Home
Hidden configuration options on D-Link DSL-2500U
- Details
- Written by Die Ysbeer
- Category: Uncategorised
- Hits: 3302
My home internet configuration consists of a Mikrotik router connected to a D-Link DSL-2500U ADSL router (configured in bridge mode) which in turn is connected to my ADSL line. The Mikrotik handles my PPPoE connection and also my firewall. I basically use the D-Link as a simple ADSL modem. These are cheap and small. If the lightning wipes it out, I can simply buy a new one.
From the mikrotik router I push all logs to rsyslogd that runs on my HP microserver. This allows me to have a longer history of the network events. I have also enabled remote logging the modem, however whenever the power cycles, the time reset to [whatever default state]. This creates inaccurate logs. I have no idea when the line dropped and came back up again. It was hard to believe that this modem does not have some sort of NTP. I browsed through all of the options on the web interface with no luck of finding the NTP option.
Enter portscan
PORT STATE SERVICE 21/tcp open ftp 23/tcp open telnet 80/tcp open http
This is interesting... telnet port is open... Connecting to it I get a login request, using the modem's login details I am able to login.
Typing help a bunch of commands are returned, one of which is sntp. BINGO!!
Login: admin Password: > help ? help logout reboot adsl atm brctl cat ddns df dumpcfg echo ifconfig kill arp defaultgateway dhcpserver dns lan passwd ppp remoteaccess restoredefault route save swversion wan usbtest macaddr allledon allledoff keyteston keytestoff ping ps pwd macaddr siproxd sntp sysinfo tftp >
The sntp command returns
> sntp
sntp -s server [ -s server2 ] -t "timezone"
disable
date
zones
>sntp zones --help
Timezones supported:
International Date Line West
Midway Island, Samoa
Hawaii
Alaska
Pacific Time, Tijuana
Arizona
Chihuahua, La Paz, Mazatlan
Mountain Time
Central America
Central Time
Guadalajara, Mexico City, Monterrey
Saskatchewan
Bogota, Lima, Quito
Eastern Time
Indiana
Atlantic Time
Caracas, La Paz
Santiago
Newfoundland
Brasilia
Buenos Aires, Georgetown
Greenland
Press for more.
Mid-Atlantic
Azores
Cape Verde Is.
Casablanca, Monrovia
Greenwich Mean Time: Dublin, Edinburgh, Lisbon, London
Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna
Belgrade, Bratislava, Budapest, Ljubljana, Prague
Brussels, Copenhagen, Madrid, Paris
Sarajevo, Skopje, Warsaw, Zagreb
West Central Africa
Athens, Istanbul, Minsk
Bucharest
Cairo
Harare, Pretoria
Helsinki, Kyiv, Riga, Sofia, Tallinn, Vilnius
Jerusalem
Baghdad
Kuwait, Riyadh
Moscow, St. Petersburg, Volgograd
Nairobi
Tehran
Abu Dhabi, Muscat
Press for more.
Baku, Tbilisi, Yerevan
Kabul
Ekaterinburg
Islamabad, Karachi, Tashkent
Chennai, Kolkata, Mumbai, New Delhi
Kathmandu
Almaty, Novosibirsk
Astana, Dhaka
Sri Jayawardenepura
Rangoon
Bangkok, Hanoi, Jakarta
Krasnoyarsk
Beijing, Chongqing, Hong Kong, Urumqi
Irkutsk, Ulaan Bataar
Kuala Lumpur, Singapore
Perth
Taipei
Osaka, Sapporo, Tokyo
Seoul
Yakutsk
Adelaide
Darwin
Press for more.
Brisbane
Canberra, Melbourne, Sydney
Guam, Port Moresby
Hobart
Vladivostok
Magadan, Solomon Is., New Caledonia
Auckland, Wellington
Fiji, Kamchatka, Marshall Is.
>
Using this, it is easy to setup the NTP client to query the Mikrotik/HP microserver for time when booting up.
