Hacking DHCP in a home network

For good or bad at home i do have a cable provided, it is the traditional service where a coaxial cable is connected to the TV.  Some days ago a technician from the TV cable company came and installed a decoder.  This decoder is a device that connects between the coaxial and the television enabling a better quality of images, it also includes a software with Youtube and applications to watch TV through Internet.

The problem: This decoded is connected to the home network (LAN) but it do not permits to set a static IP address, the only way is that the device obtains an IP/network mask/router ip and dhcp servers through DHCP.
The real problem is that i take very seriously what i enable and not in my home network, each new service is something i worry about.  I wanted to avoid a DHCP server.

How to avoid having to install a DHCP server and make the decoder work ?
Not making it work is no an option.  Solution: Create a DHCP minimalistic server with less than 200 lines, a script if possible, simple to start and close, having control on each IP i assign to each MAC address.

The RFC describes how this protocol works, a picture will help understanding how the program works.

                Server          Client          Server
            (not selected)                    (selected)

                  v               v               v
                  |               |               |
                  |     Begins initialization     |
                  |               |               |
                  | _____________/|\____________  |
                  |/DHCPDISCOVER | DHCPDISCOVER  \|
                  |               |               |
              Determines          |          Determines
             configuration        |         configuration
                  |               |               |
                  |\             |  ____________/ |
                  | \________    | /DHCPOFFER     |
                  | DHCPOFFER\   |/               |
                  |           \  |                |
                  |       Collects replies        |
                  |             \|                |
                  |     Selects configuration     |
                  |               |               |
                  | _____________/|\____________  |
                  |/ DHCPREQUEST  |  DHCPREQUEST\ |
                  |               |               |
                  |               |     Commits configuration
                  |               |               |
                  |               | _____________/|
                  |               |/ DHCPACK      |
                  |               |               |
                  |    Initialization complete    |
                  |               |               |
                  .               .               .
                  .               .               .
                  |               |               |
                  |      Graceful shutdown        |
                  |               |               |
                  |               |\ ____________ |
                  |               | DHCPRELEASE  \|
                  |               |               |
                  |               |        Discards lease
                  |               |               |
                  v               v               v
     Figure 3: Timeline diagram of messages exchanged between DHCP
               client and servers when allocating a new network address

Para los más curiosos, recomiendo estos recursos para leer acerca de DHCP:
recurso1
recurso2
recurso3
Esta es una imagen que armé mientras estudiaba el funcionamiento de este viejo protocolo:


Script server source here.

 

Advertisements

Compile keepass 2.0.3 on Linux

KeepassX webpage states: “KeePassX is an application for people with extremly high demands on secure personal data management. It has a light interface, is cross platform and published under the terms of the GNU General Public License.”

These steps have been executed on a Debian Linux 8.6.0 but for an experienced System Administrator/Hacker this should be trivial.

First you should have these packages installed:

apt-get install cmake g++ libqt4-core libqt4-dev libgcrypt-dev zlib1g zlib1g-dev

Now you can download the latest keepassX package and compile it:

wget https://www.keepassx.org/releases/2.0.3/keepassx-2.0.3.tar.gz
tar zxvf keepassx-2.0.3.tar.gz
cd keepassx-2.0.3/
mkdir build
cd build
cmake -DCMAKE_INSTALL_PREFIX=/usr/local ..

As root:

make install

Now you could for example, add the access on a fluxbox window manager:
It works.

 

An additional LCD notebook monitor

Once i had a notebook, it was red, lenovo, z80… rest in peace.  But after some time something very bad started to happen with that notebook and finally it never started again. Of course i went to Lenovo here in Argentina, i do not know now, i suppose it is not much different, but the official technical service told me that the notebook was a rare model and they may not have the parts, in that case i would not have my money back anyway… (yes, lets cry together with a cold beer).

Whathever, i wanted to recover something from the notebook, i could reuse the hard disk, i can sell the memory, and i wanted to reuse the monitor (if possible).

Step 1: Obtain the monitor code

You will have to open the notebook, it is supposed to be broken anyway. Be carefull, you should extract the monitor, and take some pictures from the back. Write down the numbers, the seller will likelly ask you for them to confirm if he has the circuit for it. If you do not feel secure, ask a friend who may have more experience doing that.

Save the pictures, the selled will likelly ask you for them.

Step 2: Look for a selled of the circuit
I obtained it at ebay, the article at that time looked like this:

I bought it from a selled called xionchung2013
This may sound like publicity, honestly i am just happy because i got the article and i had good luck that it worked. But you wouldn’t believe the troubles i had. In Argentina we had a not so nice government from 2010 to 2015 and the possibility to import things, even they are not done here was arbitrary: only people with friends in the government could do that, and you can imagine that somebody like me is not the profile of somebody that makes friends with politicians. Resuming, the selled sent the product and it never arrived, luckyly it was returned to him, i had to pay him again for the delivery, and the second time i contacted the postal office and followed like a crazy the package.
Yes, lets cry together again with a cold beer in a bar.

Step 3: Connect it and use it!
I have to post some pictures about how it looks like. It is great!

Step 4: Enabling the secondary monitor in linux
I have this script to enable the monitor in the office or at home:

walter@arsat:~$ cat monitors.sh 
#!/bin/bash

if [[ "$1" == "office" ]]; then
	xrandr --auto --output eDP1 --mode 1360x768 --left-of VGA1
else
# CASA
	echo "En casa";
	xrandr --auto --output VGA1 --mode 1920x1200 --left-of eDP1
fi;