Tuesday, June 3, 2014

Generating Elliptical Curve (EC) Key/Pair

Just finished a post over at Splunk blog regarding using EC (Elliptical Curve) certs with in Splunk. Although the explanation was geared towards someone deploy the keys in a Splunk deployment the key pair could be used in any situation (proxy, web server etc..)

Here is the TL;DR summary of the post:


Generate a New Elliptical Curve CA key and Cert
openssl ecparam -out ca-key.pem -genkey -name prime256v1
openssl req -x509 -new -key ca-key.pem -out ca-cert.pem

Generate Servers Private key and CSR
openssl ecparam -out server-key.pem -genkey -name prime256v1
openssl req -new -key server-key.pem -out server-csr.pem


Generate Public Certificates:
openssl x509 -req -days 365 -in server-csr.pem -CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 -out server-cert.pem

Testing

If you want to test your keys. Start a web server with the following openssl command.
openssl s_server -www -key server-key.pem -cert server-cert.pem -CAfile ca-cert.pem -state

Then, try to connect to
openssl s_client -connect 127.0.0.1:4433

Friday, May 9, 2014

Nexpose Python Client Library

Just wrapped up a client library for Nexpose. I forked one already created, but added custom reporting support to it, which was a feature that a friend was requesting. Hope it helps anyone else running this as their Vulnerability scanner.

https://github.com/divious1/pnexpose

If there are any errors, or issues with it please feel free to ping me at @divious_1

Thursday, November 28, 2013

SensorSub.com, IndicatorIntel.com, Public CIF Updates

Its been a while since I provided an update on the ongoing  projects or anything new. First off want to extend a huge public thank you to Rebekah Monson (@rsm) for making sensorsub.com and taking it to a new levels with the Awesome Foundation grant. She has a great recollection of the Subs evolution on the site with upcoming events. Hopefully we should be water testing it ASAP and I should be putting up an updated bill of materials and design plan. Alot of items have changed through the Subs evolution and I'm sure alot more will change as we start water testing it.

IndicatorIntel.com is half cooked so far, I have a working application which collects OSINT data and stores it on a no SQL data store. The next step is making collectors for honeypots like Dionea or Amun and start making a search UI.

As to the public CIF instance I have to apologies for not being on top of new user request. Some have been backed up and I have not updated the service to CIF 1.0v yet. As time progressing I will be phasing out this service to replace it with IndicatorIntel.com as I get closer to a release candidate.

Sunday, September 15, 2013

Get Crazyflie Quad Copter working on the Raspberry Pi with a Sony PS3 Bluetooth controller

Recently got my hands on a crazyfly and I must say I love it. Took me few minutes to get it assembled using bitcraze instructions: http://wiki.bitcraze.se/projects:crazyflie:mechanics:assembly
I wanted to get it running with my raspberry pi to use it on the go but ran into a few hiccups so I decided to put this doc together as  guide for anyone whom has a PS3 Bluetooth controller at home (crazyfly has only documentation on xbox wired).



Things you need:

  1. Crazyflie
  2. Sony PS3 Controller
  3. USB Bluetooth adapter
  4. Crazyradio
  5. Raspberry Pi (with all necessary accessories)



  1. Start to assemble the crazyflie using the instructions at bitcrazy.
  2. Download and image an SD card with bitcraze pre-built raspberry pi crazy fly image: http://wiki.bitcraze.se/projects:crazyflie:binaries:raspberrypi
  3. Boot up the Pi with the fresh baked image, update you pi and install any necessary tools you use (I usually install vim, lshw, screen, etc..)
  4. Install PS3 controller and other necessary libraries:
    sudo apt-get upgrade
    sudo apt-get install bluez-utils bluez-compat bluez-hcidump libusb-dev libbluetooth-dev joystick usbutil pyqt4-dev-tools
  5. Check that the Bluetooth module is being detected: 
    pi@raspberrypi ~ $ hciconfig hci0: Type: BR/EDR Bus: USB
    BD Address: 00:1F:81:00:06:20 ACL MTU: 1021:4 SCO MTU: 180:1
    UP RUNNING PSCAN
    RX bytes:1260 acl:0 sco:0 events:46 errors:0
    TX bytes:452 acl:0 sco:0 commands:45 errors:0
    If you see your USB Bluetooth adapter then you are good if not there is an issue with the Pi Recognizing your adapter
  6. Install the paring software to pair the controller with the Pi:
    wget http://www.pabr.org/sixlinux/sixpair.c
    gcc -o sixpair sixpair.c -lusb

