My Tech Note's

Categoria: Linux (Page 1 of 2)

Compile iDeviceRestore on Linux

This is a guide to compiling iDeviceRestore by @p0sixninja on debian linux. It has been tested on Ubuntu 12.04 (and even the raspberry pi on raspbian!) and is working.

  1. Do any required upgrades on apt.
    sudo apt-get update
    sudo apt-get upgrade
    
  2. First, we need to get the dependencies
    sudo apt-get install build-essential automake cmake \
    libreadline6 autotools-dev libcurl4-openssl-dev autoconf \
    libplist1 libplist-utils libplist-dev libplist++-dev \
    libzip-dev git curl libgnutls-dev libreadline-dev libusb-dev \
    libtool libusb-1.0-0-dev libusbmuxd-dev libglib2.0-dev libimobiledevice-dev
    
  3. Install libirecovery
    mkdir ~/idevicerestore
    cd ~/idevicerestore
    git clone http://git.sukimashita.com/libirecovery.git
    cd libirecovery
    ./autogen.sh
    make && sudo make install
    
  4. Finally to get idevicerestore
    cd ~/idevicerestore
    git clone git://github.com/tcf38012/idevicerestore.git
    cd idevicerestore
    ./autogen.sh
    make && sudo make install
    sudo ldconfig
    
  5. Also, you might want iDeviceactivate, to activate after you have restored
    cd ~/idevicerestore
    git clone http://github.com/posixninja/ideviceactivate.git
    cd ideviceactivate
    make
    

 

soure

Using raspberrypi as a DLNA Media Server

I have a  Samsung TV. So the whole explanation below is based on this TV. I guess that it will also work for the other TV’s.

The solution given below is done with MediaTomb DLNA server.

$ sudo apt-get install mediatomb

$ vim /etc/mediatomb/config.xml

remove the comment tags around the <custom-http-headers> section and make that section look like this:

<custom-http-headers>
<add header=”transferMode.dlna.org: Streaming”/>
<add header=”contentFeatures.dlna.org: DLNA.ORG_OP=01;DLNA.ORG_CI=0;DLNA.ORG_FLAGS=017000 00000000000000000000000000″/>
</custom-http-headers>

Under <mappings>, add

<map from=”avi” to=”video/mpeg”/>

<map from=”mkv” to=”video/mpeg”/>

save and close config.xml and restart mediatomb

$ vim /etc/default/mediatomb

Add additional option

OPTIONS=” –port 49152 “

$ /etc/init.d/mediatomb restart

And now, open with firefox http://ip_raspberrypi:49152 and tell it where to start looking for files.

NGINX Plus Release 6 with Enhanced Load Balancing, High Availability, and Monitoring Features

Well!
I can’t afford a NGINX Plus yet! :)
I might need to have one in one year of thing work out like I want!

NGINX Plus looks hot!

demo-nginx-1024x708

New “Least Time” Load-Balancing Algorithm

R6Blogvisual-01-1024x590

Full-Featured TCP Load Balancing

R6Blogvisual-02-1024x361

High Availability

R6Blogvisual-03-1024x468

source

PHP: Unable to load dynamic library suhosin.so on Debian 7

After upgrading to Debian 7 (from Debian 6), the PHP produce error like
" PHP Warning:  PHP Startup: Unable to load dynamic library '/usr/lib/php5/20100525/suhosin.so' - /usr/lib/php5/20100525/suhosin.so: cannot open shared object file" 
Reason why it happen:
  php5-suhosin depends on an obsolete version of phpapi-20090626+lfs
  so php5-suhosin is removed during the upgrade... but the PHP config
  snippet /etc/php5/conf.d/suhosin.ini isn't purged... so PHP still
  try to load the module suhosin.so.

The release notes should document that the user should:
  dpkg -P php5-suhosin


more info

SSH Tunnel on Mac OSX with Google Chrome

Sometimes, the port forward is insufficient, but you can setup the proxy local throught ssh client.
after all, you can launch the Google Chrome to using the local proxy.

ssh [email protected] -CN -D 12345

-D means:

-D [bind_address:]port
Specifies a local “dynamic” application-level port forwarding.  This works by allocating a socket to listen to port on the local side, optionally
bound to the specified bind_address.  Whenever a connection is made to this port, the connection is forwarded over the secure channel, and the appli-
cation protocol is then used to determine where to connect to from the remote machine.  Currently the SOCKS4 and SOCKS5 protocols are supported, and
ssh will act as a SOCKS server.  Only root can forward privileged ports.  Dynamic port forwardings can also be specified in the configuration file.

