neděle 17. září 2017

Spotřeba

Po téměř roce jsem se s 1,4 TSI (110 kW) docela skmarádil a podařilo se zatím dosáhnout rekordně nízké spotřeby 3,7 l/100 km! Díky tomu se dokáži ze Dvora Králové do Boleslavi přepravovat levněji než autobusem (spotřebováno 2,9 l při současné ceně benzínu cca 29,9 Kč/l => 87 Kč, cena autobusem je 108 Kč a to se vyplatí). :-) Pro srovnání přikládám i spotřebu, když se jede po volné Německé dálnici téměř na limitu možností auta ale stejně spotřeba do 10 l/100 km není tak špatná vezmeme v úvahu skutečnost, jaký byla maximální i průměrná rychlost.




sobota 25. února 2017

OpenWRT na Nanostation5

Nastavení RedBootu:

RedBoot> fconfig -l
Run script at boot: true
Boot script:
.. cache off
.. fis load -d -e kernel
.. exec

Boot script timeout (1000ms resolution): 10
Use BOOTP for network configuration: false
Gateway IP address: 192.168.1.1
Local IP address: 192.168.1.20
Local IP address mask: 255.255.255.0
Default server IP address: 192.168.1.1
Console baud rate: 9600
GDB connection port: 9000
Force console for special debug messages: false
Network debug at boot time: false

Výpis jádra:

+Ethernet eth1: MAC address 00:xx:xx:xx:xx:xx
IP: 192.168.1.20/255.255.255.0, Gateway: 192.168.1.1
Default server: 192.168.1.1

RedBoot(tm) bootstrap and debug environment [ROM]
Ubiquiti Networks certified release, version 0.9.8.06 - built 10:58:52, Dec 23 2008

Copyright (C) 2000, 2001, 2002, 2003, 2004 Red Hat, Inc.

Board: Ubiquiti AR2313 based board
RAM: 0x80000400-0x80ff0400, [0x80000400-0x80fd1400] available
FLASH: 0xbe000000 - 0xbe3f0000, 64 blocks of 0x00010000 bytes each.
== Executing boot script in 10.000 seconds - enter ^C to abort