  7. After you compile this file there will be a binary executable called “sixpair” which now you can execute, connect your PS3 controller using a USB cable to the Pi (You only have to do this once for the pairing)
    Run the executable and you should see something like this:
    crazyfly-pi ~ $ sudo ./sixpair
    Current Bluetooth master: f0:f0:02:c7:f5:8e
    Setting master bd_addr to 00:10:60:d2:c2:fe

  8. If you get that output that means your controller is now officially paired with the Pi. Now we have to install the controlling application that read the controller as an input device. 
    wget http://sourceforge.net/projects/qtsixa/files/QtSixA%201.5.1/QtSixA-1.5.1-src.tar.gz
    tar xfvz QtSixA-1.5.1-src.tar.gz
    cd QtSixA-1.5.1/sixad
    make
    sudo mkdir -p /var/lib/sixad/profiles
    sudo make install 
  9. Now we can test to see if the controller is working first start the sixad daemon and initiate the controller:
    sudo sixad --start
    When Prompted Press the PS button and the 4 upper LED on controller will light up.
  10. To test that you are indeed receiving input from the controller run jstester against the input:
    sudo /usr/bin/jstest /dev/input/js0
    You should be seeing the following values change and you press keys in the controller.

  11. We must tell now cfheadless that we are going to be using a PS3 Bluetooth controller edit the following file and Change PS3_Mode1 to PS3_Mod2 like so: crazyfly-pi:~# cat /home/bitcraze/controller.conf
    PS3_Mode_2
  12. Now we need to make that assures that cfheadless is always running, this assures that even if the crazyflie is not detected right away it will get configured the right way. Place the following script in /root/run_crazyfly.sh

  13. Now we make this run every minute
    sudo -i
    crontab -e

    and add the following lines to it:
    */1 * * * * /root/run_crazyfly.sh
    @reboot sixad -s

  14. You should be set now, restart your pi, make sure you turn on your crazyflie. Once the pi has booted give it 5 minutes and press the PS button on your ps3 controller. You should be able to controller your crazyflie with the controller. 





Tuesday, September 3, 2013

Underwater ROV 2.0

Redesign

After some serious thinking on the direction and cost of the submarine, I though it would make sense to consolidate the motor control functions into a raspberry pi. I have used the adafruit 16 channel server driver board to control the ESC (http://www.adafruit.com/products/815). This takes that responsibility away from the Arduino which was the original sub concept. Furthermore, with the release of the raspberry pi camera now on the pi I can also consolidate the streaming video capabilities. This gets rid of the necessity to buy an IP camera and have 2 network connections on the submarine. As the frame goes no serious water testing as occur as of yet but as soon the motor is completed there will be some redesign as well. Below you can see a video of the raspberry pi controlling the ESC of the current sub.


Getting ESC with raspberry Pi and adafruit servo controller working. Excuse the desk mess. from Jose Hernandez on Vimeo.

First you must get I2C installed on the PI by running:

sudo apt-get update && sudo apt-get upgrade
sudo apt-get install python-smbus i2c-tools

Make sure that I2C is working by running:

  1. sudo i2cdetect -y 1

Then get the adafruit PWM libraries:

git clone https://github.com/adafruit/Adafruit-Raspberry-Pi-Python-Code.git

cd into the Adafruit-Raspberry-Pi-Python-Code/Adafruit_PWM_Servo_Driver/ directory and 
the example code I use to get this running on the PI:
The wiring Schematics:
Pulled from Adafruit
If you run into any issues I recommend going through the Adafruit guide: http://learn.adafruit.com/adafruit-16-channel-servo-driver-with-raspberry-pi/overview
I will be uploading to github the driver code in python for the submarine.

Monday, January 21, 2013

Submarine Update

It has been a while since an update for the submarine is provided, and the good news is most of it is already hash out. I have gotten most of the case design completed. At the current stage I'm working on the motor housings and the motherboards design (more on that later). At this point I have realized also this ROV needs a name hehehe!

So far below are rough draft design of what the frame will be layout to be. These will be constantly changing as the project starts getting shape. 

Front and Rear View Design:



Side View Design:
MotherBoard Design (Sits inside the Sub)

Also the bill of material is taking shape.

