Incoherent Ramblings

A coworker of mine was asking how to get NTFS working for OSX (WTF Apple no native NTFS read/write, really? REALLY?!?). So, I shot him this link. I figured it would be a bit easier to summarize the post below:


$ brew install fuse4x
$ brew install ntfs-3g

$ sudo cp -rfX /usr/local/Cellar/fuse4x-kext/0.8.13/Library/ \
  Extensions/fuse4x.kext /System/Library/Extensions

$ cat < < EOF | sudo tee /sbin/mount_ntfs
#!/bin/bash
VOLUME_NAME="${@:$#}"
VOLUME_NAME=${VOLUME_NAME#/Volumes/}
USER_ID=501
GROUP_ID=20
TIMEOUT=20
if [ `/usr/bin/stat -f "%u" /dev/console` -eq 0 ]; then
        USERNAME=`/usr/bin/defaults read /library/preferences/com.apple.loginwindow | /usr/bin/grep autoLoginUser | /usr/bin/awk '{ print $3 }' | /usr/bin/sed 's/;//'`
        if [ "$USERNAME" = "" ]; then
                until [ `stat -f "%u" /dev/console` -ne 0 ] || [ $TIMEOUT -eq 0 ]; do
                        sleep 1
                        let TIMEOUT--
                done
                if [ $TIMEOUT -ne 0 ]; then
                        USER_ID=`/usr/bin/stat -f "%u" /dev/console`
                        GROUP_ID=`/usr/bin/stat -f "%g" /dev/console`
                fi
        else
                USER_ID=`/usr/bin/id -u $USERNAME`
                GROUP_ID=`/usr/bin/id -g $USERNAME`
        fi
else
        USER_ID=`/usr/bin/stat -f "%u" /dev/console`
        GROUP_ID=`/usr/bin/stat -f "%g" /dev/console`
fi
/usr/local/bin/ntfs-3g \
        -o volname="${VOLUME_NAME}" \
        -o local \
        -o noappledouble \
        -o negative_vncache \
        -o auto_xattr \
        -o auto_cache \
        -o noatime \
        -o windows_names \
        -o user_xattr \
        -o inherit \
        -o uid=$USER_ID \
        -o gid=$GROUP_ID \
        -o allow_other \
        "$@" &> /var/log/ntfsmnt.log
exit $?;
EOF

Thanks Apples & Rubies!

*NOTE* Here is a copy of the raw file in case the formatting jacked up the ability to copy and paste. Eventually Ill look into styling my gist’s to match the layout of the blog.

I stumbled across this a few weeks back and it has been invaluable for setting up an environment. I immediately feel at home and I have all of my dotfiles at my disposal.


$ sudo gem install homesick
$ homesick clone https://github.com/zwned/dotfiles.git
$ homesick symlink dotfiles


Then just source the files you need or log out and log back in. Thats it……sweet! Now I just have to finish migrating my dotfiles to github.

homesick

Thank you Mr Joshua Nichols!

So I love the fact that I can bring any PAM enabled application the security of two-factor auth with Google-Authenticator. However, being faced with the possibility of upgrading to a new phone I had to deal with the arduous task of re-configuring google authenticator for each application that uses google-auth as well as the “application specific” passwords (Google does not sync this information). I wanted to see if it was possible to take the information off of my current phone so I would not have to go through this hassle again.

My droid (Motorola Droid) is rooted and I have terminal emulator installed. First I needed to find where the information resided on my phone. I searched the phone for auth and got lucky.


$ su
# find / -name *auth*


I immediately saw an entry that stood out “/data/data/com.google.android.apps.authenticator/”. I did an ls of that directory and found a subdir called databases. It contained a single file called “databases”. I did not have a hexeditor available on my phone so I scp’d the file to my computer.


scp /data/data/com.google.android.apps.authenticator/databases/databases zwned@192.168.1.2:/home/zwned/Desktop/.


Once the file was on my main machine I opened the file with the hex editor. The first 16 bytes of the file were 53 51 4c 69 74 65 20 66 6f 72 6d 61 74 20 33 which corresponds to “SQLite format 3″ in ASCII. I installed SQLite3 and attempted to open the file.


