robgillen.blog()
msgbartop
random musings and walks through code
msgbarbottom

16 Apr 12 Manually Interacting with the MSF database

Metasploit

I’ve been doing some penetration testing and working through a lab full of exercises which has led me to spending some time with the Metasploit framework. I still consider myself somewhat of a novice when it comes to using this venerable tool. That being said, while I appreciate the database-backing of the tool, and the fact that NMAP scans (and other tools) can feed directly into the database (powered by Postgres), I found myself wanting to interact with the database directly. I wanted to write SQL scripts and other things to update entries on servers. In general, I want to be able to use this DB as the main repository for artifacts and documentation for my pentest and to serve as the basis for my report.

To start, I wanted to connect pg admin to the database and poke around a bit, but I had difficulty figuring out what the connection details were. After digging a bit, i found the connection details stored in /opt/metasploit/config/database.yml. With this file, i was able to connect and tweak the database to my heart’s consent.

Filed in Security with 0 Comments

12 Apr 12 Building My Personal Cloud

78881z2p31zg232This is a bit of an odd post in that it is more a “wondering aloud” then anything specifically prescriptive or informative. I was asked yesterday by a student if I knew of a Windows box he could use to test something on. It was a simple request – he had been building an application on his Mac, and before handing it over to be used, wanted to validate that it worked on Windows. It had the one unique requirement that it had to run on our network at Work due to accessing some IP-restricted content.  The “official” answer was to have him contact our help desk and they would set him up, however the answers he got from them were (understandably) geared towards long-term use of a Windows “desktop” … and came with the associated costs (licenses, labor, etc.). What he really needed, was a VM running a trial version of Windows that he could use for two hours and then throw away… What he needed, was a place he could go, select a Windows machine from a catalog, click “go”, run for a few hours and then click “done” and have it go away… What he needed, was access to a cloud platform.

Unfortunately, I didn’t have a good answer for him, and am still a bit uncertain how he is going to go about fixing the issue, but it did get me thinking about what it would take to have/run a “personal” cloud… nothing fancy, but say I have a single “beefy” workstation/server and I’d like to have a thin hypervisor, and a web-based interface to provision/de-provision running instances… maybe setup a catalog virtual machines that I’ve used before as “starting points” for new machines. The platform should support a wide variety of OS choices… Windows and Linux without noticeable compromises for either. It would be nice if the platform could support various virtual networking (nothing fancy, but the ability, at times to create a private network that only two machines can talk on – for testing various things). The final two requirements are that it should support *modest* horizontal scaling (say, I add one or two new physical boxes) and it should be free (or very low cost). This is for personal use or a small group test platform… nothing fancy or official… just something that works. As soon as you get into anything significant cost-wise, you raise the attention of corporate IT, project budgets, etc. and your simple idea just ballooned into something with a budget line item, project managers, and no chance of coming to life.

Options/Solutions: The following is a list of some of the options I’ve been considering along with some commentary on each. I’d be very interested in feedback, but I would caveat that I don’t want the platform itself to be a research endeavor… it should basically “just work” out of the box and not require significant fiddling to get it stable/working.

