Sharing Your Hotel WiFi Voucher With Yourself

If you are in a foreign country, away from home, staying at a hotel, chances are you have horrible data roaming. Whether it is speed or cost, you want to get connected to a wifi hotspot as soon as possible.

Security problems aside, one of the issues with paid (or given as a pre-paid voucher to staying guests) wifi is that the system has some form of access controls. Most often your browser will get hijacked and taken to the log-in page. When you authenticate, the hotspot associates your MAC address with the credentials you supplied, and you are free to browse the internet.

Well, what happens if this association is permanent? I.e. once you log in with your computer, only that computer can use the hotspot. What about your phone? What about other devices? In such case, you have purchased internet access, but the access is restricted to one appliance, instead of one person.

There may be terms and conditions which you could violate by bypassing the restriction. Read them and see if you’re allowed to connect other devices.

Meh. So how could we get around it?

Solution: share internet from this device.
So you got internet on your phone. Good. Share this access via cable or bluetooth (or wifi, perhaps) with your other devices. Problem solved! Quick and easy, if your phone supports it.
You could do this with your laptop as well, but you would probably need an external wireless network card as well.

Solution: use the same MAC address.
Note the MAC address of your phone, and then associate the account with your phone. When you want to use your laptop, simply change the MAC of your wireless interface to that of your phone. Disconnect your phone before you connect your laptop.
On Linux, you would run something like “sudo ifconfig wlan0 hw ether aa:bb:cc:dd:ee:ff”, where wlan0 is your wireless interface and the a-f is the MAC of your phone.

Home Network Storage With Point and Click ZFS!

nas

I’ve kind of forgotten to post about my “new” NAS, which sort of replaced my old Buffalo Link Station Live 3Tb.

I had somewhat of a complicated relationship with the Link Station – on one hand it “did what it was supposed to”, but on the other hand it didn’t do anything else. Yes, it had a lot of nice features, but it couldn’t run them because then it would run out of system resources.

So when I upgraded my PC (as in bought a new one, reused the SSD and one drive), I was thinking of converting the leftover hardware into a NAS.

I wanted the following features:
* More than 3T storage in one logical drive
* One disk redundancy
* Portability (Can restore volume on another machine)
* Semi-future-proof
* Silent (as in I should be able to sleep with it on)
* Encryption

Since I’m mostly familiar with Linux, I looked into some software-RAID possibilities. The idea was that I could install a distro onto a flash drive, thereby saving an internal HDD slot, and run a software RAID creating both one logical drive and giving me redundancy.

While researching, a friend of mine lost his array due to software error (probably some human error too, perhaps) when the system drive got corrupted. I didn’t like the idea that some setups required configuration on the system disk because then the setup wouldn’t be portable in case of a system failure.

I’ve had my eye on ZFS for some time, but never got around to implementing it because of the hardware requirements. Suddenly ZFS looked like a much better option. Originally I kind of wanted to run services on my NAS as well, which probably wouldn’t be possible with the kind of memory ZFS requires. However, I knew that if I were to run a multitude of services on the same machine which also hosted all my files, I’d eventually break something important. So perhaps, I thought, it’d be better to just go for ZFS.

Point and click ZFS? FreeNAS!

FreeNAS works flawlessly for me, albeit a bit slow at times. That might not be FreeNAS fault, though, it could be my SATA controller. It’s currently hosting 3x1T and 3x3T of storage, shared over a gigabit interface.

The admin web interface is very responsive and the only operation that actually takes a while is volume mounting, which is to be expected. It’s only done once per reboot anyway. You have access to pretty much all configuration from there, and a (somewhat laggy) terminal. A regular console is available if you plug in a display and keyboard.

Finally, let’s round it up with a little bit of pros and cons.

Pros:
Point and click ZFS, with disk encryption and network sharing.
Extensive admin web interface.
Based on FreeBSD.
Can run from a CD or USB drive.

Cons:
If something breaks you might have to bring up a terminal.
You can’t put files on the flash drive, i.e. scripts etc.
Could have been better at displaying system information, like S.M.A.R.T details and disk temperature.

Bottom line: go install FreeNAS if you need a file storage machine!

How to import the OWASP Broken Web Applications virtual machine in VirtualBox

Step 1

Download the OWASP BWA files: https://www.owasp.org/index.php/OWASP_Broken_Web_Applications_Project

Step 2

Create a folder and extract all files there. Probably a good idea to put the folder right next to your other virtual machines, if you have any. This folder shouldn’t move around.

