Table of Contents
Matthew Page's Wiki ~~TOC~~
Installing and Setting up a Samba Server
There are several steps one must take in order to effectively set up and configure a fully functioning Samba Server.
1) The first step is going to be getting the physical machine and hard ware to use for the sambas server. This doesn't need anything particularly fancy and in many case many old machines that are “outdated” by some standards are perfectly fine or even over powered for being designated as a server machine. Although one caveat of a file server is that it will need the requisite hard drive space for whatever scale of file server that one would need. Once these hardware components are built then one can begin with the next phase.
2) For the second step one needs to format and partition the hard drives(s) on the desired machine in preparation for installation an operating system< I'm thinking Debian Linux, but any Linux distribution is capable of performing such tasks. First you have to determine the architecture of the system you are installing it on whether it be 32 bit or 64 bit and ideally you would want a headless system so you can pick any of the images that are suitable for your architecture and preferably minimal or server edition from a mirror in or near your country here: https://www.debian.org/CD/http-ftp/
Once you have the iso file downloaded you, for simplicity sake I'm going to call it debian.iso when in reality it might be something more like debian-8.4.0-amd64.iso or something to that effect. On a Windows machine you would need to have some kind of software to write an image to a disc like a CD or DVD, or software to write the image to a USB drive as an installer flash drive. I have seen many beginners mistakenly think that merely copying the iso file directly onto a USB or CD and then it doesn't work, the contents of the iso should be visible once completed effectively. For windows user they can download Rufus here: https://rufus.akeo.ie/ Linux and Mac users can just use the commandline to accomplish this because we're cool like that. First after inserting a USB that you want to make a bootable installer for Debian, you have to determien teh drive location of this USb drive. I personally use:
sudo fdisk -l
to locate the USB drive as I normally don't have anything extraneous left plugged into my machines. /dev/sda is almost always the main hard disk drive, but when using this dd command one definitely wants to be sure otherwise you can wipe your very system drive out. So if I was to assume that the results of the fdisk -l command resulting in a number of /dev/sda partitions on the main system: /dev/sda1, /dev/sda2,/dev/sda3 adn then another drive: /dev/sdb1 as out USB drive. You can write to the specific partition but I almost exclusively wrute to the device as a whoel adn use a blocksize of 4 megabytes and run sync afterwards with my whole comamnd also including the path to the iso file included in if (input file) segment:
sudo dd bs=4M if=/path/to/file/debian.iso of=/dev/sdb && sync
If this is successful you should have a bootable USB drive. Now on the machine you are attempting to install Debian onto you need to make sure the BIOS settings are set for booting from a flash drive to be allowed and also that it is ahead of the internal hard drive in the boot order.
Then simply rebooting and following the guided installation as most Linux distributions typically have, you can finish up the basic vanilla installation and set a root password and install the bootloader to /dev/sda on the new samba server machine.
3) Now that the new machine should have a bootable functioning bare bones Debian Linux system on it, we need to install the samba server software and maybe the samba client software. On Debian we will install it with apt, for other distributions you would install it with the package manager for that Linux distro:
sudo apt-get install samba smbclient
That is pretty much it for basic installation of Samba File Server services onto this system all that remains is to configure the samba server to your desires and needs for the file server.
4) Configure samba. Do it!!!! Do it, Dan Shadeck! Ok, nevermind, the samba configuration file is located typically at /etc/samba/smb.conf.
[global] workgroup = SIMPLE [test] comment = For testing only, please path = /export/samba/test read only = no guest ok = yes
Some additional documentation about the Samba configuration:
https://www.samba.org/samba/docs/using_samba/ch06.html
And for no apparent reason, this one man band guy playing “No Woman, No Cry”:
Summer of code 2016 plans and shared tmux sessions
After seeing this semester's systems programming playing with some ncurses I was pretty jealous so I decided that over the summer I'm going to start playing with ncurses and learnign and experimentign with it. I made a new repo solely for my experimentation here on github: ncursesplay
Also Tyler and my project, the manage script, located here on github: manage But we won!!!! Sort of…not much competition, but for my purposes we are now calling that script “Award Winner at CCC's 2016 Sustainability Fair” which is very cool and probably stuff you can throw on a resume, which reminds me I want to sharpen up a decent resume soon.
