Table of Contents

Matthew Page's Wiki ~~TOC~~

Installing and Setting up a Samba Server

There are several steps one must take in order to effectively set up and configure a fully functioning Samba Server.

1) The first step is going to be getting the physical machine and hard ware to use for the sambas server. This doesn't need anything particularly fancy and in many case many old machines that are “outdated” by some standards are perfectly fine or even over powered for being designated as a server machine. Although one caveat of a file server is that it will need the requisite hard drive space for whatever scale of file server that one would need. Once these hardware components are built then one can begin with the next phase.

2) For the second step one needs to format and partition the hard drives(s) on the desired machine in preparation for installation an operating system< I'm thinking Debian Linux, but any Linux distribution is capable of performing such tasks. First you have to determine the architecture of the system you are installing it on whether it be 32 bit or 64 bit and ideally you would want a headless system so you can pick any of the images that are suitable for your architecture and preferably minimal or server edition from a mirror in or near your country here: https://www.debian.org/CD/http-ftp/

Once you have the iso file downloaded you, for simplicity sake I'm going to call it debian.iso when in reality it might be something more like debian-8.4.0-amd64.iso or something to that effect. On a Windows machine you would need to have some kind of software to write an image to a disc like a CD or DVD, or software to write the image to a USB drive as an installer flash drive. I have seen many beginners mistakenly think that merely copying the iso file directly onto a USB or CD and then it doesn't work, the contents of the iso should be visible once completed effectively. For windows user they can download Rufus here: https://rufus.akeo.ie/ Linux and Mac users can just use the commandline to accomplish this because we're cool like that. First after inserting a USB that you want to make a bootable installer for Debian, you have to determien teh drive location of this USb drive. I personally use:

sudo fdisk -l 


to locate the USB drive as I normally don't have anything extraneous left plugged into my machines. /dev/sda is almost always the main hard disk drive, but when using this dd command one definitely wants to be sure otherwise you can wipe your very system drive out. So if I was to assume that the results of the fdisk -l command resulting in a number of /dev/sda partitions on the main system: /dev/sda1, /dev/sda2,/dev/sda3 adn then another drive: /dev/sdb1 as out USB drive. You can write to the specific partition but I almost exclusively wrute to the device as a whoel adn use a blocksize of 4 megabytes and run sync afterwards with my whole comamnd also including the path to the iso file included in if (input file) segment:

sudo dd bs=4M if=/path/to/file/debian.iso of=/dev/sdb && sync


If this is successful you should have a bootable USB drive. Now on the machine you are attempting to install Debian onto you need to make sure the BIOS settings are set for booting from a flash drive to be allowed and also that it is ahead of the internal hard drive in the boot order.

Then simply rebooting and following the guided installation as most Linux distributions typically have, you can finish up the basic vanilla installation and set a root password and install the bootloader to /dev/sda on the new samba server machine.

3) Now that the new machine should have a bootable functioning bare bones Debian Linux system on it, we need to install the samba server software and maybe the samba client software. On Debian we will install it with apt, for other distributions you would install it with the package manager for that Linux distro:

sudo apt-get install samba smbclient


That is pretty much it for basic installation of Samba File Server services onto this system all that remains is to configure the samba server to your desires and needs for the file server.

4) Configure samba. Do it!!!! Do it, Dan Shadeck! Ok, nevermind, the samba configuration file is located typically at /etc/samba/smb.conf.

[global]
	workgroup = SIMPLE 
[test] 
	comment = For testing only, please
	path = /export/samba/test
	read only = no
	guest ok = yes

Some additional documentation about the Samba configuration:

https://www.samba.org/samba/docs/using_samba/ch06.html

And for no apparent reason, this one man band guy playing “No Woman, No Cry”:


Summer of code 2016 plans and shared tmux sessions

After seeing this semester's systems programming playing with some ncurses I was pretty jealous so I decided that over the summer I'm going to start playing with ncurses and learnign and experimentign with it. I made a new repo solely for my experimentation here on github: ncursesplay

Also Tyler and my project, the manage script, located here on github: manage But we won!!!! Sort of…not much competition, but for my purposes we are now calling that script “Award Winner at CCC's 2016 Sustainability Fair” which is very cool and probably stuff you can throw on a resume, which reminds me I want to sharpen up a decent resume soon.

Tyler and I were talking about keeping our coding chops sharp this summer by working together on something over the summer. We've brainstormed a few ideas and I know Tyler wants to make a game and specifically use something like SDL and I know I want to make a game too and maybe even with ncurses. Also after playing with some of the telnet BBS's together I was thinkign I might try to set up a telnet bbs and see what Tyler and I can do with it on my web server< i already have some base Mystic BBS software set up now so someone could:

$ telnet spoonbomb.com

into my server but Im not sure if I have new user registration set up right and I don;t even know imost of the configuration settings so I;m going to have to look into it.

Another thing Tyler and I want to do over the summer is assuming that I get the prize money for winnign teh Sustainability Fair thing, then I know we both were gonna pick up some Raspberry Pi's adn Tyler mentioned an interest in learning some Python programming to go with it, I have some exposure to python from before I came back to CCC but I'm pretty stale with it so we both might venture down that path too over the summer. We'll see what ewe actually attempt to do if not all of it, but that's where our brainstorming for summer projects took us.

So Tyler and I made a repository to work on our summer coding at summerofcode2016 I also gave Tyler almost full access on my webserver so we could both collaborate and work on the telnet bbs on it.

I also successfully got us to share a regular tmux session which I had attempted to do earlier in the semester unsuccessfully but I think it was because I made the socket in my own personal home directory as in this case I put it someplace neutral like /tmp folder.

So to do this I created a new tmux session with in /tmp called par with:

tmux -S /tmp/pair

Which immediately puts me in the newly created tmux session which I have to extend the persmissions on for Tyler and I to share the session, so I run:

sudo chmod 777 /tmp/pair

Tyler also has to have a valid account on the machien which I made one called nullist as he wanted on my webserver for him. I also have the tendency to use a couple lines on my /etc/ssh/sshd_config that aren't there by default for security purposes:

PermitRootLogin no
AllowUsers robgraves

so I had to add Tyler to the whitelisted users like:

PermitRootLogin no
AllowUsers robgraves nullist

Then I had to restart the ssh daemon, which depending on which machine I did it on was either:

sudo service ssh restart

Or:

sudo /etc/init.d ssh restart

Then Tyler can now login remotely over ssh by using the command, being that I'm using a much higher port number than ssh's default 22 you have to specify it as such like:

ssh nullist@www.spoonbomb.com -p PORTNUMBER

The general form for ssh'ing into any machine with an unusual port number is:

ssh USERNAME@HOSTNAMEorIPADDRESS -p PORTNUMBER

After that Tyler was securely logged into my machine, all he needed to do then was attach to the previously created tmux socket that was put in a neutral location and opened up permissions with:

tmux -S /tmp/pair attach

Now we both had control over the same terminal and we coudl also chat over the terminal as is refelected by my bash history…probably not the best way to communicate, but its a great way to show someone how you are configuring something. I should just learn to use wemux.

Playing around with GDB

After taking Data Structures I wanted to learn more about gdb and I went out seeking books or websites that taught how to use gdb in more detail. One day I was at Barnes and Noble and whenever I do go ther, and I don't always buy from them, but I always browse and peruse the Computer Science like section, looking at programming books or Linux books or whatever. I was specifically looking for any book about GDB but never found one there, so i started looking at other books, Scrum for Dummies, Using Python to automate the boring stuff, etc. I came across a hackimg book, and I mean I have some hacking and pentesting books already and things like Nmap and Metasploit books, but this one I had never seen before so I starting flipping through it, it had sections on programming, and network, and cryptology and then I just sat down and started to read the intro and some of the beginning chapters, in the programming section, which is one of the first sections, it seemed to use gdb pretty heavily so I staryed lookign at ti and I was like, “Well I came in here lookign for a GDB book and didn't find one, but this first section in this Hacking book seems to use gdb almost exclusively so maybe I'll buy this and play with it.” So I did.

One fo the first things this book had me do was create a Hello World program with a loop in C as seen below:

#include <stdio.h>

int main()
{
    int i;
    for(i=0;i<10;i++)
    {
        printf("Hello, World!\n");
    }
}


Then we compile the code with debugging symbols:

gcc -g firstprog.c


which creates the executable a.out file which when run generates on the command line the output:

╭─robgraves@arrakis ~  
╰─➤  vim firstprog.c
╭─robgraves@arrakis ~  
╰─➤  gcc -g firstprog.c 
╭─robgraves@arrakis ~  
╰─➤  ./a.out 
Hello, World!
Hello, World!
Hello, World!
Hello, World!
Hello, World!
Hello, World!
Hello, World!
Hello, World!
Hello, World!
Hello, World!
╭─robgraves@arrakis ~  
╰─➤  


Then you can load up the program in gdb using the -q option to suppress all the startup messages from gdb:

gdb -q ./a.out


which should bring us to a gdb prompt that looks like:

(gdb)


Then we run:

(gdb)list


which shows us the code in our program and then run disassemble main:

disassemble main


which shows us the assembly for our code for this build. A note, currently my gdb is set to show disassembly in the intel form versus the at&t form whioch can be configured in .gdbinit in a ser's hoem directory as such:

#~/.gdbinit

set disassembly intel
#set disassembly att


which this is actually all that I have in my .gdbinit file.

