Thursday, February 16, 2012

Security testing laptop build

HP DV7 - large screen and hardware virtualization support. Evidently enough people complained that it was permanently disable in old BIOS. It's now supported on at least some of their products:
http://www.shopping.hp.com/webapp/shopping/computer_can_series.do?storeName=computer_store&category=notebooks&a1=Intel+processors&v1=Intel+2nd+gen+Core&a2=Screen+size&v2=Over+16.9&a3=Category&v3=High+performance&series_name=dv7tqe_series&jumpid=in_R329_prodexp/hhoslp/psg/notebooks/Intel_2nd_gen_Core/dv7tqe_series

Indications that they're starting to unlock this feature in their bios:
http://h30434.www3.hp.com/t5/Notebook-Hardware/Enabling-Hardware-Virtualization/td-p/691835

Atheros N card for ath9k so hostapd etc work:
http://www.ebay.com/itm/JJPLUS-MR9-Atheros-AR9160-802-11N-ABG-500mW-Minipci-3x3-MIMO-MA25MP1-/190589728742?pt=LH_DefaultDomain_0&hash=item2c600877e6

All in all, a relatively cheap rig all things considered...

Saturday, January 28, 2012

Getting screen recording to sort of work on ubuntu latest

I'm writing this down for you as much as me. I recently had gtk-record get in a serious fight with mencoder and ffmpeg. FFmpeg never parsed swscaler properly for me. So my initial response was to use mencoder to reindex the file then use the great ffmpeg tool to do all the transcoding. Recently, something got borked during an upgrade and now the frame-rate gets messed up during mencoder reindexing, so the video component plays in fast-forward.

My solution was to take ALL of the transcoding I could out of the hands of automated tools and do it manually. So the flow looks something like this:

Record with ffmpeg x11grab
Record audio separately with sound recorder(not the best tool, but it works. I probably would have had better results if I had just used alsa as a capture device)
Generate silence with sox if required.
Join audio files and transcode with sox as required.
Combine streams with ffmpeg.
Re-encode once there is no cross codec witchery. <== I could have done this better by fixing the resolution at capture and using alsa as my audio capture device...
Finished.

So recording with x11grab:
I have a multimonitor system and I only record on monitor three so my ffmpeg line looks something like -
ffmpeg -f x11grab -s 1600*900 -sameq -r 25 -i :0.0+3200,0 test.mp4

Using soundrecorder is pretty obvious.

Silence with sox that gets along with soundrecorder was accomplished like so -
sox -n -c 2 -r 44100 silence.mp3 trim 0.0 25
25 being number of seconds 44100 being the expected bitrate of soundrecord and set to 2 channel.

Joining being accomplished by sox -
sox partc1.mp3 silence.mp3 partc2.mp3 full.mp3

AAC transcoding being accomplished like so -
ffmpeg -i full.mp3 -acodec aac -ab 128 full.aac

Combining of streams being accomplished like so -
ffmpeg -i test.mp4 -map 0:0 -vcodec copy -i full.aac -map 1:0 intermediate.mp4

Correcting resolution could have been accomplished in the last step, but I did it separately -
ffmpeg -i intermediate.mp4 -vf scale=1280:720 -sameq final.mp4

And now we have a procedure that works and doesn't crash or complain. I used to use kdenlive, but it has gotten more instead of less buggy for me. When you can't get a tool to work properly, I go to manual steps.

So, there you go... It works, preserves a decent amount of quality, and bypasses a lot of the transcoding hell that generates issues.

Wednesday, December 7, 2011

So here we go...

I couldn't find a built-in API to do this in Idapython. All the built-ins required that the DLL was loaded by an executable. For my purposes, that wasn't an option. So if you want DLL base address on just the DLL disassembled in IDA, you have to pull in Segments() and just get the lowest one, or index [0]. That's how I did it anyway. Code on github shortly...

Thursday, June 2, 2011

Just putting a little humor out there

How highly technical people see job searches...I think I need this on a T-Shirt

Monday, May 23, 2011

Just won a wireless challenge over on securitytube.

It was more of a python scripting challenge than a wireless challenge. Wep ~= ARC4. So the test case was more...well you take my point. Original challenge: http://www.securitytube.net/video/1884 Solution: http://www.securitytube.net/video/1900

Tuesday, May 3, 2011

Darn I need a job...

Anybody reading the blog that has leads on remote contracting opportunities please let me know...on a side note newegg has a pretty awesome chunk of hardware for under $300 here: http://www.newegg.com/Product/ComboBundleDetails.aspx?ItemList=Combo.639044&cm_sp=ShellShocker-_-639044-_-05032011 .  If you don't make the deadline, I bought two...send me a mail and I'll see what I can do. 
 
Oh and to add a little 'flair' 


profile for aking1012 on Stack Exchange, a network of free, community-driven Q&A sites

Wednesday, April 27, 2011

Just a note for people that read the blog and view securitytube...

If you get the code from exploitdb or packetstorm from my recent tutorial, you can bypass that huge ulimit requirement by removing all instances of " +\n\t\t".  It makes a lot of editors cry though, so you have been warned.  I just didn't want it to get abused by a bunch of skiddies.  It also makes the file get generated a LOT faster.  Okay, just thought I should let people know that it was on purpose.  I think I even noted in the video or exploit code that there were things I "could have done better".  This is one of them.