JosteinB

Installing Wireshark on Mac OS X 10.6 Snow Leopard

By Jostein | Published: October 29, 2009

After upgrading to Snow Leopard, one of the few things that stopped working for me was

Wireshark

Wireshark, a really cool network analyzer I’m planning to write more about later. What happened was that at startup you get a long list of error messages, and then no network interfaces could be found.

Luckily, Michael Gracie has scavenged the net for a solution, and found it.

Basically, all you need to do is follow the normal instructions, Dragging the app to the Application folder, the ChmodBPF folder in utilities to the StartupItems alias and the contents of the commandLine folder to /usr/local/bin.

Open a terminal and type:

cd /Library/StartupItems sudo chown -R root:wheel ChmodBPF

enter your password and hit enter.

Now start up Wireshark, close the list of error messages, hit edit -> preferences -> name resolution, click the edit button next to “SMI (MIB and PIB paths)”, click “new” and type /usr/share/snmp/mibs/ in the text field. Now click apply / OK, all your way out, exit, and reboot your computer.

After the reboot, everything should be working like a charm.

Posted in IT, Security | Tagged network, no interfaces, wireshark | 4 Comments

Learning web-security through penetration testing

By Jostein | Published: October 26, 2009

At the ROOTS 2009 conference I attended a workshop with Martin Knobloch called

OWASP

“Application Security – Awareness.” Martin works for OWASP, The Open Web Application Security Project, and they have created a lot of cool stuff. On the workshop we got an introduction to WebScarab and WebGoat, and for learning how a lot of software vulnerabilities work, they are great tools, and fun to play with.

WebScarab is a tool to analyze HTTP and HTTPS communication, and intercepts traffic as a proxy between your browser and the application you are analyzing, and let you look at and modify requests. WebScarab itself is not a training tool, but is supposed to be used for serious application analysis.

WebGoat is a Java web application hosted on a local tomcat server, which contains a lot of flaws and vulnerabilities. The application consists of a series of challenges, in which you use WebScarab to crack your way into the application.

The challenges range from very simple stuff like scanning through source code to look for hardcoded passwords, to more interesting things like Cross Site Scripting and SQL-injection for stealing credit card numbers.

Both tools can be downloaded for free from the OWASP download page, and since it is written in Java, it works on all platforms.

Just be sure to disconnect from the internet before starting WebGoat, since it opens up your computer to all the vulnerabilities it contains while it is running.

Posted in IT, Security | Tagged OWASP, penetration testing, Security | Leave a comment

Spoofing your MAC-address in Snow Leopard

By Jostein | Published: October 26, 2009

This might not be the most useful hack, but in some scenarios it might be good to know. And it does show those who believe that blacklisting MAC-addresses on their access point is a good security feature that they are mistaken.

For example the system they used at the college I lived in at the University of Newcastle, where you had to send in a paper form to register your mac-address to the ethernet outlet in your room, and weren’t able to use the internet on your laptop when visiting friends on the campus.

Be aware that using these commands to work around such a policy is probably illegal, though.
In snow leopard, spoofing your ethernet MAC-address is as easy as opening a terminal, and type sudo ifconfig en0 lladdr aa:bb:cc:dd:ee:ff

The address can of course be anything you want it to be.

For spoofing the address of your airport card you first have to disconnect from the network you are currently on, this can be done by clicking the airport-symbol in the menu bar, select join other network, type some random name, hit connect and then cancel. Now type

sudo ifconfig en1 lladdr aa:bb:cc:dd:ee:ff

And then you can reconnect, with your new address.

Update:

Captain Future has created an applescript for spoofing the mac address that looks very nice. It can be found here. Thanks!

Posted in IT, Security | Tagged mac, mac-address, Snow Leopard, spoof, spoofing | 26 Comments

Podcastination

By Jostein | Published: September 13, 2009

The guys at the office, Peder1, Tobias and Morten have started a podcast called Podcastination.

Podcastination

It’s being hosted here, at josteinb.com/podcastination. Who knows, maybe I’ll have to chip in soon too.

It’s supposed to be a weekly event, with light entertainment. The podcast is in norwegian. The pilot is out now!
Edit: The podcast can now also be found at podcastination.josteinb.com

Posted in Humor, Podcast | Tagged Podcast, podcastination | Leave a comment

Switched to WordPress

By Jostein | Published: September 13, 2009

Wordpress

Well, after using Joomla! for my blog since March, I got tired of it. Joomla is great for building large websites, but it was way too complicated for a simple blog like this. Also, it’s kind of strange that a open source project got next to no documentation. I had some problems migrating the articles from the Joomla database because of some charset errors from norwegian letters, but have imported the most important stuff now. Using WordPress is a whole different experience… so easy!

I guess I have to learn hacking WordPress themes now.

Posted in IT | Tagged Joomla, wordpress | Leave a comment

Halcyon Eclipse mod / repair

By Jostein | Published: September 12, 2009

Halcyon

The Halcyon Eclipse is an amazing wing to dive with, but for us cold water divers with thick gloves, the little string on the dump valve is way too hard to get a grip on under water. It doesn’t come with any knobs or any other help for catching it, since that’s apparently violating the DIR philosophy. On top of that, my dump valve had so sharp edges it cut through the string after 20 or so dives.

The solution is very simple- you just need a dremel and a new, thicker string. The construct of the valve is very simple, only four parts in total. Plus the string.

Ungdomskulen at Hulen

By Jostein | Published: August 18, 2009

Ungdomskulen played a concert at Hulen this friday, and it was absolutely amazing. I was on duty as a photographer, and even though the lighting was challenging at best, there were a few shots I am happy about. I’m putting up a couple of photos here, the rest will be available at hulen.no‘s gallery shortly.

If you’re unfamiliar with Ungdomskulen, check out their myspace page and listen to their music.

ungdomskulen guitar player

ungdomskulen bass player

ungdomskulen drummer

Come back soon, guys!

Posted in Music, Photo | Tagged Hulen, Konsert, Ungdomskulen | Leave a comment

The Diaper Pattern

By Jostein | Published: May 15, 2009

At the final presentation of our XP-driven webshop project we ended up in a discussion about whether to catch runtime exceptions at the top-level or not. After having attended a talk by Kåre Nilsen at ROOTS 2009, called “Enterprise app without enterprise crap”, we took the stand that we did not want to catch the exceptions and rather try to fix them if they occured in stead of hiding what went wrong.

It turns out there is an anti-pattern that describes this dilemma, called the Diaper Pattern. -”Because it catches all the shit”.

Now what’s left to decide is whether this applies to web apps or not…

Posted in IT | Tagged anti-pattern, diaper pattern | Leave a comment

Denver Mini På Garage

By Jostein | Published: May 10, 2009

På torsdag fikk Peder 2 beskjed om at Denver Mini skulle spille konsert, og bassisten var borte. Så etter en øving var det konsert på fredag. Og Peder 1 fikk dokumentert litt av konserten: