Xamarin Android/Studio Bugs

Writing these down as I encounter them:

  1. If you have a .userprefs file, it will almost always freeze upon startup. Fix is to delete it
  2. Licensing is broken unless you're running as Xamarin Studio as an administrator
  3. If you have a space before the first tag(but after the ?xml bit) you'll get an exception thrown upon saving which appears to prevent saving...sometimes
  4. VI-mode is a long running joke. Instead of working, it just rickrolls you

All on Windows 8 64-bit

Posted: 8/6/2013 1:48:19 AM

NVG510 Fixer -- An Android Application

New Application/Method

Someone by the moniker of Blend3r contacted me with a new method of rooting both the NVG510 and NVG589 modems. It does require downgrading the firmware, but it looks easy enough to execute. He provides a Java app, or a write up on how to do it manually. I did a cursory check through the Java code while writing this, but he can of course change it at anytime. I trust him enough to link to him, but if you're security paranoid it is best to do the DIY method instead of using his app.

Anyway, his website is http://nvg589.tk/

Do not contact me about problems with his tool/method unless you think it's a virus or something like that (so I can unlink it). I looked through it and it makes sense to me, but I by no means support any of these. Don't ask me for help on how to do it, etc etc.

(the rest is left here for archival/historical purposes)

App was pulled from Google Play. The app violated Google's ToS out right, so there's nothing I can really do to appeal it and get it listed again. So, I'm making it free for everyone to download and side-load on their android device.

Download the latest binary release here: http://earlz.net/static/com.earlz.nvg510fixer.v2.2.apk

Also, this application is now open source! (albeit very dirty source code) You can find the source code on github.

I was selling it for $3 on Google Play, so if this app helps you, consider donating. My paypal address is earlz -at- earlz dot net. My Bitcoin address is 178DgR2aZcHeYHhXZwtvcJ5RD13Y6YMQBf, or my Dogecoin address is DLY7Vh8oDYLRxQLFAg2PruA15zFMRqoXGu.

About NVG510 Fixer

I get a lot of people coming to this site every day for fixing problems with the AT&T U-Verse NVG510 modem. I found the information to fix the common problems and root it. However, the procedure for fixing this is a bit technical. So, I made the Android application NVG510 Fixer. An Android application makes it a lot easier for you, but I also get to make a tiny bit of money along the way (have I mentioned there is a baby on the way!?)

First off, make sure the IP address of your modem is correct. If you don't know what an "IP Address" is, don't worry about it. This should only be different if you explicitly set it differently (which there is no reason to do)

Second, you'll need to enter in the password to the device. This should be written on a sticker on the modem labeled "Device Access Code". It should be a 10 digit number. Type that in.

What these buttons do

Now, you have a few different options:

  1. Enable Telnet -- If you know what this is, you may be interested in it (It'll be on port 23)
  2. Disable Telnet -- Everything here will enable telnet. It shouldn't be terribly dangerous to turn on since it's password protected, but if you're paranoid about security, you can disable it afterwards
  3. Fix Redirect -- This is the infamous "Potential Connection Issue" or /cgi-bin/redirect.ha problem that hijacks other websites and is extremely annoying. Click this button and you'll never see that page again(note: you may have to restart your computer/browser if you are currently seeing it)
  4. Enable UPnP -- If you're a gamer, this option is useful to you. This enables Universal Plug And Play, which is a long way of saying that you can have an Open NAT type without having to do anything else
  5. Reboot -- Finally, you can restart the modem remotely if you're feeling lazy

Potential Problems

There are a few different issues that could happen with this. I'll try to point you in the right direction

  • I keep getting "login appears to have been unsuccessful" -- Make sure you're using the "device access code", not the "wireless network key". Also, make sure that when you go to http://192.168.1.254 in your browser that you get the AT&T modem page.
  • I get "no route to host" -- Make sure your devices's wifi is connected to your NVG510 access point
  • I get "operation timed out" -- You might have to try pushing that button once more
  • I get "connection refused" -- sometimes it takes a few seconds to enable telnet(which every other button relies on). Wait a few seconds and try again
  • Your application force closes! -- That's not good :( Send me an email at earlz -at- (this website name) or post below in the comments and I'll try and fix it

After Factory Reset

If you (or AT&T) does a factory reset of your modem, you will have to do this again. However, if your modem loses power and resets, you shouldn't have to run this again

It didn't work!

If you were seeing the "potential connection issue" page, and afterwards your browser gives an error like "server timed out" or "host not reachable", then you may actually not have internet. In that case, call AT&T and hope for the best :) This application will not solve issues with your phone line!

If it didn't do what you wanted, request a refund!

Where is a free version?

I know it's a bit tacky to charge for such a simple application, but I think it's justified in this case. I've spent plenty of time getting to know the NVG510 and helping other people with it, as well as preparing all of the information for publication here. So, I think it's fair. If you don't like it, I will always provide the slightly more technical version for free. See this blog post for details on how to do that.

