FON2100A OpenWRT Unbrick

A small step to step on how to revive a bricked FONERA 2100A (With Redboot installed)

fon2100a

Files Needed:
Easy Redboot flash utility:

http://download.berlin.freifunk.net/fonera/ap51-flash-gui-1.0-42.exe

Previous program dependency:

http://www.winpcap.org/install/bin/WinPcap_4_1_3.exe

OpenWRT Kamikaze 8.09.2

http://downloads.openwrt.org/kamikaze/8.09.2/atheros/openwrt-atheros-vmlinux.lzma

http://downloads.openwrt.org/kamikaze/8.09.2/atheros/openwrt-atheros-root.squashfs

Hardware needed:
– PC Computer (Or VM)
– Bricked Fon2100A (Previously jailbreaked)
– Network cable
– Brain

Instructions:
Note: This only will work if the Redboot is accessible (Ex. if you previously installed OpenWRT), to check if it is working, connect the fonera to the PC while is turned off, disable all other network interfaces, set the interface where the fonera is plugged in to 192.168.1.166 subnet 255.255.255.0 gateway 192.168.1.1, turn on the fonera and while is loading (between 2-9 sec since turned on) telnet to 192.168.1.1:9000 and if you get the Reboot console, means that the fonera could be revived by this way…

1 – Disable all network interfaces and leave only the one where the fonera will be plugged.
2 – Plug the fonera to the network while is turned off
3 – Run the software “Freinkfurt AP51 EasyFlash”, select 2 image files.
4 – Turn on the Fonera, and the software using PCAP will detect the device and flash it using the Redboot.

You can do it also without the easyflash software if you “know” how to work directly with the Redboot. (Or following some other very long instructions)

And you can also use a more recent version of OpenWRT, I recommend Backfire 10.03.1 (Dic-2011), it works OK and have more features installed, like WPA.
I tested also some other recent versions like Attitude Adjustment 12.09 and Barrier Breaker 14.07; but the FON2100A is to old for that ones and will make it to be extremely slow or unresponsive.

References:

http://wiki.openwrt.org/toh/fon/fonera

-?-

AC.

Posted in Linux, Networking | Tagged , , , , , | Comments Off

WordPress – Get all posts where a meta key does not exist

Simple…

$search_values['meta_query'] = array(
'relation' => 'OR',
array(
'key' => 'psychedelics', //replace with the non existing field to query
'compare' => 'NOT EXISTS',
'value' => '' // Ignored, but needed to work...
),
array(
'key' => 'psychedelics', //replace with the non existing field to query
'value' => '2CB' //any value
)
)

Source:
http://wordpress.stackexchange.com/questions/80303/query-all-posts-where-a-meta-key-does-not-exist

AC.

Posted in Learned Today, Medium Technical, Wordpress | Tagged , , , , , | Comments Off

Generate and Test a iOS Push Certificate

Hello,

A (working) quick way to generate a working P12 Certificate using OpenSSL for push notifications on your iOS apps:

Transform the Certificate from CER to PEM
openssl x509 -in aps_production.cer -inform DER -out distrib_final.pem -outform PEM}
Transform the Key from P12 to PEM (P12 file must be exported from the “Keychain Access” application)
openssl pkcs12 -nocerts -out distrib_final_key.pem -in certificates.p12
Generate Final Certificate:
openssl pkcs12 -export -in distrib_final.pem -inkey distrib_final_key.pem -certfile CertificateSigningRequest.certSigningRequest -name "apn_developer_identity" -out distrib_final_ready.p12
A connection test to see if the certificate is working:
openssl s_client -connect gateway.push.apple.com:2195 -cert distrib_final.pem -key distrib_final_key.pem

Notes:
– This does not cover the certificate “request”…
– The right certificate to use is on your Apple Developer Account under “Certificates, Identifiers & Profiles/Identifiers/Apps IDs” (NOT THE DISTRIBUTION ONE)

AC.

Posted in iOS, Mac, Medium Technical | Tagged , , , , , , , , , , | Comments Off

OSx Advanced Search: Find + Grep

To find some text inside all types of files:

find . -type f -exec grep -l "some text" {} +

AC.

Posted in Basic Technical, Learned Today, Mac | Tagged , , , , , | Comments Off

OpenSSL – Comodo “unable to get local issuer certificate”

Hello,

If you use Comodo certificates over an (web) application that uses OpenSSL and you get the error “unable to get local issuer certificate” that mean that you have to merge the all the certificate chain on one file and submit it on your application as the “CA Certificate”, so OpenSSL will be able to fully resolve the certificate.

