12 May 2017

Installing conpot on debian Jessie (8) for the lazy:

Prerequisites:
Update your box and sync your clock:
# apt-get update && apt-get upgrade
# apt-get install ntpdate libmysqlclient-dev gcc libpython27-dev

Then do a time update :
# ntpdate -v time.nist.gov

Now install pip :
# wget https://bootstrap.pypa.io/get-pip.py
# python get-pip.py
Then you should get something like this :
root@debian-dev:~# pip -V
pip 9.0.1 from /usr/local/lib/python2.7/dist-packages (python 2.7)

nice. Now on to
Conpot itself:
# pip install conpot
But if you run it it fails with this error:
[...] from bacpypes import LocalDeviceObjectImportError: cannot import name LocalDeviceObject

Awww snap !
That’s because conpot is a bit outdated and looks for a class in the bacpypes package where it used to be several versions ago, but the author moved it. So all your lazy ass has to do is change
IN FILE: /usr/local/lib/python2.7/dist-packages/conpot/protocols/bacnet/bacnet_server.py
Look for: from bacpypes.app import LocalDeviceObject
Change to: from bacpypes.service.device import LocalDeviceObject

And what do you know: magic happens :
# conpot --help
[...]  Version 0.5.1  MushMush Foundation [...]

Now run it test if it actually listens :
# conpot --template default

And Surely enough, it does :
[...]
2017-05-12 16:21:15,204 IPMI BMC initialized.
2017-05-12 16:21:15,204 Conpot IPMI initialized using /usr/lib64/python2.7/site-packages/conpot/templates/default/ipmi/ipmi.xml template
2017-05-12 16:21:15,204 Found and enabled ('ipmi', ) protocol.
2017-05-12 16:21:15,204 No proxy template found. Service will remain unconfigured/stopped.
2017-05-12 16:21:15,204 Modbus server started on: ('0.0.0.0', 502)
2017-05-12 16:21:15,204 S7Comm server started on: ('0.0.0.0', 102)
2017-05-12 16:21:15,205 HTTP server started on: ('0.0.0.0', 80)
2017-05-12 16:21:15,275 SNMP server started on: ('0.0.0.0', 161)
2017-05-12 16:21:15,275 Bacnet server started on: ('0.0.0.0', 47808)
2017-05-12 16:21:15,276 IPMI server started on: ('0.0.0.0', 623)
2017-05-12 16:21:20,206 Privileges dropped, running as "nobody:nogroup"
[...]

Right, so you told python to do it’s thing, and surely it now listens :
root@debian-dev:~# netstat -antlup | grep -i list
tcp        0      0 0.0.0.0:502             0.0.0.0:*               LISTEN      11642/python  
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      403/sshd      
tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN      667/exim4      
tcp        0      0 0.0.0.0:57657           0.0.0.0:*               LISTEN      386/rpc.statd  
tcp        0      0 0.0.0.0:102             0.0.0.0:*               LISTEN      11642/python  
tcp        0      0 0.0.0.0:111             0.0.0.0:*               LISTEN      373/rpcbind    
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      11642/python  
tcp6       0      0 :::22                   :::*                    LISTEN      403/sshd      
tcp6       0      0 ::1:25                  :::*                    LISTEN      667/exim4      
tcp6       0      0 :::42332                :::*                    LISTEN      386/rpc.statd  
tcp6       0      0 :::111                  :::*                    LISTEN      373/rpcbind     

Mind you, this box be much new, very basic.

