Wednesday, November 24, 2010

New appliances for network auto-assessment script available

I have uploaded the beta od-autoassess 10.10 virtual appliances (VirtualBox) and have made them available through torrents (preferred) as well. I am getting close to capping my monthly bandwidth (450gb a month, dang!), so please use one of the torrents if possible. Please test them and report any issues by contacting me (or let me know how awesome it is!).

These appliances are fully configured to run all aspects of the autoassessment script. These are beta releases, though I don't think much will change between these betas and any official release. Credentials are rooty/ytoor and you can `sudo su` from there to get root and run a scan (a proper scan should be in the bash history on each appliance, getting root and running through the history should bring it up). But if you are lazy, here is a full scan command:


sh /opt/od-autoassess/od-autoassess.sh --client="FooBarWidgets" --range=192.168.1.0/24 --start-openvassd \
--openvas-user="rooty" --openvas-pass="ytoor" \
--metasploit-sql-driver="mysql" --metasploit-sql-conn="root:toor@127.0.0.1/metasploit" \
--enable-wapiti --enable-w3af


Also, if you like the appliances, the script, or any of my other projects, maybe a donation is in order! I am working part time at Joe's Crab Shack to pay my server and tuition costs while attending school, and any help will be much appreciated!

Tuesday, November 16, 2010

Maths, pt1 and other news

I recently found a really awesome project, MOSA (Managed Operating System Alliance). I haven't had more fun hacking and breaking code in a long time. It's just really neat being able to write your operating system in C#.

One of my projects is building an operating system that performs floating-point arithmetic and fast fourier transforms as kind of a benchmark for the operating system/Ahead-Of-Time compiler. A few years ago, I ported John Walker's FBENCH to C# and I thought this would be an excellent candidate for the task. He also has a benchmark, FFBENCH (Fast-Fourier Transforms) which I plan on porting in the next few days as well.

The MOSA project, however, is quite young compared to other projects like it. It isn't very complete at all and isn't really useful yet. I plan on helping out with this a bit. For instance, I took the trig functions John Walker uses in FBENCH (he defined all the trig functions in case you didn't want to use math.h) and moved them over to C#. It wasn't terribly difficult, just a bit tedious. If you would like a copy of these methods, you may get them here. If all goes well and according to plan, these methods will go into Korlib, the core library MOSA uses for the OS.

I will be making a post in the next few days regarding the ports of the two math benchmarks to C#, and maybe even an image of my OS that can run in QEMU! A new release had been made of the benchmarks since I ported last, so this morning was spent porting the new FBENCH to C# and it is working quite dandily (is that a word?). FFBENCH should be even easier. There are a few tests I want to run regarding these benchmarks. Speed of Mono vs .NET arithmetically and the speed of using System.Math vs my methods. Hopefully I have some good results to show soon.


Also, in other news, the OpenVAS Build Repo has added a 10.10 repository for Ubuntu. I have been testing it on my network here with virtual machines strewn about the house and everything seems dandy! I highly recommend you check it out if you are interested. As soon as I get a bit more free time, I will be releasing two virtual appliances updated to run the od-autoassess script (x86 and x86_64) on Maverick with all the new features I have implemented in the script.

Adding the repository is easy, and you can follow my guide here (updated yesterday) to get a new VM up and running. If you find any problems, let me know!

Monday, November 8, 2010

Torrent for OpenDiagnostics live CD

I have just created and uploaded the torrent for the latest release of the OpenDiagnostics Live CD.

You can get it here, seeders much appreciated!

Sunday, November 7, 2010

Personal scripts for maintaining OpenDiagnostics Live CD

I am posting my scripts for maintaining my OpenDiagnostics Live CD so others can use them and add on to them as they see fit. Quite a while ago, I posted a fairly long shell script that I used to keep the ClamAV Live CD up-to-date with virus definitions, but the OpenDiagnostics Live CD is more comprehensive and a single script didn't make sense in my mind. If someone wants to modify them to locally update and modify a custom distro, feel free to take the scripts and edit them as you wish. If you come up with anything particularly neat, feel free to send me the code!

It is relatively easy to setup the project folder. The 'chroot' folder is just the filesystem.squashfs unsquashed. You can mount the ISO (
mount -o loop image.iso tmp/
) to create the image folder (just copy the contents of tmp/ to image/).

