In case you haven't figured out by now, part of the reason I'm doing this "write up" is because I want to be able to recall it later in case I want to do it again, or use the same method.
After having built the main menu, I began to write the reboot and install functions. These would be changed too many times to count, but their form and function was essentially the same. Testing on my "Raspberry Pi" eventually got to the point where I needed to test the script in more of a live environment rather than the development space I was using.
Very early on in the project, I thought that I would try making an MSDOS boot CD, based on a tutorial I read online. I abandoned this idea pretty early on as I realized that I'm not very skilled in writing programs for DOS and because it may actually pose a problem to get access to the target system due to some security features. My next idea was to build a script that would run directly from ISOLINUX. I don't know what I was thinking really. ISOLINUX is a boot loader. So after that stupid idea I set out to find a suitable OS.
Extremely fast boot was the main consideration for what OS to use for my Live CD. The four main Linux distributions that I considered were Slitaz, Puppy Linux, Damn Small Linux and Tiny Core Linux. I've done a lot of fun stuff using Puppy Linux and it runs very well from a boot CD, but it loads its whole OS into memory and I decided it was too slow on boot for this application. Slitaz is generally very fast to boot, but I felt it still had more stuff than I needed. Tiny Core Linux is what I decided on, as I watched some videos and it seemed to boot extremely fast. Combined with a boot image that is around 14 MB I felt Tiny Core would be a very good way to go. It also loads into memory, but with such a small OS to load, it does not take very long. Damn Small Linux is something that I never got a chance to try, but I may come back to it some time.
I installed VMWare on my computer and got to work testing the script in Tiny Core. Right from the get-go, it was obvious that I would need to make changes to the script for it to fit into Tiny Core, but that will be for the next post!
|
Friday, January 30, 2015
Choosing an OS to run Cerberus Alpha
Monday, January 26, 2015
HP 8904A Review
I recently acquired two new function generators, one being the HP 8904A. As there is not a lot of consumer information on the net regarding the HP 8904A, at least that I could find, I thought it would be reasonable to start with that.
There are several options available for this unit and Option 001 provides 3 additional "internal channels" - B, C and D - that can modulate or sum with eachother to create unique outputs. For example, here Channel B is a 10 kHz sine wave which modulates Channel A - a 100 kHz sine wave - to output an AM signal (top).
Option 002 provides a second output which you can pipe your various channels out to. Only output one can be modulated, but you can "sum" signals to output 2 (bottom trace, above). I believe that adding option 002 adds at least a second channel as it would be useless without it. Looking inside you can see that option 002 actually requires a second board and so is not actually a software option.
As a stock unit the HP 8904A does not seem very impressive in my opinion. Without any options it is merely a 0-600kHz sine or 0-50kHz square, ramp and triangle generator. The floating output is a major feature, but if it's not something you need then a stock HP 8904A really does look rather ho-hum. My one major complaint though, is that it is not able to generate a square wave with any duty cycle other than 50% with a single channel. You must sum two channels and vary their phase to create a non-50% duty cycle. Fortunately my unit has both options 001 and 002.
Above is an image of an AD565AJD chip on one of the output boards, it is a 12-bit D/A converter and I think it is reasonable to assume that it is one of the major work-horses in the function generator. I really love these ceramic / gold packages, just because they look so cool! Below is a picture of the top board. I haven't gone through all the ICs, but I would guess mostly processor and ram stuff.
There is a lithium battery here, most likely used to store settings and operating state in RAM. It seems to be working as my settings have been retained although irritatingly a "special" function had to be changed so that it would power on to the last used state. It seems the battery may have leaked so I may replace it and clean the board.
Overall I'm very happy with my HP 8904A. I don't think I would have gone for it without any options, and especially not at the original price, but with the options 001 and 002 it is a very capable unit. Major drawbacks are the RAM based memory and lack of single channel duty cycle. The only other complaint I have with it is that it is very "menu driven" and can be tedious and non-intuitive to set up exactly the signal you want. I wouldn't want to use it for example to make a bode-plot necessarily, but again all in all I think it is a very niece piece of test equipment.