Here’s how it looks like from a browser on port 80:
















Such conpot, much http !
Now get configuring. This guide doesn't cover that since it's plainly written here : https://mushorg.github.io/conpot/usage/index.html

Installing conpot on Centos 7 easy for the lazy:

Prerequisites:
First of all, I am talking about a fresh install, so read between the lines if that’s not the case, mkay mkay. Make sure your system is updated and your clock is set properly:
# yum -y update
# yum -y install ntpdate

then ln -sf /usr/share/zoneinfo/[Your_Region]/Your_Capital_City /etc/localtime
For example

# ln -sf /usr/share/zoneinfo/Europe/Bucharest /etc/localtime
Then do a time update :
# ntpdate -v time.nist.gov

Now install pip :
# curl -O https://bootstrap.pypa.io/get-pip.py
# python get-pip.py 
Then you should get something like this :
[root@centos7development ~]# pip -V
pip 9.0.1 from /usr/lib/python2.7/site-packages (python 2.7)

Dependencies:
# yum install mariadb-devel gcc python-devel
nice. Now on to
Conpot itself:
# pip install conpot
But if you run it it fails with this error:
[...] from bacpypes import LocalDeviceObjectImportError: cannot import name LocalDeviceObject

Awww snap !
That’s because conpot is a bit outdated and looks for a class in the bacpypes package where it used to be several versions ago, but the author moved it. So all your lazy ass has to do is change
IN FILE: /usr/lib64/python2.7/site-packages/conpot/protocols/bacnet/bacnet_server.py
Look for: from bacpypes.app import LocalDeviceObject
Change to: from bacpypes.service.device import LocalDeviceObject

And what do you know: magic happens :
# conpot --help
[...]  Version 0.5.1  MushMush Foundation [...]

Now run it test if it actually listens :
# conpot --template default

And Surely enough, it does :
[...]
2017-05-12 16:21:15,204 IPMI BMC initialized.
2017-05-12 16:21:15,204 Conpot IPMI initialized using /usr/lib64/python2.7/site-packages/conpot/templates/default/ipmi/ipmi.xml template
2017-05-12 16:21:15,204 Found and enabled ('ipmi', ) protocol.
2017-05-12 16:21:15,204 No proxy template found. Service will remain unconfigured/stopped.
2017-05-12 16:21:15,204 Modbus server started on: ('0.0.0.0', 502)
2017-05-12 16:21:15,204 S7Comm server started on: ('0.0.0.0', 102)
2017-05-12 16:21:15,205 HTTP server started on: ('0.0.0.0', 80)
2017-05-12 16:21:15,275 SNMP server started on: ('0.0.0.0', 161)
2017-05-12 16:21:15,275 Bacnet server started on: ('0.0.0.0', 47808)
2017-05-12 16:21:15,276 IPMI server started on: ('0.0.0.0', 623)
2017-05-12 16:21:20,206 Privileges dropped, running as "nobody:nobody"
[...]

Right, so you told python to do it’s thing, and surely it now listens :
[root@centos7development ~]# netstat -antlup | grep -i list
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      18362/python    
tcp        0      0 0.0.0.0:502             0.0.0.0:*               LISTEN      18362/python    
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      896/sshd        
tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN      991/master      
tcp        0      0 0.0.0.0:102             0.0.0.0:*               LISTEN      18362/python    
tcp6       0      0 :::22                   :::*                    LISTEN      896/sshd        
tcp6       0      0 ::1:25                  :::*                    LISTEN      991/master        

Mind you, this box be much new, very basic.
Being Centos and all that you need to setup some firewall permissions, but for the sake of argument, and since this is not a "how-to firewalld yourself", I just disabled it :
Here’s how it looks like from a browser on port 80:
















Such conpot, much http !
Now get configuring. This guide doesn't cover that since it's plainly written here : https://mushorg.github.io/conpot/usage/index.html

27 January 2017

Building curl (7.52.1) rpms on CentOS 6 and 7

Greetings,

Let's save you the trouble of trial and error figuring out how to make this thing work in a somewhat elegant manner, by having rpms and being able to up/down-grade at any time, and eventually ending up with something like this:

[root@centos6 build]# curl --version
curl 7.52.1 (x86_64-redhat-linux-gnu) libcurl/7.52.1 OpenSSL/1.0.1e zlib/1.2.3 libssh2/1.4.2
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtsp scp sftp smb smbs smtp smtps telnet tftp 
Features: AsynchDNS IPv6 Largefile GSS-API Kerberos SPNEGO NTLM NTLM_WB SSL libz UnixSockets HTTPS-proxy 
[root@centos6 build]# rpm -q curl
curl-7.52.1-1.x86_64
[root@centos6 build]# rpm -q libcurl
libcurl-7.52.1-1.x86_64
[root@centos6 build]# 

First, prepare your environment and sync the clocks. You don't want to know the ammount of wierd errors happening because your clock isn't in sync.

