May Meeting Roundup

First off, thanks again to the Meetupery for hosting us this month.

We had a couple new faces — I hope they learned something! We started off with intros and learned about what everyone is working on. Ryan was working on a car-puter which peaked my interest quite a bit. Hopefully soon he’ll have something to show off and give a demo on! Doppler radar, say what!?

Darkwind kicked off the demos with some video footage he captured with his hacked together drone. Very cool and extremely cost effective. He captured some amazing footage of deer in his backyard. TIL that deer are memorized by a quadcopter flying 10 feet away from them. Klaiviel immediately was thinking how great it would be for hunting. I’d have to agree, although, It seems like not much of a challenge when you have an aerial view.

DW5304 gave us an old school ARP poisoning demo and explored more mass-SNMP scanning results of some home brew tools that basicdays, Vaerulf, and himself created. Impressive software leveraging zmap to quickly scan the entire internet for insecure SNMP daemons. 1.5 million of them if I remember correctly.

I recapped heartbleed for everyone and described how I was able to obtain RSA private keys using the exploit.

And finally Mike had a chemistry experiment with him to explore the relationship of pressure and boiling points of liquid. I was fascinated by this as I have never seen it done before. The discussions surrounding it was fantastic thanks in part to Steve. We got into all sorts of topics including vacuums and blackholes. Thanks again to Mike for expanding the areas of expertise.

Much of the time was spent in smaller groups discussing everything under the sun. I could feel the information flowing. Very cool stuff! Hope to see more new faces next month.

Congrats to Larry, Basicdays, and DW5304 for winning this month’s free junk giveaway!

Uh Oh! TLS/SSL Heartbeat Vulnerability Time

TLS heartbeat read overrun (CVE-2014-0160)

Test using our online tool to see if your server is affected
https://new.dc414.org/projects/ssl-heartbleed-cve-2014-0160-test/

A missing bounds check in the handling of the TLS heartbeat extension can be
used to reveal up to 64k of memory to a connected client or server.

Only 1.0.1 and 1.0.2-beta releases of OpenSSL are affected including
1.0.1f and 1.0.2-beta1.

Thanks for Neel Mehta of Google Security for discovering this bug and to
Adam Langley and Bodo Moeller for
preparing the fix.

Affected users should upgrade to OpenSSL 1.0.1g. Users unable to immediately
upgrade can alternatively recompile OpenSSL with -DOPENSSL_NO_HEARTBEATS.

1.0.2 will be fixed in 1.0.2-beta2.

April meeting — salted butter or not?

April brought another great meeting!  Thanks again for the Milwaukee Makerspace for hosting us.  Klaiviel taught us quite a few things about locks, he had his collection out for display.  IMG_20140404_204820

We then toured the facility again, always a great time to explore the Makerspace!  We were able to see this crazy subwoofer in action!  IMG_20140404_234902

It’s a booth you sit inside and /FEEL THE G’s/   Here’s Vlad inside:

IMG_20140404_233141

 

We had to tone it down after threats of the police being called for noise were voiced.  🙂

After that, we went back and saw a cool piece of machinery that Mike put together, cooling a computer and GPU with a dehumidifier!

IMG_20140404_224432

 

We then spent the better part of the evening debating the merits of salted butter, vs unsalted butter.  Seems Faraday really has a strong opinion about it!  here’s this… equation that lays it all out for us:

IMG_20140405_002508

 

All in all, another great meeting.  See you next month at the Meetupery!

-darkwind

Having fun with my Ham

I recently got a radio that I have been playing around with but there isn’t much for traffic in my area and while I can receive a few repeaters I can not transmit to them so I quickly got board and started looking for other things I can do with it.

Thats when I remembered some 2 way radios my brother got me a while back for hunting and such. I knew it had 3 channels but I had no idea what frequency they used or if it fell in the range of my new toy. Not knowing much about the 2 ways I did find a FCC ID on the back of each hand held.

After doing a quick search on the FCC ID I was delighted to see the 2 way radios operated in my toys range 🙂 So I punched the frequency in my ham radio as fast as I could, turned on the 2 way and started transmitting on my ham. I was over joyed to here my sexy voice loud and clear on the 2 way 😀

Now this is nothing new. Its not even hacking, but it sure feels like it. It was fun going from not knowing anything about it to making it work. So that was my first little adventure with radio, I hope you enjoyed it as much as I did.

Barcamp MKE 8

FOR IMMEDIATE RELEASE
BarCampMilwaukee 8
Milwaukee, WI

For the eighth consecutive year, BarCampMilwaukee is returning to Bucketworks the first weekend in October. Bucketworks will host the event at its current Grand Avenue location. Doors open at 9:00 AM, Saturday October 5th.

A BarCamp is a wholly unique event that provides a free, open-environment forum where the participants are in charge of what happens. It is an interactive conversation where professionals and curious alike come to learn, teach, and imagine. This revolutionary “unconference” allows participants to float from one session to another, and encourages the development of interesting ideas and spontaneous discussion. Since the first BarCamp in the US eight years ago, hundreds of BarCamps have been organized throughout the world.

