Monday, February 25, 2013

SSL Spoofing with Surrogate

I've been doing a lot with SSL certificates recently.  Setting up certificate authorities for testing purposes and other things got me thinking about what it would take to spoof SSL certificates for any site.   Taking over the session at HTTP CONNECT time is easy enough, but then the problem becomes generating certificates.

Enter uCA.  uCA is a micro certification authority.  Once uCA has been configured with its initial CA cert it presents an HTTP interface that can be used to request a certificate and key pair for any commonName.  I have configured Surrogate to request a key and certificate pair from uCA based on the requested CONNECT host.  Surrogate then upgrades the connection to SSL then hands the socket back to the main HTTP proxy handler.

After working out a few bugs I am now able to browse SSL sites that are validated by my local certificate authority.
I still need to add some configuration options for surroage and improve the security and user interface of uCA, but my initial proof of concept is working.

Sunday, September 16, 2012

Forking ejabberd

This weekend I decided to start playing with a fork of ejabberd.  I have already started refactoring things in preparation for adding dynamic vhost creation and removal.  I'm calling it Fork21 and I already have a new website devoted to it.

All of this comes after building Chatmongers with ejabberd 3 which has resulted in me having a number of misgivings about ejabberd 3.  It looked like it should be coming out soon when we first evaluated it in the summer of 2011.  15 months later I'm not sure if it will ever ship and the current alpha release has some problematic breakage.  In the name of getting a better chat system for chatmongers the dynamic vhost management features need to be implemented in ejabberd 2.1.x.

I may run out of time before I can finish this so I don't want to make too many promises so for now Fork21 is an interesting project for me to fix whatever I don't like about the current ejabberd.  If the problems with ejabberd 3 can't be resolved then chatmongers as a service may not be viable long term.

For the moment I'm working on Fork21 for my own enjoyment.  If I produce something useful that others like or that is useful to fixing Chatmongers then that just means I'm not alone in wanting what I'm trying to turn ejabberd into.  If nobody cares then I had some fun hacking on an interesting piece of software.

Thursday, June 23, 2011

Configuring skype connect with FreePBX

Today I have been fighting my way through configuring skype connect with my PBX. Skype connect is a feature that allows skype calls to be terminated to a SIP based phone system. Skype charges a small monthly fee per channel to do this termination.

There were no configuration guides available for setting this up with FreePBX so I just played with the settings until I got something working without having to enable anonymous sip calls in.

Trunk Name: skype-trunk
Peer Details:
host=sip.skype.com
username=
secret=
port=5060

User Context:
User Details:
type=friend
host=sip.skype.com
insecure=very
context=from-trunk

Register string:
:@sip.skype.com:5060

The User Context value isn't terribly critical. I had it set to "anonymous" since the calls coming from skype come from anonymous@sip.skype.com, but I felt like it was easier to identify the channels by using the userID skype provides. Also, the userid and secret are not skype credentials. They are values provided in the skype manager as your sip credentials when you sign up for skype to sip trunks using the skype connect service.

Friday, July 31, 2009

Getting through firewalls with ping

The gauntlet was thrown. The lodgenet network at the riviera was blocking everything unless you pay.

Things we tried:
  • DNS tunnels
  • Listening outside on externalhost:1111
  • PingTunnel FTW!!!!
Once I verified that ICMP pings were making it all the way out and back from the public internet I started looking for a ping tunnel.

Enter PingTunnel (http://www.cs.uit.no/~daniels/PingTunnel/)

I downloaded and installed PingTunnel on my laptop and on my linode.

On the linode:
ptunnel -x [password]

On my laptop:
ptunnel -x
[password] -p -lp 8001 -da 127.0.0.1 -dp 22

This tunnels localhost:8001 to my linode:22

I finish by creating a socks proxy using ssh dynamic port forwarding:
ssh [user]@localhost -p 8001 -D 1080

Once I log into my server I configure firefox to use localhost:1080 as a socks proxy.

After these steps I'm using lodgenet internet without getting caught by the gateway.

Huzzah!

PS. If you don't think it will work, I'm posting this through the tunnel.

Update:
Connections can be problematic. You must allow all ICMP on input. The following iptables rules work for me:

iptables -F
iptables -P INPUT ACCEPT
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -p icmp -j ACCEPT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -j DROP

The icmp rule is the one I changed that got it working.

Thursday, April 17, 2008

Programming projects

I've started playing with Erlang again. I know what you're thinking... "What? Shaun doing something in erlang? Well, I never." There has been that small matter of some people asking me if I would use Erlang any time I present an interesting problem. My normal answer is No, that's not what it's for.

I've been thinking of picking up my DNS proxy code as well as writing a syslog receiver. Look at me reinvent the wheel, with clustering and supervision trees!

We'll see what I find time to get done. There is still that small matter of my day job and having a life at night.

Sunday, December 09, 2007

Finals

The semester is almost over. All I can say is that calculus is awesome. I have my final on Wednesday, I expect it's going to be fun.

In other news I'm having alot of fun with programming. I added CS 1400 Fundamentals of programming to my spring semester schedule. Yesterday I managed to execute an erlang module written and compiled on my linux box on my omniFlash. Pretty soon here I'll have Yaws and ErlyWeb running. Not too bad for a 200MHz arm with 32MB ram.

I'm pretty sure that the CS 1400 class is going to be kind of a walk. I'll be excited to see how it all works out.

Saturday, August 18, 2007

More fun with the hobie

Last week I went sailing up at bear lake. Today, I went sailing with my brother. I think the first lesson I learned today is that I need to get up earlier. If I get to the lake and the wind is already blowing pretty well, I've wasted that good sailing time.

Another lesson I learned is to make sure I secure the tiller extension arm before travel. The extension arm that makes it so you don't have to be sitting on the back edge of the boat the whole time in order to steer. The extension arm also costs $80, so if you drive out of the bear lake marina without securing it that's what the replacement is going to cost you.

I'm pretty sure it's a mistake that only has to be made once.

Other than that I've used silicone to cover the cracks in the starboard transom that were leaking so I should be good at least until the end of the season.

I bought some spare parts at my local Hobie dealer. I picked up some shackles lest I lose one while rigging the boat. I also got a new wind indicator. Apparently the flag decided to fall of of my old one between where I stepped the mast and where I put the boat in the water. Go figure.

I'm not sure how much this boat will end up costing me, but I'm pretty sure it will be worth it.