One Click Monero Win Node

# One Click Monero Win Node

#1 – download monero core + monero blockchain

https://getmonero.org/downloads/

https://downloads.getmonero.org/cli/win64

https://downloads.getmonero.org/blockchain.raw

#2 – import blockchain on custom dir, guard-against-pwnage=verify [only run with a trusted blockchain.raw]
monero-blockchain-import –data-dir x:\Monero\ –guard-against-pwnage 0 –input-file blockchain.raw

#3 – run on custom ip, remember open firewall [change port/config firewall]
monerod –data-dir x:\Monero\ –rpc-bind-ip 123.123.123.123 –rpc-bind-port 18080 –restricted-rpc –confirm-external-bind

#4 – start as a service, [use a custom restricted access user]
?

#EOF

Posted in Basic Technical, Cryptocurrency | Comments Off

Android APK Modification

An APK file is a ZIP file with the files inside with certain structure so it can serve as installer.
So for a basic modification, you can just rename the file to “.ZIP” extract the files and do whatever you want and then archive it again as a zip and rename back to APK.
If you preserve the structure, it should work, and in that way you can modify some things…

If you are looking for getting into the code you will need to decompile the file with some kind of tool, for this case I used “Apktool” that is an Android decompiler.
Then you can take a look inside (some of*) the code, modify and recompile it. Taking note that Android installers need to be signed so it can be installed without hassle, and for that will use “jarsigner”.

How?
#prerequisites
#install java sdk, install apk tool

#disassemble
apktool d someapp.apk -o someapp_disassembled

#mod code
#use a editor (text,graphics,etc) to modify code files

#assemble
apktool b someapp_disassembled/ -o someapp_modded.apk

#create your own signature (this have to be done only one time)
keytool.exe -genkey -v -keystore my-release-keystore -alias alias_name -keyalg RSA -keysize 2048 -validity 365

#sign
jarsigner.exe -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore my-release-keystore someapp_modded.apk alias_name

* Not all code will be decompiled, there are static libraries (“.so”,etc) and java files (“.jar” with “classes.dex”) that are not decompiled
So if you also need to step into the deep code…
For static “.so” libraries you will need a disassembler for the platform that is based the APK (usually ARM), in this case you can use IDA. (Use of IDA not covered on this post)
For “.jar” files you will need something like “dex2jar” that decompile the classes, and something to read the classes like “jd-gui”. (Use of these tools not covered on this post)
And as compilation of these files vary a lot, I recommend that if you want to change something on those files, just use a binary editing tool.

Notes:
Even if you can unarchive an APK and archive it back using a archive tool (Winrar,etc), it is not recommended, because not all the files inside an APK are archived on the same way. For example there are some resources that are archived without compression (stored), and doing that can cause the app to crash. (If it tries to read a file that it think that is not compress and it is) [Ex: “This file can not be opened as a file descriptor; it is probably compressed”]
Sign an APK with your custom signature could make it unable to be installed, you can replace the signature with the original and force android not to check the signature (And/or hot replace, “base.apk” on the device app folder) (Not covered on this post, take a look of “lucky patcher”)
Some apps share data with other apps of the same author, so again, if you are unable to install, try to delete (if is possible) any other application that might cause conflict. If the conflicting app cannot get installed because it is preloaded with the OS you can try to use tool to unistall system apps, or (recommend) switch the ROM to a custom one that does not have anything installed…
If something crash or does not work, does not install, etc. check the logs, their are your friend. (Ex. “ADB install” gives your the exact error [one one word] of why it fail)

Links:
Apktool: https://ibotpeaches.github.io/Apktool/install/
dex2jar: http://code.google.com/p/dex2jar/
jd-gui: http://jd.benow.ca/
IDA: https://www.hex-rays.com/products/ida/index.shtml

References:
? //TODO

AC.

Posted in Android, Medium Technical | Tagged , , , , , , , | Comments Off

Install certificate as System on Android

Use OpenSSL to transform the certificate to Android format (that is cert+info)
Extract ID using this command:
openssl.exe x509 -inform PEM -subject_hash -in charles.pem
It is the first line.
Name the certificate ID.0 (Ex: ce554431.0)
Extract certificate info using:
openssl.exe x509 -inform PEM -text -in charles.pem>somefile.txt
Then take the cert text and append the info and save it as ID.0

Certificate should be something like:
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
Certificate:
Data:
...