The current design does not include UP and DOWN propulsion which will be added by a third motor (position might be under the ROV) and powered by one of these.

The front frame will be static with a plexi glass front. Pictures coming soon (this piece is completed). The rear would be a thread PVC coupling similar to this one. The idea is to get the motherboard to slide it inside the 4" PVC center and slide it out to be worked this. Most of the code is proof of concept so far but soon I will be uploading it to my github. Thank you @_trialnerror_ for you invaluable advices, and help so far.

Some images of the materials:

Monday, November 26, 2012

BEAST and CRIME Attacks Research Paper

For my cryptography class as a semester end assignment we had to produce a research paper. I decided to write it on SSL attacks and concentrate on BEAST and CRIME as example. The paper give a good in-depth explanation on how and why is SSL exploited. You can find the paper here. Also modified a cipher discovery tool I found in stack-overflow and uploaded to github.

Thursday, September 27, 2012

Collective Intelligence Framework Globe

Feed Globe

Attempting to get some GeoIp correlation of the feed I'm collecting with CIF lead to generating a 3d globe at (https://feed.josehelps.com). I did this using the geo ip data collected from my public cif instance. I'm generating the geo data base on the logs from the crontool using the this script (Needs alot of improvements). I have posted all the source code at my github page.



You will need a WebGL compatible browser to load the globe (updated Chrome or Firefox should work). Let me know what you think of it. 

Saturday, September 15, 2012

Submarine Project Update

Phase 1 - Building a Sensor Box

Trying to focus on getting all the necessary parts to build the sensor box. So far I have gotten the camera working with the Pi although at the moment I have a bit of a power issue. My current Pi power supply only gives it 0.5Amps while the camera and the wifi card will need a bit more than that. Order new 2AMP usb hub to compensate for that.

So far the following is working:

 


Sadly the camera disconnects right after it is detected due to power issues:

Sep 12 02:56:34 raspberrypi kernel: usb 1-1.2: new high speed USB device number 19 using dwc_otg
Sep 12 02:56:35 raspberrypi kernel: usb 1-1.2: New USB device found, idVendor=046d, idProduct=0805
Sep 12 02:56:35 raspberrypi kernel: usb 1-1.2: New USB device strings: Mfr=0, Product=0, SerialNumber=2
Sep 12 02:56:35 raspberrypi kernel: usb 1-1.2: SerialNumber: 584E2190
Sep 12 02:56:35 raspberrypi kernel: uvcvideo: Found UVC 1.00 device (046d:0805)
Sep 12 02:56:35 raspberrypi kernel: input: UVC Camera (046d:0805) as /devices/platform/bcm2708_usb/usb1/1-1/1-1.2/1-1.2:1.0/input/input4
Sep 12 02:56:36 raspberrypi kernel: usb 1-1.2: USB disconnect, device number 19
Sep 12 02:56:36 raspberrypi kernel: usb 1-1.2: new high speed USB device number 20 using dwc_otg
Sep 12 02:56:36 raspberrypi kernel: usb 1-1.2: New USB device found, idVendor=046d, idProduct=0805
Sep 12 02:56:36 raspberrypi kernel: usb 1-1.2: New USB device strings: Mfr=0, Product=0, SerialNumber=2
Sep 12 02:56:36 raspberrypi kernel: usb 1-1.2: SerialNumber: 584E2190
Sep 12 02:56:36 raspberrypi kernel: uvcvideo: Found UVC 1.00 device (046d:0805)
Sep 12 02:56:36 raspberrypi kernel: input: UVC Camera (046d:0805) as /devices/platform/bcm2708_usb/usb1/1-1/1-1.2/1-1.2:1.0/input/input5
Sep 12 02:56:43 raspberrypi kernel: usb 1-1.2: USB disconnect, device number 20

Just ordered:
Researching:
If someone could provide some help with the frame, it would be greatly appreciate it, so far I have only  though as far as making it out of PVC pipes.



Sunday, September 9, 2012

CIF public instance down for the moment

Seems that running the instance has gotten a bit expensive. I have noticed new sign ups but I'm in the process of migrating it to a more cost effective hosting company. Also upgrading CIF to 1.0 during the mean time. Please bear with me, I'm trying to avoid asking for donations. If you have any place where I can host a 1U server, I would be most appreciative.