rpcapd - what is the password when not using null authentication - authentication

I'm running rpcapd on a Raspberry which serves as a WiFi access point to trace/sniff network traffic by WiFi users.
I can run rpcapd in null authentication mode and access the interfaces from my windows machine using wireshark and it works perfect.
However, I'd like to expose these capture interfaces to multiple users and i thought it might be good to not use null authentication but have at least a little barrier for unwanted users.
If i don't use the "-n" argument, what is the user/pass? I searched Google but i can not really find a source which leads me to the answer.
I tried creating a second user which has a password and ran rpcapd from this users but still if i use these users Linux credentials, wireshark tells me it can not find any interfaces. When i re-run rpcapd with the -n argument everything works.
So... i must have overseen something!? What is the username and password for non null authentication operation or where can i specify one?
Thanks a lot!
Let me know if you need further info to help. Thanks!

When not using RPCAP_RMTAUTH_NULL authentication it will instead use the other type, RPCAP_RMTAUTH_PWD : https://www.winpcap.org/docs/docs_412/html/group__remote__auth__methods.html
And according to some old copy of the manual I found (ftp://ftp.tuwien.ac.at/.vhost/winpcap.polito.it/301a/docs/group__remote__auth__methods.html) which helpfully listed code references : "Referenced by daemon_checkauth(), and rpcap_sendauth()."
..which leads us to to the code that does the authentication : ftp://ftp.tuwien.ac.at/.vhost/winpcap.polito.it/301a/docs/daemon_8c-source.html#l00626
I downloaded the source (http://www.winpcap.org/install/bin/WpcapSrc_4_1_3.zip) to check it was still current and found in file "wpcap\libpcap\rpcapd\daemon.c" the current information for "daemon_AuthUserPwd" which shows not much has changed.
Hope this helps :-)

Related

Discord bot doesn't show emotes from other servers in embeds

I'm working on a Discord bot using Discord.Net 2.2.0 and written in VB.NET. One of the (overly-ambitious?) many features of my bot will be posting player data from the mobile game, Star Wars: Galaxy of Heroes into an embed. This includes certain character ability information in which I wish to include some emotes to make it a bit more aesthetically pleasing. Initially, I had uploaded the emotes to a server I was testing in and everything worked great:
However, I realized that, if my bot makes it out into the wild, I can't really be installing these emotes on every server out there. I'm still in the beginning stages of this project, and I foresee the need for several "custom" emotes for some of the embeds I'll be using. So, I decided to create a new Discord server (henceforth referred to as the bot's "home" server) in which to load these emotes for use in the "client" or "target" server.
Unfortunately, when I try to include emotes from the bot's home server in the embed, all I get are the emote names and no images:
After fighting with it a bit, I tried including emotes from both servers in the same embed and I get "mixed" results. Those emotes that I include which are loaded in the client/target server show up correctly, but those that are from the bot's home server only display the emote name:
The method is pretty long, so here's a very simplified example of the code I'm using to create the embeds:
Dim BotHomeServer As Discord.WebSocket.SocketGuild = BotClient.GetGuild(Convert.ToUInt64(HOME_SERVER_ID))
Dim TargetServer As Discord.WebSocket.SocketGuild = BotClient.GetGuild(Convert.ToUInt64(TARGET_SERVER_ID))
Dim PostingChannel As Discord.WebSocket.SocketTextChannel = TargetServer.GetTextChannel(Convert.ToUInt64(POST_CHANNEL_ID))
Dim HomeEmote As Discord.Emote = Await BotHomeServer.GetEmoteAsync(EMOTE_ID_FROM_HOME_SERVER)
Dim TargetEmote As Discord.Emote = Await TargetServer.GetEmoteAsync(EMOTE_ID_FROM_TARGET_SERVER)
Dim PostBuilder As New Discord.EmbedBuilder
'... other fields and properties of the embed
PostBuilder.AddField("Home Server Test", "Some Text Here <:" & HomeEmote.Name & ":" & HomeEmote.Id & ">", False)
PostBuilder.AddField("Target Server Test", "Some Text Here <:" & TargetEmote.Name & ":" & TargetEmote.Id & ">", False)
'... other fields and properties of the embed
Await PostingChannel.SendMessageAsync("This is a test", False, PostBuilder.Build)
I've also tried using the .ToString() method for adding the emotes to the embed instead of "manually" building them with the Name and Id properties, but I get the exact same results. I retrieved the emote ID's by typing \:emotename: in the home (and client/target) server. The emote names (i.e., :gohomega:) are correct, so I know that it's correctly finding the emote in the bot's home server. It's just not displaying them unless they're loaded in the client/target server.
I found a similar issue addressed in the question, Discord bot can't show emote “sometimes”. Although the issue reported there is definitely different, the end result - the emote names showing up instead of the actual image - is the same behavior I'm trying to troubleshoot. The fact that the issue in that question is sporadic (whereas my issue is consistent) and that the bot there is written in a different language (Node.js instead of a .NET language) and using different libraries (I assume) has me wondering if the issue may be on Discord's end rather than anything to do with my code.
I've triple- and quadruple-checked that the bot (and the role group it's in) have permission to use external emojis on the client/target server:
Initially, I had forgotten this bit and it didn't have the appropriate permissions. However, even after granting the necessary permissions, I still get the same results.
At this point, I'm not above admitting that I may just be overlooking/missing something, or simply being dense about what I'm looking at, but I'm wondering if anyone else has encountered (and hopefully resolved) this particular issue with a bot using emotes from a different server.
EDIT
Just to make certain, I stepped through the code in my IDE and checked the properties of one of the emotes at the time it's supposedly being added to the embed:
The emote's Id and Url properties appear to be correct, but I also went ahead and "validated" the Url property with my browser and verified that it does show the correct image for the emote.
Per the comments, the bot is a member of both servers:
I'm grasping at straws here, but perhaps it has something to do with the fact that the "home" server is so new (I just created it last night)? I mean, Discord's documentation says this should work, and the Discord.Net documentation basically says the same thing. According to the comments, it works for other people and my code looks "right", so it's really leading me to believe the entire issue is something on Discord's end.
I've also asked this question in both the Discord API server (#dotnet_discord-net) and the Discord Bots server (#development), so feel free to join me in one of those servers for an "extended conversation", if needed.
Okay, I finally found the cause of the issue, and I feel like a moron. I spent all my time looking at the bot's permissions and the group permissions at the server level, but I didn't even think about the actual channel permissions. The Use External Emoji permission for bot's group role in the channel was set to inherit:
I set it to allow and, voilà, the emotes came through just fine. I checked the permissions for the category that the text channel is in and found that the bot/group roles weren't even listed. I guess I had mistakenly assumed that the bot/group role permissions for the channel would get inherited from the server-level permissions I had set, even though the message at the top of the channel's permission screen explicitly states that the permissions are synced with the category.
The moral of the story? If it looks like a permission issue, don't forget to look at ALL of the permissions at every level.
Server
Category
Channel

