Mapping Wifi Networks on Google Earth

Something that has intrigued me since I was young was the thought of all the radio waves filling the air at any given moment, filled with information that can be translated using a special receiver. It seems amazing to me how much information is surrounding us, yet we are completely oblivious to it!

My curiosity of RF signals led me to recently look into mapping the local wifi access points surrounding my apartment, and from there it advanced to the point where I was taking my laptop wherever I went so I could get a map of APs. The process is surprisingly easy, but unfortunately it relies on a third party website. The website works great for now, but who knows how long it will be around. I'm going to cover the easy way right now, and in a future post I plan to cover a method that uses all internal tools.

There are only two pieces of hardware needed for this project:
  • A laptop with a wifi interface - I used an EeePC 1000h with windows XP installed
  • A GPS adapter for the laptop - I used BU-353 from USGlobalSat. You can find them online for about $30-40 new.
The GPS adapter and netbook
Ready to go! I usually configure the netbook to stay on when the lid is closed.

Once you have the hardware, the software needs to be installed and configured. Since we are using Windows XP, NetStumbler  is a great tool that is very simple to use, downloadable here: http://www.stumbler.net  (Not to be confused with netstumbler.com)

After it's done installing, open it up and take a look at what's around you.
APs visible from my apartment

Now hook up the GPS adapter and make sure NetStumbler sees it. Go to View -> Options... -> GPS
The default settings should be fine, but the port setting needs to be changed as needed for your system. You can check Device Manager to quickly determine what port you need:
   The GPS adapter is displayed as the Prolific USB-to-Serial Connection

Select the correct port and hit "OK". You should eventually see the "globe" icon on the bottom right of NetStumbler: 
So close! ;)

Once the globe shows up, we are ready to scan! Walk or drive around a bit  so that we have some data to work with. 

Ok, got some data? Click File -> Save, or hit ctrl+s. Save in a place you'll remember with a recognizable name. Now we want to convert the data to a Google Earth KML overlay. Get Google Earth here: http://earth.google.com Installed? Great!

There are quite a few options available to convert the file, but I found the easiest one for me to use is at gpsvisualizer.com. Just click on one of the "Choose File" buttons on the left, and then make sure that the output format on the right is set to "Google Earth KML".  Hit "Draw Map" and let it compute! A new page should open up where you can save the xml file to your computer. Now that we've got the goods, you can either double click the file or open it from within Google Earth. You should see something like this:
This is from one of my many trips up 99

That's it! Do what you will with your new map! I plan on doing something similar using Linux and Kismet in the near future. Let me know if something doesn't work or if you have any suggestions, feedback is always welcome!

Upside Down Images Prank

The other day my fiancee covered up my mouse sensor with a sticky note and then lurked around my computer to see how long it would take me to figure it out when I got home from work. Once I noticed what she had done, the first thing I thought was "well of course, this means war!" Time to break out the ole bag o' computer pranks!

First, I pulled the old take-a-screenshot-of-the-desktop-and-set-it-as-the-background, but that just didn't seem good enough. (Plus she figured it out in about 15 seconds.) So I knew I had to break out the big guns. I remembered seeing a prank a while back ago about setting up a proxy server to mess with images on websites, and that seemed like the perfect weapon for this scenario.

I got the idea from here: http://www.ex-parrot.com/pete/upside-down-ternet.html
There are a couple of other pranks on there that are pretty cool. Anyway, the site gives the script nessecary to flip the images, but it dosen't give a novice squid user (not the tasty calamari type) intructions on how to apply it! Being a squid noob, I had to do a few more searches to familiarize myself with the process. I found this site: https://help.ubuntu.com/community/UpUbside-Down-TernetHowTo but it didn't give me a working system, so I figured I would write up a sure-fire way for this to work quickly.

For my project, I used a Ubuntu 9.10 server, mostly because I already had a virtual machine installed with almost nothing on it. Also, adding software tends to be quick and easy on ubuntu. Any linux distro will work, but the steps for adding and configuring software will vary. Windows will work as well, but I don't have a windows machine I want to fool around with (i.e. break).