IPv6 addresses can be specified by enclosing the address in square brackets.  Only the superuser can forward privileged ports.  By default, the local
port is bound in accordance with the GatewayPorts setting.  However, an explicit bind_address may be used to bind the connection to a specific
address.  The bind_address of “localhost” indicates that the listening port be bound for local use only, while an empty address or `*’ indicates
that the port should be available from all interfaces.

-N means:

     -N      Do not execute a remote command.  This is useful for just forwarding ports (protocol version 2 only).

-C means:

-C      Requests compression of all data (including stdin, stdout, stderr, and data for forwarded X11 and TCP connections).  The compression algorithm is the
same used by gzip(1), and the “level” can be controlled by the CompressionLevel option for protocol version 1.  Compression is desirable on modem
lines and other slow connections, but will only slow down things on fast networks.  The default value can be set on a host-by-host basis in the con-
figuration files; see the Compression option.

 

And now you can launch the Google Chrome

/Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome –proxy-server=”socks5://localhost:12345″

And now, you can “surf” through the local proxy server. 🙂

 

Howto make simple duplicate packet with scapy

With scapy you can do any think.

This example, all packets to port 162 are sent to another machine too

#/usr/bin/env python2.6
from scapy.all import *
ipdst="78.78.78.78"
while True:
        pkt = sniff(count = 1,filter="udp and dst port 162")
        if pkt[0].haslayer(UDP):
                ipsrc=str(pkt[0][IP].src)
                send(IP(src=ipsrc,dst=ipdst)/UDP(sport=1234,dport=162)/pkt[0][SNMP])

[warning]

you can do with TCP.

[/warning]

 

Howto VPN over SSH

[warning]After all, you need openssh v4.3 and tuntap installed on both machines.[/warning]

Steps:

server1 # ssh [email protected] -NTCf -w 0:0

 -N Do not execute a remote command. This is useful for just forwarding ports.
-T Disable pseudo-tty allocation.
-C Requests compression of all data 
-f Requests ssh to go to background just before command execution.

[notice]

You need this options on sshd_config

PermitRootLogin yes

PermitTunnel yes

[/notice]

Configure the interfaces:

On the server1

server1 # ip link set tun0 up

server 1 # ip addr add 10.10.10.1/32 peer 10.10.10.2 dev tun0

On the server2

server2 # ip link set tun0 up

server2 # ip addr add 10.10.10.2/32 peer 10.10.10.1 dev tun0

 

And this moment, you have connection btw two servers, you can do ping 10.10.10.2 on the server1

 

now, you need configure the routing table

if you want routed all traffic

on the server1:

server1 # route add -host ip_server1 gw gateway_on_your_network

server1 # route del default gw gateway_on_your_network

server1 # route add default gw 10.10.10.2

on the server2:

server2 # iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

(eth0 are connected to internet/lan)

server2 # echo 1 > /proc/sys/net/ipv4/ip_forward

 

Now, all traffic btw server1 and server2 are encripted 🙂

Resolution to “perl: warning: Setting locale failed.” on debian

When this appears

perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
    LANGUAGE = (unset),
    LC_ALL = (unset),
    LC_CTYPE = “UTF-8”,
    LANG = “en_US.UTF-8”
    are supported and installed on your system.
perl: warning: Falling back to the standard locale (“C”).

the solution is:

# echo “LC_ALL=C” > /etc/default/locale

 

TACACS Server using tac plus

From Wikipedia, the free encyclopedia:

In computer networking, TACACS+ (Terminal Access Controller Access-Control System Plus) is a Cisco Systems proprietary protocol which provides access control for routers, network access servers and other networked computing devices via one or more centralized servers. TACACS+ provides separate authentication, authorization and accounting services.

TACACS+ is a protocol for AAA services (Authentication, Authorisation, Accounting), very similar to RADIUS. Servers using RADIUS or TACACS protocol are often called NAS (Network Access Server), not to be confused with NAS – (Network Attached Storage).

 

 Installation

 

$ cd /usr/src

Continue reading

« Older posts

© 2020 Sec&Stuff&Others

Theme by Anders NorenUp ↑