Archive for the “Mac” Category

23 09 2011

WiFi recon using OSX native tools

Posted by Buzz in hacking, Mac

So you wanted to get your aircrak suite on under OSX, getting airodump etc to work I can tell you will be a nightmare (infact just dont use a VM with a USB wifi for that, however there is an alternative …), after a lot of searching there is a native tool under OSX that will let you cap packets, list networks etc.

Credit goes to d3in0s for his awesome forum post.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
/System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport
Usage: airport <interface> <verb> <options>

    <interface>
    If an interface is not specified, airport will use the first AirPort interface on the system.

    <verb is one of the following:
    prefs   If specified with no key value pairs, displays a subset of AirPort preferences for
        the specified interface.

        Preferences may be configured using key=value syntax. Keys and possible values are specified below.
        Boolean settings may be configured using 'YES' and 'NO'.

        DisconnectOnLogout (Boolean)
        JoinMode (String)
            Automatic
            Preferred
            Ranked
            Recent
            Strongest
        JoinModeFallback (String)
            Prompt
            JoinOpen
            KeepLooking
            DoNothing
        RememberRecentNetworks (Boolean)
        RequireAdmin (Boolean)
        RequireAdminIBSS (Boolean)
        RequireAdminNetworkChange (Boolean)
        RequireAdminPowerToggle (Boolean)
        WoWEnabled (Boolean)

    logger  Monitor the driver's logging facility.

    sniff   If a channel number is specified, airportd will attempt to configure the interface
        to use that channel before it begins sniffing 802.11 frames. Captures files are saved to /tmp.
        Requires super user privileges.

    debug   Enable debug logging. A debug log setting may be enabled by prefixing it with a '+', and disabled
        by prefixing it with a '-'.

        AirPort Userland Debug Flags
            DriverDiscovery
            DriverEvent
            Info
            SystemConfiguration
            UserEvent
            PreferredNetworks
            AutoJoin
            IPC
            Scan
            802.1x
            Assoc
            Keychain
            RSNAuth
            WoW
            AllUserland - Enable/Disable all userland debug flags

        AirPort Driver Common Flags
            DriverInfo
            DriverError
            DriverWPA
            DriverScan
            AllDriver - Enable/Disable all driver debug flags

        AirPort Driver Vendor Flags
            VendorAssoc
            VendorConnection
            AllVendor - Enable/Disable all vendor debug flags

        AirPort Global Flags
            LogFile - Save all AirPort logs to /var/log/airport.log

<options> is one of the following:
    No options currently defined.

Examples:

Configuring preferences (requires admin privileges)
    sudo airport en1 prefs JoinMode=Preferred RememberRecentNetworks=NO RequireAdmin=YES

Sniffing on channel 1:
    airport en1 sniff 1


LEGACY COMMANDS:
Supported arguments:
 -c[<arg>] --channel=[<arg>]    Set arbitrary channel on the card
 -z        --disassociate       Disassociate from any network
 -I        --getinfo            Print current wireless status, e.g. signal info, BSSID, port type etc.
 -s[<arg>] --scan=[<arg>]       Perform a wireless broadcast scan.
                   Will perform a directed scan if the optional <arg> is provided
 -x        --xml                Print info as XML
 -P        --psk                Create PSK from specified pass phrase and SSID.
                   The following additional arguments must be specified with this command:
                                  --password=<arg>  Specify a WPA password
                                  --ssid=<arg>      Specify SSID when creating a PSK
 -h        --help               Show this help
Credit goes to <a href="http://forum.aircrack-ng.org/index.php?PHPSESSID=osr5e11icl40hib1f57qkh0u35&topic=293.msg34031#msg34031">d3in0s post</a> showing true forum awesomeness.

<code>
/System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport -I
     agrCtlRSSI: -40
     agrExtRSSI: 0
    agrCtlNoise: -92
    agrExtNoise: 0
          state: running
        op mode: station
     lastTxRate: 54
        maxRate: 54
lastAssocStatus: 0
    802.11 auth: open
      link auth: wpa2-psk
          BSSID: <removed>
           SSID: <removed>
            MCS: -1
        channel: 6
/System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport -s
                            SSID BSSID             RSSI CHANNEL HT CC SECURITY (auth/unicast/group)
                          <removed> <removed> -41  6       N  -- WPA(PSK/AES,TKIP/TKIP) WPA2(PSK/AES,TKIP/TKIP)

Doing a frame cap.

1
2
/System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport en1 sniff 6
Capturing 802.11 frames on en1.

