In a recent rage of boredom I decided to do some messing around with my network (MY NETWORK). I booted backtrack 3, connected to my wireless router, opened ettercap to perform an arp-poison, opened driftnet to capture images, and started wireshark to monitor packets in real-time.
As I watched the traffic while I surfed the web I decided to see if I could get the files out of the pcap file afterwards. As I searched the net I found some articles in "File Carving". Most of them where on using the program "foremost" so I gave it a try. To my amazement foremost had created several neatly organized folders and placed in them files by extension. This was cool!
Sadly all my images seamed to be corrupted, so I began my search again. After some time I figured what they heck and stopped in to the remote-exploit irc channel. I asked if there was a way to extract files from my pcap files and was told to check out "chaosreader". That was all the information I needed. After typing chaosreader -h into the console I read through the examples and gave it a try.
Fantastic! it worked perfectly. All my images where viewable. The downside was some of the files where named funky but after viewing the index.html and images.html I quickly found out what was what.
After some more testing and reading I found that larger pcap files could not be processed by chaosreader due to my 1gig of ram. One article stated that chaosreader could use 5 times the ram as the file size. So my 100mb cap file would need 500mb of ram to process plus more ram to create files and run my OS. So I used the file splitter option built into wireshark to make smaller files.
As further tests I downloaded a zip file I created and watched a movie. To my surprise (somewhat) I was able to extract my zip file and the video I had watched. Which kind of begs the question why do online video services spend so much on protecting their videos when all someone needs to do is capture the stream and extract the video? Lucky for me I watched a free video from a public domain site. :)
Eventually I would like to test this with other data streams, such as audio and maybe try it out with xbox live audio chat. I don't see much reason why it would not work but it gives me something to do.
Jei.
Thursday, March 26, 2009
Sunday, March 22, 2009
Fun with GPS.
After playing around with my new Asus 900HA netbook I wanted to pick up on something that never really took off very far. Mapping wireless networks. I know tons of people have already done this, and by checking a few other sites online it looks like some people have even mapped parts of my town. So after some minor debating I settled on the Rino 120 from Garmin. I have owned several gps devices through the years and Garmin just seams to be one of the best. Not only does it work great with my software, but its also nice to be able to carry it around for geocaching, hiking, or even just to see information from a trip such as speed and even where I stopped and what times.
So after the gps device showed up I had to make another trip to my local Best Buy to grab a USB to SERIAL adapter since my netbook did not come with a serial port, and since the gps device did not come with a usb cable as advertised. Once I got everything set it was time to take a trip.
I went from Quincy, IL to Keokuk, IA and sadly it was gloomy out so the clouds kept the gps from picking up anything. On the way back home however the gps finally started to work in Hamilton, IL. So below is a small portion of Quincy and the wireless networks I detected along the way.
As you can see Quincy is not shy to wireless, I think I had over 300 networks before I got out of the area.
You can also download the full data for Google Earth here from Jeicrash.net
I hope to have more data soon and more gps fun as the weather gets better and I'm able to get out more.
So after the gps device showed up I had to make another trip to my local Best Buy to grab a USB to SERIAL adapter since my netbook did not come with a serial port, and since the gps device did not come with a usb cable as advertised. Once I got everything set it was time to take a trip.
I went from Quincy, IL to Keokuk, IA and sadly it was gloomy out so the clouds kept the gps from picking up anything. On the way back home however the gps finally started to work in Hamilton, IL. So below is a small portion of Quincy and the wireless networks I detected along the way.
As you can see Quincy is not shy to wireless, I think I had over 300 networks before I got out of the area.
You can also download the full data for Google Earth here from Jeicrash.net
I hope to have more data soon and more gps fun as the weather gets better and I'm able to get out more.
Wednesday, March 11, 2009
Asus 900HA
Finally after more then a year I got my first netbook. I have been following the Asus line very closely and reading through everything hinting at the EEE models. After hundreds of videos, thousands of reviews and what seams like a tireless back and forth act of to buy or not to buy, I finally set my eyes and bank book on the 900HA. One of the most recent releases of the netbook series the 900HA comes complete with 3 usb 2.0 ports, external vga port, built in atheros chipset wireless card, ethernet port, 160Gig Sata hard drive and a gig of ram.
On top of that the 900HA can boot from the Hard drive, Ethernet, USB and SD port. So playing around with multiple operating systems becomes very easy.
Wardriving nuts will definitely get a great deal of pleasure from the 900HA as the wireless card supports "Monitor" mode and packet injection. Even without the EEE mods for linux the display looks fine and works flawlessly.
And for those wanting to know how to get your wireless card out of monitor mode after running spoonwep. Its as easy as:
wlanconfig ath0 destroy
wlanconfig ath0 create wlandev wifi0
and to get kismet to work simply edit /usr/local/etc/kismet.conf and find the source= line and change it from:
source=none,none,addme
to
source=madwifi_g,wifi0,atheros
and save.
Soon a rhino 120 GPS radio will be added to my new toy and I plan on heading out and mapping some hotspots with my new geek toy.
Video link comming soon!
Jei
On top of that the 900HA can boot from the Hard drive, Ethernet, USB and SD port. So playing around with multiple operating systems becomes very easy.
Wardriving nuts will definitely get a great deal of pleasure from the 900HA as the wireless card supports "Monitor" mode and packet injection. Even without the EEE mods for linux the display looks fine and works flawlessly.
And for those wanting to know how to get your wireless card out of monitor mode after running spoonwep. Its as easy as:
wlanconfig ath0 destroy
wlanconfig ath0 create wlandev wifi0
and to get kismet to work simply edit /usr/local/etc/kismet.conf and find the source= line and change it from:
source=none,none,addme
to
source=madwifi_g,wifi0,atheros
and save.
Soon a rhino 120 GPS radio will be added to my new toy and I plan on heading out and mapping some hotspots with my new geek toy.
Video link comming soon!
Jei
Sunday, March 8, 2009
Hulu blocks Boxee - But why?
Several articles popped up this week about online video site hulu.com blocking once again the up coming media center / streamer boxee. Many users are confused and baffled as to why boxee is being singled out.
Several people have expressed the same concerns. Whats the difference in viewing hulu from your pc's browser or from your boxee software? Hulu.com stated that the block was part of their "content suppliers" request.
So how long before boxee allows users to set their own "user agent" string in boxee to make sites think users are viewing the videos with IE, Firefox, or Opera?
The only reason I can see hulus' content providers asking for the block in fear of users recording shows and redistributing them without permission. Never mind the fact that out of the dozens of video download plug-ins available those who want a hard drive copy already have them.
Hulu.com or at least their "content providers" have lost a few points in my book, but I'll still continue to use them until they block all browsers but IE.
Jei.
Several people have expressed the same concerns. Whats the difference in viewing hulu from your pc's browser or from your boxee software? Hulu.com stated that the block was part of their "content suppliers" request.
So how long before boxee allows users to set their own "user agent" string in boxee to make sites think users are viewing the videos with IE, Firefox, or Opera?
The only reason I can see hulus' content providers asking for the block in fear of users recording shows and redistributing them without permission. Never mind the fact that out of the dozens of video download plug-ins available those who want a hard drive copy already have them.
Hulu.com or at least their "content providers" have lost a few points in my book, but I'll still continue to use them until they block all browsers but IE.
Jei.
Subscribe to:
Posts (Atom)