For CentOS 6:
sudo yum -y update && yum -y groupinstall "Development Tools" 
sudo yum -y install groff krb5-devel libidn-devel libssh2-devel nss-devel openldap-devel openssh-clients openssh-server pkgconfig stunnel zlib-devel rpm-build ntpdate perl-Time-HiRes 
sudo ntpdate -v time.nist.gov  

For CentOS 7:

sudo yum -y update
sudo yum group mark-install "Development Tools"
sudo yum group update
sudo yum -y install groff krb5-devel libidn-devel libssh2-devel nss-devel openldap-devel openssh-clients openssh-server pkgconfig stunnel zlib-devel rpm-build ntpdate perl-Time-HiRes perl-Digest-MD5
sudo ntpdate -v time.nist.gov

Now setup the actual build:

sudo adduser build

Login as user "build"

sudo su - build -
mkdir -p ~/rpmbuild/{BUILD,RPMS,SOURCES,SPECS,SRPMS}
echo '%_topdir %(echo $HOME)/rpmbuild' > ~/.rpmmacros

Now you will need the source package for curl 7.52.1 and this spec file which is "borrowed" and modified from the official centos srpm.

Copy this paste to a file and call it curl.spec, save it in the homedir of user "build" : Curl 7.52.1 spec

Paste this to rpmbuild/SOURCES/curlbuild.h (create it as it does not yet exist) : curlbuild.h

Download the sources :

wget https://curl.haxx.se/download/curl-7.52.1.tar.lzma -O rpmbuild/SOURCES/curl-7.52.1.tar.lzma

Then build :

cd && rpmbuild -ba curl.spec

It should work and the final files are these:

ls rpmbuild/RPMS/x86_64/ -lah
total 1.2M
drwxr-xr-x. 2 build build 4.0K Jan 27 20:33 .
drwxrwxr-x. 3 build build 4.0K Jan 27 20:33 ..
-rw-rw-r--. 1 build build 261K Jan 27 20:33 curl-7.52.1-1.x86_64.rpm
-rw-rw-r--. 1 build build  24K Jan 27 20:33 curl-debuginfo-7.52.1-1.x86_64.rpm
-rw-rw-r--. 1 build build 200K Jan 27 20:33 libcurl-7.52.1-1.x86_64.rpm
-rw-rw-r--. 1 build build 654K Jan 27 20:33 libcurl-devel-7.52.1-1.x86_64.rpm

Now install them :

rpm -Uvh /home/build/rpmbuild/RPMS/x86_64/curl-7.52.1-1.x86_64.rpm /home/build/rpmbuild/RPMS/x86_64/libcurl-7.52.1-1.x86_64.rpm 

Preparing...                ########################################### [100%]
   1:libcurl                ########################################### [ 50%]
   2:curl                   ########################################### [100%]

And you have it :

curl 7.52.1 (x86_64-redhat-linux-gnu) libcurl/7.52.1 OpenSSL/1.0.1e zlib/1.2.3 libssh2/1.4.2
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtsp scp sftp smb smbs smtp smtps telnet tftp 
Features: AsynchDNS IPv6 Largefile GSS-API Kerberos SPNEGO NTLM NTLM_WB SSL libz UnixSockets HTTPS-proxy

Yay :D Happy downloading !
Big thanks to whoever maintains hilite.me !

21 April 2016

Dragon Age: Inquisition The Deeproads DLC Load crash fix and/or possible suggestions.

