Kilala.nl - Personal website of Thomas Sluyter

Unimportant background
Login
  RSS feed

About me

Blog archives

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

> Weblog

> Sysadmin articles

> Maths teaching

Games I love(d): Stardew Valley

2016-05-01 09:22:00

A screenshot from The Mirror

While I might play games often, I don't play a multitude of games. I like sinking quite some time into games that are really good, instead of jumping to and fro. I often get suggestions for good games from the likes of Penny Arcade or other gaming blogs/comics. Case in point: I found out about 2015's indy hit Stardew Valley

I've never played Harvest Moon games, despite knowing they're pretty darn good. I've been wanting to get into it, but never did. Imagine my joy when I learned about Stardew Valley, the bastard lovechild of Harvest Moon, Animal Crossing and modern-day indy game and modding mentality. I'll let some reviews do the explaining: Ars Technica and PC Gamer.

Why do I love it so much? Mostly because:

It's hard to believe that all of it was made by a single person! Sure it took him four years, but still!


kilala.nl tags: ,

View or add comments (curr. 0)

Building the BoKS Puppet module

2016-04-20 20:35:00

Yesterday I published the BoKS Puppet module on Puppet Forge! So far I've sunk sixty hours into making a functional PoC, which installs and configures a properly running BoKS client. I would like to thank Mark Lambiase for offering me the chance to work on this project as a research consultant for FoxT. I'd also like to thank Ger Apeldoorn for his coaching and Ken Deschene for sparring with me. 

BoKS Puppet module at the Forge.

In case anyone is curious about my own build process for the Puppet module, I've kept a detailed journal over the past few months which has now been published as a paper on our website -> Building the BoKS Puppet module.pdf

I'm very curious about your thoughts on it all. I reckon it'll make clear that I went into this project with only limited experience, learning as I went :)


kilala.nl tags: , ,

View or add comments (curr. 0)

A very productive week: BoKS, Puppet and security

2016-04-17 00:28:00

I have had a wonderfully productive week! Next to my daily gig at $CLIENT, I have rebuilt my burner laptop with Kali 2016 (after the recent CTF event) and I have put eight hours into the BoKS Puppet module I'm building for Fox Technologies.  

The latter has been a great learning experience, building on the training that Ger Apeldoorn gave me last year. I've had a few successes this week, by migrating the module to Hiera and by resolving a concurrency issue I was having.

With regards to running Kali 2016 on the Lenovo s21e? I've learned that the ISO for Kali 2016 does not include the old installer application in the live environment. Thus it was impossible to boot from a USB live environment to install Kali on /dev/mmcblk1pX. Instead, I opted to reinstall Kali 2, after which I performed an "apt-get dist-upgrade" to upgrade to Kali 2016. Worked very well once I put that puzzle together.


kilala.nl tags: , ,

View or add comments (curr. 0)

CTF036 security event in Almere

2016-04-01 19:01:00

My notes from CTF036

A few weeks ago Almere-local consulting firm Ultimum posted on LinkedIn about their upcoming capture the flag event CTF036. Having had my first taste of CTF at last fall's PvIB event, I was eager to jump in again! 

The morning's three lectures were awesome!

The afternoon's CTF provided the following case (summarized): "De Kiespijn Praktijk is a healthcare provider whom you are hired to attack. Your goal is to grab as many of their medical record identifiers as you can. Based on an email that you intercepted you know that they have 5 externally hosted servers, 2 of which are accessible through the Internet. They also have wifi at their offices, with Windows PCs." The maximum score would be achieved by grabbing 24 records, for 240 points. 

I didn't have any illusions of scoring any points at all, because I still don't have any PenTesting experience. For starters, I decided to start reconnaissance through two paths: the Internet and the wifi. 

As you can see from my notes it was easy to find the DKP-WIFI-D (as I was on the D-block) MAC address, for use with Reaver to crack the wifi password. Unfortunately my burner laptop lacks both the processing power and a properly sniffing wlan adapter, so I couldn't get in that way. 