For more information you can Google search: Keysight 8904A to find their scans of the original documentation (Keysight is formerly Agilent is formerly HP aka Hewlett-Packard).
Option 002 provides a second output which you can pipe your various channels out to. Only output one can be modulated, but you can "sum" signals to output 2 (bottom trace, above). I believe that adding option 002 adds at least a second channel as it would be useless without it. Looking inside you can see that option 002 actually requires a second board and so is not actually a software option.
As a stock unit the HP 8904A does not seem very impressive in my opinion. Without any options it is merely a 0-600kHz sine or 0-50kHz square, ramp and triangle generator. The floating output is a major feature, but if it's not something you need then a stock HP 8904A really does look rather ho-hum. My one major complaint though, is that it is not able to generate a square wave with any duty cycle other than 50% with a single channel. You must sum two channels and vary their phase to create a non-50% duty cycle. Fortunately my unit has both options 001 and 002.
Above is an image of an AD565AJD chip on one of the output boards, it is a 12-bit D/A converter and I think it is reasonable to assume that it is one of the major work-horses in the function generator. I really love these ceramic / gold packages, just because they look so cool! Below is a picture of the top board. I haven't gone through all the ICs, but I would guess mostly processor and ram stuff.
There is a lithium battery here, most likely used to store settings and operating state in RAM. It seems to be working as my settings have been retained although irritatingly a "special" function had to be changed so that it would power on to the last used state. It seems the battery may have leaked so I may replace it and clean the board.
Overall I'm very happy with my HP 8904A. I don't think I would have gone for it without any options, and especially not at the original price, but with the options 001 and 002 it is a very capable unit. Major drawbacks are the RAM based memory and lack of single channel duty cycle. The only other complaint I have with it is that it is very "menu driven" and can be tedious and non-intuitive to set up exactly the signal you want. I wouldn't want to use it for example to make a bode-plot necessarily, but again all in all I think it is a very niece piece of test equipment.
For more information you can Google search: Keysight 8904A to find their scans of the original documentation (Keysight is formerly Agilent is formerly HP aka Hewlett-Packard).
Saturday, January 24, 2015
New Function Generators
I got a pair of new function generators this weekend. I'll try to post some pictures and maybe review of them. Here's a preview picture:
HP 8116A on the left and HP 8904A on the right.
HP 8116A on the left and HP 8904A on the right.
Building Main Menu and Accessing Mount Points
The main menu was written using a case style set of arguments for what the user would input, but I had to ask online how to have it default to an option on its own after 10 seconds. It turns out that the read command to accept user input has that option in-built, so it was very simple. It's not 100% as nice as I'd like it, so I may someday take the time to rewrite it to use a ncurses "dialog" box instead, but for now it functions just fine. The actual graphics of the menu became a problem later on, but that will be for another post.
One desired feature of the program was that it would have the options to either assume the target hard drive would be in a certain place and attempt the changes or to find all accessible drives and mount them and make changes to all of them. Once again, searching the internet and asking for help provided the commands I needed. It turns out that using 'awk' to choose out a pattern something like /dev/sd[a-z][0-9]/ and then { print $6 } was the way to select only the 6th column of any line containing the pattern.
Integrating this into a while loop was also something that I needed help with since I didn't know about <( functionality in bash scripts. So what I had at the end was something like
while read mPoint
do
#stuff
done < <(df -P | awk '/Sda[a-z][0-9]/ { print $6 })
Which would take the output of all the commands in parenthesis (find all mounted partitions, then choose out the patterns and print only column 6) and load the "answer" into the variablemPoint. Then I could do things with $mPoint inside the while loop. This technique would be used again later to mount all drives, but I may still change that.Friday, January 16, 2015
Cerberus Alpha - About the Project
I wrote "Cerberus Alpha" because a friend brought me her laptop to fix after she had forgotten her Windows 8 password. Since Windows 8 was very new at the time there was little information on breaking into it. I found out that the exploit of replacing sethc.exe or utilman.exe with cmd.exe still works in Windows 8. After I helped her I thought it would be handy to have a tool to do that for you and that is simply what Cerberus Alpha is designed to do. It is a boot CD by necessity and I chose TinyCore Linux as the base OS.