So you like to play on PC and you too had this problem, eh ?
Load a game saved anywhere inside the Ruins of Heidrun Thaig and the game loads ending up to a black screen with the pulsating DAI logo which then freezes, Cpu usage goes to 99% and the game needs termination from the task manager.

Stay with a fereldan horse mount, select that one and forget about any other exotics. - unbeliveable but this actually does the trick.
Other solution involves Alt Tabbing out of the game as soon as you hit the load button and waiting for two minutes or so then Alt Tabbing back.
Other solution involves entering the Deeproads from the war council table but that doesn't always fix the issue.

This is bugged but as far as i know it's the only place in the game where this happens constantly. Other areas/DLC's should be flawless.

BUT WAIT:
What if you don't have any *decently* *recently* saved game previous to entering the DLC area ? 

Well,
Quick way:
  • Go to C:\Users\{YOUR_USER}\Documents\Bioware\Dragon Age Inquisition\Save and delete the ProfileOptions_profile file. it should be a 2kb file.
  • if you have a controller, unplug it.
  • Enter the game but change no settings whatsoever. Just load your Ruins of Heidrun Thaig save. It *SHOULD* load. 
  • As soon as it does, go to Skyhold, change your mount to a fereldan horse, SAVE YOUR GAME.
  • Go to options and customize graphic settings, enable controller support, plug in your controller, EXIT game.
  • Start the game again, load your Skyhold save, fast travel to Yours truly (screenshot below)
The Deep Roads way :
  • if you have a controller, unplug it.
  • Repair/reinstall whatever your game.
  • Go to C:\Users\{YOUR_USER}\Documents\Bioware\Dragon Age Inquisition\Save and cut as in *move it* "ProfileOptions_profile" somewhere safe. - Leave ONLY the DAS files and "ProfileOptions" file.
  • Enter the game but change no settings whatsoever. Just load your Ruins of Heidrun Thaig save. It *SHOULD* load.
  • As soon as it does, go to Skyhold, change your mount to a fereldan horse, SAVE YOUR GAME.
  • Go to options and customize graphic settings, enable controller support, plug your controller, EXIT game.
  • Start the game again, load your Skyhold save, fast travel to Yours truly :

Credits:
As suggested by Niah_Dark
As suggested by MonorissStormrag
Also to me, because I played a while in the deeproads and my non crash save was hours behind.

12 March 2014

A word on business

How to understand business:
- it makes money so it must be right -

Best value for money : did a friend tell you? no ? ignore it.
We care about our customers : they care about their profits.
Save on x this weekend limited offer : no it's not. you don't save on anything at all. They make a product, estimate sales, estimate profit, in case all fails, workers get fired, company profits via "limited extra deals" "special offers" "exclusive deals" "anything that at least returns investment"
New and improved: more shiny/better engineered to keep returning revenue.
24/7 tech support: maybe, but how competent ? did a friend tell you ? no? prolly not worth it.
Testimonials : did a friend tell you ? you know what to do.
Ease of use : should be "dumbed down". they know you are stupid. they profit from it.
Modern look: you fall for stereotypes. They're counting on it.
Free: no it's not. anything free - you're the payment. You get to provide statistic information gender/date of birth/email/etc. They make serious money from gathering data, masquerading it by giving you a "free" product. Even if you don't tell them anything they can still gather data. You have to take possession of the free goods, they will log it. Worse case scenario, they feed you crumbs one time, you'll shake your tail forever.
 - the list goes on. They make sure of it every time they need money. which is 24/7

Doesn't even have to come as advertised. You claim reimbursement, they have the EULA.

Remember: You are greedy. They know.
Remember: You are cheap. They know as well.
In fact they're so competent at researching it, they use it against you on a daily basis.

You think you're smart. They know. While you're making them money they can even throw a bonus diploma to make you feel better.

Also Remember:
Small time punks make it big.
Small time punks make money. Dream money. See money.
They do.
Precisely because they're not "educated". (more on this later. those quotes are not by accident)
They don't care about the what-ifs. they don't even consider them.
They aim and shoot.
Most do well.
Some make it big.
Their business expands.
Their mentality remains constant.
It worked for them so it must be right. It will keep on working.

