unstdio.org

What’s a Friday with out Rebecca…http://www.youtube.com/watch?v=kfVsfOSbJY0

And and nice beer from keg.io

A few months ago (in March) a few guys from work and I thought it would be a great idea to get a kegerator for our office. It started out with brainstorming some pretty cool ideas. Being technology geeks we immediately decided that the kegerator needed and RFID reader to track who is drinking the keg. We did get some inspiration from the guys at yelp. (http://www.youtube.com/watch?v=BwVoir5HSo4)

After we decided on the auth method we then moved to the question “Should people be allowed to pour beer if they don’t have a card?” of course we came to an unanimous “No!” decision. So the next thing that was decided on was putting in a (closed by default) solenoid. Third, we had the issue of trying to figure out how much beer was poured and how much was left. The way we saw it there were two main ways to accomplish this. One being we could measure the weight of the keg / kegerator and calculate the difference after each pour. The other was to measure the flow going through the line during a pour. We decided on the latter. We then got a hall-effect flow sensor to measure flow. Lastly, We also wanted to know the temp of the beer / kegerator so we decided to get a temp sensor and put it in there as well.

Here is some coding in the kitchen. (Yeah, that’s a shot.)

After everyone decided all of the things that we wanted to see on this thing, we needed to put it all together. I decided the easiest and fastest way was creating an Arduino shield and using an Arduino Duemilanove. I worked on most of the hardware stuff and getting it all working. Two of the other guys(Dylan and Chris) decided to use Node.js to write the application, which turned out to be pretty nice besides a few serial library issues.

Here is a little description of the hardware:

“Starting from the top, the Arduino is powered by a usb cable plugged into the source computer it is running with. The Arduino has a custom made “shield” that allows the Arduino talk to the other components in the system. The shield was made out of a RadioShack pcb that was cut to fit into an arduino  shield. The shield has 3 io “ports” on it. The first is the 12v power source input. This is needed to run the 12v solenoid that allows flow access through the line. The second ports communicates with the UART based Parallax RFID Reader. This is a basic 125Khz RFID reader talking at 2400 baud. The third port allows communication with the temp sensor, solenoid, and flow rate sensor. I used Cat5 cable for the connection between these components and the Arduino shield.”

Here is a list of the hardware components:

• Nostalgia KRS-2100 Keg-O-Rator
• Source: Amazon
• http://www.amazon.com/Nostalgia-KRS-2100-Refrigerated-Beverage-Dispenser/dp/B000HJVYDQ/ref=sr_1_3?ie=UTF8&qid=1306257637&sr=8-3

• Parallax RFID Card Reader Serial
• Source: Ebay
• http://www.parallax.com/tabid/768/ProductID/114/Default.aspx
• Arduino Duemilanove
• Source: Ebay
• http://www.arduino.cc/en/Main/ArduinoBoardDuemilanove
• G1/2 Water Flow sensor
• Source: Seeedstudio
• http://www.seeedstudio.com/depot/g12-water-flow-sensor-p-635.html
• 1/4″ Electric Solenoid Valve 12-volt
• Source: Ebay
• One Wire Digital Temperature Sensor – DS18B20
• Source: Sparkfun
• http://www.sparkfun.com/products/245

 

Software:

In the software side, as I mentioned earlier, we are using Node.js. Everything is open source and you can find it on github https://github.com/vnc/keg.io. Some cool features that we added to keg.io are twitter integration, and some gamification type badges we call “coasters”. A member of keg.io can earn these coasters by different drinking habits. One of the first badges a person will receive is the “Welcome Coaster” after drinking their first beer poured from the kegerator.

