darmanex

April 20, 2018

Accessing windows file sharing in Linux

Well, my Dev team mate have a Linux server for build some projects, and they wanted to access their files from Linux by remote/konsole mode, in this case their files are on Windows. So, here are their files sharing on Windows system.

As you can see above, we will access on those folder Autogenerated and Resources. So, here's the step to make it accessible from Linux.
Installing a requirements packages

# apt-get install cifs-utils

After that then go to /etc/nsswitch.conf and edit it:

hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4

add "wins" on that line

hosts:  files mdns4_minimal [NOTFOUND=return] wins dns mdns4

If winbind is not installed on Linux system, please install it by this issue command:

# apt-get install libnss-winbind winbind

Now reload the network to take effect:

# service networking restart

Mounting drive
Backup the fstab configuration to avoid any mistaken in the future.

# cp /etc/fstab{,.old}

Now create a credential user files who will accessing the folder share files on current linux user.

# printf '%s\n' 'username=darm' 'password=******' > .smbuser

Next, we should know the UID and GID on the system. Run the following command

# id programmer
uid=1000(programmer) gid=1000(programmer) groups=1000(programmer),27(sudo),7001(wksadmin)

Create folder for mounting point.

# mkdir /media/prg
# mkdir /media/prg2

Then we open fstab file to start mounting point, and put this line on it.

//Workstation/AutoGenerated /media/prg cifs credentials=/home/programmer/.smbcredentials,iocharset=utf8,gid=1000,uid=1000,file_mode=0777,dir_mode=0777 0 0
//Workstation/Resources /media/prg2 cifs credentials=/home/programmer/.smbcredentials,iocharset=utf8,gid=1000,uid=1000,file_mode=0777,dir_mode=0777 0 0

Save your configuration, and reload the fstab

# mount -a

Now let's take a look the result. :D

April 17, 2017

[Write-up] FIT-Hack CTF 2017 - Forensic [150]

OK, langsung saja download flag.zip yang di berikan seperti diatas.

Sebelumnya, mari kita cek dahulu flagnya.

$ file flag.png 
flag.png: PNG image data, 960 x 5, 8-bit/color RGBA, non-interlaced

Bisa kita cek lebih dalam lagi file nya dengan binwalk.

$ binwalk flag.png 

DECIMAL       HEXADECIMAL     DESCRIPTION
--------------------------------------------------------------------------------
0             0x0             PNG image, 960 x 5, 8-bit/color RGBA, non-interlaced
253           0xFD            Zlib compressed data, default compression
330           0x14A           PNG image, 960 x 5, 8-bit/color RGBA, non-interlaced
392           0x188           Zlib compressed data, default compression
469           0x1D5           PNG image, 960 x 5, 8-bit/color RGBA, non-interlaced
---snip---
7514          0x1D5A          Zlib compressed data, default compression
8404          0x20D4          PNG image, 960 x 5, 8-bit/color RGBA, non-interlaced
8466          0x2112          Zlib compressed data, default compression
9249          0x2421          PNG image, 960 x 5, 8-bit/color RGBA, non-interlaced
9311          0x245F          Zlib compressed data, default compression

Setelah itu estrak file gambarnya menggunakan foremost.

$ foremost -v flag.png 
Foremost version 1.5.7 by Jesse Kornblum, Kris Kendall, and Nick Mikus
Audit File

Foremost started at Fri Apr 14 00:57:40 2017
Invocation: foremost -v flag.png 
Output directory: /home/darm/CTF/FITHACK/forensic/aw/output
Configuration file: /etc/foremost.conf
Processing: flag.png
|------------------------------------------------------------------
File: flag.png
Start: Fri Apr 14 00:57:40 2017
Length: 82 KB (84177 bytes)
 