You don't care: They approve.
You keep buying. They keep lying.
They made money so it must be right.

You want a job. They offer -opportunities-
You make money: Not even close to what they make on your ass.
You like it.
So do they.

You settle and you think you're good ? They think you're perfect.
Congratulations, you are an "educated" human being.
-----

On "education":
What is education as a concept: acquiring skills necessary to survive, evolve and thrive.
What is education today: a very good business in itself.
How did modern education came to be ? Industrialization needed to train monkeys to read/write, perform basic math such as conversion between certain units of measurement, understand workflows, coordinate assembly line production for maximum profit.
I mean efficiency.
How is education today: most graduates confirm lack of employment. Inability to join an assembly line.
Doesn't even provide what it was engineered to: true, it evolved.
Why is it still around in the same old formula ? - it's become a very successful business in itself: vast amounts of money are required to cover expenses during basic education from start to finish not to mention college and higher.
What does it actually do to the average joe ?
Prepare him for shifts that he will probably find hard to find.
(average joes complete basic education and instruct offspring to follow same path)
What does it actually do to the gifted joe ? 
Prepare him for setting up shifts for average joes.
(small time punks fit here, usually for a while then dropout)
What does it actually do to the genius joe ?
Start Armageddon.

ps: business is not evil. it's just seen too little genius joes.
but, but.. don't they care ?
no

12 June 2013

so, my 2 cents on internet censorship:

Before i begin, let's talk about the real reason why kennedy was shot(it's relevant here). Dollars failed to have intrinsic value and he was shot cause he re-instated intrinsic value on the dollar.

as in this black/white scan of a dollar bill that was printed at the time ->

(this is an example bank note). note the inscription at the bottom (middle) "one silver dollar payable to the bearer on demand"
That means you take the piece of paper, go to the bank, get your silver's worth and make a ring with it or smth.
Right after he was shot the dollar is as is today a -legal tender- and nothing more.


like this color one here-> 

Note it says in the upper left it'a s legal tender. basically a worthless piece of paper who'se value is dictated by who-the-fuck-knows-who. the federal reserve prolly but that's besides the point.

Now what does this have to do with internet censorship ?
well, take a look at this: https://btc-e.com/ and if u want to see how electronic money flows live and without hindrance look at this and click on the green buttons. you'll see some considerable ammounts of money flowing around unchecked by any bank authority: https://blockchain.info/





Now, take theese guys called the FTC. stands for federal trade commision. basically they're kinda like money police; k, but serving whom ? ;)
Now, bitcoin traffic is already getting big.
Copyright infringement/Hollywood&media losing money over internet piracy ? oh come on. the laws they would have our -beloved- governments pass are made for controlling the digital flow of information that this currency is 100% consistent of. Currency that grew wings and took such flight that it scares the shit out of them. You know, all the traffic filtering done at internet service provider level and all that stuff that a lot (even mainstream) news media websites are talking about for a couple of years now. acta/sopa/pipa/cispa and who knows what others.

-Comment or get drunk.
P.S.: original bitcoin creators are anonymous - no, not the group, not officially anyway, tho who knows ? it could be.

22 February 2013

how to install glastopf on centos 6 in a couple of minutes, no hassle

Edited on 04'th of March 2013 to reflect latest glastopf changes.
 
If you're wondering WTF is glastopf, well -> that's the bugger !
Some words before we begin:
Installing glastopf on Centos 6.3 32bit/64bit can be a pain especially if you break your already in place python setup. That's because glastopf needs 2.7 :) cute :>
First python version 2.7 needs to be installed without breaking the default 2.6 install (this would mess up yum and other tools that depend on python 2.6) *you want to stay away from that.