The resulting output from the list commadn and disassemble main in gdb appears as:

(gdb) list
1	#include <stdio.h>
2	
3	int main()
4	{
5	    int i;
6	    for(i=0; i < 10; i++)
7	    {
8	        printf("Hello, World!\n");
9	    }
10	}
(gdb) disassemble main
Dump of assembler code for function main:
   0x000000000040052d <+0>:	push   rbp
   0x000000000040052e <+1>:	mov    rbp,rsp
   0x0000000000400531 <+4>:	sub    rsp,0x10
   0x0000000000400535 <+8>:	mov    DWORD PTR [rbp-0x4],0x0
   0x000000000040053c <+15>:	jmp    0x40054c <main+31>
   0x000000000040053e <+17>:	mov    edi,0x4005e4
   0x0000000000400543 <+22>:	call   0x400410 <puts@plt>
   0x0000000000400548 <+27>:	add    DWORD PTR [rbp-0x4],0x1
   0x000000000040054c <+31>:	cmp    DWORD PTR [rbp-0x4],0x9
   0x0000000000400550 <+35>:	jle    0x40053e <main+17>
   0x0000000000400552 <+37>:	leave  
   0x0000000000400553 <+38>:	ret    
End of assembler dump.
(gdb) 


Now we set a breakpoint at main by running:

break main


then we run the program with:

run


At this point the book tells me to run (gdb)info register eip , which ends up spitting an error stating invalid register “eip” At this point I had to do some investigating and got the answer actually from Joe Oppenheim who was talkign tome about the registers and said in the past there were a and b registers sometimes called ax or bx registers and then they had extended ax and extended bx registers which they called eax and ebx registers and the book is calling eip the instruction pointer register using that old convention of using e as a prefix for registers but Joe said later they dropped that convention in favor of using r to mean register which is much clearer, so anytime the book says eip its the instruction pointer register, but on all of my machiens that Ive tried this on, its been actually called the rip register.

So then I run from my machine with the discrepency solved:

(gdb)info register rip


Which works and gives me the info in the current instruction pointer register which looks like this:

(gdb) run
Starting program: /home/robgraves/a.out 

Breakpoint 1, main () at firstprog.c:6
6	    for(i=0; i < 10; i++)
(gdb) info register eip
Invalid register `eip'
(gdb) info register rip
rip            0x400535	0x400535 <main+8>
(gdb)

A shortcut for this command is “i r rip” for “info register rip” in addition we can examine the given address. We can use x and then /o for octal, x/x for examining it in hexidecimal, x/u for unsigned standard base 10 decimal, or x/t for it in binary. Also we can manually enter the address like x/o 0x400535 or we can just run it as $rip and we can do it for multiple units at once with x/2x or x/12x:

(gdb) info register rip
rip            0x400535	0x400535 <main+8>
(gdb) i r rip
rip            0x400535	0x400535 <main+8>
(gdb) x/o 0x400535
0x400535 <main+8>:	077042707
(gdb) x/o $rip
0x400535 <main+8>:	077042707
(gdb) x/x $rip
0x400535 <main+8>:	0x00fc45c7
(gdb) x/u $rip
0x400535 <main+8>:	16532935
(gdb) x/t $rip
0x400535 <main+8>:	00000000111111000100010111000111
(gdb) x/2x 
0x400539 <main+12>:	0xeb000000	0x05e4bf0e
(gdb) x/2x $rip
0x400535 <main+8>:	0x00fc45c7	0xeb000000
(gdb) x/12x $rip
0x400535 <main+8>:	0x00fc45c7	0xeb000000	0x05e4bf0e	0xc8e80040
0x400545 <main+24>:	0x83fffffe	0x8301fc45	0x7e09fc7d	0x66c3c9ec
0x400555:	0x841f0f2e	0x00000000	0x41906600	0xff894157
(gdb) 


We can also examine the info by b for a single byte, h for a halfword which is two bytes, or w for a word, or g for a giant which is 8 bytes:

(gdb) x/8xb $rip
0x400535 <main+8>:	0xc7	0x45	0xfc	0x00	0x00	0x00	0x00	0xeb
(gdb) x/8xh $rip
0x400535 <main+8>:	0x45c7	0x00fc	0x0000	0xeb00	0xbf0e	0x05e4	0x0040	0xc8e8
(gdb) x/8xw $rip
0x400535 <main+8>:	0x00fc45c7	0xeb000000	0x05e4bf0e	0xc8e80040
0x400545 <main+24>:	0x83fffffe	0x8301fc45	0x7e09fc7d	0x66c3c9ec
(gdb) 