Num  Name (bs=512)        Size  File Offset  Comment 

0: 00000000.png        330 B            0    (960 x 5)
1: 00000000_1.png        139 B          330    (960 x 5)
2: 00000000_2.png        139 B          469    (960 x 5)
3: 00000001.png        139 B          608    (960 x 5)
4: 00000001_1.png        139 B          747    (960 x 5)
5: 00000001_2.png        139 B          886    (960 x 5)
6: 00000002.png        139 B         1025    (960 x 5)
7: 00000002_1.png        139 B         1164    (960 x 5)
8: 00000002_2.png        139 B         1303    (960 x 5)
9: 00000002_3.png        139 B         1442    (960 x 5)
10: 00000003.png        254 B         1581    (960 x 5)
11: 00000003_1.png        357 B         1835    (960 x 5)
12: 00000004.png        516 B         2192    (960 x 5)
13: 00000005.png        603 B         2708    (960 x 5)
14: 00000006.png        657 B         3311    (960 x 5)
15: 00000007.png        764 B         3968    (960 x 5)
16: 00000009.png        932 B         4732    (960 x 5)
17: 00000011.png        895 B         5664    (960 x 5)
18: 00000012.png        893 B         6559    (960 x 5)
19: 00000014.png        952 B         7452    (960 x 5)
20: 00000016.png        845 B         8404    (960 x 5)
21: 00000018.png         1 KB         9249    (960 x 5)
22: 00000020.png        901 B        10328    (960 x 5)
23: 00000021.png        936 B        11229    (960 x 5)
24: 00000023.png        946 B        12165    (960 x 5)
25: 00000025.png         1 KB        13111    (960 x 5)
26: 00000027.png        795 B        14142    (960 x 5)
27: 00000029.png        927 B        14937    (960 x 5)
28: 00000030.png        976 B        15864    (960 x 5)
29: 00000032.png        726 B        16840    (960 x 5)
30: 00000034.png        895 B        17566    (960 x 5)
31: 00000036.png        983 B        18461    (960 x 5)
32: 00000037.png         1 KB        19444    (960 x 5)
33: 00000039.png       1019 B        20473    (960 x 5)
34: 00000041.png         1 KB        21492    (960 x 5)
35: 00000044.png         1 KB        22760    (960 x 5)
36: 00000047.png        975 B        24130    (960 x 5)
37: 00000049.png         1 KB        25105    (960 x 5)
38: 00000051.png         1 KB        26239    (960 x 5)
39: 00000053.png        954 B        27272    (960 x 5)
40: 00000055.png         1 KB        28226    (960 x 5)
41: 00000057.png         1 KB        29528    (960 x 5)
42: 00000060.png         1 KB        30765    (960 x 5)
43: 00000062.png         1 KB        32207    (960 x 5)
44: 00000065.png         1 KB        33520    (960 x 5)
45: 00000068.png         1 KB        34835    (960 x 5)
46: 00000070.png       1024 B        36058    (960 x 5)
47: 00000072.png        850 B        37082    (960 x 5)
48: 00000074.png         1 KB        37932    (960 x 5)
49: 00000076.png        844 B        39000    (960 x 5)
50: 00000077.png         1 KB        39844    (960 x 5)
51: 00000079.png         1 KB        40899    (960 x 5)
52: 00000081.png        965 B        41927    (960 x 5)
53: 00000083.png        901 B        42892    (960 x 5)
54: 00000085.png        879 B        43793    (960 x 5)
55: 00000087.png         1 KB        44672    (960 x 5)
56: 00000089.png        862 B        45871    (960 x 5)
57: 00000091.png        944 B        46733    (960 x 5)
58: 00000093.png         1 KB        47677    (960 x 5)
59: 00000095.png         1 KB        48788    (960 x 5)
60: 00000097.png         1 KB        50164    (960 x 5)
61: 00000100.png         1 KB        51236    (960 x 5)
62: 00000102.png         1 KB        52302    (960 x 5)
63: 00000104.png         1 KB        53454    (960 x 5)
64: 00000106.png         1 KB        54677    (960 x 5)
65: 00000109.png         1 KB        55882    (960 x 5)
66: 00000111.png         1 KB        57143    (960 x 5)
67: 00000113.png         1 KB        58175    (960 x 5)
68: 00000115.png         1 KB        59223    (960 x 5)
69: 00000117.png        997 B        60313    (960 x 5)
70: 00000119.png        931 B        61310    (960 x 5)
71: 00000121.png        882 B        62241    (960 x 5)
72: 00000123.png        939 B        63123    (960 x 5)
73: 00000125.png        858 B        64062    (960 x 5)
74: 00000126.png        854 B        64920    (960 x 5)
75: 00000128.png        943 B        65774    (960 x 5)
76: 00000130.png        885 B        66717    (960 x 5)
77: 00000132.png        881 B        67602    (960 x 5)
78: 00000133.png        996 B        68483    (960 x 5)
79: 00000135.png         1 KB        69479    (960 x 5)
80: 00000137.png         1 KB        70558    (960 x 5)
81: 00000139.png         1 KB        71664    (960 x 5)
82: 00000142.png         1 KB        72726    (960 x 5)
83: 00000144.png        863 B        73797    (960 x 5)
84: 00000145.png        976 B        74660    (960 x 5)
85: 00000147.png        790 B        75636    (960 x 5)
86: 00000149.png        713 B        76426    (960 x 5)
87: 00000150.png        689 B        77139    (960 x 5)
88: 00000152.png        732 B        77828    (960 x 5)
89: 00000153.png        566 B        78560    (960 x 5)
90: 00000154.png        554 B        79126    (960 x 5)
91: 00000155.png        472 B        79680    (960 x 5)
92: 00000156.png        402 B        80152    (960 x 5)
93: 00000157.png        307 B        80554    (960 x 5)
94: 00000157_1.png        357 B        80861    (960 x 5)
95: 00000158.png        435 B        81218    (960 x 5)
96: 00000159.png        403 B        81653    (960 x 5)
97: 00000160.png        432 B        82056    (960 x 5)
98: 00000161.png        290 B        82488    (960 x 5)
99: 00000161_1.png        287 B        82778    (960 x 5)
100: 00000162.png        139 B        83065    (960 x 5)
101: 00000162_1.png        139 B        83204    (960 x 5)
102: 00000162_2.png        139 B        83343    (960 x 5)
103: 00000163.png        139 B        83482    (960 x 5)
104: 00000163_1.png        139 B        83621    (960 x 5)
105: 00000163_2.png        139 B        83760    (960 x 5)
106: 00000163_3.png        139 B        83899    (960 x 5)
107: 00000164.png        139 B        84038    (960 x 5)
*|
Finish: Fri Apr 14 00:57:40 2017