This series documents my struggles of writing the program, developing the custom OS and testing.
This series documents my struggles of writing the program, developing the custom OS and testing.
Following is a cut-out of the about page that the program will print if you enter 'a' at the main menu:
┌─────────────────────── ABOUT CERBERUS ALPHA ─────────────────────────────┐ │ Cerberus Alpha │ │ version 1.1 - Thursday, Dec. 5, 2013 8:31 PM local time │ │ Created by ThreeNine --> threenine @ gmail . com │ │ Feel free to write me an email, but it may take me a while to reply │ │ Put Cerberus Alpha in the subject! │ │ I hope you enjoy and only use it for good not evil! ;) │ ├─────────────────────── WHAT DOES IT DO? ─────────────────────────────────┤ │ Cerberus Alpha is a script designed to launch from a linux OS and access │ │ Windows files systems, then replace utilman.exe with cmd.exe, and back it up.│ │ There is also a mode to replace sethc.exe with cmd.exe │ ├─────────────────────── WHY DOES IT DO THIS? ─────────────────────────────┤ │ Replacing utilman with cmd is a way to exploit a security vulnerability in │ │ Windows, allowing us to get a command prompt by pressing win+U (or shift x 5)│ ├─────────────────────── WHY DID YOU MAKE THIS? ───────────────────────────┤ │ I had a friend who forgot her password to a Windows 8 Laptop. │ │ There are utilities to change passwords on older systems, but the only way I │ │ could find to fix her password was to use this exploit! │ │ This is what inspired me to write this script and create this CD │ ├─────────────────────── ABOUT THE CD ─────────────────────────────────────┤ │ I also created a Boot CD to run this program from, to make it run almost │ │ automatically. The CD runs a version of Tiny Core Linux that I specifically │ │ modified. You have the option to boot into the standard OS during startup │ └──────────────────────────────────────────────────────────────────────────────┘There are some other hidden menu options, mostly for fun or testing. I will remove testing features when I publish the program. I guess you could say this is an "open source" project since I will be publishing the source code. About the email - it's not my normal email address, but I decided to use an alternate since I didn't want to get spammed by posting the source code online.
Hello World!
Hi everyone! I thought I would go ahead and take a crack at writing a blog and seeing how it goes. I've written a blog before, but it was hosted on my personal website and got zero traffic. So here I am! I think it will mostly be about electronics, test equipment, engineering and programming, but I might also post about random stuff like snakes!
My first feature is going to be about my experience programming a utility that is used to bypass Windows 8 security. I want to be open about this, so I'll tell you now that I will be taking this information from my old blog on my personal website and posting it about once a week. I think it will make for a good introduction and hopefully after that I will get started on a new project.
In the mean time I will try to do some test equipment pictures and maybe reviews. Here's a preview picture from my HP 3585A Spectrum Analyzer to give you an idea of what this blog is about:
Follow my blog with Bloglovin
My first feature is going to be about my experience programming a utility that is used to bypass Windows 8 security. I want to be open about this, so I'll tell you now that I will be taking this information from my old blog on my personal website and posting it about once a week. I think it will make for a good introduction and hopefully after that I will get started on a new project.
In the mean time I will try to do some test equipment pictures and maybe reviews. Here's a preview picture from my HP 3585A Spectrum Analyzer to give you an idea of what this blog is about:
Follow my blog with Bloglovin
Subscribe to:
Posts (Atom)