You can also go on to examine the instructions at the register with x/i or multiples say with x/3i:

(gdb) x/i $rip
=> 0x400535 <main+8>:	mov    DWORD PTR [rbp-0x4],0x0
(gdb) x/3i $rip
=> 0x400535 <main+8>:	mov    DWORD PTR [rbp-0x4],0x0
   0x40053c <main+15>:	jmp    0x40054c <main+31>
   0x40053e <main+17>:	mov    edi,0x4005e4
(gdb) x/7xb $rip
0x400535 <main+8>:	0xc7	0x45	0xfc	0x00	0x00	0x00	0x00
(gdb) x/i $rip
=> 0x400535 <main+8>:	mov    DWORD PTR [rbp-0x4],0x0
(gdb) 


The book has me play around with some of the info at the registers a little more, most notibly is the nexti command which seems to move to the next instruction:

(gdb) x i rbp
A syntax error in expression, near `rbp'.
(gdb) i r rbp
rbp            0x7fffffffe5e0	0x7fffffffe5e0
(gdb) x/4xb $rbp - 4
0x7fffffffe5dc:	0x00	0x00	0x00	0x00
(gdb) x/4xb 0x7fffffffe5dc
0x7fffffffe5dc:	0x00	0x00	0x00	0x00
(gdb) print $rbp -4
$1 = (void *) 0x7fffffffe5dc
(gdb) x/4xb $1
0x7fffffffe5dc:	0x00	0x00	0x00	0x00
(gdb) x/xw $1
0x7fffffffe5dc:	0x00000000
(gdb) nexti
0x000000000040053c	6	    for(i=0; i < 10; i++)
(gdb) x/4xb $1
0x7fffffffe5dc:	0x00	0x00	0x00	0x00
(gdb) x/dw $1
0x7fffffffe5dc:	0
(gdb) i r rip
rip            0x40053c	0x40053c <main+15>
(gdb) x/i $rip
=> 0x40053c <main+15>:	jmp    0x40054c <main+31>
(gdb) x/10i $rip
=> 0x40053c <main+15>:	jmp    0x40054c <main+31>
   0x40053e <main+17>:	mov    edi,0x4005e4
   0x400543 <main+22>:	call   0x400410 <puts@plt>
   0x400548 <main+27>:	add    DWORD PTR [rbp-0x4],0x1
   0x40054c <main+31>:	cmp    DWORD PTR [rbp-0x4],0x9
   0x400550 <main+35>:	jle    0x40053e <main+17>
   0x400552 <main+37>:	leave  
   0x400553 <main+38>:	ret    
   0x400554:	nop    WORD PTR cs:[rax+rax*1+0x0]
   0x40055e:	xchg   ax,ax
(gdb) 

Then moving further along in the intructions:

(gdb) nexti
0x000000000040054c	6	    for(i=0; i < 10; i++)
(gdb) x/i $rip
=> 0x40054c <main+31>:	cmp    DWORD PTR [rbp-0x4],0x9
(gdb) nexti
0x0000000000400550	6	    for(i=0; i < 10; i++)
(gdb) x/i $rip
=> 0x400550 <main+35>:	jle    0x40053e <main+17>
(gdb) nexti
8	        printf("Hello, World!\n");
(gdb) i r rip
rip            0x40053e	0x40053e <main+17>
(gdb) x/2i $rip
=> 0x40053e <main+17>:	mov    edi,0x4005e4
   0x400543 <main+22>:	call   0x400410 <puts@plt>
(gdb) 


Then we look at the stack pointer at rsp register:

(gdb) i r rdi
rdi            0x1	1
(gdb) i r rsp
rsp            0x7fffffffe5d0	0x7fffffffe5d0
(gdb) x/2xw 0x4005e4
0x4005e4:	0x6c6c6548	0x57202c6f
(gdb) x/6xb 0x4005e4
0x4005e4:	0x48	0x65	0x6c	0x6c	0x6f	0x2c
(gdb) x/6ub 0x4005e4
0x4005e4:	72	101	108	108	111	44
(gdb) 


The above 6 units in hex or in decimal are the ASCII values for “Hello,” from our Hello Wolrd printf statement. You can then go on to examine the characters at that address and the string like as follows:

(gdb) x/6cb 0x4005e4
0x4005e4:	72 'H'	101 'e'	108 'l'	108 'l'	111 'o'	44 ','
(gdb) x/s 0x4005e4
0x4005e4:	"Hello, World!"
(gdb) 