And without further ado, here are the scripts I use, in order from first-used to last-used:

chroot.sh

#!/bin/bash

sudo cp /etc/hosts chroot/etc/hosts
sudo cp /etc/resolv.conf chroot/etc/resolv.conf
#sudo cp /etc/apt/sources.list chroot/etc/apt/sources.list

sudo chroot chroot mount -t proc none /proc
sudo chroot chroot mount -t sysfs none /sys
sudo chroot chroot mount -t devpts none /dev/pts
sudo chroot chroot export HOME=/root
sudo chroot chroot export LC_ALL=C

sudo chroot chroot


After chrooting, you can do what you wish with the chroot, install any apps you wants, modify or uninstall apps, etc...

clean.sh -- clean up the chroot before remastering. This is run after modifying the chroot.

#!/bin/bash

sudo chroot chroot apt-get clean

sudo chroot chroot rm -rf /tmp/*

sudo chroot chroot rm /etc/resolv.conf

sudo chroot chroot umount -lf /proc
sudo chroot chroot umount -lf /sys
sudo chroot chroot umount -lf /dev/pts


remaster.sh -- Create a beta iso that you can test to make sure all your changes made were successful.

#!/bin/bash


sudo chroot chroot dpkg-query -W --showformat='${Package} ${Version}\n' | tee image/casper/filesystem.manifest

sudo cp -v image/casper/filesystem.manifest image/casper/filesystem.manifest-desktop
REMOVE='ubiquity casper live-initramfs user-setup discover1 xresprobe os-prober libdebian-installer4'

for i in $REMOVE
do
sudo sed -i "/${i}/d" image/casper/filesystem.manifest-desktop
done

sudo rm image/casper/filesystem.squashfs
sudo mksquashfs chroot image/casper/filesystem.squashfs -e boot

sudo rm image/casper/filesystem.size
sudo printf $(sudo du -sx --block-size=1 chroot | cut -f1) > image/casper/filesystem.size

(cd image && find . -type f -print0 | xargs -0 md5sum | grep -v "\./md5sum.txt" > md5sum.txt)


cd image

sudo rm ../OpenDiagnostics_beta.iso
sudo mkisofs -r -V "OpenDiagnostics Live CD" -cache-inodes -J -l -b isolinux/isolinux.bin -c isolinux/boot.cat -no-emul-boot -boot-load-size 4 -boot-info-table -o ../OpenDiagnostics_beta.iso .

cd ..


beta_to_stable.sh -- Finally, move your changes to stable and zip up the ISO for uploading.

#!/bin/bash

rm OpenDiagnostics_stable.iso OpenDiagnostics_stable.iso.zip
mv OpenDiagnostics_beta.iso OpenDiagnostics_stable.iso
zip OpenDiagnostics_stable.iso.zip OpenDiagnostics_stable.iso



It would be pretty easy to setup a cron to automagically update your chroot and remaster the ISO every week, month, whatever. Hope this helps.

New OpenDiagnostics Live CD Release

Updated ClamAV, Metasploit, od-autoassess script, and did an apt-get upgrade.

Installed netrw, really neat/easy utility for transferring files between computers without dealing with S/FTP. Similar to netcat.

Updated List Of Notable Apps.

Also removed all the fluxbox styles but the default Debian style. Current ISO size is 421 MB.

You can get the latest ISO here. Torrent will be available when I get around to making one (sometime today as well). This may hit the planets before being fully uploaded to my server, so if no release is there, just wait a bit.

Saturday, November 6, 2010

Compiling wireplay on x86_64 machines

I found a really neat tool for software fuzzing and general debugging called wireplay a few days ago. I finally got around to trying it out today, but found out pretty quickly it doesn't work right out of the box! A few bugs kept me from compiling wireplay cleanly on my machine, so I am posting them here (after emailing the author of course) so others can maybe get it working as well.

Bug #1: The makefile will only work for x86 machines. You can fix this
by using this as your RUBYINC line in the makefile

RUBYINC := /usr/lib/ruby/1.8/$(shell uname -m)-linux

The current version hardcodes i486 which will not work on all
machines. This way it is more dynamic


Bug #2: libnids1.23 does not compile due to missing expression in
#elif in killtcp.c. You can fix it with the following

On line 121, change
#elif

to

#elif LIBNET_VER != 0