I was luckier going at their servers:

  1. Sanne's home directory, which actually contained a text file with "important patients". BAM! Three medical records!!
  2. The /etc/shadow file had an easily crackable password for user Henk. Unfortunately that username+password did not let me access the .15 server through SSH or Webmin.
  3. Sanne has a mailbox! In /home/vmail I found her mailbox and it was receiving email! I used the Drupal site's password recovery to access her Drupal account. 

I didn't find anything using Sanne's account on the Drupal site. But boy was I wrong! 16:00 had come and gone, when my neighbor informed me that I simply should have added q=admin to Sanne's session's URL. Her admin section would have given me access to six more patient records! Six! 

Today was a well-spent day! My first time using Metasploit! My first time trying WPA2 hacking! Putting together a great puzzle to get more and more access :) Thanks Ultimum! I'm very much looking forward to next year's CTF!


kilala.nl tags: , ,

View or add comments (curr. 0)

Games I love(d): League of Legends

2016-03-20 16:41:00

The four LOL ribbons

The past two years I haven't been keeping this diary, so I've played a lot of games that I really enjoyed which I haven't written about. This's the first update in a series about games that I absolutely love (or loved) and which played an important role in my life. First up: League of Legends

LoL is the prime example of something I've often been "accused" of: "Thomas, you just can't do anything without taking it seriously!

Let's back it up a little bit... I'd heard of MOBA games before 2014: I knew of the Warcraft 3 spinoff DotA and I'd heard about LoL from my colleague Wim. They sounded like fun games, but as is often the case I never had time to give'm a try. In the summer of 2014 I started watching the LoL championships online. Season 3 was very exciting and I loved the "Road to Worlds" documentary. 

During our holiday in Austria I picked up another MOBA, on the iPad: Fates Forever. It was a very fun game and easy to pick up for newbies like myself. I got into the community and even designed a sweater for myself, with my favorite character Renwil. FF went offline in the fall of 2015, so I can't play the game anymore.

Despite watching LoL championships and playing FF I still kept away from actually playing LoL. As my mom once told me: “Whenever we’d take you somewhere new, I’d see you hanging around the sidelines, watching very intently. You were always trying to mentally grasp what was going on and how things worked. And you almost never dared to actually participate until you’d figured it out." And that's true, I was intimidated by LoL and didn't want to fsck up right from the start. 

By the end of December 2014 I had finished a long and hard certification process (RHCE) and I told myself: "This is it! I'm gonna take three months and do nothing except gaming!". That's when I dove in! And that's where the aforementioned accusation comes in ^_^

I didn't dick around with LoL! I decided that I was going to study hard to play a limited pool of characters that each fit two roles, so I could be of good use to any team I'd join for a game. Volibear was my very first character and I shelled out the money to buy him out-right. What's there not to love! A huge, friggin' polar bear with armor! I learned to play him in both toplane and the jungle. But my true love would become the support role, which is a role that suits my real life: I love being the one who supports his team, so they can win the day. Soraka is my all-time favorite character (my "main") and later on I also learned to play Janna, Annie, Lux and Morgana.

To be honest, I feel that I got pretty good. I found a few friends with whom I could play great games and I often got recognized as a valuable contributor. Over the three to four months which I played the game, I worked myself up to level 30 (to most people the "real" start of the game) and I was awared all four "honor ribbons" (shown top-left). I'd pore over patch notes and study pro games as well as replays of my own team's games. It was a lot of hard work, but I had an absolute blast! 

By April of 2015 the time came for me to return to studying. I started my Oracle studies by then and I also got some extra work. I said my farewells to my friends, most importantly Hedin (who played as Limerick / Dovetail) from the Farroe Islands. He was an absolute joy to play with! I never did start Ranked play, so I don't know how good I could've gotten. I'm sure that I was only on the very first step of properly learning League of Legends.


kilala.nl tags: ,

View or add comments (curr. 0)

Passed my NACA examination

2016-03-16 08:02:00

NACA logo

With many thanks to Nexpose consultant Mark Doyle for his trust in me and his coaching and with thanks to my colleagues at $CLIENT for offering me the chance to learn something new!