  • I have a leaning towards Microsoft products (mostly due to familiarity) so I considered them first, but quickly ruled them out. VirtualPC is not anything what I’m looking for, and HyperV/SystemCenterVMM/<insertManyMoreAcronymsHere> seems ok for a lager-scale deployment but seems like *way* too much overhead for what I’m looking for.
  • Eucalyptus – This is a platform I’ve worked with in the past, and is amazingly easy to setup/run but its support for Windows platforms (at lest in my recollection) isn’t that great.
  • VMWare Workstation has some interesting things, and to large degree, this would be my front-runner short of the fact that there is no web UI for a remote user to provision/interact with a machine. This solution works fairly well, however, for a single user directly interacting with the physical host. While not free, the cost seems reasonable enough (~$200).
  • VMWare vSphere Essentials is promising, especially if used in conjunction with VMWare Workstation. It comes with a web-UI, can scale to multiple physical hosts, has broad OS support, and comes from, arguably, one of the longest-standing leaders in this space. It isn’t free, but at <$500, it falls in the reasonable category – esp. considering it supports up to three physical machines. The price does, however, tend to eliminate it from consideration for my home network.
  • CloudStack + <nameYourHypervisor> – CloudStack is another interesting option and it certainly has a nice UI, however our recent experiences have shown that, while very powerful and great for building large cloud deployments, it seems a bit over-complicated for a one or two server installation. Further, we had significant issues with networking performance for our Windows machines (note: this may be an artifact of the hypervisor we chose: Citrix’s XenServer). Further, we found that there was significant amount of “tinkering” that had to be done to get it working… i.e. download patch X from this svn repo, only use version such-and-such of python, etc. Most of these issues may have been environmental and/or solvable by using other distros/hypervisors, but it was a non-trivial deployment.
  • OpenStack – OpenStack seems to be what all of the cool kids are using these days, but our experiences once again hinted at a lack of maturity in the computing platform for the general sense (range of OS support) and the lack of a solid web-UI eliminates it from consideration.
  • XenServer – Another option I considered briefly is to use the free XenServer and then the windows desktop client to manage the servers and create new images/machines. This would work (we are actually doing this in one of our lab environments) but fails the self-provisioning portion of the exercise (no web-based portal, etc). Additionally, we’ve had issues with the networking stack for non-Linux machines and have spent a large amount of time tracking down driver issues and performance issues.

At this point, I don’t have a solution… I’m still looking, and am guessing that whatever I end up with will require an amount of compromise. Comments/suggestions are welcome…

Image courtesy of Pixomar.

Tags:
Filed in Cloud Computing with 1 Comment

09 Apr 12 Speaking at CodeStock 2012

codestock_lowresIt’s that time of year again… the CodeStock session line up has been announced and – much like years past, it is looking to be a great conference. If you’ve not attended CodeStock before, or are not familiar with what it is, it’s a great regional developer conference hosted in Knoxville, TN early each summer. You can see a list of the content that will be covered at this year’s conference here: http://codestock.org/Sessions/Default.aspx – that’s a lot of content crammed into two days – and a great value at only $60.

I’m quite excited have been selected to speak at CodeStock this year… probably more than I have in the past. The reason is that I chose a topic that I’ve been studying and enjoying, but not one that is typical for this sort of conference. Over the past three years, I’ve spoken at CodeStock on topics including SharePoint, Team System, Amazon Web Services, Windows Azure, and GPGPU computing with CUDA. This year, however, the talks I’m giving (buffer overflow detection/exploitation and wireless network security) affect developers but are often considered topics for security-specific conferences. What is great, is not only did these talks make the cut, but the buffer overflow talk was #12 in the list of top vote getters (CodeStock lets registered attendees vote on what sessions they’d like to see). If you happen to be in the Knoxville area in the middle of June I hope you’ll consider attending the conference.

Anatomy of a Buffer Overflow AttackYou’ve heard of "buffer overflows" and maybe you’ve even been the cause of a few, but do you understand why they are bad? Maybe you’re a ".NET developer" and you’ve never really thought about them. In this session we’ll discuss how attackers discover buffer overflows, how they interrogate them, and, finally, how they are exploited. We’ll walk through a live demonstration from fuzzing through obtaining a remote shell. You’ll leave with a better understanding of how they work, and why you should ensure your code is protected from them.
WiFu – so you think your wireless connection is safe?In this session we’ll discuss various wireless security techniques including common misconceptions and mis-configurations. We will demonstrate how easy it is to compromise even "secured" connections and what the implications are for you as an IT professional. Using free software and inexpensive hardware (~$30), we’ll demonstrate a number of attacks and highlight the vulnerabilities that are present in the behavior of many wireless devices.
Tags: ,
Filed in Conferences with 0 Comments

23 Dec 11 Getting Monitor Mode to work for the Alfa AWUS036H

If you’ve done much work with BackTrack and wireless penetration testing you’re likely using (or at least have heard of) the Alfa AWUS036H . If you haven’t, it is simply a USB-connected wireless adapter that supports long range, various external antennas, has built-in driver support in BackTrack, and supports the all-important (for this type of work) monitor mode.

After doing a bit of reading, and preparing my lab equipment, I fired up BackTrack, attempted to put the card into monitor mode and… nothing. The following is a listing of the steps I took and what I did to get it working. At this point I should also note that I’m doing this work on an HP EliteBook 2760p which has its own in-built wireless adapter.