Tyler and I were talking about keeping our coding chops sharp this summer by working together on something over the summer. We've brainstormed a few ideas and I know Tyler wants to make a game and specifically use something like SDL and I know I want to make a game too and maybe even with ncurses. Also after playing with some of the telnet BBS's together I was thinkign I might try to set up a telnet bbs and see what Tyler and I can do with it on my web server< i already have some base Mystic BBS software set up now so someone could:
$ telnet spoonbomb.com
into my server but Im not sure if I have new user registration set up right and I don;t even know imost of the configuration settings so I;m going to have to look into it.
Another thing Tyler and I want to do over the summer is assuming that I get the prize money for winnign teh Sustainability Fair thing, then I know we both were gonna pick up some Raspberry Pi's adn Tyler mentioned an interest in learning some Python programming to go with it, I have some exposure to python from before I came back to CCC but I'm pretty stale with it so we both might venture down that path too over the summer. We'll see what ewe actually attempt to do if not all of it, but that's where our brainstorming for summer projects took us.
So Tyler and I made a repository to work on our summer coding at summerofcode2016 I also gave Tyler almost full access on my webserver so we could both collaborate and work on the telnet bbs on it.
I also successfully got us to share a regular tmux session which I had attempted to do earlier in the semester unsuccessfully but I think it was because I made the socket in my own personal home directory as in this case I put it someplace neutral like /tmp folder.
So to do this I created a new tmux session with in /tmp called par with:
tmux -S /tmp/pair
Which immediately puts me in the newly created tmux session which I have to extend the persmissions on for Tyler and I to share the session, so I run:
sudo chmod 777 /tmp/pair
Tyler also has to have a valid account on the machien which I made one called nullist as he wanted on my webserver for him. I also have the tendency to use a couple lines on my /etc/ssh/sshd_config that aren't there by default for security purposes:
PermitRootLogin no AllowUsers robgraves
so I had to add Tyler to the whitelisted users like:
PermitRootLogin no AllowUsers robgraves nullist
Then I had to restart the ssh daemon, which depending on which machine I did it on was either:
sudo service ssh restart
Or:
sudo /etc/init.d ssh restart
Then Tyler can now login remotely over ssh by using the command, being that I'm using a much higher port number than ssh's default 22 you have to specify it as such like:
ssh nullist@www.spoonbomb.com -p PORTNUMBER
The general form for ssh'ing into any machine with an unusual port number is:
ssh USERNAME@HOSTNAMEorIPADDRESS -p PORTNUMBER
After that Tyler was securely logged into my machine, all he needed to do then was attach to the previously created tmux socket that was put in a neutral location and opened up permissions with:
tmux -S /tmp/pair attach
Now we both had control over the same terminal and we coudl also chat over the terminal as is refelected by my bash history…probably not the best way to communicate, but its a great way to show someone how you are configuring something. I should just learn to use wemux.
Playing around with GDB
After taking Data Structures I wanted to learn more about gdb and I went out seeking books or websites that taught how to use gdb in more detail. One day I was at Barnes and Noble and whenever I do go ther, and I don't always buy from them, but I always browse and peruse the Computer Science like section, looking at programming books or Linux books or whatever. I was specifically looking for any book about GDB but never found one there, so i started looking at other books, Scrum for Dummies, Using Python to automate the boring stuff, etc. I came across a hackimg book, and I mean I have some hacking and pentesting books already and things like Nmap and Metasploit books, but this one I had never seen before so I starting flipping through it, it had sections on programming, and network, and cryptology and then I just sat down and started to read the intro and some of the beginning chapters, in the programming section, which is one of the first sections, it seemed to use gdb pretty heavily so I staryed lookign at ti and I was like, “Well I came in here lookign for a GDB book and didn't find one, but this first section in this Hacking book seems to use gdb almost exclusively so maybe I'll buy this and play with it.” So I did.
One fo the first things this book had me do was create a Hello World program with a loop in C as seen below:
#include <stdio.h>
int main()
{
int i;
for(i=0;i<10;i++)
{
printf("Hello, World!\n");
}
}
Then we compile the code with debugging symbols:
gcc -g firstprog.c
which creates the executable a.out file which when run generates on the command line the output:
╭─robgraves@arrakis ~ ╰─➤ vim firstprog.c ╭─robgraves@arrakis ~ ╰─➤ gcc -g firstprog.c ╭─robgraves@arrakis ~ ╰─➤ ./a.out Hello, World! Hello, World! Hello, World! Hello, World! Hello, World! Hello, World! Hello, World! Hello, World! Hello, World! Hello, World! ╭─robgraves@arrakis ~ ╰─➤
Then you can load up the program in gdb using the -q option to suppress all the startup messages from gdb:
gdb -q ./a.out
which should bring us to a gdb prompt that looks like:
(gdb)
Then we run:
(gdb)list
which shows us the code in our program and then run disassemble main:
disassemble main
which shows us the assembly for our code for this build. A note, currently my gdb is set to show disassembly in the intel form versus the at&t form whioch can be configured in .gdbinit in a ser's hoem directory as such:
#~/.gdbinit set disassembly intel #set disassembly att
which this is actually all that I have in my .gdbinit file.
