h4x the planet!

I have my iPhone plugged into the A5 using the Audi AMI function but it seems that the between the mighty Apple and Audi none of them thought of normalising the audio tracks.  The result being bleeding ears as the audio levels jump from a low to high track!

No problem to fix tho if your using Linux, literally 5 commands ( 4 if you don’t want to screen it ):

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28

user@host:~$ apt-cache search mp3 | grep volume
normalize-audio - adjusts the volume of WAV, MP3 and OGG files to a standard volume level
user@host:~$ sudo apt-get install normalize-audio
[sudo] password for user:
Reading package lists... Done
Building dependency tree
Reading state information... Done
....snip....
ldconfig deferred processing now taking place
user@host:~$ normalize-audio --help
Usage: normalize-audio [OPTION]... [FILE]...
Normalize volume of multiple audio files
....snip....
Report bugs to chrisvaill@gmail.com.
user@host:~$ screen -S mp3_normal
user@host:~$ find /media/storage/music/ -iname \*.mp3  -exec  normalize-audio {} \;
Computing levels...
 Chocolate.mp3      99% done, ETA 00:00:00 (batch  99% done, ETA 00:00:00)
Applying adjustment of -4.82dB to /media/storage/music/Snow Patrol/Final Straw/Chocolate.mp3...
find: ânormalize-audioâ terminated by signal 11ch   0% done, ETA 00:00:00)
Computing levels...
 Tiny Little Fract  99% done, ETA 00:00:00 (batch  99% done, ETA 00:00:00)
Applying adjustment of -5.55dB to /media/storage/music/Snow Patrol/Final Straw/Tiny Little Fractures.mp3...
find: ânormalize-audioâ terminated by signal 11ch   0% done, ETA 00:00:00)
Computing levels...
 Gleaming Auction.  61% done, ETA 00:00:02 (batch  61% done, ETA 00:00:02)
[ctrl+a+d]
user@host:~$ echo $profit

Job done!

My media server has been going black after 10 minutes of full screen movie loveage, originally i thought it was the screen saver but with it being disabled it was something else.  The following lines added to the end of your xorg.conf should solve the problem:

Section "ServerFlags"
 Option      "blank time" "0"
 Option      "standby time" "0"
 Option      "suspend time" "0"
 Option      "off time" "0"
EndSection

via ubuntu forums

I’ve had a few emails about the mplayer control/script and the “stop” button not working as well as a few random issues.

I’ve sorted that issue and added the OSD button to toggle the on screen display as well as repackaged the script with the folder icons.

  Mplayer Control V0.2b (16.3 KiB, 180 hits)

As before enjoy and email me with any issues!

Compiled mplayer with VDPAU support and installed the latest Nvidia drivers resulting in uber fast video decoding!:

httpvh://www.youtube.com/watch?v=00ZViStdx60

The video shows a full HD H264 encoded video being played and the ATOM processor only uses~8% CPU with all the processing being done by the GPU

mmmm crackberry

No not the fruit!!

We’ve been issued company mobile devices recently and i opted for the Blackberry Bold. I’m starting to like it more than my iPhone but that’s another story

Having a new gadget i was very curious about how the device communicates with the corporate network, I know RIM do a very good job securing their devices but i figured i would have a poke anyway.

One of the easiest methods of sniffing traffic between devices is performing a MITM attack where by devices’ ARP table is poisoned resulting in the targeted device’s network traffic flowing through the attacker’s device, more info: Linky

Ettercap is a great tool for performing this and it allows simple MITM attacks on SSL encrypted connections. Simply put it presents the users device with a certificate that is an exact copy of the legit site only it hasn’t been signed by an authorised CA. The user will receive an SSL error but 9 times out of 10 the cert is accepted. This allows ettercap to fully decrypt the transmitted data as it supplied the cert.

This attack has recently been highlighted with the iPhone: Linky The main issue with the iPhone (other than it can be ARP poisoned) is that the error it supplies is not verbose and users do not know what they are accepting.

I attempted this attack on the blackberry and instantly found the device closed down, all connections were killed and only sporadic DNS requests could be seen. So it seems that opportunistic attackers will NOT be able to MITM the blackberry on open wireless such as hotels etc. To view the information transmitted by the Blackberry the attacker would need to have the ability to sniff traffic on the gateway device (router etc). Not having a device that i can easily do this on i toyed with a few ideas.

I bridged the wireless and wired interfaces on my laptop and created an AD-HOC network an attempted to get the Blackberry to join it. This proved unsuccessful tho to be honest i didn’t hold much faith in it. I wanted a more permanent setup that would allow me to inspect gateway traffic easily. I dug out the old Buffalo router and flashed it with the DD-WRT firmware Linky. This was a little more difficult as expected as the router only has 4MB of storage of which 4MB is taken up with the firmware!! The DD-WRT wiki has a lot of information in relation to mounting samba shares and symlinking them to the file system. The current setup has the router mounting a samba share on my local server on which i the router accesses a tcpdump install. All dumped traffic is stored on the share allowing easy access.

At the minute this is as far as I’ve got but ill make another post once i start analysing the traffic.