So…I’ll explain how everything works. We have come up with a very simple communication protocol for communication between the Arduino and the host computer over serial. When the Arduino is started it initially grabs the temperature of the temp sensor and sends this data to the host computer. It will continue to do this every 10 seconds (adjustable) to allow close to real time temperature of the kegerator. Now we have an RFID card reader that is waiting for input from the user. When a card is scanned it grabs the card ID and sends that to the host computer for validation. If the card is not registered in the database, the application will display a denied message. (Don’t you even think about drinking from our Keg!)  If the card is registered and the user is valid the host computer sends back a request to the Arduino to open the solenoid and allow the user to pour beer. At this time the web ui displays a welcome message and shows a picture and information about the user pouring beer. Once the user starts to pour the beer, the flow is measured by the flow sensor and the flow rate is sent every second to the host computer which tracks the rates and calculates the amount of beer poured for that session. After 3 seconds of no flow rate the solenoid is closed and the next user can proceed to scan and repeat the process. What would a cool application like this be without twitter integration? After a user finishes his/her pour keg.io tweets about it. Check it out here: http://twitter.com/#!/keg_io

Here’s what keg.io looks like (at time of writing):

Thanks to the people that have contributed to the project:

• Dylan
• Carl
• Chris
• Garrett

I meant to write about this last week but have been pretty busy with some other projects I have been working on. I have to say I had a great time at toorcon Seattle this year. Props to David for getting this event all put together.

There were definitely some good talks, which inspired me to do a bit more poking around. The first one I want to mention was the talk titled “Get Off of My Cloud: Cloud Credential Compromise and Exposure” This touched on amazon’s ec2 public AMI distribution and the security risks involved with using AMI’s not created by you. It brought up some interesting points and some issues that people may have overlooked. He mentioned that they have written some tools to “clean up” the AMI’s before sharing them out to the public. They didn’t release the scripts at the con and he mentioned that they weren’t publicly available yet so I went ahead an wrote some scripts (in bash) to look for the vulnerabilities when using an ami for the the first time, whether it a be a public ec2 AMI or an AMI that is put out by amazon.

The second talk that I found real interesting was the “We Are The Robots: Social Hacking With Bot Swarms” which talked about the connections made by users on twitter. They had a competition with bots on twitter to see what relationships bots can create between two other people and what information links them.

The last talk I that was interesting was “Highly concurrent Python for brute forcing and discovery”. I only have just started using python in some projects so this was a bit more advanced that I was used to but seriously great information. He talked about Python coroutines and epoll to build your own high performance brute forcing and discovery tools.

I was recently taking a look a making remote calls from linux to a windows server. I found this nice little tool that makes this task pretty simple with winexe.  It’s basically like psexe but for linux. I was having problems getting version 0.80 working on some environments but v 0.90 seems to work on everything I have tried. (complied with a new version of glibc)  Here are the options.

winexe version 0.90This program may be freely redistributed under the terms of the GNU GPLUsage:

winexe [-?|--help] [--usage] [-d|--debuglevel DEBUGLEVEL]       [--debug-stderr] [-s|--configfile CONFIGFILE] [--option=name=value]        [-l|--log-basename LOGFILEBASE] [--leak-report] [--leak-report-full]        [-R|--name-resolve NAME-RESOLVE-ORDER]        [-O|--socket-options SOCKETOPTIONS] [-n|--netbiosname NETBIOSNAME]        [-W|--workgroup WORKGROUP] [--realm=REALM] [-i|--scope SCOPE]        [-m|--maxprotocol MAXPROTOCOL] [-U|--user [DOMAIN\]USERNAME[%PASSWORD]]        [-N|--no-pass] [--password=STRING] [-A|--authentication-file FILE]        [-S|--signing on|off|required] [-P|--machine-pass]        [--simple-bind-dn=STRING] [-k|--kerberos STRING]        [--use-security-mechanisms=STRING] [-V|--version] [--uninstall]        [--reinstall] [--system] [--runas=[DOMAIN\]USERNAME%PASSWORD]        [--interactive=0|1] [--ostype=0|1|2] //host command

Apparently it’s maintained by Stuart Henderson, but it looks somewhat dead? The site link doesn’t work. (returns blank page) http://eol.ovh.org/winexe/

Some ways to use it:

winexe -U DOMAIN/Username%Passwd //192.168.1.123 "ipconfig /all"

winexe -U DOMAIN/Username%Passwd //remote.com \
'cmd /C net stop SomeService && net start SomeService && echo AutoUpdates service restarted'

or get a shell,

winexe -U DOMAIN/Username%Passwd //remote.com 'cmd.exe'

or use it to configure synergy,

#!/bin/bash
OUT='winexe -U MAIN/User%Pass --runas MAIN/UserB%Pass //your-other-comp "ipconfig"'
IP=`$OUT |  grep "IPv4" | awk {'print $14'}`
synergyc $IP