I should mention that I am not using a transparent proxy since I'm assuming you have access to your victim's computer, meaning that the proxy must be set in the web browser. Also, it's probably a good idea to disable the firewall on the server computer. With Ubuntu server, the command is "service ufw stop"

Ok, so once Ubuntu is up and running, bust open the terminal and type:
sudo apt-get install squid

While we are installing things, might as well make sure Apache 2 and imagemagick are installed:
sudo apt-get install  apache2 imagemagick

Make sure apache is working by opening Firefox and going to http://localhost and you should get a "It Works!" page. Run "/etc/init.d/apache2 start" if it doesn't work.

Now that we have all the software installed and apache is running, we need to configure squid. The squid configuration file is in /etc/squid/squid.conf. Open that up with root access:
sudo gedit /etc/squid/squid.conf 

The squid conf file is HUGE! It's a really powerful program, and we are just going to scratch the surface. Search for "TAG: acl" and scroll down to the uncommented lines. You need to add in something like:
acl two_ten src 192.168.210.0/24

My network uses 210.0, you need to adjust to whatever fits your requirements. http://www.subnet-calculator.com/ is a nice site to figure out what network options to use.

Once the acl line has been added scroll down to the "TAG: http_access" section and add:
http_access allow twoten_network

Save the file, but don't close it yet and restart squid:
sudo /etc/init.d/squid restart

Hopefully an "[OK]" shows up. Open up Firefox and the proxy needs to be configured.

 Edit->Preferences->Advanced->Network tab->Settings

3128 is the default port for squid. After applying the settings, try to browse to a website. If the site comes up normally, hooray! Almost done!

So now that squid is working normally, it's time to setup the image flipping trickery. First, apache needs a directory to store the images in with the correct permissions:
sudo mkdir /var/www/images
sudo chown www-data:www-data /var/www/images
sudo chmod 755 /var/www/images

Now add Apache to the proxy group:
sudo usermod -aG proxy www-data

Restart Apache:
sudo /etc/init.d/apache2 restart

 Time to use the script provided at http://www.ex-parrot.com/pete/upside-down-ternet.html. Fire up gedit and paste the following:
Edit: just noticed that the sides of the below code are not viewable, however you can copy and paste them into a word processor.

#!/usr/bin/perl
$|=1;
$count = 0;
$pid = $$;
while (<>) {
        chomp $_;
        if ($_ =~ /(.*\.jpg)/i) {
                $url = $1;
                system("/usr/bin/wget", "-q", "-O","/var/www/images/$pid-$count.jpg", "$url");
                system("/usr/bin/mogrify", "-flip","/var/www/images/$pid-$count.jpg");
                print "http://127.0.0.1/images/$pid-$count.jpg\n";
        }
        elsif ($_ =~ /(.*\.gif)/i) {
                $url = $1;
                system("/usr/bin/wget", "-q", "-O","/var/www/images/$pid-$count.gif", "$url");
                system("/usr/bin/mogrify", "-flip","/var/www/images/$pid-$count.gif");
                print "http://127.0.0.1/images/$pid-$count.gif\n";

        }
        else {
                print "$_\n";;
        }
        $count++;
}


If you compare this script to the one on the original page you'll notice I changed the path to the image directory on the lines that start with "system." The script will work with no editing if you used the quoted commands above to create the images directory.  
Save the script as flip.pl in /usr/local/bin. Add permissions:
sudo chmod 755 /usr/local/bin/flip.pl

Add the following to squid.conf
url_rewrite_program /usr/local/bin/flip.pl

Now save and close squid.conf
Change the permissions on the script:
sudo chmod 755 /usr/local/bin/flip.pl

Restart squid and apache:
sudo /etc/init.d/apache2 restart
sudo /etc/init.d/squid restart

Done! Open up a webpage and you should see something like this:

Notice that only .gif and .jpg images are flipped

Since this walkthrough is not using transparent mode, now the victim's computer must be configured. The proxy is configured the same way, but in windows the path may be a little different. For example using Firefox 3.6 in Windows XP, the path is:
Tools->Options->Advanced->Network>Settings

Now all you have to do is be close by to see your victim's reaction!