108 FILES EXTRACTED
 
png:= 108
------------------------------------------------------------------

Foremost finished at Fri Apr 14 00:57:40 2017

Euw, ternyata banyak juga, ada 108 files yang berhasil di ekstrak.

$ cd output/
$ ls
audit.txt  png
$ cd png/
$ l
00000000_1.png  00000002.png    00000012.png  00000029.png  00000047.png  00000068.png  00000085.png  00000104.png  00000123.png  00000139.png  00000154.png    00000161.png
00000000_2.png  00000003_1.png  00000014.png  00000030.png  00000049.png  00000070.png  00000087.png  00000106.png  00000125.png  00000142.png  00000155.png    00000162_1.png
00000000.png    00000003.png    00000016.png  00000032.png  00000051.png  00000072.png  00000089.png  00000109.png  00000126.png  00000144.png  00000156.png    00000162_2.png
00000001_1.png  00000004.png    00000018.png  00000034.png  00000053.png  00000074.png  00000091.png  00000111.png  00000128.png  00000145.png  00000157_1.png  00000162.png
00000001_2.png  00000005.png    00000020.png  00000036.png  00000055.png  00000076.png  00000093.png  00000113.png  00000130.png  00000147.png  00000157.png    00000163_1.png
00000001.png    00000006.png    00000021.png  00000037.png  00000057.png  00000077.png  00000095.png  00000115.png  00000132.png  00000149.png  00000158.png    00000163_2.png
00000002_1.png  00000007.png    00000023.png  00000039.png  00000060.png  00000079.png  00000097.png  00000117.png  00000133.png  00000150.png  00000159.png    00000163_3.png
00000002_2.png  00000009.png    00000025.png  00000041.png  00000062.png  00000081.png  00000100.png  00000119.png  00000135.png  00000152.png  00000160.png    00000163.png
00000002_3.png  00000011.png    00000027.png  00000044.png  00000065.png  00000083.png  00000102.png  00000121.png  00000137.png  00000153.png  00000161_1.png  00000164.png

