Last night was
All Hallows' Eve
, I wanted to do something cool with the
decorations. I repurposed an rgb neopixel board driven by a nodemcu board and
gave one of our pumpkins a network controlled candle instead of the old analog
kind.
I also spent some time building out a motion sensor, but I wasn't able to
integrate that with the network code in time to use it. In the end the weather
seems to have kept everyone at home and we didn't have any visitors.
I am going to try and get everything together tonight at the
hackerspace
,
if I do I will write up what all the parts are.
Reading:
Abaddon's Gate
While
researching extracting images with scapy
I found a page
describing
image extraction
with Wireshark, I am not sure why I didn't think to try
this first. Of course Wireshark can do this super useful network task, their
mission is to make the ultimate network diagnostic tool.
The information on that page seems to be a little out of date, on my Wireshark
build the PDU tracing and http follow options were already selected.
Grab a dump of a http session, then feed it into Wireshark:
# tcpdump -w webimage.pcap host adventurist.me and port 80
I visited
this page
which I know has an image on it in FireFox's porn mode.
http.response.code==200
In Wireshark I used a http 200 response code to find all of the assets in the
stream. This left only three items, the page itself, the css style sheet and
the image. Expand out the TCP block in Wireshark, right click on the JPEG block
and choose 'Export Packet Bytes'. I saved this as .bin, moved it to a .jpeg and
was able to open the image.
Reading:
Abaddon's Gate
Packet capture tools are oscilloscopes to network programmers, I couldn't get
anything done without near continual use of
tcpdump
and
wireshark
. In a
pinch
tcpdump can
be used instead of writing server code
.
Wireshark has support for a load of protocols and can really help with
debugging. Recently I added
dtls support
to
NEAT
. DTLS is a protocol
enhancement to TLS to support datagram traffic, when it is working all of the
traffic is basically random noise.
I had trouble gettting server certs to work correctly with DTLS, thankfully
Wireshark can reassemble the datagrams
into a coherent certificate and
export the data out to a file. I can use this to manually check the cert is
being sent correctly.
The process is something like this:
1. Import pcap
2. Find the full reassembled server hello
3. Expand the DTLS body
4. Expand the DTLS Record, Certificate (Reassembled)
5. Right click on 'Handshake Protocol: Certificate(Reassembled)'
6. Select Export Packet Bytes
After than I had a TLS Cert in
DER format
, DER is just he raw cert bytes.
With this I could then verify using
openssl
that the cert chain was valid.
Reading:
Abaddon's Gate
Went to a friends and carved some pumpkins last night, that means I didn't
manage to do anything interesting yesterday. Weekends are when I
make
coffee
, Sunday is filtering day which looks something like this:
I have to run out to meet someone for lunch, tonight I am going to have a play
with Scapy. I think I will try to pull an image out of a http stream, that
seems like a small enough task to be doable.
It
is
Sunday, so that
makes
seven
days
of
writing
.
Reading:
Abaddon's' Gate
This robot is excellent, you should follow it.
Reading:
Abaddon's Gate