The resulting output from the list commadn and disassemble main in gdb appears as:
(gdb) list
1 #include <stdio.h>
2
3 int main()
4 {
5 int i;
6 for(i=0; i < 10; i++)
7 {
8 printf("Hello, World!\n");
9 }
10 }
(gdb) disassemble main
Dump of assembler code for function main:
0x000000000040052d <+0>: push rbp
0x000000000040052e <+1>: mov rbp,rsp
0x0000000000400531 <+4>: sub rsp,0x10
0x0000000000400535 <+8>: mov DWORD PTR [rbp-0x4],0x0
0x000000000040053c <+15>: jmp 0x40054c <main+31>
0x000000000040053e <+17>: mov edi,0x4005e4
0x0000000000400543 <+22>: call 0x400410 <puts@plt>
0x0000000000400548 <+27>: add DWORD PTR [rbp-0x4],0x1
0x000000000040054c <+31>: cmp DWORD PTR [rbp-0x4],0x9
0x0000000000400550 <+35>: jle 0x40053e <main+17>
0x0000000000400552 <+37>: leave
0x0000000000400553 <+38>: ret
End of assembler dump.
(gdb)
Now we set a breakpoint at main by running:
break main
then we run the program with:
run
At this point the book tells me to run (gdb)info register eip , which ends up spitting an error stating invalid register “eip” At this point I had to do some investigating and got the answer actually from Joe Oppenheim who was talkign tome about the registers and said in the past there were a and b registers sometimes called ax or bx registers and then they had extended ax and extended bx registers which they called eax and ebx registers and the book is calling eip the instruction pointer register using that old convention of using e as a prefix for registers but Joe said later they dropped that convention in favor of using r to mean register which is much clearer, so anytime the book says eip its the instruction pointer register, but on all of my machiens that Ive tried this on, its been actually called the rip register.
So then I run from my machine with the discrepency solved:
(gdb)info register rip
Which works and gives me the info in the current instruction pointer register which looks like this:
(gdb) run Starting program: /home/robgraves/a.out Breakpoint 1, main () at firstprog.c:6 6 for(i=0; i < 10; i++) (gdb) info register eip Invalid register `eip' (gdb) info register rip rip 0x400535 0x400535 <main+8> (gdb)
A shortcut for this command is “i r rip” for “info register rip” in addition we can examine the given address. We can use x and then /o for octal, x/x for examining it in hexidecimal, x/u for unsigned standard base 10 decimal, or x/t for it in binary. Also we can manually enter the address like x/o 0x400535 or we can just run it as $rip and we can do it for multiple units at once with x/2x or x/12x:
(gdb) info register rip rip 0x400535 0x400535 <main+8> (gdb) i r rip rip 0x400535 0x400535 <main+8> (gdb) x/o 0x400535 0x400535 <main+8>: 077042707 (gdb) x/o $rip 0x400535 <main+8>: 077042707 (gdb) x/x $rip 0x400535 <main+8>: 0x00fc45c7 (gdb) x/u $rip 0x400535 <main+8>: 16532935 (gdb) x/t $rip 0x400535 <main+8>: 00000000111111000100010111000111 (gdb) x/2x 0x400539 <main+12>: 0xeb000000 0x05e4bf0e (gdb) x/2x $rip 0x400535 <main+8>: 0x00fc45c7 0xeb000000 (gdb) x/12x $rip 0x400535 <main+8>: 0x00fc45c7 0xeb000000 0x05e4bf0e 0xc8e80040 0x400545 <main+24>: 0x83fffffe 0x8301fc45 0x7e09fc7d 0x66c3c9ec 0x400555: 0x841f0f2e 0x00000000 0x41906600 0xff894157 (gdb)