access idx-analytics-data-api through a browser

I am trying to access the Open edX data Analytics API v0 alpha as I would like to download the problem grades data.
In the documentation on setting up the API it mentioned Test the Data Analytics API by "In a browser, go to: http://<server-name>:<port>/docs/#!/api/
Enter a valid key and click Explore."
May I know what is the server-name and port number here refers to?
Also what is the Docs/#! refers to here.
I tried to look for API url online, but could not find it either.
Also I am assuming I need to get authorization through Oauth2 as well.
As this is the first time I am trying to access API to download data, i would really appreciate your help with the questions above
in this
http://<server-name>:<port>/docs/#!/api/
<server-name>
refers to the ip address of the server where you are running the edx-analytics
<port>
refers to port
sample url could be http://192.168.10.110:8085/docs/#!/api/

LDAP Server Password Policy Apache DS and Open DS

I wonder if someone might be able to help us or offer some advice. We are a Java focused team, and are looking at extending our in house Authentication service, to offload most of the authentication , to use an LDAP server. That way we can simply use an out of the box password policy, which meets our criteria, plus we can use stuff such as replication etc. We are investigating which is the best free LDAP server to use.
So far we have investigated :
OpenLDAP (We found this is written in C, and documentation is not all that great).
Apache DS (We found this is good, but has a basic password policy. Mainly it does not seem to be extendable to fit one of our requirements (that the password policy should enforce mixed case characters, etc etc). This is surprising as the basic config options are ofcourse supported, eg. minimum length of password, maximum retries before being locked out etc etc.
Sun OpenDS (This fits all our needs, but no longer seems to be supported??. Please advise us if this assumption is wrong?It has great support for Password Validators, so that we can handle enforcement of mixed case passwords etc etc).
Oracle Unified Directory - This is the SUN DS server which is supprted. However, Oracle Unified Directory is not free unfortunately.
So, basically the question is 2 fold :
(1) Does anyone know how to extend the passowrd policy on Apache DS, such that we can support mixed case character enforcement. eg password must contain a mix of upper case and lower case chars aswell as atleast one digit etc etc. Or is this out of the box? I personally couldnt find any documentation on it?
(2) Does anyone know of any good and free LDAP servers that support this sort of stuff. Any ideas please?
Many Thanks,
R
After all of this, we finally found 389ds (ironically the last one we investigated). This we found was the best (for our needs anyway). The reason is that, it is has a great administration UI, does everything we need to do out of the box, plus, best of all, it is available in a costed option under RedHat. We didnt take the supported option, but nonetheless, as it is supported by RedHat, the documentation , we found was superb. Therefore, we felt confident that everything we needed to do wasexplained 100% rather than with some of the others, was half explained on some unmaintained wiki. So we advise all to look at 389ds.
I know ApacheDS doesn't support any extensions for ppolicy checks, can you file a feature request on ApacheDS's JIRA? We might try to get this included in the upcoming release.
I have filed this request https://issues.apache.org/jira/browse/DIRSERVER-1858
You should look at the http://forgerock.com/ OpenDJ which is an active and supported if you subscribe spin from OpenDS.
-jim

