Archive for December, 2011
A Note on Updating Weaponized Nokia N900s
by zitstif on Dec.17, 2011, under Code, Posts
I wanted to make this post to save time and headaches for people who own ‘weaponized’ Nokia N900s.
If you regularly update your Nokia N900 by doing (as root):
apt-get update && apt-get upgrade -y
I have ran into some issues with some of the newer packages.
Firstly, the newest beta version of nmap (5.59BETA1_armel) appears to be buggy enough to the point where it’s almost unusable.
Running this:
nmap -sS -P0 -vv www.google.com -p 80
Yields:
Starting Nmap 5.59BETA1 (http://nmap.org) at 2011-12-17 21:14 EST
Warning Hostname www.google.com resolves to 6 IPs. Using 74.125.45.147
route_dst_netlink: can’t find interface “wlan0”
Secondly, subversion (svn) gets completely broken due to a library compatibility issue:
svn -h
Segmentation fault
There has been discussion on this: http://talk.maemo.org/showthread.php?p=970467
Having svn broken really stinks, because then I am not able to update Metasploit. Who in the hell wants to run an outdated version of Metasploit? (I imagine there are some people..)
To work around this for the time being I have crafted the following shell script:
#!/bin/bash
if [ ${#} -lt 1 ]
then
echo "Usage: "
echo "./update.sh normal #This just does a normal update";
echo "./update.sh modded #This will do a normal update and then downgrade libaprutil1, libapr1 and nmap so that they work";
exit 1;
fi
if echo ${1} | egrep "normal" > /dev/null;
then
apt-get update;
apt-get upgrade -y;
exit 0;
elif echo ${1} | egrep "modded" > /dev/null;
then
apt-get update;
apt-get upgrade -y;
apt-get install nmap=5.50-2 libaprutil1=1.3.9-2 libapr1=1.4.2-1 --force-yes -y;
apt-get clean && apt-get autoclean;
exit 0;
else
echo "I don't know what you are trying to do.." #Thanks Arc
exit 2;
fi
http://zitstif.no-ip.org/update.txt
SHA1 (update.txt) = d83306d18a146a54a38ea236e3a236b4955bb81b
For the time being if you’re in a similar case like me, you’ll have to use this shell script (wget http://zitstif.no-ip.org/update.sh && chmod +x update.sh && ./update.sh modded).
THELIST.txt update (THENEWLIST.txt)
by zitstif on Dec.17, 2011, under Posts
In this post I am simply doing an update to the ‘THELIST.txt’ file which is essentially a blacklist of web servers that are ad servers or have been found to be malicious. I have added more servers (mostly ad web servers). The file is accessible here:
http://zitstif.no-ip.org/THENEWLIST.txt
SHA1 (THENEWLIST.txt) = 02a2e93167f680a09f5047ef1b081483b680bfde
You can then download this file and append the output of ‘THENEWLIST.txt” to your hosts file.
For Microsoft Windows you will most likely have to do the following:
1.) iexplore http://zitstif.no-ip.org/THENEWLIST.txt
2.) Save the file to a location
3.) Run CMD.exe as an Administrator
4.) ‘cd’ to the directory where you saved ‘THENEWLIST.txt’
5.) Execute the following command: attrib -R C:\WINDOWS\system32\drivers\etc\hosts
6.) Then execute this command: type THENEWLIST.txt >> C:\WINDOWS\system32\drivers\etc\hosts
7.) Execute the following command: attrib +R C:\WINDOWS\system32\drivers\etc\hosts
For *nix hosts do:
1.) Gain root via: su or sudo -i
2.) chmod a+rw /etc/hosts
3.) printf “GET /THENEWLIST.txt HTTP/1.0\n\r\n” | nc -vv zitstif.no-ip.org 80 2>&1 | egrep -v ‘HTTP|Apache|Date:|ETag:|Accept-Ranges:|Content-|Connection:|Modified:|Connection’ >> /etc/hosts
4.) chmod a+r/etc/hosts && chmod a-w /etc/hosts
I hope this is useful to you. I think most people would like nearly ad free web browsing. In addition to that, legitimate ad servers have been known to serve up malware:
http://news.cnet.com/8301-27080_3-20000898-245.html
So by using this file in tandem with the Adblock extension/plugin you can get for Firefox/Google-Chrome, you will be less annoyed by ads and not have to be too concerned about ads serving up malware for you.
If you have any questions, comments, or concerns feel free to contact me.