Extra
Recently I watched the youtube video, DEF CON 22 - Shahar Tal - I Hunt TR-069 Admins: Pwning ISPs Like a Boss (https://www.youtube.com/watch?v=rz0SNEFZ8h0). The technique he uses to get to the TR-069 page (which is hidden) of the router made me wonder if my modem has this feature and what the values might be.
So looking at the menu frame of the web interface's source reveals a bunch of interesting things
<html>
<head>
<html><head>
<meta http-equiv='Pragma' content='no-cache'>
<link rel=stylesheet href='stylemain.css' type='text/css'>
<link rel=stylesheet href='colors.css' type='text/css'>
<script language='javascript' src='menuTree.js'></script>
<script language='javascript' src='menuTitle.js'></script>
<script language='javascript' src='menuBcm.js'></script>
<title></title>
<base target="_self">
</head>
<body class='mainMenuBody' topmargin="0" leftmargin="0" marginwidth="0" marginheight="0">
<table border="0" cellpadding="0" cellspacing="0" height="1000">
<tr>
<td style="background-color: #CC6906" width="1"></td>
<td class='menu' width="158" valign="top" align="left">
<br>
<script language='javascript'>
<!-- hide
var options = new Array('admin',
'annex_a',
'Bridge',
'0',
'0',
'0',
'',
'',
'0',
'1',
'1',
'1',
'1',
'1',
'1',
'1',
'1',
'false',
'0',
'0',
'', //SUPPORT_SES
'0',
'0',
'0',
'',
'1',
'false',
'0',// value-added usb-storage
'0',
'0'
);
createBcmMenu(options);
initializeDocument();
// done hiding -->
</script>
<noscript>You must enable JavaScript in your browser.</noscript>
</td>
<td style="background-color: #CC6906" width="1"></td>
<td style="background-color: #ffffff"></td>
</tr>
</table>
</body>
</html>
Opening the menuBcm.js shows the option values, and browsing through the code I found the TR-069 page (tr69cfg.html), as well as the NTP page (sntpcfg.html).
if ( sntp == '1' && proto != 'Bridge' && !(proto=='PPPoE' && ipExt=='1') && !(proto=='PPPoA' && ipExt=='1') ) insFld(nodeMngr, gFld(getMenuTitle(MENU_SNTP), 'sntpcfg.html'));
However looking at the code it seems that this menu item is only displayed when the device is not in bridge mode (the mode I am using it in) and if a PPPoE/PPPoA interface has been configured and that the interface has an external IP address.
This is just stupid, so I browse to http://192.168.1.1/sntpcfg.html and I can directly modify my values from there :)
Shutdown computer with PHP
- Details
- Written by Die Ysbeer
- Category: Uncategorised
- Hits: 2754
Intro
The state of South Africa's electricity network is horrible, with me never knowing when they are going to implement what stage of load shedding. This is a problem for I run a HP micro-server for media and backups at home. In the morning I will shutdown the server before going to work and upon arrival back home I will switch it back on. The issue is I do not want to start my PC up to SSH into the server to issue a shutdown command.
Won't it be convenient if I could just fire up my browser on my phone (that is connected to my home WIFI) and open a php page and the server will gracefully shutdown?
Solution
I run Ubuntu 14.04 with lighttpd as the webserver. So firstly we want to let the www-data user have permissions to execute shutdown as root user. Open up a console and type sudo visudo. This opens up nano in my case, with the sudoers file. At the bottom of the file add the following:
www-data ALL=(root) NOPASSWD: /sbin/shutdown -P now
Exit and save. What this line does is it allows the www-data user to execute shutdown as root without entering a password. I have added the -P now arguments to it as well, so www-data can only run shutdown with those specific arguments.
Next create a file in the directory of your webserver, in my case /var/www/, called shutdown.php. Change the permissions of the file to 644.
user@server:/var/www# sudo touch shutdown.php user@server:/var/www# sudo chmod 644 shutdown.php
Edit the file and add the following php code
<?php
echo "<head>Shutting down...</head>";
$output = shell_exec('sudo /sbin/shutdown -P now');
echo $output;
?>
Now if you point your browser to http://yoursever/shutdown.php, it will shutdown the server.