Step 3

Open VirtualBox and create a new machine named OWASP BWA (or whatever) as Linux/Ubuntu. Set RAM to something appropriate (I’m using 2Gb because I can).

Use existing hard drive, select the files you just extracted.

Step 4

Run.

Optional

You might want to fiddle around with various settings, like bridging the network interface etc. It’s not recommended to allow anyone since OWASP BWA contains multiple security holes, though.

How to Restore OwnCloud Password Without an Email

Forgetting your password can be tiresome, especially if you’re the (only) administrator. Owncloud allows you to reset your password via the user-supplied email address, but this does of course only work if you have an email associated with your account.

Furthermore, the system needs to have a mail server configured. Perhaps you don’t, because of some reason, want to have a mail server up and running.

So here’s how you reset your owncloud admin (or user) password the quick and dirty way.

NOTE: This worked for me, at the time of posting. Future versions might not work this way. Please do proper research before looking into my solution. I am in no way responsible for you breaking something. OK?

First, log in as root or make sure you have sudo access. Or at least make sure you are allowed to modify the owncloud files.

cd /var/www/owncloud/core/lostpassword

We will be modifying the password reset function, instead of going into the database. Please back your existing controller.php file up, and understand that you are going to be susceptible to hacking attempts while making the following modifications.

nano controller.php

We want to supply an email to the system by hard-coding it, and then print the password-reset URL to us. OwnCloud will then continue with its own procedures and attempt to mail the password to the email you provide. Essentially we’re printing the link you’re supposed to get via mail. If you leave this modification in place, anyone will be able to gain access to your OwnCloud!

Go to line 48 and on the line below insert (line 48 begins with $email)

$email = “your-email@domain.tld”; //Set email

Then go to line 53 and on the line below insert (line 53 begins with $link, and this is line 53 after you added the previous line.)

echo $link; //Print email reset link (DO NOT LEAVE THIS IN PLACE)

Now go to your OwnCloud, and try to log in. When it fails, click forgot password link, and then enter your username. You should see the password reset URL pop up. Copy, paste, and chose a new password.

Then, enter

nano controller.php

And remove the lines you just added! DO NOT LEAVE THEM IN PLACE.

I found this to be easier than to edit the database.

Cheers!

Configure SSH to Use Keyfiles Automatically

If you have multiple SSH-keys, perhaps a different one to each server, this can make your life a lot easier. Less typing is better.

Or perhaps you are configuring a remote git repository, or access through some other software.

Go ahead and

nano ~/.ssh/config

And add

Host example.com
IdentityFile ~.ssh/yourkey

Change the domain and filename of your key to the proper values.

Stop Apache2 from listening on port 80

I assume you have enabled SSL so the site is accessible via HTTPS.

Assuming you haven’t changed the configuration, go ahead and type

unlink /etc/apache2/sites-enabled/000-default

This would remove the symlink named 000-default, which points to the default vhost found in sites-available. If you have altered the config, make sure to remove any vhost listening on *:80.

This first step is kind of straight-forward. You want Apache2 to stop listening on port 80, you remove any vhost on that port. But that’s not all.

Open up ports.conf

nano /etc/apache2/ports.conf

Comment out (put # at the beginning of the line)

NameVirtualHost *:80
Listen 80

Go ahead and restart the web server and load the changes

service apache2 restart

Now Apache2 should listen on port 443, and 443 only.

Enable HTTPS on Apache2

This would be a quick way to enable HTTPS (SSL) on Apache2.

cd /etc/apache2/sites-enabled
ln -s 001-ssl ../sites-available/default-ssl
nano 001-ssl

Make sure that the vhost configuration is valid. By default it is configured to /var/www. You might want to have some other directory as your document root.

Then run

a2enmod ssl
service apache2 restart

Do leave a comment if you get any errors. Remember to use sudo if you do not have a root shell.

Raspberry Pi – Transmit FM Radio

Did you ever want to play your own music on that unintelligent stereo? Well, apparently, now you can!

I stumbled across a nice guide on how to transmit FM radio with a Raspberry Pi, containing everything you need to set up your own radio station. Speaking of radio stations, do note that you need a proper license to transmit on a lot of frequencies. I seriously doubt you’ll be allowed to transmit on anything remotely close to what your old radio can tune in to (88-108 Mhz).

They claim you’re able to transmit on 1Mhz to 250Mhz though, so you might find somewhere to send, depending on local and national laws.

In some regions, you are allowed to transmit as long as the transmitter is weak enough not to interfere with other stations. If you live in Sweden, go ahead and read this.