== Executing boot script in 10.000 seconds - enter ^C to abort
RedBoot> cache off
RedBoot> fis load -d -e kernel
Trying LZMA decompression...
Image loaded from 0x80041000-0x8034964c
Image is not ELF, skipping ELF parsing...
RedBoot> exec
Now booting linux kernel:
 Base address 0x80030000 Entry 0x80041000
 Cmdline :
[    0.000000] Linux version 3.18.23 (buildbot@builder1) (gcc version 4.8.3 (OpenWrt/Linaro GCC 4.8-2014.04 r47269) ) #1 Mon Feb 1 09:22:59 CET 2016
[    0.000000] bootconsole [early0] enabled
[    0.000000] CPU0 revision is: 0001800a (MIPS 4Kc)
[    0.000000] Determined physical RAM map:
[    0.000000]  memory: 01000000 @ 00000000 (usable)
[    0.000000] Initrd not found or empty - disabling initrd
[    0.000000] Zone ranges:
[    0.000000]   Normal   [mem 0x00000000-0x00ffffff]
[    0.000000] Movable zone start for each node
[    0.000000] Early memory node ranges
[    0.000000]   node   0: [mem 0x00000000-0x00ffffff]
[    0.000000] Initmem setup node 0 [mem 0x00000000-0x00ffffff]
[    0.000000] Primary instruction cache 16kB, VIPT, 4-way, linesize 16 bytes.
[    0.000000] Primary data cache 16kB, 4-way, VIPT, no aliases, linesize 16 bytes
[    0.000000] Built 1 zonelists in Zone order, mobility grouping off.  Total pages: 4064
[    0.000000] Kernel command line:  console=ttyS0,9600 rootfstype=squashfs,jffs2
[    0.000000] PID hash table entries: 64 (order: -4, 256 bytes)
[    0.000000] Dentry cache hash table entries: 2048 (order: 1, 8192 bytes)
[    0.000000] Inode-cache hash table entries: 1024 (order: 0, 4096 bytes)
[    0.000000] Memory: 12592K/16384K available (2566K kernel code, 102K rwdata, 300K rodata, 156K init, 193K bss, 3792K reserved)
[    0.000000] NR_IRQS:128
[    0.000000] Calibrating delay loop... 179.60 BogoMIPS (lpj=898048)
[    0.100000] pid_max: default: 32768 minimum: 301
[    0.110000] Mount-cache hash table entries: 1024 (order: 0, 4096 bytes)
[    0.120000] Mountpoint-cache hash table entries: 1024 (order: 0, 4096 bytes)
[    0.150000] NET: Registered protocol family 16
[    0.190000] Switched to clocksource MIPS
[    0.240000] NET: Registered protocol family 2
[    0.300000] TCP established hash table entries: 1024 (order: 0, 4096 bytes)
[    0.380000] TCP bind hash table entries: 1024 (order: 0, 4096 bytes)
[    0.460000] TCP: Hash tables configured (established 1024 bind 1024)
[    0.530000] TCP: reno registered
[    0.570000] UDP hash table entries: 256 (order: 0, 4096 bytes)
[    0.640000] UDP-Lite hash table entries: 256 (order: 0, 4096 bytes)
[    0.720000] NET: Registered protocol family 1
[    0.770000] Radio config found at offset 0x2000 (0x100)
[    0.840000] futex hash table entries: 256 (order: -1, 3072 bytes)
[    0.940000] squashfs: version 4.0 (2009/01/31) Phillip Lougher
[    1.010000] jffs2: version 2.2 (NAND) (SUMMARY) (LZMA) (RTIME) (CMODE_PRIORITY) (c) 2001-2006 Red Hat, Inc.
[    1.200000] msgmni has been set to 24
[    1.240000] io scheduler noop registered
[    1.290000] io scheduler deadline registered (default)
[    1.350000] Serial: 8250/16550 driver, 16 ports, IRQ sharing enabled
[    1.450000] serial8250: ttyS0 at MMIO 0x1c000000 (irq = 9, base_baud = 2812500) is a 16550A
[    1.550000] console [ttyS0] enabled
[    1.550000] console [ttyS0] enabled
[    1.630000] bootconsole [early0] disabled
[    1.630000] bootconsole [early0] disabled
[    1.750000] physmap platform flash device: 00800000 at 1e000000
[    1.820000] physmap-flash.0: Found 1 x16 devices at 0x0 in 8-bit bank. Manufacturer ID 0x0000c2 Chip ID 0x0000a7
[    1.940000] Amd/Fujitsu Extended Query Table at 0x0040
[    2.010000]   Amd/Fujitsu Extended Query version 1.1.
[    2.070000] physmap-flash.0: Swapping erase regions for top-boot CFI table.
[    2.150000] number of CFI chips: 1
[    2.220000] Searching for RedBoot partition table in physmap-flash.0 at offset 0x3d0000
[    2.340000] Searching for RedBoot partition table in physmap-flash.0 at offset 0x3e0000
[    2.460000] 6 RedBoot partitions found on MTD device physmap-flash.0
[    2.530000] Creating 6 MTD partitions on "physmap-flash.0":
[    2.600000] 0x000000000000-0x000000030000 : "RedBoot"
[    2.670000] 0x000000030000-0x000000140000 : "kernel"
[    2.730000] 0x000000140000-0x0000003e0000 : "rootfs"
[    2.800000] mtd: device 2 (rootfs) set to be root filesystem
[    2.870000] 1 squashfs-split partitions found on MTD device rootfs
[    2.940000] 0x000000370000-0x0000003e0000 : "rootfs_data"
[    3.010000] 0x0000003e0000-0x0000003ef000 : "FIS directory"
[    3.080000] 0x0000003ef000-0x0000003f0000 : "RedBoot config"