Start the wireless adapter by issuing ifconfig wlan1 up (my in-built adapter was wlan0). Running ifconfig confirmed that my adapter was seen by the operating system
ifconfig01

Then I attempted to list the available interfaces for monitoring using the aircrack-ng toolsairmon01

and it would just hang here for as long as I wanted to wait.

I spent a good bit of time poking around and trying to ascertain what was/wasn’t working and assumed that maybe it was a driver issue. I ran lshw –c network to get a list of my network devices and the drivers that they were using.
lshw01

From this, I could see that both devices were loaded and appeared to be running the correct drivers. On a whim, I decided to eliminate extra variables and disable the in-built wireless card by issuing modprobe –r iwlagn (the driver for the built-in card).

I then went back to see if airmon-ng would see my Alfa card, which it did:airmon02
Encouraged by this, I attempted to put it in monitor mode (airmon-ng start wlan1) which also succeeded:
airmon03

At this point, running ifconfig showed both the wireless card and the monitor-mode device.
ifconfig02

And running WireShark or other tools were now able to see the device and capture packets.

Tags: ,
Filed in Security with 0 Comments

30 Nov 11 Ramblings on a Private Cloud (part 1 of ?)

As many of you are aware, a few months ago I changed jobs (more like positions) and with that change has come a shift in the focus of much of my work. I’m spending less time in the abstract (i.e. “how could we solve problem X" in the cloud”) and working more in the concrete (“we have agency Y that has problem X that needs to be deployed in the cloud yesterday… what do you think?”). One unfortunate (at least in my way of thinking) is that many of these projects have legislative requirements that prohibit the use of public cloud platforms (at least currently). While I’m always looking for ways to avoid building individual, private “Cirrus1” clouds, and I remain hopeful that the day will come when we all can leave the infrastructure build-outs to someone else, the reality is that in today’s world there is some data that simply cannot live outside of an organization’s boundaries – leaving us to look at “private cloud” approaches.

Overview

We have been experimenting with a few different approaches for some of the projects I’ve been working on and are learning a number of interesting things. I want to be quick to say that I don’t think we’ve “arrived” by any stretch of the imagination and our work (and this space in general) is changing/evolving rapidly. Our initial requirements included using free/OSS solutions wherever possible and to, as much as possible, avoid vendor lock-in (always great in theory, frequently falls apart in application). The hardware used for this exercise includes 45 physical nodes spread over two racks with a total of 1160 cores, 3.8 TB of RAM, 200 TB (RAW) of local node storage and 288 TB (RAW) of iSCSI-connected storage. Our plan is to provide 8 VLANS across the environment (Management, Dev, Test, Prod + corresponding disk-traffic networks for each). The physical nodes/nics would all default to the management network and all of the actual compute resources (VMs used by researchers) would live in one of the other three zones (Dev/Test/Prod). For reasons that I won’t get to in this post, we standardized on CentOS for the primary OS and Xen as the target hypervisor. While some of the uses of the platform include data serving (i.e. web sites, data services, etc.), most of the workloads will tend to be heavy data analytics. The above scenario is complicated by the fact that the entire environment needed to be air-gapped (i.e. not connected to the Internet or other networks in any way).

Open Stack

While we have a good bit of experience using Eucalyptus on the Ubuntu stack, our initial plan was to go with the current wisdom of the crowds and deploy OpenStack as our cloud orchestration layer. The intent was to buy in fully and deploy their storage, image, and compute services. Unfortunately, while there are some very interesting things happening in this realm, we didn’t find this toolset to be at the level we needed it to be given our platform selections. After a few weeks of trying to get this working, we bailed due to simply needing to get something working2. We are hopeful that this situation will evolve in the future and we will reconsider down the road, but for the present we had to scrap it and move on.