This morning I passed my NACA (Nexpose Advanced Certified Administrator) examination, with an 85% score.

While preparing for the exam I searched online to find stories of test takers, describing their experiences with the NCA and NACA exams. Unfortunately I couldn't really find any, aside from one blogpost from 2012. 

For starters, the exam will be taken through Rapid7's ExpertTracks portal. If you're going to take their test, you might as well register beforehand. Purchasing the voucher through their website proved to be interesting: I ran into a few bugs which prevented my order from being properly processed. With the help of Rapid7's training department, things were sorted out in a few days and I got my voucher.

The examination site is nice enough, though there are two features that I missed while taking the test:

  1. There is no option to mark your questions for review, a feature most computer-based exams provide.
  2. Even if you could mark your questions, there apparently is no index page that allows you to quickly jump to specific questions. 

I made do with a notepad (to mark the questions) and by editing the URL in the address bar, to access the questions I wanted to review. 

The exam covers 75 questions, is "open book" and you're allowed to take 120 minutes. I finished in 44 minutes, with an 85% score (80% needed to pass). None of the questions struck me as badly worded, which is great! No apparent "traps" set out to trick you. 


kilala.nl tags: , ,

View or add comments (curr. 0)

Running Jira locally on Mac OS X

2016-03-10 19:39:00

Jira on OS X

It's no secret that I'm a staunch lover of Atlassian's Jira, a project and workload management tool for DevOps (or agile) teams. I was introduced to Jira at my previous client and I've introduced it myself at $CURRENTCLIENT. The ease with which we can outline all of our work and divide it among the team is wonderful and despite not actually using "scrum", we still reap plenty of benefits!

Unfortunately I couldn't get an official Jira project setup on $CUSTOMER's servers, so instead I opted for a local install on my Macbook. Sure, it foregoes a lot of the teamwork benefits that Jira offers, but at least it's something. Besides, this way I can use Jira for two of my other projects as well! 

Getting Jira up and running with a standalone installation on my Mac took a bit of fiddling. Even Atlassian's own instructions were far from bullet proof.

Here's what I did:

  1. Download the OS X installer for Jira. It comes as a .tgz.
  2. Extract the installer wherever you'd like; I even kept it in ~/Downloads for the time being.
  3. Make a separate folder for Jira's contents, like ~/Documents/Jira.
  4. Ensure that you have Java 8 installed on your Mac. Get it from Oracle's website.
  5. Browse to the unpacked Jira folder and find the script "check-java.sh". You'll need to change one line so it reads as follows, otherwise Jira won't boot: "$_RUNJAVA" -version 2>&1 | grep "java version" | (
  6. Find the files "start-jira.sh" and "stop-jira.sh" and add the following lines at their top:
export PATH="/Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/bin:$PATH"
export JAVA_HOME="/Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home"
export JRE_HOME="/Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home"
export JIRA_HOME="/Users/thomas/Documents/Jira"

You should now be able to startup Jira, from the Terminal, by running the "start-jira.sh" script. The best thing is that Jira handles the sleep mode a laptop just fine (at least it does so on OS X), so you can safely forget about your Terminal session and close it. I've had Jira run for days on end, with many sleeps and resumes each day!

Upgrading Jira should be as easy as downloading the latest archive (step 1) and then repeating steps 5 and 6 on the files from the new installation. All Jira data lives outside of the installation path, thanks to step 3.

EDIT: If you ever need to move your Jira data directory elsewhere (or rename it), then you'll need to re-adjust the setting of JIRA_HOME in the shell scripts. You will also need to change the database path in dbconfig.xml (which lives inside your Jira data directory). 


kilala.nl tags: , ,

View or add comments (curr. 0)

Using the Nexpose API in Linux shell scripts to bulk-create users

2016-03-02 15:09:00

The past few weeks I've spent at $CLIENT, working on their Nexpose virtual appliances. Nexpose is Rapid7's automated vulnerability scanning tool, which may also be used in unison with Rapid7's more famous product: Metasploit. It's a pretty nice tool, but it certainly needs some work to get it all up and running in a large, corporate environment.