[    3.160000] 0x0000003f0000-0x000000400000 : "boardconfig"
[    3.300000] eth0: Atheros AR231x: 00:15:6d:b6:bd:14, irq 4
[    3.480000] libphy: ar231x_eth_mii: probed
[    3.530000] eth0: attached PHY driver [Generic PHY] (mii_bus:phy_addr=1:01)
[    3.620000] TCP: cubic registered
[    3.660000] NET: Registered protocol family 17
[    3.710000] bridge: automatic filtering via arp/ip/ip6tables has been deprecated. Update your scripts to load br_netfilter if you need this.
[    3.860000] Bridge firewalling registered
[    3.910000] 8021q: 802.1Q VLAN Support v1.8
[    4.000000] VFS: Mounted root (squashfs filesystem) readonly on device 31:2.
[    4.090000] Freeing unused kernel memory: 156K (80329000 - 80350000)
[    7.070000] init: Console is alive
[   11.320000] init: - preinit -
[   12.080000] random: mktemp urandom read with 15 bits of entropy available
Press the [f] key and hit [enter] to enter failsafe mode
Press the [1], [2], [3] or [4] key and hit [enter] to select the debug level
[   15.840000] mount_root: jffs2 not ready yet, using temporary tmpfs overlay
[   15.990000] procd: - early -
[   17.290000] procd: - ubus -
[   18.370000] procd: - init -
Please press Enter to activate this console.
[   22.740000] NET: Registered protocol family 10
[   22.820000] ip6_tables: (C) 2000-2006 Netfilter Core Team
[   22.940000] Loading modules backported from Linux version master-2015-03-09-0-g141f155
[   23.040000] Backport generated by backports.git backports-20150129-0-gdd4a670
[   23.140000] ip_tables: (C) 2000-2006 Netfilter Core Team
[   23.240000] nf_conntrack version 0.5.0 (199 buckets, 796 max)
[   23.480000] xt_time: kernel timezone is -0000
[   23.610000] cfg80211: Calling CRDA to update world regulatory domain
[   23.810000] cfg80211: World regulatory domain updated:
[   23.870000] cfg80211:  DFS Master region: unset
[   23.920000] cfg80211:   (start_freq - end_freq @ bandwidth), (max_antenna_gain, max_eirp), (dfs_cac_time)
[   24.040000] cfg80211:   (2402000 KHz - 2472000 KHz @ 40000 KHz), (N/A, 2000 mBm), (N/A)
[   24.130000] cfg80211:   (2457000 KHz - 2482000 KHz @ 20000 KHz, 92000 KHz AUTO), (N/A, 2000 mBm), (N/A)
[   24.250000] cfg80211:   (2474000 KHz - 2494000 KHz @ 20000 KHz), (N/A, 2000 mBm), (N/A)
[   24.340000] cfg80211:   (5170000 KHz - 5250000 KHz @ 80000 KHz, 160000 KHz AUTO), (N/A, 2000 mBm), (N/A)
[   24.460000] cfg80211:   (5250000 KHz - 5330000 KHz @ 80000 KHz, 160000 KHz AUTO), (N/A, 2000 mBm), (0 s)
[   24.570000] cfg80211:   (5490000 KHz - 5730000 KHz @ 160000 KHz), (N/A, 2000 mBm), (0 s)
[   24.670000] cfg80211:   (5735000 KHz - 5835000 KHz @ 80000 KHz), (N/A, 2000 mBm), (N/A)
[   24.760000] cfg80211:   (57240000 KHz - 63720000 KHz @ 2160000 KHz), (N/A, 0 mBm), (N/A)
[   25.430000] PPP generic driver version 2.4.2
[   25.490000] NET: Registered protocol family 24
[   25.630000] ath5k: phy0: Atheros AR2313 chip found (MAC: 0x58, PHY: 0x44)
[   25.710000] ath5k: phy0: RF5112B 5GHz radio found (0x36)
[   25.780000] cfg80211: Calling CRDA for country: US
[   25.900000] cfg80211: Regulatory domain changed to country: US
[   25.970000] cfg80211:  DFS Master region: FCC
[   26.020000] cfg80211:   (start_freq - end_freq @ bandwidth), (max_antenna_gain, max_eirp), (dfs_cac_time)
[   26.130000] cfg80211:   (2402000 KHz - 2472000 KHz @ 40000 KHz), (N/A, 3000 mBm), (N/A)
[   26.230000] cfg80211:   (5170000 KHz - 5250000 KHz @ 80000 KHz, 160000 KHz AUTO), (N/A, 2300 mBm), (N/A)
[   26.340000] cfg80211:   (5250000 KHz - 5330000 KHz @ 80000 KHz, 160000 KHz AUTO), (N/A, 2300 mBm), (0 s)
[   26.460000] cfg80211:   (5490000 KHz - 5730000 KHz @ 160000 KHz), (N/A, 2300 mBm), (0 s)
[   26.560000] cfg80211:   (5735000 KHz - 5835000 KHz @ 80000 KHz), (N/A, 3000 mBm), (N/A)
[   26.650000] cfg80211:   (57240000 KHz - 63720000 KHz @ 2160000 KHz), (N/A, 4000 mBm), (N/A)
[   53.350000] jffs2_scan_eraseblock(): End of filesystem marker found at 0x0
[   53.620000] jffs2_build_filesystem(): unlocking the mtd device... done.
[   53.700000] jffs2_build_filesystem(): erasing all blocks after the end marker... done.
[   58.480000] jffs2: notice: (740) jffs2_build_xattr_subsystem: complete building xattr subsystem, 0 of xdatum (0 unchecked, 0 orphan) and 0 of xref (0 dead, 0 orphan) found.
[   63.990000] device eth0 entered promiscuous mode
[   64.230000] br-lan: port 1(eth0) entered forwarding state
[   64.300000] br-lan: port 1(eth0) entered forwarding state
[   66.300000] br-lan: port 1(eth0) entered forwarding state
[   86.900000] random: nonblocking pool is initialized