Refactoring / Current Approach

Having burned a bit of our grace period, we were faced with the need to get something running fast and spent a weekend digging through our options. Where we ended up is using the free XenServer (via Citrix Systems) as the host OS in combination with XenCenter for managing the nodes. This – while not a cloud or cloud orchestration layer – allowed us to quickly meet some of our sponsor’s needs while buying some time to fill in the gaps. Our team is currently evaluating CloudStack as the cloud/orchestration layer to sit on top of XenServer and be the researcher-facing interface to the platform. Our hope is that as the story evolves (Citrix, XenServer, XenCenter, CloudStack, OpenStack, etc) that the deployment of future platforms will become easier and the “best” approach will become clearer.

main-search-menu

XenCenter management console. Image credit Citrix Systems (http://community.citrix.com/display/xs/XenCenter)

 

 

Notes
1. I spent a good bit of time looking on the web for the official name of the tiniest cloud but didn’t come up with anything better than “Cirrus” which is defined as a “thin, wispy cloud.” Not exactly what I was looking for, but I’ll use it for now.

2. Our issues included (among other things) Python version conflicts between what OpenStack needed and the version of Centos (5.6) we were running, the lack of a good Web UI/self-service portal, getting the VLANS talking properly between hosts, vhosts, storage, etc., and a number of smaller miscellaneous items.

Tags: , , , ,
Filed in Cloud Computing with 0 Comments

04 Nov 11 Windows 7, Windows 8, and Linux

This post may not be of interest to everyone, but I finally got my laptop configured the way I want it and thought I’d document what I did in case anyone else finds themselves in a similar position. It took me 4 or 5 full install/repeat processes to get this right (don’t ask…) so this description is where I ended up.

Let’s start by discussing some of my requirements:

  1. It needs to run Windows 7. The software we use to support our secure email platform is only available on Windows or Mac, and I can’t meet my other requirements on a Mac.
  2. It needs to run Linux (Scientific Linux is the distro I’m using).
  3. It needs to run Windows 8: This will be for dev/testing and not my primary OS
  4. The Windows 7 partition must be encrypted using BitLocker
  5. The Linux partition must be encrypted
  6. I should be able to easily update Windows 8 without overly affecting the other platforms
  7. Performance should be as good as possible – I don’t want to do this all in VMWare from within a main host OS.
  8. While not directly related, the system should be easily bootable from external media (i.e. usb stick) to temporarily run network utilities or other tools (another strike against a Mac)

EliteBookThe laptop I’m using is an HP EliteBook 2760p. I selected this unit as I wanted to be able to do some touch & tablet development and it works as a solid convertible as well as having a decent touch screen. The machine comes with a modest 4GB of RAM (I might upgrade this) and a 300GB hard drive.

I started by performing a normal Windows 7 installation. During the phase where you select a disk, created three equally-sized partitions and then chose the first one for the installation. Windows split the first partition giving me a small boot partition (~100 MB) and then the remaining as my “C” drive. I continued through the install, applied drivers, patched it, etc. and everything was running fine. Note that I did *not* run the BitLocker configuration at this time. 

scientificlinuxNext, I installed Linux. I learned from earlier tests, that I didn’t want to install GRUB to my Master Boot Record (MBR) as that tends to mess up your ability to use BitLocker. Instead, I inserted a memory card (SD card actually), and created a 200 MB /boot partition on it (EXT4) and selected it as the location for the GRUB installation. I then created a EXT4 partition for the / mount point that used the third partition on the main disk and was encrypted. This lets me then end up with the option of controlling whether or not I boot into Linux or not by simply inserting the memory card or not – actually quite handy for my use case. The SD card is a good option on this machine because it sits in such a way that, when inserted, is barely noticeable and can be left inserted for weeks at a time without getting caught on anything.

windows8Windows 8 was the next install, but I decided to install it a bit differently in order to possibly give me greater flexibility in the long run. Rather than installing directly onto my “middle” partition, I booted into Windows 7, formatted the partition as NTFS, and created a VHD file (expandable). Then following the instructions here and here, I mounted the VHD during installation and installed Windows 8 to that (virtual) volume.

While I’m glad to have the opportunity to play with Windows 8, I don’t want it to be my default, so I changed the bootloader to use Windows 7 as the default (unless, of course, the SD card is inserted which will preempt the Windows boot process and take me directly to Linux.

Finally, I switched back to Windows 7 and ran the BitLocker tools to encrypt that partition.

Finally, I’m done with my laptop and my configuration is complete. The following is the disk/partition configuration on my machine. In this diagram, Disk 1 is the SD card I’m using to control my Linux installation.