Ok, so how you set your OS up is up to you. you can get iso's, burn em and install in a physical machine, or virtualise using virtualbox/openvz/xen/vmware whatever you wish, the point is, you must have a fresh install(preferably) and a login prompt. 
Also, this was adapted from this ubuntu guide:the marvelous ubuntu guide. Once you're at a login prompt or at the shell, read on: 


All commands issued by root. If you must use sudo then do. I encourage it.
Setup the 'mess'(build) dir if you prefer but you can install python from anywhere.

Prepare the environment:
Prequisites from rpms

# yum groupinstall "Development Tools"
# yum install zlib-devel bzip2-devel openssl-devel ncurses-devel sqlite-devel readline-devel tk-devel php-devel libxml2-devel libxslt-devel atlas atlas-devel gcc-gfortran g++ git php php-devel wget screen mysql mysql-server mysql-devel libevent-headers
- accept all deps. 
- You need some of those things to have a not-only-barely-functional python interpreter. 
- from this point on it is recommended to perform all your work in screen. if you're not familiar with screen here's a good tutorial: the mighty screen. Basically it's a virtual terminal that keeps whatever stuff you do in it running even if your ssh session fails due to leet-isp-skills or alien crashes severing your fiber channels. Then when you reconnect you can re-attach to it and voila. it's as if you never left.
# mkdir -p /usr/local/build/
Python installation: cd to previously created dir, then:
# wget http://www.python.org/ftp/python/2.7.3/Python-2.7.3.tar.bz2
# tar xjf Python-2.7.3.tar.bz2
# cd Python-2.7.3
# ./configure --prefix=/usr/local
# make && make altinstall
(the red word is very important)
Prequisites for pip (if you don't like distribute feel free to use your favourite):
# cd /usr/local/build/ 
# curl -O http://python-distribute.org/distribute_setup.py
# python2.7 distribute_setup.py
Pip installation:
# cd /usr/local/build/  
# curl -O https://raw.github.com/pypa/pip/master/contrib/get-pip.py
# python2.7 get-pip.py
Proceed to prequisites for glastopf:
  • pymongo:
# pip-2.7 install --upgrade pymongo
  • numpy and other deps:
# pip-2.7 install numpy
# pip-2.7 install chardet sqlalchemy lxml beautifulsoup pyOpenSSL requests MySQL-python
# pip-2.7 install scipy
(be warned: pip installs software from alpha centauri so expect *some* delays. also compiling can take a while.)
  • antlr:
# cd /usr/local/build/
# wget http://www.antlr3.org/download/antlr-3.1.3.tar.gz
# tar xzf antlr-3.1.3.tar.gz
# cd antlr-3.1.3/runtime/Python
# python2.7 setup.py install
  • SKLearn:
# cd /usr/local/build/
# git clone git://github.com/scikit-learn/scikit-learn.git
# cd scikit-learn
# python2.7 setup.py install
  • evnet:
# cd /usr/local/build/
# git clone git://github.com/rep/evnet.git
# cd evnet
# python2.7 setup.py install
Install and configure the php sandbox
# cd /usr/local/build/
# git clone git://github.com/glastopf/BFR.git
# cd BFR
# phpize
# ./configure --enable-bfr
# make && make install
take a look at your architecture and add this line to php.ini accordingly:
zend_extension = /usr/lib/php/modules/bfr.so
or
zend_extension = /usr/lib64/php/modules/bfr.so

Proceed with glastopf 
# cd /usr/local/build
# git clone https://github.com/glastopf/glastopf.git
# cd glastopf
# python2.7 setup.py install
if for some weird reason this doesnt work retry last command - i had issues due to some weird network problems or mirror issues. 

Create a directory that will serve as your glastopf honeypot root. anywhere you want. For example /usr/local:
# mkdir /usr/local/honeypot 
# cd /usr/local/honeypot
AND THEN : 
# glastopf-runner.py
but wait. it fails. that's because in the glastopf.cfg file that it sets up in this directory the group id doesn't exist. it may on debiant/ubuntu but not on centos. so change it to nobody and adjust other settings and you're set.

# screen glastopf-runner.py
It should look like something similar to this with the last line being Glastopf started and privileges dropped:


:D enjoy