Then copy the certificate in the Android device to:
/system/etc/security/cacerts/

Or, if the certificate is already installed as user you can copy to system:
Copy it from:
/data/misc/user/0/cacerts-added/
To:
/system/etc/security/cacerts/

On both cases remember to set the permissions and user like the other certificates on the same folder, and that should be…

Notes:
– Some version of OpenSSL could give you a wrong ID, that will make the certificate not usable. In this case we used “OpenSSL 0.9.8h 28 May 2008 – GnuWin32″

AC.

Posted in Android, Security | Tagged , , , | Comments Off

jQuery lazy image loading…

Just a speed up trick, if you have lot of images or big images, to allow the browser to render and show the page before load the images you can do a “lazy” loading, that means that you load a marker or empty images with HTML, and with JavaScript/jQuery you update the resources.

HTML:
<img src="/empty.png" data-src="http://domain.com/image.jpg" alt="" width="200" height="70" />

Script:
jQuery(document).ready(function(){
//Change lazy images per real
jQuery("img").each(function() {
var $this = jQuery(this);
var imgsrc = $this.attr('data-src');
if(imgsrc!=''){
$this.attr('src', imgsrc).removeAttr('data-src');
}
});
});

Note: to minimize the in screen time while the image is loading it is recommended to use progressive encode on the images… or a loader… or the combination of both…

AC.

Posted in Medium Technical | Tagged , , | Comments Off

jQuery Playground: The base of AJAX

A very simple trick…

HTML:
<img id="some-image" src="http://domain.com/image.jpg" alt="" width="200" height="70" />

Script:
var someimage = jQuery("img[id='some-image']");
jQuery.get( someimage.attr("src"), function( ) {
// Do something
});

This (way of client requests) is the base of  AJAX/XMLHttpRequest, in this case is just an image but it can be any kind resource (code, json, java, xml, html) and can be processed asynchronous by the browser on any way to do whatever you want (send data, get data, play with the DOM, etc)…

Note: as this code is written it could cause the resource to load 2 times, so if it is not intended just use another attribute into the img tag, or other variable to get the URL…
Also for simpler things use javascript directly… or jQuery only if you already loaded it for other things… but it senseless load a 100k library to run 2 lines of code, hehe…

AC.

Posted in Basic Technical | Tagged , , , | Comments Off

Speed UP WordPress [or any site]

If you use a shitty server/network or your wordpress theme/plugins/content combination is heavy you can speed up the loading on the side of the client and server side by using a plugin like “W3 Total Cache”; it could set easily the browser needed headers to avoid hops, and also cache things like DB queries, or a in-server cache to save a static copy of the php files pre-generated as static content. The installation it just with a few clicks, the configuration the first time maybe take some time to understand, but once you do it, it is a straight forward procedure, by just enabling some type/s of cache or another according the kind of server that you are using or desired level of cache…

But beware in some cases if you server is not fast enough it can cause the adverse effect!
So here is a clean/neat solution [if you are on linux] to archive at least the browser cache.
Edit the .htaccess file and add something like:
<IfModule mod_expires.c>
ExpiresActive on
ExpiresDefault "access plus 1 day"
ExpiresByType text/html "access plus 1 week"
ExpiresByType image/jpg "access plus 1 month"
<IfModule mod_headers.c>
Header append Cache-Control "public"
</IfModule>
</IfModule>

This is just a example, as you can see you can set different expiration headers per mime types… [also by file extension, and [lot?] of other parameters]

Tech Note: the header will be constructed as:
Cache-Control: max-age=172800, public

If you need for some rare reason (External cache CDN provider compatibility, better look a like, some standard, etc ) the header like this:
Cache-Control: public, max-age=172800
Just add at the end of the .htaccess file (inside the “IfModule mod_expires.c”) this:
<IfModule mod_headers.c>
Header edit Cache-Control "max-age" "public, max-age"
</IfModule>
That will invert the order of the values…
Or directly write the full header [on the order that you want] like this:
Header set Cache-Control "max-age=172800, public"

If you are on windows I guess that there is a “rewrite” rule or something similar to address this issue, but as it weren’t the case, you will have to research by yourself…

References:
https://wordpress.org/plugins/w3-total-cache/
http://httpd.apache.org/docs/current/mod/mod_expires.html
https://paulund.co.uk/set-expire-headers-in-htaccess

AC.