$ cd ~/Desktop
$ sudo apt-get install sqlite3 -y
$ sqlite3 ./databases
SQLite version 3.7.7 2011-06-23 19:49:22
Enter ".help" for instructions
Enter SQL statements terminated with a ";"
sqlite> .databases
seq name file
--- --------------- ----------------------------------------------------------
0 main /home/zwned/Desktop/./databases
sqlite> .tables
accounts android_metadata
sqlite> select * from accounts;
1|user1@example.com|XXXXXXXXXXXXXXXX|0|0
2|user2@example.com|XXXXXXXXXXXXXXXX|0|0
3|user3@example.com|XXXXXXXXXXXXXXXX|0|0
4|user4@example.com|XXXXXXXXXXXXXXXX|0|0
5|user5@example.com|XXXXXXXXXXXXXXXX|0|0
sqlite> .exit


Next time you move to another phone, manually add the existing accounts instead. The account name is the first column of the record and the key is the second column. Remember to safe guard these as you would your passwords. Speaking of passwords and Google-Authenticator, I just found out that LastPass now includes support for it. /me is happy.

Short writeup on configuring Tor for testing on a private network.


$ sudo -i

# cat /opt/tor/fingerprint | cut -d " " -f 2 >> /etc/tor/torrc
# cat /opt/tor/keys/authoritative_certificate | grep -i fingerprint | cut -d " " -f 2 >> /etc/tor/torrc


Move the next to last line of torrc to the v3ident position and the last line to the fingerprint section. Break the fingerprint into halfwords.

Now start the Tor directory server with:


# tor -f /opt/tor/torrc &


Replicate this for each directory server you are deploying. Ensure you update the Nickname of each torrc file as well as any hardcoded IPs if you deviated from the above. After a few directory servers have been deployed its time for the relay nodes.


$ sudo -i

# mkdir /opt/tor
# echo "
SocksPort 9050
SocksListenAddress 127.0.0.1
ORPort 9001
Nickname Relay1
ContactInfo zwned@co.de
TestingTorNetwork 1
ServerDNSDetectHijacking 0
DirServer auth1 v3ident= 1.1.1.1:9030
Log info file /var/log/tor/tor.log
DataDirectory /opt/tor
" >> /opt/tor/torrc


In this case the DirServer line(s) will be copied from the directory server’s torrc file generated above.

Again start tor with:


# tor -f /opt/tor/torrc &


Repeat this again for how ever many relays you want to deploy. Again, ensuring that the nicknames and any hardcoded IPs are changed accordingly.


$ sudo -i

# apt-get install vidalia -y


Start vidalia and click settings > advanced > edit current torrc
Edit the torrc to reflect the following:

AllowSingleHopCircuits 1
AvoidDiskWrites 1
ControlPort 9051
ControlPortWriteToFile ../../Contents/Resources/Data/Tor/port.conf
DataDirectory ../../Contents/Resources/Data/Tor
DirServer DS1 v3ident=0000000000000000000000000000000000000000 1.1.1.1:9030 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
DirServer DS2 v3ident=0000000000000000000000000000000000000000 2.2.2.2:9030 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
GeoIPFile ../../Contents/Resources/Data/Tor/geoip
Log notice stdout
TestingTorNetwork 1
SafeLogging 0
SocksListenAddress 127.0.0.1
SocksPort auto


Start Tor and you should be connected to your own private Tor network.

Here is what I got from LockPickShop.com:

This is the LockPick “School in a box”. It starts off with 1 pin and adds a pin per lock till you have a lock with the full 5 pins.

I also got a 6 pin cutaway which is nice to see how the different amounts of torque affects the ability to pick the lock. Im still having issues with that.

And finally here are the picks that I picked up or somehow accrued:

I was able to quickly pick the training station, although I still find it useful. The cutaway gave me a problem for a bit but it ended up I was still applying to much pressure to the tension wrench. Im getting better with it.

I also spent a good bit of the morning learning to bump the locks. Still learning good technique with the bump keys.

More to come…