Firmware Versioning : Part 1
- Details
- Written by Die Ysbeer
- Category: Firmware
- Hits: 1602
Intro
First off, this article is not about revision or source control, but rather identifying the FPGA firmware build when it is configured onto a device.
Pretty much all of the projects I have worked on have included a micro-controller. There are some sort of communication interface between the processor and the FPGA. For the purpose of these articles this interface is a 32 bit data and 32 bit address bus (lw AXI).
The FPGA firmware contains various memory mapped registers that allows the software running on the processor to configure certain features and read back status of certain events. During development the software and firmware are developed by different people. My process of development is developing a feature and supplying the software engineer with a firmware build to integrate and test in the software. While this is happening I start working on the next feature. This means the firmware builds that the software engineer uses always lags behind, so if he/she comes across a bug or feature not working as expected I need to be able to see what firmware build they are testing against.
Solution
A simple solution is to create a memory mapped register that stores a version number. A neat solution would have this number increment automatically with each build as I sometimes forget to increment this number, but I have not found a way to run pre-synthesis script in the Xilinx ISE toolsuite.
Creating a constant containing the version number in the top level design works really easy
constant C_VERSION : std_logic_vector(31 downto 0) := x"00000023";
An easier way is to define a constant as a natural number and then use the conversion functions to convert it to a logic vector
constant C_INT_VERSION : natural := 35; constant C_VERSION : std_logic_vector(31 downto 0) := std_logic_vector(to_unsigned( C_INT_VERSION, 32));
This is simple, yet affective. The problem with this method is that certain companies has an internal version structure. The structure was that, the number defined in this constant is divided by 100.0 to express the version, e.g. a value of 35 will equal to v0.35. Version 1.00 is the initial release version. The development versions are then from 0.01 to 0.99. However once version 1.00 is out there development does NOT continue from 1.01 to 1.99, instead it jumps back to 0.01 to 0.99 and the engineers should keep track of this. This forced me to come up with a different solutions. These are described in Part 2 and Part 3.
Adding code snippets to Joomla articles
- Details
- Written by Die Ysbeer
- Category: Joomla
- Hits: 2109
When I wrote the first post I wanted to include some code snippets in the article and have it formatted in a pretty way. After a bit of googleling I found SyntaxHighlighter (http://alexgorbatchev.com/SyntaxHighlighter/). This is a collection of javascripts (as far as I can tell) that formats the text. Different programming languages are defined as brushes. VHDL was not part of the included brushes so I found this package (https://wordpress.org/plugins/syntaxhighlighter-evolved-vhdl-brush/). This is a VHDL brush for the WordPress modified version of SyntaxHighlighter, however it works just fine with the original.
Installation
Download both packages and extract them. Copy the brushes from the VHDL package to the scripts folder of SyntaxHighlighter. I created a new folder on my webserver called SyntaxHighlighter and copied the compass, scripts, src and styles folder to the server.
Next you need to modify the template's index.php file. So first create a backup copy of the file. Open the index.php and search for the <head> section. Add the following code underneath the meta tag
<script type="text/javascript" src="SyntaxHighlighter/scripts/shCore.js"></script> <script type="text/javascript" src="SyntaxHighlighter/scripts/shBrushVhdl.js"></script> <script type="text/javascript" src="SyntaxHighlighter/scripts/shBrushXml.js"></script> <link type="text/css" rel="stylesheet" href="SyntaxHighlighter/styles/shCoreDefault.css"/> <script type="text/javascript">SyntaxHighlighter.all();</script>
Add all the brushes in this section that you want to use. Save and close the file.
Adding code snippets is easy, create a new article and before your code add the <pre class="brush: vhdl;"> tag and close the pre tag.
<pre class="brush: vhdl;"> library ieee; use ieee.std_logic_1164.all; use ieee.numeric_std.all; </pre>
Thats it...