Let me know if any of the above doesn't work or if you have any other awesome tricks. Also, I'm probably going to write up some instructions on how to do this in transparent mode for confusion on a larger scale.



As always, feedback is welcome.

Upgrading Gentoo using Emerge

A few days ago, for whatever reason, I had the insane urge to upgrade all the software on my Gentoo system to the latest version. I still havent gotten around to compiling the latest kernel that came with the update (2.6.33), mostly because I've forgotton what what hardware I have and I haven't been having any problems with my current kernel (2.6.31).
Things actually went smoothly for the most part, the process only got hung up on compiling and installing Virtual Box. I figured I wouldn't mess around with it because I'm running a Windows XP virtual machine for work and I don't want to screw that up.

I started with syncing emerge:
sudo emerge --sync
and then started the update:
sudo emerge -av --update world --deep
After confirming the upgrade, I let it compile overnight. Unfortunately, I didn't use the "--keep-going" option so the job stopped when it had problems with Virtual Box. I used the "--skip-first" option to successfully complete the rest.

So once that was all finished, I ran etc-update, and crap! 31 config files need to be updated! Mind numbing...
I got to work merging the files that I knew had custom changes in them. After a while, the -3 option was looking really tempting (auto-merge files with new copy). I finally gave in and used it with about 15 files left, and woohoo! Mundane file editing over!

Everything seemed great until I rebooted and I had no internet. Some quick troubleshooting revealed that I was receiving a dhcp address, but no DNS servers, meaning I was able to ping internet IP addresses, but not their names.

A nice little side effect of not being able to resolve names is my time was off, because my ntp client couldn't resolve pool.ntp.org. A temporary fix is really easy, just open up /etc/resolv.conf and add some name servers.

sudo nano /etc/resolv.conf
Then add:
nameserver 208.67.220.220
(OpenDNS)

Once done, I was immediately able to browse the web and sync my time, but why did it happen in the first place? To add to the confusion, every time I reboot the computer, dhcp overwrites the resolv.conf file with a blank file, meaning I have to add the DNS again!
Well, it turns out to be my mistake. I took a look at /etc/conf.d/net and noticed that I had set up the machine for a static IP, but dhcp was also starting at boot, overwriting the file. I'm actually not too sure how it was working before the update, but to fix it I just ended up setting it to full dhcp. After setting that, I rebooted and presto! Internet with no tweaks!

Setting up Amarok Media Player

Now that I have a bunch of new audio files, I wanted to be able to organize and play them in an efficient way. I've heard that Amarok is a really nice audio player, similar to iTunes but a little more powerful. Also, a nice feature is that you can store your music library information in MySQL database, making it quicker than other audio players, particularly if you have a very large music library.

Since I know amarok uses mysql, and it isn't installed on my system, I ran
sudo emerge -av mysql

When it completed installing, I ran
sudo emerge --config dev-db/mysql

(Found on the Gentoo MySQL Guide)
This allowed me to set up the root password.



Checked to make sure it starts normally with
sudo /etc/init.d/mysql start

When it started normally, I added it to the boot sequence with
sudo rc-update add mysql default

Now that MySQL is installed and running, it's time to install Amarok:
sudo emerge -av amarok

Once Amarok was done compiling and installing, I opened it up from the application menu, but nothing happened... When opening from a terminal window I got the following error:

"amarok: error while loading shared libraries: libmysqlclient.so.15: cannot open shared object file: No such file or directory"
I went ahead and ran revdep-rebuild:
sudo revdep-rebuild

to see if that would fix the problem. It's generally one of the first things to try when running into a missing dependency on Gentoo. It scans for missing dependencies and re-compiles files as needed. Missing or broken dependencies are an unfortunate scenario that occasionally comes up with Gentoo. You wouldn't normally see such issues on a binary based distro like Ubuntu or Fedora.

