Saturday, April 28, 2007

here's another quick one.. I posted my blog update, for the first time since I had to get a new shell account, and move all my content, and I found that my blog hadn't updated.

It turns out I used to have an index.html symlink to the real html file that blogger updates, but in the process of downloading and uploading all my content, that symlink got turned into a normal file.

I then had to work out how to create a symlink with cpanel, the software I have to use on my hosting now, because it doesn't provide shell access (very annoying).

Anyway, in the end, I found that I had to create a cron job to create the symlink, and then just delete it.

I found details of it here:


Create symlink without SSH

A trick I used on a site with cpanel is to create the symlink using the cron function (its clunky, but it works).

In cpanel, you go to the cron jobs page and schedule your command to run pretty much right away. For example if your main site is www.site.com and you want a second site www.site.com/foo then the symlink can be created using something like:

ln -s /full_path_to_html_dir/ /full_path_to_html_dir/foo

PS: Don't forget to remove your cron entry after it has run, or it will keep doing it!

This is a fairly quick one.. I decided to scan around for any open wireless, using Kismet. I found an AP with a hidden essid. Locking onto the channel for a little while resulted in finding the essid.

I configured the wireless interface to hook on to it, forced the channel manually, and bang, I was on. They even had dhcp running, too easy.

I wanted to see what AP I was connected to, so I went to the IP of the gateway, and was presented with a login to a Netgear DG834G. I tried logging in as admin/password, and was allowed in.

There's no fun here, it's just too easy.

I then wondered if it was possible to extract the guy's adsl password, just out of interest. I found this blog, which contained details.

All I had to do was click on this, and then wait a few seconds, and click on this, and I had a file containing the guy's login and password.

I then worked out what the first link was doing, saw "grep ppoa_ /tmp/nvram", and wondered if it was possible to do "cat /tmp/nvram", and drop the whole nvram file out.. yep. Not much more in there is useful though.

There's not even MAC filtering on this AP, I was at least thinking I'd have to clone a MAC address before I could connect, it was all just too easy. 1.5Mbit ADSL connection too.