BusyBox v1.23.2 (2016-01-02 21:20:31 CET) built-in shell (ash)

  _______                     ________        __
 |       |.-----.-----.-----.|  |  |  |.----.|  |_
 |   -   ||  _  |  -__|     ||  |  |  ||   _||   _|
 |_______||   __|_____|__|__||________||__|  |____|
          |__| W I R E L E S S   F R E E D O M
 -----------------------------------------------------
 CHAOS CALMER (15.05.1, r48532)
 -----------------------------------------------------
  * 1 1/2 oz Gin            Shake with a glassful
  * 1/4 oz Triple Sec       of broken ice and pour
  * 3/4 oz Lime Juice       unstrained into a goblet.
  * 1 1/2 oz Orange Juice
  * 1 tsp. Grenadine Syrup
 -----------------------------------------------------
root@OpenWrt:/#


pondělí 9. ledna 2017

Sniffování HTTPS

Od minulého článku jsme už pokročili, nyní máme zachycen síťový provoz na WiFi síti. Dokonce se můžeme dívat do přenášených dat, bohužel pokud daný přenos používá protokol https, tak máme opět smůlu. Pro jeho rozšifrování je třeba ještě získat klíče použité pro dané SSL spojení. Což nám velice usnadnili například vývojáři Firefoxu či Chrome, stačí definovat klíč s názvem "SSLKEYLOGFILE" a hodnota představuje název souboru, do kterého prohlížeče klíče mají ukládat. V Linuxu stačí použít export SSLKEYLOGFILE=/sslkey.log a ve Windows vytvořit novou uživatelskou proměnnou.




Prohlížeč nám bude klíče ukládat v následujícím formátu do souboru ssl.log. Ten již stačí předhodit Wiresharku a komunikace bude možné rozšifrovat i na další vrstvě.


A samotné přidání souboru do Wiresharku.


A máme výsledek, uživatelské jméno je: ..... a heslo je: ........





https://jimshaver.net/2015/02/11/decrypting-tls-browser-traffic-with-wireshark-the-easy-way/