This site also has some more info on it: http://opensourceinfo.blogspot.com/2010/01/winexe.html

I was doing some php scripting today and needed to call a remote server to see if it was running a certain process. It seems like a valid enough request. I spent some time looking into php’s exec() and system() functions to find a way to call ssh to login and run the command. I kept running into the problem of the ssh session needing to be interactive. I started to look around for other options in php to ssh to remote machine and saw the SSH2 Manual. This was great but needed the ssh2 extension to be installed and in my case it wasn’t and I didn’t want to have to install additional software. I then found the phpseclib library which worked out great. It’s easy to use and worked right out of the box without any other software needed. Check it out: http://phpseclib.sourceforge.net/

You can read the documentation on the site or use this simple test script to get it working.

<?php
require_once("Net/SSH2.php");
$passwd='sup3rs3cr3t';
$user='username';
$server='remoteserver.com';
$ssh = new Net_SSH2($server);
if (!$ssh-&gt;login($user, $passwd)) {
exit('Login Failed');
}
$who = $ssh-&gt;exec('whoami');
echo $who;
 
?>

I know, command line line php has been forever and it’s nothing new. I have been coding in php for over 5 years now but not until recently have I needed to use to use it for something more than web application development. In the past couple months I have been using the amazon AWS environment. There are a ton of tools built for AWS and a very good API but I have found some things that I have needed to do that arn’t made easy. One example is duplicating or copying an EC2 security group. Do to some infrastructure changes we wanted to duplicate an already existing security group with only minor changes. In our case the security group had a lot of custom firewall rules that would take too long to duplicate. So here is a script to copy EC2 groups:

<?php
 
echo "\n";
 
echo "#######################\n";
 
echo "Copy EC2 Security Group\n";
 
echo "#######################\n";
 
echo "\n";
 
echo "Enter security group you want to copy FROM: ";
 
$handle = fopen ("php://stdin","r");
 
$grp1 = fgets($handle);
 
$grp1 = trim($grp1);
 
echo "\n";
 
echo "Enter security group you want to copy TO: ";
 
$handle = fopen ("php://stdin","r");
 
$grp2 = fgets($handle);
 
$grp2 = trim($grp2);
 
echo "\n";
 
echo "You are going to copy settings from ".$grp1." to ".$grp2." Is this correct? (y/n):";
 
$handle = fopen ("php://stdin","r");
 
$response = fgets($handle);
 
$response = trim($response);
 
//echo $response;
 
if($response == 'y'){
 
echo "Getting settings from ".$grp1."...\n";
 
$cmd = "ec2-describe-group ".$grp1;
 
exec($cmd, $lines);
 
echo "Copying group settings...\n";
 
foreach($lines as $line){
 
//echo $line."\n";
 
$values = explode("\t",$line);
 
//foreach($values as $value){
 
//echo $value."\n";
 
//}
 
if(isset($values[4])){
 
if($values[4] == "icmp"){
 
$cmd = "ec2-authorize ".$grp2." -P icmp ".$values[5].":".$values[6]." -u ".$values[1]." -o ".$values[11];
 
//echo $cmd;
 
exec($cmd);
 
}elseif($values[4] == "tcp"){
 
if(isset($values[10])){
 
$cmd = "ec2-authorize ".$grp2." -P tcp -p ".$values[5]." -u ".$values[1]." -o ".$values[11];
 
//echo $cmd."\n";
 
exec($cmd);
 
}else{
 
$cmd = "ec2-authorize ".$grp2." -P tcp -p ".$values[5]." -s ".$values[9];
 
//echo $cmd."\n";
 
exec($cmd);
 
}
 
}elseif($values[4] == "udp"){
 
if(isset($values[10])){
 
$cmd = "ec2-authorize ".$grp2." -P udp -p ".$values[5]." -u ".$values[1]." -o ".$values[11];
 
//echo $cmd."\n";
 
exec($cmd);
 
}else{
 
$cmd = "ec2-authorize ".$grp2." -P udp -p ".$values[5]." -s ".$values[9];
 
//echo $cmd."\n";
 
exec($cmd);
 
}
 
}
 
}
 
}
 
}else{
 
echo "quit";
 
exit;
 
}
 
?>

First, I want to say that I am a big supporter of Grooveshark. I think it’s an awesome service and I have purchased merch from them. That being said, yesterday I started looking for a way to rip the songs from Grooveshark. It has been a while since I kept an up-to-date music collection.