Setelah melihat gambar hasil dari ekstrakan diatas, kalau dilihat satu persatu isi gambar adalah potongan-potongan gambar yang tidak lain adalah Flag yang kita cari-cari. Terus gimana gabunginnya? Caranya cukup mudah, kita bisa menggunakan tool dari ImageMagick yaitu convert.

$ convert -append *.png out.png

Flag: FIT{6xgwxloxq79ew}

[Write-up] FIT-Hack CTF 2017 - Trivia

Soal yang diberikan yaitu Trivia, and here you go.

Trivia1 [10]

A bug found in bash causes arbitrary code to be executed remotely
Flag format: FIT{[Capital letters and no spaces]}

Flag: FIT{SHELLSHOCK}

Trivia2 [10]

A dog breed that exists in version 3.0 of SSL.
Flag format: FIT{[Capital letters and no spaces]}

Flag: FIT{POODLE}

Trivia3 [10]

VyOS 1.0.0 - 1.0.5
Flag format: FIT{[Capital letters and no spaces]}

Flag: FIT{HYDROGEN}

Trivia5 [10]

Nickname of SHA-1 collision attack done by Google and CWI.
Flag format: FIT{[Capital letters and no spaces]}

Flag: FIT{SHATTERED}

[Write-up] FIT-Hack CTF 2017 - Web [50]

Seperti yang terlihat pada challenge diatas, langsung saja kita akses pada link url https://look.problem.ctf.nw.fit.ac.jp, dan ternyata tidak ada apa-apa disana. Sesuai dari Hint yang diberikan "Look quickly", saya langsung cek response headers dari website tersebut.

Did you see the flag?

Yes, flag langsung muncul pada response headers yang terletak di set-cookie, tapi disitu terlihat ada URL encoding pada flag, dan gampang saja kita bisa melakukan decode flag melalui situs penyedia layanan URL decode seperti dibawah ini.

Flag: FIT{17_i5_n07_4_c00ki3_t0_3a7}

March 15, 2014

Debian: installing VLC by compiling from source

In debian wheezy the latest version of VLC is 2.0.6. But, if you want to get the new version of VLC, you can grab it at here to do compiling by yourself.

 $ wget ftp://ftp.videolan.org/pub/videolan/vlc/2.1.4/vlc-2.1.4.tar.xz

Once you have done downloading the VLC, now please install the required lib packets.

 # apt-get install libavcodec-dev libshout3-dev libsidplayfp-dev libfreerdp1 libvncserver-dev libcddb2-dev libavformat-dev libvlc-dev libmodplug-dev libshout3-dev libgnomevfs2-dev libcddb2-dev libbluray-dev libopencv-dev libsmbclient-raw-dev libssh2-1-dev libdvdnav-dev libdvdread-dev libzvbi-dev libraw1394-dev libdc1394-22-dev liblivemedia-dev libdssialsacompat-dev libfribidi-dev librsvg2-dev libcaca-dev libfluidsynth-dev libass-dev libspeexdsp-dev libtool build-essential pkg-config autoconf liblua5.1-luacsnd5.2

Extract the archive of VLC using tarball utility:

 $ tar -xvf vlc-2.1.4.tar.xz; mv vlc-2.1.4 vlc; cd vlc

Make sure you're in directory VLC installation, to configure it please run this command:

 $ ./configure

or if you want to install in another directory:

 $ ./configure --prefix=/path/to/install/whatever-folder-you-want

Let's compile the source, this will take a lot of time, be patient. B)

 $ make  
 # make install  
 # make clean

Now, VLC 2.1.4 has been installed in your system. Enjoy with the new version! :)