And we continue on:

(gdb) x/2i $rip
=> 0x40053e <main+17>:	mov    edi,0x4005e4
   0x400543 <main+22>:	call   0x400410 <puts@plt>
(gdb) x/xw $rip
0x40053e <main+17>:	0x4005e4bf
(gdb) nexti
0x0000000000400543	8	        printf("Hello, World!\n");
(gdb) x/xw $esp
0xffffffffffffe5d0:	Cannot access memory at address 0xffffffffffffe5d0
(gdb) x/xw $rsp
0x7fffffffe5d0:	0xffffe6c0
(gdb) x/i rip
No symbol "rip" in current context.
(gdb) x/i $rip
=> 0x400543 <main+22>:	call   0x400410 <puts@plt>
(gdb) nexti
Hello, World!
6	    for(i=0; i < 10; i++)
(gdb) x/2i $rip
=> 0x400548 <main+27>:	add    DWORD PTR [rbp-0x4],0x1
   0x40054c <main+31>:	cmp    DWORD PTR [rbp-0x4],0x9
(gdb) 


I'm gonna pretty much end here as this is where I'm starting to trail off, but I found doing this to be interesting and want to keep digging down this rabbit hole.

(gdb) nexti
0x0000000000400543	8	        printf("Hello, World!\n");
(gdb) x/xw $esp
0xffffffffffffe5d0:	Cannot access memory at address 0xffffffffffffe5d0
(gdb) x/xw $rsp
0x7fffffffe5d0:	0xffffe6c0
(gdb) x/i rip
No symbol "rip" in current context.
(gdb) x/i $rip
=> 0x400543 <main+22>:	call   0x400410 <puts@plt>
(gdb) nexti
Hello, World!
6	    for(i=0; i < 10; i++)
(gdb) x/2i $rip
=> 0x400548 <main+27>:	add    DWORD PTR [rbp-0x4],0x1
   0x40054c <main+31>:	cmp    DWORD PTR [rbp-0x4],0x9
(gdb) x/i $rip
=> 0x400548 <main+27>:	add    DWORD PTR [rbp-0x4],0x1
(gdb) x/dw $eax
0xe:	Cannot access memory at address 0xe
(gdb) x/dw $rax
0xe:	Cannot access memory at address 0xe
(gdb) x/dw $rbp
0x7fffffffe5e0:	0
(gdb) nexti
0x000000000040054c	6	    for(i=0; i < 10; i++)
(gdb) x/dw $rbp
0x7fffffffe5e0:	0
(gdb) x/dw $eax
0xe:	Cannot access memory at address 0xe
(gdb) x/i $rip
=> 0x40054c <main+31>:	cmp    DWORD PTR [rbp-0x4],0x9
(gdb) nexti
0x0000000000400550	6	    for(i=0; i < 10; i++)
(gdb) x/dw $eax
0xe:	Cannot access memory at address 0xe
(gdb) x/i $rip
=> 0x400550 <main+35>:	jle    0x40053e <main+17>
(gdb) disass main
Dump of assembler code for function main:
   0x000000000040052d <+0>:	push   rbp
   0x000000000040052e <+1>:	mov    rbp,rsp
   0x0000000000400531 <+4>:	sub    rsp,0x10
   0x0000000000400535 <+8>:	mov    DWORD PTR [rbp-0x4],0x0
   0x000000000040053c <+15>:	jmp    0x40054c <main+31>
   0x000000000040053e <+17>:	mov    edi,0x4005e4
   0x0000000000400543 <+22>:	call   0x400410 <puts@plt>
   0x0000000000400548 <+27>:	add    DWORD PTR [rbp-0x4],0x1
   0x000000000040054c <+31>:	cmp    DWORD PTR [rbp-0x4],0x9
=> 0x0000000000400550 <+35>:	jle    0x40053e <main+17>
   0x0000000000400552 <+37>:	leave  
   0x0000000000400553 <+38>:	ret    
End of assembler dump.
(gdb) list
1	#include <stdio.h>
2	
3	int main()
4	{
5	    int i;
6	    for(i=0; i < 10; i++)
7	    {
8	        printf("Hello, World!\n");
9	    }
10	}
(gdb) 

Maybe over the summer I'll more time to delve into this hacking book abit more and see what else I can experiment with.

Some Old Stuff - Something something dark side.

The real wiki will go above all the video jazz.

Testing my youtube videos here, I go by “robgraves” for everything online from my youtube channel located at: https://www.youtube.com/user/TheRobGraves

Link back to working resume since I can't find another location for it: Matthew J. Page