We can also examine the info by b for a single byte, h for a halfword which is two bytes, or w for a word, or g for a giant which is 8 bytes:
(gdb) x/8xb $rip 0x400535 <main+8>: 0xc7 0x45 0xfc 0x00 0x00 0x00 0x00 0xeb (gdb) x/8xh $rip 0x400535 <main+8>: 0x45c7 0x00fc 0x0000 0xeb00 0xbf0e 0x05e4 0x0040 0xc8e8 (gdb) x/8xw $rip 0x400535 <main+8>: 0x00fc45c7 0xeb000000 0x05e4bf0e 0xc8e80040 0x400545 <main+24>: 0x83fffffe 0x8301fc45 0x7e09fc7d 0x66c3c9ec (gdb)
You can also go on to examine the instructions at the register with x/i or multiples say with x/3i:
(gdb) x/i $rip => 0x400535 <main+8>: mov DWORD PTR [rbp-0x4],0x0 (gdb) x/3i $rip => 0x400535 <main+8>: mov DWORD PTR [rbp-0x4],0x0 0x40053c <main+15>: jmp 0x40054c <main+31> 0x40053e <main+17>: mov edi,0x4005e4 (gdb) x/7xb $rip 0x400535 <main+8>: 0xc7 0x45 0xfc 0x00 0x00 0x00 0x00 (gdb) x/i $rip => 0x400535 <main+8>: mov DWORD PTR [rbp-0x4],0x0 (gdb)
The book has me play around with some of the info at the registers a little more, most notibly is the nexti command which seems to move to the next instruction:
(gdb) x i rbp A syntax error in expression, near `rbp'. (gdb) i r rbp rbp 0x7fffffffe5e0 0x7fffffffe5e0 (gdb) x/4xb $rbp - 4 0x7fffffffe5dc: 0x00 0x00 0x00 0x00 (gdb) x/4xb 0x7fffffffe5dc 0x7fffffffe5dc: 0x00 0x00 0x00 0x00 (gdb) print $rbp -4 $1 = (void *) 0x7fffffffe5dc (gdb) x/4xb $1 0x7fffffffe5dc: 0x00 0x00 0x00 0x00 (gdb) x/xw $1 0x7fffffffe5dc: 0x00000000 (gdb) nexti 0x000000000040053c 6 for(i=0; i < 10; i++) (gdb) x/4xb $1 0x7fffffffe5dc: 0x00 0x00 0x00 0x00 (gdb) x/dw $1 0x7fffffffe5dc: 0 (gdb) i r rip rip 0x40053c 0x40053c <main+15> (gdb) x/i $rip => 0x40053c <main+15>: jmp 0x40054c <main+31> (gdb) x/10i $rip => 0x40053c <main+15>: jmp 0x40054c <main+31> 0x40053e <main+17>: mov edi,0x4005e4 0x400543 <main+22>: call 0x400410 <puts@plt> 0x400548 <main+27>: add DWORD PTR [rbp-0x4],0x1 0x40054c <main+31>: cmp DWORD PTR [rbp-0x4],0x9 0x400550 <main+35>: jle 0x40053e <main+17> 0x400552 <main+37>: leave 0x400553 <main+38>: ret 0x400554: nop WORD PTR cs:[rax+rax*1+0x0] 0x40055e: xchg ax,ax (gdb)
Then moving further along in the intructions:
(gdb) nexti 0x000000000040054c 6 for(i=0; i < 10; i++) (gdb) x/i $rip => 0x40054c <main+31>: cmp DWORD PTR [rbp-0x4],0x9 (gdb) nexti 0x0000000000400550 6 for(i=0; i < 10; i++) (gdb) x/i $rip => 0x400550 <main+35>: jle 0x40053e <main+17> (gdb) nexti 8 printf("Hello, World!\n"); (gdb) i r rip rip 0x40053e 0x40053e <main+17> (gdb) x/2i $rip => 0x40053e <main+17>: mov edi,0x4005e4 0x400543 <main+22>: call 0x400410 <puts@plt> (gdb)
Then we look at the stack pointer at rsp register:
(gdb) i r rdi rdi 0x1 1 (gdb) i r rsp rsp 0x7fffffffe5d0 0x7fffffffe5d0 (gdb) x/2xw 0x4005e4 0x4005e4: 0x6c6c6548 0x57202c6f (gdb) x/6xb 0x4005e4 0x4005e4: 0x48 0x65 0x6c 0x6c 0x6f 0x2c (gdb) x/6ub 0x4005e4 0x4005e4: 72 101 108 108 111 44 (gdb)
The above 6 units in hex or in decimal are the ASCII values for “Hello,” from our Hello Wolrd printf statement. You can then go on to examine the characters at that address and the string like as follows:
(gdb) x/6cb 0x4005e4 0x4005e4: 72 'H' 101 'e' 108 'l' 108 'l' 111 'o' 44 ',' (gdb) x/s 0x4005e4 0x4005e4: "Hello, World!" (gdb)
And we continue on:
(gdb) x/2i $rip => 0x40053e <main+17>: mov edi,0x4005e4 0x400543 <main+22>: call 0x400410 <puts@plt> (gdb) x/xw $rip 0x40053e <main+17>: 0x4005e4bf (gdb) nexti 0x0000000000400543 8 printf("Hello, World!\n"); (gdb) x/xw $esp 0xffffffffffffe5d0: Cannot access memory at address 0xffffffffffffe5d0 (gdb) x/xw $rsp 0x7fffffffe5d0: 0xffffe6c0 (gdb) x/i rip No symbol "rip" in current context. (gdb) x/i $rip => 0x400543 <main+22>: call 0x400410 <puts@plt> (gdb) nexti Hello, World! 6 for(i=0; i < 10; i++) (gdb) x/2i $rip => 0x400548 <main+27>: add DWORD PTR [rbp-0x4],0x1 0x40054c <main+31>: cmp DWORD PTR [rbp-0x4],0x9 (gdb)
I'm gonna pretty much end here as this is where I'm starting to trail off, but I found doing this to be interesting and want to keep digging down this rabbit hole.
(gdb) nexti 0x0000000000400543 8 printf("Hello, World!\n"); (gdb) x/xw $esp 0xffffffffffffe5d0: Cannot access memory at address 0xffffffffffffe5d0 (gdb) x/xw $rsp 0x7fffffffe5d0: 0xffffe6c0 (gdb) x/i rip No symbol "rip" in current context. (gdb) x/i $rip => 0x400543 <main+22>: call 0x400410 <puts@plt> (gdb) nexti Hello, World! 6 for(i=0; i < 10; i++) (gdb) x/2i $rip => 0x400548 <main+27>: add DWORD PTR [rbp-0x4],0x1 0x40054c <main+31>: cmp DWORD PTR [rbp-0x4],0x9 (gdb) x/i $rip => 0x400548 <main+27>: add DWORD PTR [rbp-0x4],0x1 (gdb) x/dw $eax 0xe: Cannot access memory at address 0xe (gdb) x/dw $rax 0xe: Cannot access memory at address 0xe (gdb) x/dw $rbp 0x7fffffffe5e0: 0 (gdb) nexti 0x000000000040054c 6 for(i=0; i < 10; i++) (gdb) x/dw $rbp 0x7fffffffe5e0: 0 (gdb) x/dw $eax 0xe: Cannot access memory at address 0xe (gdb) x/i $rip => 0x40054c <main+31>: cmp DWORD PTR [rbp-0x4],0x9 (gdb) nexti 0x0000000000400550 6 for(i=0; i < 10; i++) (gdb) x/dw $eax 0xe: Cannot access memory at address 0xe (gdb) x/i $rip => 0x400550 <main+35>: jle 0x40053e <main+17> (gdb) disass main Dump of assembler code for function main: 0x000000000040052d <+0>: push rbp 0x000000000040052e <+1>: mov rbp,rsp 0x0000000000400531 <+4>: sub rsp,0x10 0x0000000000400535 <+8>: mov DWORD PTR [rbp-0x4],0x0 0x000000000040053c <+15>: jmp 0x40054c <main+31> 0x000000000040053e <+17>: mov edi,0x4005e4 0x0000000000400543 <+22>: call 0x400410 <puts@plt> 0x0000000000400548 <+27>: add DWORD PTR [rbp-0x4],0x1 0x000000000040054c <+31>: cmp DWORD PTR [rbp-0x4],0x9 => 0x0000000000400550 <+35>: jle 0x40053e <main+17> 0x0000000000400552 <+37>: leave 0x0000000000400553 <+38>: ret End of assembler dump. (gdb) list 1 #include <stdio.h> 2 3 int main() 4 { 5 int i; 6 for(i=0; i < 10; i++) 7 { 8 printf("Hello, World!\n"); 9 } 10 } (gdb)
Maybe over the summer I'll more time to delve into this hacking book abit more and see what else I can experiment with.
Some Old Stuff - Something something dark side.
The real wiki will go above all the video jazz.
Testing my youtube videos here, I go by “robgraves” for everything online from my youtube channel located at: https://www.youtube.com/user/TheRobGraves
Link back to working resume since I can't find another location for it: Matthew J. Page