Once the rebuild finished, I ran
sudo etc-update

and replaced the old sql conf file.
After that, I started up Amarok from the application menu, and success! It opened up normally!
Actually it opened with the following dialog showing:


Pressing OK brings the following screen:

This was expected, now we just need to create the SQL database, username, and password as defined in the configuration window. Start with:
mysql -uroot -p mysql

Then type in the password that was set up for root earlier.
Now that we are connected to mysql, we can create a new database with the following:
CREATE database amarokdb;

A "Query OK ..." will display if the command was successful.

We can add a new user with the following:
CREATE USER 'amarokuser'@'localhost' IDENTIFIED BY 'your_password';

You should use something other than "your_password" in the above command.
Again, we are looking for a "Query OK" to verify success.
Finally, we need to set permissions as indicated in the Amarok configuration window:
GRANT ALL ON amarokdb.* TO 'amarokuser'@'localhost' IDENTIFIED BY 'your_password';
FLUSH PRIVILEGES;

Use the password created earlier for "your_password"
The "Query OK" message should display after each command.
At this point, the MySQL database, user, and permission should be successfully created.

Now, back in the Amarok Configure window, replace the password with the one that was created earlier and hit "Apply" or "OK." Then Amarok needs to be completely exited and then reopened for the new database settings to be used. When Amarok is reopened, the following window shows up looking for all the music files.

Find wherever the music files are stored, hit OK and Amarok scans the directory. The files are now shown in the Local Collection on the main Amarok Screen. From here on out it should be somewhat simple to figure out how to add playlists and so on. Check out the User Manual for more info on operating Amarok.

Ripping CDs using K3B

If you read my last post, you know I was on a quest to rip some CDs but was delayed by some hardware problems. Now that those are resolved, I thought I would document the process I used to actually rip the music, using my Gentoo desktop.

I had never ripped CDs using Linux (Who still uses CDs anyway?) so I started searching for an easy to use open source ripper. I have both gtk and kde libraries installed on my system, so it doesn't really matter what desktop the app is built for. One of the most popular Linux applications is Grip. I installed it on my system using "emerge -av grip" I did a test run with it but the interface wasn't very intuitive and I'm very impatient. (Who has time to RTFM?!)
Grip GUI

It seemed easy enough to use with the default settings, but one of my requirements is to rip the tracks using the lossless FLAC audio codec, and I couldn't easily figure out how to do that with Grip.

With Grip out, due to impatience, I kept searching and found K3B. I have used K3B in the past for burning CDs and DVDs but I was unaware that it ripped CDs. I installed K3B using "emerge -av k3b". The install took a while because there were quite a few dependencies my system needed to compile and install. When the installation was complete, I fired it up, and after the fancy splash screen disappeared, I easily found the ripping section of the program using the "More Actions" button on the main screen. I popped in the first CD, a Beethoven compilation, and was delighted to see that it automatically recognized it and downloaded the album and track info from CDDB.

Track info auto populated from CDDB

Selected the "Flac" filetype and custom target folder

Once I had the above settings configured, I hit "Start Ripping" and BAM! Music encoded with FLAC after a few minutes. Using the badass program Amarok (covered in next post) I was able to listen to the ripped music.


Power Supply Troubleshooting and Making a PCIe Video Card Power Cable

So I've been using my computer quite a while now without any type of CD drive attached, and had no need for one until recently. I have been using Gentoo Linux exclusively for about 3 months, but have had it installed for about 6. one of the main reasons for the move to Gentoo was my Windows 7 RC install was getting close to expiring (MS changed the dates... lame). One of the cool things about Gentoo is that all software is compiled for the local system, rather than using binaries, which can give speed increases and also allows for not installing components that are not needed. Portage makes adding software a simple task using the emerge command. If software isn't available through portage or elsewhere on the internet, a USB flash drive easily takes the place of optical media..