Throughout BarCampMilwaukee’s eight year run, participants have been involved in a wide array of session topics ranging from:
Software Development: Ruby on Rails, Drupal, and JavaScript.
Technologies: 3d printing/scanning, video editing, robots, and solutions for non-profits.
Solutions for small businesses and non-profits.
All the way to things like Zombie Defense Preparation, lockpicking, sushi making, and many other topics for makers, DIYers, artists and other creatives.
Register for BarCampMilwaukee 8 at barcampmilwaukee.org

Bucketworks is a “health club for the brain.” A co-working, meetup, and practice space for creative professionals offering memberships and space rentals for the community. Bucketworks is a program of The School Factory, a 501(c)(3) nonprofit organization that builds value-creating communities and spaces to transform education, economy, and talent.

When: Doors open Saturday, October 5th at 9:00 AM and close at 9:00 PM
Where: Bucketworks -161 West Wisconsin Avenue, Milwaukee, WI 53203

PRESS CONTACT:
Tim Syth (grow@bucketworks.org)
Director, Bucketworks (414.301.1414)

Info for next meeting.

Because we are still looking for a new home our next meeting will be at The Meetupery:

N69W25055 Indiangrass Lane
Suite G
Sussex, WI 53089

Consider this a little test drive of a new space just opening up. Donations are encouraged. Cash and/or a non-perishable food items.

Can’t make it in person? Add dc414 to one of your circles in Google+
and join our Hangout!

bucketworks PA project

Earlier last week I ended up making a new pa system for Bucketworks. Now what most people will not realize is everything at Bucketworks is hacked to gather and this is no different. I was asked to make a low power radio system for notifying people within Bucketworks for people at the door and other uses, seeing we would need to file for an fcc licence i decided to go another route and the Bucketworks pa project was born.

during our wondering around at Bucketworks we (paul,eli,and I) have come across manly things one of them things was an old pa speaker and I got to thinking does it still work? I ended up wiring one up to an amp, we found in the basement along with a old audio mixer seen below after finding out we had a bad 1/4″ cable.

and low and behold it worked.
https://www.youtube.com/embed/Lehy4tTpVCg

The next step was to figure out where all the rest of the speakers were located and where to run the wires back to the server room where we were going to store the audio equipment. we ended up finding a total of 5 speakers wired them in and played some Pandora over the new pa system. I had to modify a cable to go from the “server” to the audio board.

I then set to making the Bucketworks pa bot. This bot is a windows client that logs in into an irc channel and organically just sent text to a text to speech function over the sound board. I expanded it to authenticate, noaa weather warnings, play music, tell the time and a few other functions.

After showing it to a few guys we ended up hearing this and we all started laughing.

and the Bucketworks pa project was complete.
If there is any interest i will upload the code if it is wanted.

Some awesome useful irssi scripts.

If you dont already know to use scripts you have to put any scripts in:

/home/< your_user >/.irssi/scripts/

And to load it into irssi use:

/script load < script_name.pl >

adv_windowlist.pl – If you have lots of windows open in irssi like me this script will make your life much easier. It adds a permanent advanced window list in a statusbar by default. You can configure it to put it on a sidebar if you like.

trackbar.pl – This little script will do just one thing: it will draw a line each time you switch away from a window. This way, you always know just up to where you’ve been reading that window 🙂 It also removes the previous drawn line, so you don’t see double lines.

nickcolor.pl – In channels with lots of activity, all nicks having the same old white color can get a little crazy, this script gives each user is own color and put a little organization to the chaos.

spell.pl – Spell check for irssi. This script takes a little setup. first you have to install Lingua::Ispell and Ispell using the following commands:

$ sudo apt-get install ispell liblingua-ispell-perl

It should pull in a number of other packages including a dictionary. I actually received an error as well, but it seems safe to ignore:

error in control file: `Index' value missing for format `info' at /usr/sbin/install-docs line 709, line 16.

Now load the script into irssi and bind Alt-s as a short cut to check the line you wish to send.
to bind Alt-s type the following into irssi:

/bind meta-s /_spellcheck

Also set the max guesses:

/set spell_max_guesses 3

Now your ready to use this script. After you type a message before you hit enter hit Alt-s and this script if you have any misspelled words and give you up to three guesses for correction.

Hyper-v User rights assignment

So if your like most admin’s you and have a bunch of Support staff some times its just easier to give them access to hyper-v then to have them wait for the admin to complete a simple task (ex.make a snapshot). The only issue with this is the fact they can do things we don’t want… for instance turn a machine off reboot change settings like nics along w/ creating new machines. So i went looking and apparently there is a way to restrict this so this post goes to show how we can.

Assigning Rights to hyper-v
Open mmc.exe

Click file then add/remote snap-in

Select authorization manager and hit add and ok

Then right click on Open Authorization Store….

Select XML file then hit browse

Goto \\Server_name\c$\ProgramData\Microsoft\Windows\Hyper-V\ and select InitialStore.xml

Then hit ok


Role Assignments
Select the Role we want to assign in this case its Administrator

Right click and click assign User and Groups then select from Windows and Active Directory…

Enter username you want to assign rights to. And hit ok

That user will now have admin rights.

Creating New Role Definitions
(what rights does this group have?)
Expand intialstore.xml -> Hyper-v services ->Definitions ->Role Definitions

Right click Role definitions and click new role Definitions

Then enter a name and click add…

Select Operations tab

Then add what rights you want that role to have by checking the checkbox and hitting ok, ok.

Now that we have a new role definitions created now we need to create role assignments see role assignments Section.

Role Assignments
Right click create new role assignment

Select what role that’s been defined

And hit ok

Now we need to add user into this group see Role Assignments