HowTo Install Arduino on BackTrack 5

I didn't want to make a second post for today, but i have a real treat for you!
http://jon.oberheide.org/files/half-nelson.c
the always cutting edge Jon Oberheide released his stack based overflow for econet_sendmsg function. affecting kernels < 2.6.36.2.
also a LKM rickroller: https://github.com/fpletz/kernelroll


+++

This is made to be a quick tutorial for x86 architecture and you should have root permissions. If this does not work please refer to http://www.arduino.cc/playground/Linux/Ubuntu for more detailed instructions for Arduino on Ubuntu(which is what BackTrack is based on).

First thing you should do is plug in your Arduino board to the BackTrack5 machine(assuming via USB) and type:

#modprobe ftdi_sio
#dmesg

in a console. You should see something like this in the dmesg output.
  
[91296.051432] usb 5-1: FTDI USB Serial Device converter now attached to ttyUSB0

If not it is likely you need to recompile your kernel to include this support. Most likely it is installed as a module so the modprobe command would have enabled it. Next we will go ahead and grab the debian packages needed:

#mkdir /tmp/arduino
#cd /tmp/arduino
#wget http://mirror.pnl.gov/ubuntu//pool/universe/r/rxtx/librxtx-java_2.2pre2-3~maverick1_i386.deb
#wget http://mirror.pnl.gov/ubuntu//pool/universe/a/arduino/arduino-core_0022+dfsg-1~maverick1_all.deb
#wget http://mirror.pnl.gov/ubuntu//pool/universe/a/arduino/arduino_0022+dfsg-1~maverick1_all.deb

Now we are ready to install everything to the system! First use apt to install avrdude, which is the microcontroller programmer. Then just use dpkg -i to install the .deb's

#apt-get install avrdude
#apt-get install gcc-avr
#apt-get binutils-avr
#apt-get install avr-libc
#dpkg -i *.deb

If it complains about dependency problems, then just run:

#apt-get -f install

And dpkg one more time

#dpkg -i *.dep

If you didn't get any errors you should be able to run "arduino" in a terminal, which will bring up the IDE. I suggest opening up the example blink program and changing the delay() values to something fast(200 will work) and uploading it to the board. Pin 13 gives warning blinks so this will verify everything is working. Remember to press the reset button while uploading and change the settings in the sketch program to match what board you have. If anyone does any network or hacking related arduino projects I would love to hear from you. Check us out on efnet IRC@ #priv.  

  

 

PMCMA Released & DigiNotar Damage Disclosed

Pcmca is software that will attempt to automatically write an exploit for memory corruption bugs in software. Can greatly save time in reverse engineering.

The code is available at:
https://github.com/toucan-system/pmcma

while the main site is simply http://www.pmcma.org

It was presented at the blackhat conference in Vegas this year. Here are the slides and whitepaper!
http://www.pmcma.org/wp-content/uploads/2011/09/bhus_2011_brossard.pdf
http://www.pmcma.org/wp-content/uploads/2011/09/BHUS-2011_Brossard.pdf

+++

Okay, I am sure everyone has heard of the recent DigiNotar "Debacle" but if not here is a good link to tell you what is up.
https://blog.torproject.org/blog/diginotar-debacle-and-what-you-should-do-about-it

This next link is the raw spreadsheet data of the compromised certs!
https://svn.torproject.org/svn/projects/misc/diginotar/rogue-certs-2011-09-04.csv

and here is the tor projects latest blog post:

This is the list of CA roots that should probably never be trusted again:
DigiNotar Cyber CA
DigiNotar Extended Validation CA
DigiNotar Public CA 2025
DigiNotar Public CA - G2
Koninklijke Notariele Beroepsorganisatie CA
Stichting TTP Infos CA
The most egregious certs issued were for *.*.com and *.*.org while certificates for Windows Update and certificates for other hosts are of limited harm by comparison. The attackers also issued certificates in the names of other certificate authorities such as "VeriSign Root CA" and "Thawte Root CA" as we witnessed with ComodoGate, although we cannot determine whether they succeeded in creating any intermediate CA certs. That's really saying something about the amount of damage a single compromised CA might inflict with poor security practices and regular internet luck.
Of particular note is this certificate:
CN=*.RamzShekaneBozorg.com,SN=PK000229200006593,OU=Sare Toro Ham Mishkanam,L=Tehran,O=Hameye Ramzaro Mishkanam,C=IR
The text here appears to be be an entry like any other but it is infact a calling card from a Farsi speaker. RamzShekaneBozorg.com is not a valid domain as of this writing.
Thanks to an anonymous Farsi speaker, I now understand that the above certificate is actually a comment to anyone who bothers to read between the lines:
"RamzShekaneBozorg" is "great cracker"
"Hameyeh Ramzaro Mishkanam" translates to "I will crack all encryption"
"Sare Toro Ham Mishkanam" translates to "i hate/break your head"