragen an 127.0.0.1. Was mich daran erinnert dass ich schon lange mal nach einer Alternative dafür suchen wollte…. Vorschläge? 😉

iOS UDID leaked over the Internet….

Hier kam gerade ein etwas beunruhigender Post via Twitter rein. Es sollen rund 1 Million iOS based (iPhone, iPad, iPod) UDID’s inkl Namen und Seriennummern übers Netz verfügbar gemacht worden sein. Verantwortlich zeigt sich mal wieder Lulzsec. Enthalten sollen ursprünglich über 12 Millionen Daten inkl. ZIP Code, Name, Vorname, Adresse, Handynummer etc. Update: Die angeblich alle von einem FBI Laptop stammen sollen, das Lulzsec durch eine Java Lücke (Wer hätte es gedacht) geknackt hat. Da fragt man sich doch, warum braucht das FBI die Zuordnung von UDID zu Name etc. Ein Schelm wer dabei böses denkt, das FBI unser Freund und Helfer 😉

Tolle Wurst… ein, wie es Aldo Cortesi schreibt, privacy desaster! Hier hat es Lulzsec mal wieder allen gezeigt, nicht (unbedingt) im positiven Sinne. Lulzsec ist also im Besitz der Daten, der vollen 12 Millionen inkl. allen Infos. Ich fühle mich jetzt nicht besser. Schaut nach ob ihr betroffen seid, unter folgendem Link gibts den original Post von Lulzsec.

Oracle did it again… Security Alert in Java 7 Update 7

Oracle schafft es im Moment wirklich negativ aufzufallen. Nicht dass Sie das sowieso schon länger tun, aktuell aber in Bezug auf Java. War da nicht noch erst eine Lücke in Java 7 Update 6 und darunter, die sich wunderbar über den Browser OS unabhängig ausnutzen lässt? Ja, da war was. Erneut erreicht mich der Link eines Freundes aus den deutschen IT News, speziell hier sei Golem.de genannt, die in Java 7 Update 7 erneut eine schwerwiegende Lücke, höchstwarscheinlich wieder OS unabhängig, öffnet.

Also, wir fassen zusammen, ein Update bügel eine Sicherheitslücke aus, öffnet aber eine genauso schwere… Good Work Oracle, good work! Also, das Update 7 bringt ebenso wenig mehr Sichherheit wie Update 6. Ich würde sagen, schmeißt Java komplett von eurem Rechner, egal ob OS X, Linux oder Windows. Adobe und Oracle machen aktuell wohl gemeinsame Sache…. ob Sie wohl Developer Sharing betreiben?

Quelle: Golem.de – Java 7 Update 7 Update öffnet neue kritische Sicherheitslücke
Quelle: Bugtraq – [SE-2012-01] New security issue affecting Java SE 7 Update 7