Author Archives: wizzy

DHCP server in Debian 9

These are the steps that I followed, in order to make a DHCP server in Debian 9 Stretch.

First of all we need to assign an IP address on our main ethernet interface. For this guide, I will use interface enp0s2. So we have to edit the file /etc/network/interfaces and add the following :

auto enp2s0
allow-hotplug enp2s0
iface enp2s0 inet static

Then we need to download our dhcp package.

sudo apt install isc-dhcp-server
Continue reading

Napco 1632 virtual keypad project

LAST UPDATE 29/7/2018 : This will be the first unfinished project that is posted on this blog. After spending three months, I got some info that the version of the panel I have,  does not support automation. If you notice from the data sniffed from the keypad bus, only keepalives, lcd messages and time sync data exists. If for example a zone triggers an alarm, data sent to the keypad do not refer to the zone number. So you have to always grab the text of the LCD. 

Another thing that lead me to abandon this project, is that NAPCO does not provide any info on this panel like DSC etc. so it is very difficult to reverse engineer. 

I think that security systems such as alarm panels, are not so sophisticated. They stay with the same philosophy over the years, so I might begin a project on making my own security system, using an arduino or a raspberry PI. The only thing sure is that I will not invest on any NAPCO security system or any other system at all after realizing that for example the NAPCO NL-MOD module is just a simple Lantronix Ethernet-to-serial device with a custom firmware and they are selling it for 150 euros… 

I will leave this port active though, for someone who will need the info posted here.

I am currently working on a project regarding some hack on my alarm panel. It’s a napco 1632. I am trying to reverse engineer communications in order to build a webapp to control the panel remotely. There are some options provided by napco, but need separate hardware.

My system is equipped with NL-MOD-UL module that gives you the ability to configure the alarm panel through LAN. This module is connected on the serial port of the panel. The panel has the ability to send real-time status messages through the serial port and receive commands like system arm, but napco hasn’t developed any application to do that. They have only quickloader for configuration and management of the panel.

Newest modules like STARLINK or IBR-ZREMOTE give the ability to control the panel remotely, but the hardware is expensive. So, as I said,  I am trying to reverse engineer for a solution. The newest modules are not connected on the serial  port of the panel but on the keypad bus. I have already ordered a logic analyzer in order to decode the bus. But until I receive my logic analyzer, I did some attempts to read it via an arduino MEGA. I made a circuit with an optocoupler because the voltage is to high for the arduino to handle.

Here is the arduino code : ttl-debug

The bus of napco 1632 has four cables :

  • RED ( +12V )
  • BLACK ( GND )
  • YELLOW ( Keypad TX – Panel RX )
  • GREEN ( Panel TX – Keypad RX )

Continue reading

LTSP on ubuntu 16.04 server

LTSP (Linux Terminal Server Project), adds thin client support to Linux servers. Just imagine PCs without a hard drive, running linux over the network. Pretty cool!

So what do we need to accomplish that ?

We just need a DHCP service (with specific options like 66, 67, 17), a linux box running the  LTSP server and some client PCs connected to the same network. You will find many guides on the internet on how to install a LTSP server. All guides install the DHCP server on the same box. Also they are using DHCP proxy etc. My case has a DHCP server working on mikrotik routerOS.

So, in this guide, I assume that my local network is, my mikrotik device is the gateway of the network and has an interface (ether1) with IP address and my linux box has the ip address and runs ubuntu server 16.04. Continue reading

Traffic capture from a mikrotik device to wireshark

Today, for troubleshooting purposes, I needed to capture traffic from a Mikrotik wireless access point that I have. Mikrotik devices have a build-in tool called Packet sniffer, which does exactly what I need but what if I had these captures on a remote PC ?

Well we can accomplish this and have the captures on wireshark. All we need is network connectivity, of course, between the Mikrotik device and the PC running wireshark. I am using wireshark 2.2.7 by the way.

Continue reading

Prestashop 1.7 – Classic theme SCSS to CSS

For the past 3 days, I was looking for a way to make changes to the classic’s theme CSS. As an amateur, I thought that if I make the changes I want to the files that are located on the _dev directory inside my theme, changes will be converted to CSS……. WRONG !!!

So I started looking harder. There are many solutions on the internet. Some almost worked, some not, some were to complicated to understand. After spending hours and hours o this, I final made it. So here it goes.

Continue reading

Telnet zero-day on cisco devices

Cisco announced a remote code execution vulnerability that affects telnet on catalyst series devices. Once again this has to do with the documents leaked by Wikileaks, known as Vault 7.

Cisco recommends to enable only SSH access on the devices affected, if possible. For devices that do not support SSH, VTY access lists may be applied to reduce the risk.

More information about the vulnerability and the devices affected, can be found here.

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)

Mikrotik HTTP server vulnerability

This is for those who are having the HTTP service of mikrotik activated on the internet.

On March 2017 Wikileaks published some documents that supposed to belong to CIA under the name of Vault 7, describing that CIA has an exploit called “ChimayRed”  by which can inject malicious code on RouterOS if the HTTP service is not protected.

You can find info and information on solving this, here.

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)

Mikrotik pure IPsec VPN and android device as client

Due to issues reported, I had to re-write this guide. This time all certificates are generated by mikrotik routerboard. I use openssl just to create the .p12 personal information exchange file for the android client.

Mikrotik routerOS used : 6.41.1
Android version used : 7

First we have to create some SSL certificates. A CA, a server certificate and a client certificate. Let’s start with the CA. Replace XX and xxxxxx with your information :

add name=ca-template common-name=myCa key-usage=key-cert-sign,crl-sign days-valid=3650 key-size=2048 country=XX state=xxxxxx locality=xxxxxx organization=xxxxxx unit="Certificate Authority"
sign ca-template name=myCa
set myCa trusted=yes

Continue reading

Dump1090 on CentOS 7

Dump1090 is an ADS-B decoder and it is used with the RTL-SDR dongle. Automatic Dependent Surveillance Broadcast or ADS-B is the system that is used by aircrafts to transmit their GPS position. Dump1090 receives this information from the  RTL-SDR dongle and prints out the location of the aircraft on google maps.

This guide will cover the installation of dump1090. To work, you neet to have the RTL-SDR dongle and of course an antenna tuned to 1090MHz . Continue reading