DiskPartitions

Filed in Uncategorized with 1 Comment

20 Oct 11 Windows Azure Development Cookbook

For the last week or so, I’ve been reading the Windows Azure Development Cookbook written by a fellow Azure MVP, Neil Mackenzie. I was actually rather pleased when Packt asked if I would be willing to review the book as I’d been meaning to pick up a copy and read through it but hadn’t yet.

I should admit that I didn’t pay much attention to the front matter or explanation of the book and just dove right in. I mention this only because it was a bit jolting due to the fact that (as could easily be gleaned from the title) this is a cookbook. This means that there is not a lot of un-necessary ensemble, but rather a collection of highly focused technical nuggets. While this structure became obvious rather quickly, I decided to continue on and read it straight through just to see what I learned.

I appreciated the fact that the book was devoid of a large section of text dedicated to the now-worn-out question of “what is cloud computing”. Nor was there any prologue describing Windows Azure to be found. Instead, the assumption (I presume) is that if you’ve picked up the book, you likely know the answer to both of those questions (within reason) and simply need help getting past some of nuances of the platform. If this describes you, this book is for you.

Light on fluff, heavy on details, this is a solid book that deals with a number of real-world issues using the Azure platform. This book works great as a reference tool: have a problem, look it up in the index or table of contents, read the recipe, put it back on the shelf.

One of the things that impressed me about the book was Neil’s work to point the reader to external resources. There were a number of places where there is something along the lines of “for a more detailed explanation of topic X, visit person Y’s website at http://….” [and, in case you are wondering, this comment was not influenced by Neil’s excellent external references on blob storage interactions… at least not much] Further, I thought that the pointing of the reader to external tools and libraries that were not necessarily required to solve the stated problem but add significant value to the actual solution was great (such as the library for handling connection failures when working with SQL Azure and AppFabric). It is attention to detail such as this that gives the reader confidence that the author wasn’t just pounding out tasks to meet a deadline but rather was sharing solutions that he had used to solve real-world problems.

Taking a more critical view of the book, I’d mention just a few things. The first is that there are a number of key points that begin with “Note:” or something similar that have key tips that are very important to the success of the recipe however (at least in the eBook version I have) they are easily lost in the rest of the text. This is likely due to the format/structure of the book and the intention is for you to read one recipe end-to-end and be done rather than reading start to finish as I did, but I would encourage the reader to be sure to read the entire recipe text and not just copy/paste the code. Neil often uses the code to teach concepts and if you just copy the code you will miss this instruction.

My second criticism is that there are a number of places in the text where the author says something along the lines of “xyz is related to this. See the Using XYZ recipe for details”. While not possible in the print copy, it would have been great in the eBook version for these to be hyperlinks to the referenced section

Being that it is a first edition, there are also a few places where there are minor errors such as task numbers not lining up exactly with the numbers used in the related “how it works” section, but in such cases it was rather easy to intuit what was being referred to and didn’t detract from the book.

All told, it is a good book and I’d quickly recommend it as a reference tool for Azure developers.

In the interest of full disclosure, I was sent a copy of the book and asked to read it and post a review.

Tags: ,
Filed in Cloud Computing with 0 Comments

03 Oct 11 Different, yet the Same

While some of you are aware, to others it may come as somewhat of a surprise that about a week ago I ended my tenure at Planet Technologies after nearly 11.5 years. As I shared with some of the Planet folks in an email, my experience at Planet was great, and I am leaving with fond memories of my time there and the people I have been privileged to work with.

I started there as a "systems engineer" racking/stacking boxes in a colocation center. Since then, I’ve had the privilege of working on a wide spectrum of projects, covering an equally broad range of technologies, and a fairly wide customer set. I’ve worked on both small teams and larger teams. I’ve been part of the management team, and later returned to the technical team (a better fit, I might add). I’ve traveled the globe, and met/worked with folks in a number of different cultures. I’m proud to have been part of that organization – to see it grow into what is now a world-renowned team deploying technical solutions for their customers and doing a great job at it.

Many of you know I’ve been working (on Planet’s behalf) at the Oak Ridge National Laboratory for a little over 4 years now and I have been given the opportunity to join the research organization in a full time capacity. While not an easy decision, I’m excited about the new opportunities and work that lies ahead.