Posted in Medium Technical, Wordpress | Tagged , , , , , , , , | Comments Off

Dump saved WIFI password from CMD

To dump some saved WIFI password on Windows just type:
netsh wlan show profile name=[ssid] key=clear

This will need a elevated command prompt and will also show other details that can be usefully on scripts, or similar…

AC.

Posted in Basic Technical, Learned Today, Networking | Tagged , , , | Comments Off

Disable local IP leak on Firefox – WebRTC

Avoid sites fetching your internal IP by disabling WebRTC…

The native way:
– Go to about:config and set “media.peerconnection.ice.default_address_only” to true

And the old way:
– Use a plugin like “Disable WebRTC”
https://addons.mozilla.org/en-us/firefox/addon/happy-bonobo-disable-webrtc/

What is WebRTC and what does it work for?
https://en.wikipedia.org/wiki/WebRTC

Sources:
https://wiki.mozilla.org/Media/WebRTC/Privacy
https://addons.mozilla.org/en-us/firefox/addon/happy-bonobo-disable-webrtc/

AC.

Posted in Medium Technical, Security | Tagged , , , | Comments Off

WordPress Proxy

Running WordPress on a internal network or something like that and want to handle all the internal connections with a proxy?

Just edit the “wp-config.php” and add this:
define(‘WP_PROXY_HOST’, ‘90.90.90.90’);
define(‘WP_PROXY_PORT’, ‘3128’);
define(‘WP_PROXY_USERNAME’, ‘username’);
define(‘WP_PROXY_PASSWORD’, ‘password’);
define(‘WP_PROXY_BYPASS_HOSTS’, ‘localhost, www.someurl.com’);

References:

http://wpengineer.com/1227/wordpress-proxysupport/

AC.

Posted in Medium Technical, Wordpress | Tagged , , , | Comments Off

FON2100A OpenWRT Unbrick

A small step to step on how to revive a bricked FONERA 2100A (With Redboot installed)

fon2100a

Files Needed:
Easy Redboot flash utility:

http://download.berlin.freifunk.net/fonera/ap51-flash-gui-1.0-42.exe

Previous program dependency:

http://www.winpcap.org/install/bin/WinPcap_4_1_3.exe

OpenWRT Kamikaze 8.09.2

http://downloads.openwrt.org/kamikaze/8.09.2/atheros/openwrt-atheros-vmlinux.lzma

http://downloads.openwrt.org/kamikaze/8.09.2/atheros/openwrt-atheros-root.squashfs

Hardware needed:
– PC Computer (Or VM)
– Bricked Fon2100A (Previously jailbreaked)
– Network cable
– Brain

Instructions:
Note: This only will work if the Redboot is accessible (Ex. if you previously installed OpenWRT), to check if it is working, connect the fonera to the PC while is turned off, disable all other network interfaces, set the interface where the fonera is plugged in to 192.168.1.166 subnet 255.255.255.0 gateway 192.168.1.1, turn on the fonera and while is loading (between 2-9 sec since turned on) telnet to 192.168.1.1:9000 and if you get the Reboot console, means that the fonera could be revived by this way…

1 – Disable all network interfaces and leave only the one where the fonera will be plugged.
2 – Plug the fonera to the network while is turned off
3 – Run the software “Freinkfurt AP51 EasyFlash”, select 2 image files.
4 – Turn on the Fonera, and the software using PCAP will detect the device and flash it using the Redboot.

You can do it also without the easyflash software if you “know” how to work directly with the Redboot. (Or following some other very long instructions)

And you can also use a more recent version of OpenWRT, I recommend Backfire 10.03.1 (Dic-2011), it works OK and have more features installed, like WPA.
I tested also some other recent versions like Attitude Adjustment 12.09 and Barrier Breaker 14.07; but the FON2100A is to old for that ones and will make it to be extremely slow or unresponsive.

References:

http://wiki.openwrt.org/toh/fon/fonera

-?-

AC.

Posted in Linux, Networking | Tagged , , , , , | Comments Off