You will see your airport icon changes to now hit ctrl+c to stop the cap

1
^CSession saved to /tmp/airportSniff813ZrA.cap.

Tags: , , , ,

Comments No Comments »

21 07 2011

Fixing OSX Lion AFP the version of the server you are trying to connect to is not supported

Posted by Buzz in Mac

For those using netatalk for AFP shares in this case I am using CentOS, the EL5 compiles are missing the configure lines for the dhx2 extension, which is required by OSX Lion, if you are running x86_64 you can grab this file: netatalk-2.0.5-2.x86_64.rpm I have also emailed the Package maintainer @ EPEL with the changes I have made for this RPM so I would like to think that -2 will be available from EPEL soon.

Let me know if you have any issues with my RPM.

UPDATE: Official Rebuild in testing

Tags: , , , , , , , , , , ,

Comments 1 Comment »

15 10 2010

matplotlib ImportError: No module named ma

Posted by Buzz in Mac, python

ImportError: No module named ma

Fix is to edit the following files:

1
2
sudo vi /Library/Python/2.6/site-packages/matplotlib-0.91.1-py2.6-macosx-10.6-universal.egg/matplotlib/numerix/ma/__init__.py
sudo vi /Library/Python/2.6/site-packages/matplotlib-0.91.1-py2.6-macosx-10.6-universal.egg/matplotlib/numerix/npyma/__init__.py

On my installed on lines 16 and 7 respectively replace

1
from numpy.core.ma import *

with

1
from numpy.ma import *

and done.

Tags: , , , , , ,

Comments 5 Comments »

11 05 2010

My time machine needs 970.08 Peta Bytes

Posted by Buzz in Mac

In one of those you don’t believe it until you have seen it moments not bad for a mac book pro with only a 350gb HD …

Tags: , , , ,

Comments No Comments »

06 04 2010

Mounting NFS shares on OSX

Posted by Buzz in Mac

Having little time to update my blog, I’ve been updating a wiki I keep with various tidbits, so I thought I might as well share a few, they will be appearing on here over the next few days.

First off you will want to open the “Terminal” application, not so much a play on words it is really called Terminal.

Applications -> Utilities -> Terminal

1
showmount -e aaa.bbb.ccc.ddd

Where aaa.bbb.ccc.ddd is the IP or FQDN of your NFS server, this command will show a list of mountable exports on the device.

1
sudo mount -t ntfs aaa.bbb.ccc.ddd:/exported/path ~/Desktop/nfs_folder

If you look on your desktop you will now see that the folder icon has changed to an aliased drive icon alias drive icon


NOTE: These changes will not persist through a reboot, I have not yet found a way of doing this short of some apple / automator script to remount the drives on startup.

Tags: , , , ,

Comments 2 Comments »

02 03 2009

SSH Keys

Posted by Buzz in Linux, Mac

I should of really written about this ages ago.

SSH Keys allow you to log into a server without the need for passwords by providing a public, private keypair for authentication, you can of course choose to specify a password for the authentication for an added level of security (Allowing you to have one unified login for you servers).

For the general user I would suggest the use of a password for securing the key further, you can forgo this in the case of secured automated processes however. (i.e. server to server backup via scp).

From the client machine:

Generate the key

1
ssh-keygen -t rsa

Follow the prompts to enter your password (or just hit enter for no password).

Copy the key

You must now copy the key to the server you wish to log in to.

1
scp ~/.ssh/id_rsa.pub target_user@target_server.com:~/.ssh/

Now log into the target server.

1
2
[target_user@target_server.com ~] cd ./.ssh/
[target_user@target_server.com .ssh] cat ./id_rsa.pub >> ./authorized_keys

Now exit the shell on the target server, and re-login.

1
ssh target_user@target_server.com

If you are prompted to enter a password this should be the password you entered when generating the key, if you did not specify a password you should now be logged into the target server without being prompted for a password.

This process works for both linux and MAC OSX, when generating keys as the client.

NOTE: If you regenerate the key for whatever reason this will replace the olde key pair, and you will need to go through the procedure of copying to the target server again.

Tags: , , ,

Comments No Comments »

13 01 2009

Installing Windows 7 on VMWare Fusion

Posted by Buzz in Mac, Windows

As per my previous post I was faced with a serious BSOD problem.