Officially, I’m going to be part of the Computational Intelligence and Machine Learning team, which is in the Computational Data Analytics group within the Computational Sciences and Engineering Directorate – trust me, it sounds stuffier than it actually is. On a daily basis, I’ll be working with a number of researchers to flesh-out ideas and prototypes of their research projects and to facilitate a marriage between the new technologies that are being developed and the state-of-the-art commercial software tools. I’ll be bringing to bear the work I’ve been involved over the past few years using technical computing in the cloud, big data analytics, GPGPU’s, and cyber security research. I expect to continue to be involved in community events and am looking forward to continuing to collaborate with many of you on various initiatives.

Tags: , ,
Filed in Miscellaneous with 1 Comment

05 Sep 11 Slides from DevLink 2011

I had the privilege of speaking at DevLink 2011 a few weeks ago in Downtown Chattanooga, TN. I have been a bit OBE (overcome by events) since I left the conference and have been unable to post my slides until now. I hope to get the videos and other materials up in the coming week or so. If you came to one of these sessions – thanks – the attendance at both was great and I appreciated the questions from the audience.

Intro to GPGPU with CUDA (DevLink)

 

Source code for GPGPU Talk

AWS vs. Azure

 

Source code for AWS Guest Book Demo

Source code for Azure Guest Book Demo

Tags: , , , ,
Filed in Cloud Computing, Conferences, General Development with 0 Comments

09 Jun 11 Using Nevron Controls in Azure

I’ve been playing around with the Nevron Controls for an Azure application I’m building (hopefully more on that soon) and I’ve been fighting with a simple problem that I’m posting here for my own remembrance and hopefully to help a few others.

The problem has been, that the Nevron controls worked fine when I was testing the web app directly, but would cause the dev fabric to blow up if I tried to run it there. I even tried to simply deploy it to Azure assuming that possibly it was a “feature” of the dev fabric – no dice.

Well, today I had some time to dig to the bottom of it and found that it was a simple problem with the way the http handlers were registered. By default, I had the handlers registered like this: 

<system.web>
    <httpHandlers>
        <add verb="*" path="NevronDiagram.axd" type="Nevron.Diagram.WebForm.NDiagramImageResourceHandler" validate="false"/>
        <add verb="GET,HEAD" path="NevronScriptManager.axd" type="Nevron.UI.WebForm.Controls.NevronScriptManager" validate="false"/>
    </httpHandlers>
</system.web>

However, as Shan points out in this post: http://social.msdn.microsoft.com/Forums/en/windowsazure/thread/0103ca2d-e952-4c28-8733-47630535c05c, you need to use the newer IIS 7 integrated pipeline. A closer look at the official Nevron samples, shows that they accounted for this and I simply missed it. The setup should be something like this:

<system.webServer>
    <validation validateIntegratedModeConfiguration="false"/>
    <handlers>
        <add name="NevronDiagram" preCondition="integratedMode" verb="*" path="NevronDiagram.axd" type="Nevron.Diagram.WebForm.NDiagramImageResourceHandler"/>
        <add name="NevronScriptManager" preCondition="integratedMode" verb="*" path="NevronScriptManager.axd" type="Nevron.UI.WebForm.Controls.NevronScriptManager"/>
    </handlers>
</system.webServer>

Notice in particular that not only is the structure a little different, the declarations are under the system.webServer node rather than the system.web node.

Tags: ,
Filed in Cloud Computing, General Development with 0 Comments
« Previous Posts
sidebartop
Rob's mug shot

I am a software engineer working in the Computational Data Analytics Group at Oak Ridge National Laboratory. I spend most of my time building prototypes of the ideas of the researchers I have the opportunity to work with. [more...]

RSS Contact Twitter Delicious Facebook LinkedIn
sidebarbottom
sidebartop

Tags

.net amazon aws azure books bpm build c# charts cloud cloud computing codemash codestock fun huntug ineta linux4windows misc mix moss nvidia ornl outage pdc2008 personal rant research samples security sharepoint silverlight slides soa storage teamsystem tfs theory tips tools tricks visualstudio vs2010 wcf windows live wpf
sidebarbottom
sidebartop
Oak Ridge National Laboratory
Please Support My RIde
Join me at CodeStock
INETA Community Speakers Program
View my MVP profile
sidebarbottom
sidebartop

Categories

sidebarbottom
sidebartop

Archives

sidebarbottom
© robgillen.blog() / Design: Smashing Wordpress Themes