Anyway, Amanda and I have been trying to decide on what music we want playing at our wedding so I figured it would make things easier if we ripped the CDs we liked to the computer for easy listening. Good idea in theory, right?
I had an old DVD drive that has been collecting dust for who knows how long, so I figured I would hook it up and I would be ripping CDs in no time. The installation went smoothly… Attach the IDE ribbon cable and set the jumper to master. Pretty simple stuff. Unfortunately, the process was about to turn sour.
After closing the case back up, I hit the power button and was greeted with silence. Hearing nothing after pressing the power button is probably one of the most dreaded problems a computer technician faces. No beep codes, no fans whirring, just nothing. I quickly opened the case back up and unplugged the DVD drive and hit the power button again. Nothing. By this point I was starting to feel a bit anxious. I removed everything from the motherboard except for the processor and tried again. Nothing. Arrgh, what the heck happened?!?

At this point the problem can really be only a few things: The battery on the motherboard had died, the motherboard itself had died, the power button had broke, or the power supply had died. I wanted to check out the power button first, because it tends to be a little sticky and sometimes requires a little finessing. I removed the front cover and clipped the green and white wires leading to the power button. I stripped a little bit of insulation off, exposing the wires and then shorted them. Nothing. Well, that rules out the power switch being broken. By this time we had to run some errands in town, so I figured I would take the BIOS battery with me and get a replacement. I stopped by radio shack and found a replacement for about $5. I wasn't very optimistic that the battery was the problem. It was a long shot at best, but it's a heck of a lot cheaper than a new power supply or motherboard.
When we got back home I changed out the battery and attempted to power on the computer and was greeted with… nothing. That ruled out the cheap fix. Now it was either the motherboard itself or the power supply. A new replacement cost for those might as well be $1,000,000 as we are saving for the wedding and every dollar is closely accounted for. Feeling a little desperate, I sent out some pleas on Facebook and on my work email, begging for spare parts.

While waiting for responses to my distress call, I remembered I had an old Antec 450 truepower powersupply in the closet. Great! I hooked it up to the motherboard, feeling a bit nervous about the much larger main power connector on the motherboard that left some open leads. Once hooked up, I pressed the power button and… success!! Well, sort of. The fans went on and the computer posted, but there was no video. Unfortunately, the old power supply did not have a PCIe power connector, meaning the video card was not fully powered up. At least I knew it was a problem with the power supply and not the mother board…
I did a quick google search and found that adapters to hook up the PCIe video card to my old power supply did exist, but none of the local shops had them, meaning I would have to wait for a cable to be shipped. That seemed unacceptable, so I did some research on the power connector and found out there is nothing special about power input; it's just 12 volts with ground wires, the same as the rest of the components. It just uses a different connector.

When I saw that it uses standard 12v, I figured I could make my own adapter using the cable from the broken power supply, and a Y adapter cable I had. Here's what I started with:


Y Adapter


PCIe cable
Next, I cut off the rubber coating to see how the wires were arranged.



You can see that two wires are just spliced together.
Next, I cut off the end farthest from the connector that plugs into the PCIe card, and also cut off the red wires on the Y adapter. I made sure to tape up the cut wires to avoid shorts.


Cut wires
Next, I stripped the insulation off all the wires and spliced them together, yellow to yellow and black to black.





I then taped up the wires individually to avoid shorts, and finally covered up all of them to tidy things up.


Individual splices insulated



Final product.
I excitedly hooked the new (old) power supply and attached my custom cable to it and the video card. Holding my breath, I pressed the power button, praying the whole thing wouldn't blow up. After pressing the button, I heard the computer power up, and the monitor lit up and displayed the boot sequence.




Yay!
The startup sequence hung because the BIOS time was reset, causing the hard drive to have write times in the future. Once the clock was updated, the computer booted normally. Thus ends the saga of the busted power supply!