Now this is corrected and so you do not face the same problem here are my findings

  • VMWare identifies the ISO file as Vista
  • w7_1
  • The ‘optional’ admin password doesn’t seem to be optional! Enter this to avoid BSOD later.
  • w7_2
  • On file sharing I chose NONE
  • w7_3
  • Customize your settings!
  • NOTE: Set the hard disk type to IDE and NOT SCSI
  • w7_4
  • Enjoy
  • picture-2

Tags: , , ,

Comments No Comments »

23 12 2008

Saiweb Folding@Home Team ID 156680

Posted by Buzz in Linux, Mac, Windows

For those not in the know Folding@Home is a piece of software that runs in the background of your desktop, server, heck even your PS3.

I originaly started out back in 99/2000 with the united devices cancer research client, their website of UD.com however seems to have long since slipped into web history, no doubt due to their nature of charging for CPU time on ‘thier’ grid, which was made of donor machines … Folding @ Home however is Open Source and not run by some shady business but by a variety of labs and Educational bodies (http://folding.stanford.edu/English/About).

Ok so what is this ‘folding’ all about?

When protein chains combine in your body to form more complex chains, and eventualy cells the process of combination is called folding, and problems during the ‘folding’ stage can lead to Cancer, Alzheimers, Parkinson’s disease etc …

The problem faced when looking at protein folding is the shear number of possible ‘folds’ for each different type of protein, of course this is where computer power comes in, but even that has it’s limits this is where distributed computing helps.

Rather than a large super computer which is limited in budget, size and power distributed computing takes place by assigning a small work load to a ‘volunteer machine’, what this has lead to is a virtual super computer larger than any other, driven by software, and at the time of writing claims some 260,000 Active CPU’s

So please install this small piece of software on your machine by visiting the downloads page here: http://folding.stanford.edu/English/Download

Once you have the client running please join the Saiweb team 156680

Cheers

Buzz

NOTE:

I will be dedicated several machines to this, they will appear in the team members list prefixed buzz_ , one core from our Dedi server has also been dedicated to running F@H.

Tags: , , ,

Comments No Comments »

14 10 2008

Linux – The Sysadmin script – Part 2

Posted by Buzz in Bash Script, Linux, Mac

Part 2 has finally arrived …. don’t all cheer at once now …

In part two I will cover how to run an IP range scan using bash script, and if the host can be pinged retrieve the MAC address of the connected host.

Now bare in mind this script was written to run from a MAC running OSX Leopard.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
#!/bin/bash
#colours
function colours {
CLEAR='\e[00m';
GREEN='\e[0;32m';
RED='\e[0;31m';
YELLOW='\e[1;33m';
}
#ipscan
function ipscan {
IPS_START=1;
IPS_END=254;
IPS_RANGE=192.168.1.
echo "Now running IPSCAN $IPS_RANGE$IPS_START - $IPS_RANGE$IPS_END"
for ((i=$IPS_START;i&lt;=$IPS_END;i+=1)); do
RESULT=`ping -c 1 -t 1 $IPS_RANGE$i | grep "bytes from"`;
if [ -z "$RESULT" ]; then
echo -e "$IPS_RANGE$i:$RED DEAD $CLEAR";
# If you comment out the above to report just the alive hosts, bash gets a bit funny about not processing anything here, so uncomment the below to keep it happy
#holder=$i;
else
MAC=`arp $IPS_RANGE$i | awk '{ print $4 }';`;
echo -e "$IPS_RANGE$i:$GREEN ALIVE $CLEAR ($MAC)";
fi
done
}
colours;
$1 $2

To make this work on your Linux distro replace -t in the ping command with -W and check the awk entry for the arp output, a display of (no) means that no ARP entries could be found for the host, and change the IP range to that of your network.

That’s it for this part, dump this is a file and chmod +x as useual and run with ./script.sh ipscan.

Tags: , , ,

Comments 1 Comment »

23 09 2008

macFUSE

Posted by Buzz in Mac

As I sit here tapping away on the iMAC currently in use whilst I wait on my Mac Book Pro, I am looking at various projects around the Google APS API … One notably of which is the Google Docs, file sharing and collab system.

“MacFUSE implements a mechanism that makes it possible to implement a fully functional file system in a user-space program on Mac OS X (10.4 and above). It aims to be API-compliant with the FUSE (File-system in USErspace) mechanism that originated on Linux.”

Not much to the end user, but basically will allow you (with some programming) to mount pretty much anything as a file system volume.

The techdemo video lists implementations such as docFS (Google Doc’s API) and rssFS (rss feeds as a file system).

Looking at the hello world example on the macFuse wiki it should be fairly simple to implement pretty much anything as a file system.

More to come once the MBP arrives.

Tags: , ,

Comments No Comments »