Fixing Firmware File Systems

Here’s the scenario: you’ve downloaded the firmware for a device that you want to explore in more depth, and extracted out the updates.  You dig through them and see that they’re EXT4 systems, and say “jackpot!” while rubbing your hands together in glee.  “A quick mount and I can browse to my heart’s content” you say to yourself… and then you see “wrong fs type, bad option, bad superblock on {DEVICE}, missing codepage or helper program, or other error.”  Let’s get past that. 🙂

Continue reading “Fixing Firmware File Systems”

Quick Hits: Screen

Ever been frustrated by a session that was running remotely when your SSH/nc/1337shell.phpaspxcf dropped, and all that work was wiped out in the blink of an eye because when that died your shell did too, and the OS was nice enough to clean it all up?

Yeah, it sucks. Fortunately, there’s an easy way to handle that, and it’s called “screen”. Let’s dive in.
Continue reading “Quick Hits: Screen”

Multi-OS Boot Build

One of the most frustrating things to do is shuffle various USB drives trying to remember which one you were using last (for persistent OS boots), or which one has the working version of “X” operating system/which installer.  This article covers how to take an external USB drive (whether a large thumb drive or an actual external hard drive) and turn it into a whizbang multi-OS booting device.

Continue reading “Multi-OS Boot Build”

PenTest Aliases and Setup

I like to setup a few things when I’m building an image for a pentest.  They’re helpers that keep me honest, because without them I’d likely forget something or miss some detail, and by establishing consistent patterns I reduce that risk.  To start with, I make a consistent directory structure.  For the sake of this article, let’s call it:

/engagement

Next up, I generate some subfolders which are critical to my process:
Continue reading “PenTest Aliases and Setup”

Linux Login Notifier

Here’s a quick script I wrote some years ago to notify me when an interactive session is being launched from one of my servers. Feel free to modify/use however you see fit. Thanks!

#!/bin/bash
# Place this in /etc/profile.d/whatever-name-you-like.sh
NOTIFYADDRRESS="your_email_address"
FROMADDRESS="sending_email_address"
THESYSTEM=`hostname`
THATUSER=`awk -v USER=$UID -F : '$3 == USER {print $1}' /etc/passwd`
CURTIME=`date --rfc-3339=ns`
echo "Login from ${THATUSER} (${UID}) on ${CURTIME}" | mail -aFrom:${FROMADDRESS} -s "${THATUSER} just logged into ${THESYSTEM}" -r ${FROMADDRESS} ${NOTIFYADDRESS}

It just fires off an email whenvever an interactive session is started.

Powered by WordPress.com.

Up ↑