The files that are streamed to your computer are temporarily stored on your local machine. This means that we can save the packets that are being sent to your computer as an actual audio file. First, we need to use a network protocol analyzer that will allow us to find the packets being sent the to the computer. This is where Wireshark comes in. We can start by downloading Wireshark and installing it. (not going to show you that here) Once we have it running, it should look like this: (May need to run as root)

Next we need to configure some settings. Since we know that we are accessing Grooveshark through a web page is a good bet that they are pushing these packets over http. We will limit the filter to only capture port 80 traffic since that’s all we really care about right now. Set this up in Capture -> Options. See below.

Now we can start the capture. Next go the the Grooveshark site and start playing a song. There will be a lot of packets showing up in your list. The main packet that you are looking for is one with a type of “audio/mpeg”. You can also make this easier if you use this filter: http.content_type == “audio/mpeg”

If you use the filter method then you should only see one packet show up. It should look something like this:

Right click on the packet and choose follow tcp stream. This should assemble all the related packets and bring up a summary asking you what you would like to do with the packets. On the right hand side there will be some options for how you would like to save your stream content. Choose “Raw” and click the “Save As” button. You can now save the file as whateveryouwant.mp3. You can now go to the folder that you saved it in and play the file in your favorite music player. (May need to chmod the file if was downloaded by root.)

Note: I found someone who has done the same thing when I was looking how to save the stream. So I can not take 100% credit for this.

Also: I looked into writing something to automate this process but there is already another project that is doing this. Check out http://groovedown.tasteless.us/

I have been pretty busy these past couple months. I got a new job working with the Amazon AWS environment which has kept me pretty busy. I tried this compact flash swap a month ago with poor results. I tried it again last weekend with a faster compact flash card which was a lot better.

First I ordered a 2.5” ide 44pin to compact flash adapter and a Transcend 4gb 133 CF card. The read and write speeds on this card are terrible. I would not recommend this card for this purpose. They were listed on ebay as:

- CF Compact flash to 2.5″ IDE 44 pin Adapter SSD ($8.99)

- TRANSCEND 4 GB Compact Flash Card Type 133X NEW ($14.94)

I later bought a “PixelFlash 4gb 400x” card. Although this was a no-name brand (at least to me) it worked pretty well. The read and write speeds were decent and are similar to the internal HDD. I swapped it into the Apple TV and I’m running a the Beta4 of the Openelec OS

I have been recently been working closely with the guys from openelec. I have also been testing the builds on the apple tv and reporting bugs. I replaced the original 40gb apple drive with a spare 30gb dive I had laying around to install openelec on. If you are familiar with the 1st gen apple tv’s then you know about the heat they give off during normal use. Since I don’t store any media locally on the ATV, (stream from NAS) I have decided to try out a SSD setup.

I ordered a 44pin ide (2.5 hdd) to compact flash adapter along with a 4gb compact flash card. The adapter is nice because it has mounting holes in the same place as the 2.5in hdd. This will allow me to mount the the adapter in the same fashion as the original hard drive. I will post with some pictures and results on both heat and speed when I get it setup.

The last couple days I have been messing around with installing OpenELEC on the Apple TV. I have posted a rough how-to here. This is still in early stages and there are some things that don’t work but I am pretty excited about the progress.

There should be some more development for the ATV platform sometime soon. I am going to possibly start working on a script to install OpenELEC to the internal HDD off of the patchstick. Hopefully I have time this weekend.

Here is a pic of OpenELEC running on the ATV. (Although you can’t really tell since its just XMBC)