Authenticate in Lotus Notes on localhost

This might sound a little complicated, but as I'm often working on my local databases in Lotus Notes I got the problem, that I can not authenticate. So I'm always working as Anonymous on my database.
The Problem is, that I can not test all functions, because for that I would need a valid Notesname.
How can I authenticate on localhost to work with my name/account and not as Anonymous?
You can not authenticate XPages/web applicatons using the local HTTP preview. You need to install a local server to do that (which is a good thing anyway for XPages development).
Try connecting to your machine using the fully qualified domain name, e.g. ^http://mymachine.mydomain.com instead of localhost
You can add yourself to your local address-book. And have it added to Database Security as Manager or whatever you want. That will help you to login using HTTP for local database.
I am looking to also do this, and I recalled a tip from searchdomino.com, the poster is Shawn Dezego
http://searchdomino.techtarget.com/tip/Testing-Authentication-Authorization-in-a-Web-App-Locally-WIthout-Running-a-Domino-Server
Here's the gist:
Just create any groups in your local address book and add your name to
the proper groups, roles etc. Then go to your Domains public address
book (Domino Directory), copy your person doc and paste it in your
local NAB. That's it.
This is the same basic tip as offered by the adjacent commenter. However, I think this may not work for Xpages apps, so I am loading a local server anyway.
Just create a person document in local NAB (names.nsf) and add HTTPpassword field with your password (hash it using #password("mypassword") formula) as text.
Make sure the person document contains the Fullname field, where you can put as test list your aliases. But Notes will use the first field entry as your name.
And remeber to set the first entry in canonical way (cn=user/ou=organization/o=domain)
Now you are ready to use this name in ACLs and names' (nested) groups.
I suggest to use hosts file to remap localhost with your site domain.
Enjoy!
(P.S. : You need to add anonymous entry in your db's ACL, and set it to editor access level. Once opened the application with browser, use the url command "&login" to force Notes to authenticate you)

UserExtendedProperties.GetValue("ANID") equivalent on Windows 8

On Windows Phone 7 you can do like this to get an anonymous unique id for the current user.
UserExtendedProperties.GetValue("ANID")
I have search for a while to find an equivalent for my current Windows 8 (WinRT), but I can't seem to find it. All the results I find, talks about how to get a Hardware/device specific ID, which IS supported, it's just not what I need.
Thanks in advance,
Mads
Found out, thanks to xamlgeek an others, that it's not possible to get a Unique User Id in Windows 8 - at least for now.
So I have to fallback on Device Id, which is far from what I needed, but found this code snippet with works perfect (C#):
http://bartwullems.blogspot.co.uk/2012/09/windows-8-uniquely-identifying-device.html
The answer is not good at all, because the user can upgrade his PC config (by pluging a bluetooth adapter or anything else). The good answer is to use the object :
Windows.Storage.ApplicationData.Current.RoamingSettings.Values["HighPriority"]
It's synchronized through the different installation of the apps on the cloud, more infos here :
The HighPriority key is special because it's get automatically during the new installation of the app.
http://blogs.msdn.com/b/windowsappdev/archive/2012/07/17/roaming-your-app-data.aspx
It's unwise to use GetPackageSpecificToken. This ID will change even if user just plug USB device into his PC/tab, or turn Wifi on/off. Actually it's a quite unstable thing, no idea why MSFT has ever made it.
I use LiveConnect instead (only Liveconnect user ID is needed and it's the same on all user devices). It much more reliable. See my post here: https://stackoverflow.com/a/22389679/1656824