One of the more practical aspects of our setup, is the creation of user accounts in Nexpose's web interface. Usually, you'd have to click a few times and enter a bunch of textfields for each user. This gets boring for larger groups of users, especially if you have more than one Security Console host. To make our lives just a little easier, we have at least setup the hosts to authenticate against AD.

I've fiddled around with Nexpose's API this afternoon, and after a lot of learning and trying ("Van proberen ga je het leren!" as I always tell my daughter) I've gotten things to work very nicely! I now have a basic Linux shell script (bash, but should also work in ksh) that creates user accounts in the Nexpose GUI for you!

Below is a small PoC, which should be easily adjusted to suit your own needs. Enjoy!

=====================================

#!/bin/bash
 
# In order to make API calls to Nexpose, we need to setup a session.
# A successful login returns the following:
# <LoginResponse success="1" session-id="F7377393AEC8877942E321FBDD9782C872BA8AE3"/>
 
NexposeLogin() {
        NXUSER=""
        NXPASS=""
        NXSERVER="127.0.0.1"
        NXPORT="3780"
        API="1.1"
        URI="https://${NXSERVER}:${NXPORT}/api/${API}/xml"
        NXSESSION=""
 
        echo -e "\n===================================="
        echo -e " LOGGING IN TO NEXPOSE, FOR API CALLS."
        echo -e "\n===================================="
        echo -e "Admin username: \c"; read NXUSER
        echo -e "Admin password: \c"; read NXPASS
 
        LOGIN="<LoginRequest synch-id='0' password='${NXPASS}' user-id='${NXUSER}'></LoginRequest>"
 
        export NXSESSION=$(echo "${LOGIN}" | curl -s -k -H "Content-Type:text/xml" -d @- ${URI} | head -1 | awk -F\" '{print $4}')
}
 
# Now that we have a session, we can make new users.
#    You will need to know the ID number for the desired authenticator.
# You can get this with: <UserAuthenticatorListingRequest session-id='...'/>
#    A user request takes the following shape, based on the API v1.1 docu.
#  <UserSaveRequest session-id='...'>
#  <UserConfig id="-1" role-name="user" authsrcid="9" authModule="LDAP" name="apitest2"
#   fullname="Test van de API" administrator="0" enabled="1">
#  </UserConfig>
#  </UserSaveRequest>
# On success, this returns:
#  <UserSaveResponse success="1" id="41">
# </UserSaveResponse>
 
NexposeCreateUser() {
        NEWUSER="${1}"
        SUCCESS="0"
        NXAUTHENTICATOR="9" # You must figure this out from Nexpose, see above
        NXROLE="user"
        SCRATCHFILE="/tmp/$(basename ${0}).temp"
 
        echo "<UserSaveRequest session-id='${NXSESSION}'>" > ${SCRATCHFILE}
        echo "<UserConfig id='-1' role-name='${NXROLE}' authsrcid='${NXAUTHENTICATOR}' authModule='LDAP' name='${NEWUSER}' fullname='${NEWUSER}' administrator='0' enabled='1'>" >> ${SCRATCHFILE}
        echo "</UserConfig>" >> ${SCRATCHFILE}
        echo "</UserSaveRequest>" >> ${SCRATCHFILE}
 
        SUCCESS=$(cat ${SCRATCHFILE} | curl -s -k -H "Content-Type:text/xml" -d @- ${URI} | head -1 | awk -F\" '{print $2}')
        [[ ${SUCCESS} -eq 0 ]] && logger ERROR "Failed to create Nexpose user ${NEWUSER}."
        rm ${SCRATCHFILE}
}
 
NexposeLogin
NexposeCreateUser apitest1

kilala.nl tags: , ,

View or add comments (curr. 0)

Older blog posts