Mix this 3 files on one, on this order:
COMODORSADomainValidationSecureServerCA.crt
COMODORSAAddTrustCA.crt
AddTrustExternalCARoot.crt

Then submit the newly created file, along your certificate and your private key to the app that you are setting up, and that should do the trick!

Full Error:
20 X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY: unable to get local issuer certificate

References:
https://www.hmailserver.com/forum/viewtopic.php?t=27316
https://www.openssl.org/docs/apps/verify.html

Regards,
AC.

Posted in Linux, Medium Technical | Tagged , , , , | Comments Off

Compile OpenSSL from source on old Ubuntu

Hello,

If your version of Ubuntu is no longer supported you should update…
But in the meantime you could fix the broken or insecure packages on this way…

Note: Before continue check if you can get from a trusty source the package on DEB compiled that match your OS and architecture (and install it with: “dpkg -i file.deb”)


//before aptget: check that the sources are working!!!
//install prerequisites
apt-get install libssl-dev make gcc
//create a folder, download (openssl in this case, but can apply to any package) and decompress
wget http://openssl.org/source/openssl-1.0.1j.tar.gz
tar xfz openssl-1.0.1.tar.gz
//change to folder
cd openssl-*
//configure (take note of the paths!)
./config --prefix=/usr zlib-dynamic --openssldir=/etc/ssl shared
//compile
make
//install!
sudo make install

//use sudo if necessary (not just for make, for all commands)
//then if everything went ok check the version
openssl version -a

If you specifically do this to fix heartbleed or another critical vulnerability that leaked information, remember to replace SSL certificates with new ones and change users credentials…

//info from:
http://wiki.openssl.org/index.php/Compilation_and_Installation#Intel
http://mariobrandt.de/archives/linux/upgrading-openssl-on-debian-6-squeeze-or-ubuntu-8-04-hardy-456/
http://askubuntu.com/questions/133806/getting-an-error-when-using-make-command-installing-aircrack-ng-on-ubuntu-12
http://ubuntuforums.org/showthread.php?t=825560ddd

Regards,
AC.

Posted in Linux, Medium Technical, Security | Tagged , , , , , , , , , | Comments Off

Battery Drain Samsung Galaxy Note 3 – Fix

Hello,

To correctly identify the problem I recommend you to use “GSam Battery Monitor”.
Then under “App Usage” you can directly access the Android App Info settings and kill (“force stop” and “turn off”) the apps/services that are over using your battery.
In my case was “Google+” and “Samsung Link” (I never used any of those and were safe to disable).

Links:
https://play.google.com/store/apps/details?id=com.gsamlabs.bbm&hl=es

Regards,
AC.

Posted in Basic Technical | Tagged , , , , , , | Comments Off

Heartbleed

Hello,

heartbleed

For “one time” is safer to be on Windows…
Disease checker: http://filippo.io/Heartbleed/

AC.

Posted in Security | Tagged , , , | Comments Off

Getting rid of the spam on WorPress

Hello,

There are plenty of bots that crawl the web day after day searching for WordPress blogs to fill them with URLs in order to get publicity (SEO) for some sites… For example the case of my anonymous blog (this one) never got a real comment, but day after day it got around ~7 spammy comments…

Knowing a little bit about how to do and how the bots work, on the 99.99% of the cases they will go for the standard site/layout and will automatically fill the comment field and sent it. And successfully on low number of cases due blog missconfiguration, or so many real comments that could mix some real/spam comment those spam messages get live…

So there will be 2 ways to get rid of bots, setting up a filter like “Akismet” that will analyze all the comments and based on IP and word analysis will mark the comments as spam or not… (Anyway the comments will or could flood your spam folder and also ~10% will pass to you directly)
Or a most straight forward method will be change the normal site layout with a plug in or manually, for example to rename or add new fields, so the bots won’t know how to proceed. For this case I used the “WP-reCAPTCHA” plugin; it automatically add a captcha field to all the comments (and other forms if you want) and wont let nothing pass if the captcha is not correctly solved.

More Info:
http://wordpress.org/plugins/wp-recaptcha/

Regards,
AC

Posted in Basic Technical | Tagged , , , , | Comments Off