What's next

I'm not sure. I want to add DNS server fixing, but I don't think I'll be able to fit it in. I'm using Xamarin Android Starter Edition. As such, I have limitations on how complex and big I can make my application. If you want to donate $300 for me to obtain a full license, I'd love you forever :)

Factory Reset

This will completely reset your modem as if AT&T just shipped it to you. It will undo all configuration settings

Bridge Mode

Check the other published info (stub)

Posted: 8/3/2013 8:06:41 PM

Introducing NetBounce

So, I've been working on a quick project called NetBounce. It's basically a nifty tool to test HTTP clients and dump the data they send somewhere, without actually running your own HTTP server. This also supports HTTPS, which means it supports clients which do not allow SSL certificate errors.

Anyway, my main points of making it was because, eventually I want to expand on it to include programmable responses and this is a very good start, and because it's a valuable tool for a project I work on at my job.... And because it's cool and I've always wanted a test project with HTTPS support

Posted: 6/30/2013 6:46:11 PM

My first program

This is the oldest code I can find which once did something.

https://gist.github.com/Earlz/5848045

It's quite amazing. I can remember some of my thoughts when I wrote it. I had this huge obsession with using as few resources as possible. I had a fairly good machine for the time (512Mb of memory), but was obsessed for no good reason. Windows Media Player 9 was my media player of choice, mainly because it came with Windows. However, I considered it very heavy in resources, so I set out to use my newly honed skills to write the best media player in the world.

I even remember a tiny amount of the implementation details. I remember the reason starty wasn't start. I originally didn't think it needed to show the menu's text... but then I realized I needed to show it as it scrolled off the screen. The rest of the labels (except for l) I'm 99% sure are complete gibberish. I'm quite amazed that the variable names actually make sense though, other than st. st I can only assume was shorthand for start which for some reason translated to command.

Believe it or not, I iterated onto this and tried to actually sell the thing! I had paypal buttons and everything on a website called simple-apps.

It's amazing how naive I once was..

Posted: 6/25/2013 2:30:25 AM

The great thing about mono and C#

So, it seems like a ton of programs I've been trying to use recently don't work with the latest version of their dependencies. For instance, Metasploit doesn't work with Ruby >= 2.0. I was using some other program that required Python 2.0 rather than 3. And we've all heard the horror stories about programs requiring specific versions of Java.

I never have this problem with C# though. In theory, it could happen.. but Microsoft really likes keeping things compatible, it's their business plan. And as an extension of that, Mono never seems to flat-out drop support for anything in their core software. I have never seen a program that requires a specific version of .Net or Mono.

This is awesome! The worst thing I have to do with Mono is compile it from git so that I get pre-release (good) support of portable class libraries. Now, let's break this down. Why exactly is it like this though?

  • C#/.Net uses compiled-to IL
    • This prevents that issue of deprecating or changing misleading language features. It's all IL after compilation, so it doesn't matter
  • There is a spec for .Net. In theory, if you abide by the ECMA spec, most things should work, logic-wise
  • It's easy to take my dependencies with me with .Net

Now let's step through why this isn't easy with Ruby/Python

  • The language is improving and getting better. This can cause old programs to break, but is unavoidable with scripting languages
  • There isn't a spec that the latest version will always implement. This is probably a good thing though
  • There is a huge emphasis on not taking your dependencies with you. This leads to breaking changes in gems and such breaking your program.

What about Java? Honestly, I have no idea why Java doesn't benefit more. In theory, they should be equally as capable as .Net.

Am I saying .Net is perfect? By all means, no. In fact, .Net has seen some breaking changes

  1. I've a JIT bug that only happens when using .Net 4.5's runtime, not .Net 2.0's
  2. In .Net 4.5, they changed marshaling to be more "strict", breaking at least one program I've seen (at my work)

And mono of course is (by design), not a complete copy of Microsoft's .Net. In fact, I've even seen a bug where .Net accepted a piece of IL, where Mono broke, due to Microsoft not being "strict" about the ECMA spec.

With all that being said though, this seems to be the major leg-up for compiled to bytecode languages. They'll probably work a very long time, despite the bytecode runner being updated.

This is also avoidable. I've seen some scripting language use a version number attribute, so that it can avoid this scenario. I'm sure there are other methods as well.

All I know is, I'm tired having python 2 and 3 installed on my system because not all my programs will run on just one or the other.

Posted: 6/3/2013 5:49:16 AM

Hacking the 2-Wire

So, I've been trying to find an exploit in the 2-wire modem I received. In my journeys, I found one guy who has already done a lot of work on it. His blog is here

Now, here is a quick summary:

  • It uses a TriMedia SoC with a proprietary instruction set
  • It uses some kind of *nix
  • It has an SSH server, but it ships disabled
  • It has an exposed JTAG connector, but it's very involved to try to get anything out of it.

He's ran arbitrary code on it, but he's failed at flashing it so that it uses it's standard firmware, but with sshd enabled.

So, I'm now refocusing my efforts on finding an external (black-box) exploit against the DNS and HTTP servers. I've been poking around the HTTP server, trying to find a simple command-injection type exploit, but even where it looks like it should work, it just doesn't. This seems quite hardened. The only significant thing I've forced it to do is to run out of memory (apparently the HTTP server doesn't have a maximum request size)

The DNS server, however, I've already found a bug with. It apparently doesn't clear the response memory properly... So, if I go to facebook.com and then I go to the DNS server and send an invalid commmand, it'll send back a garbled response with a mention to facebook.com. That's a pretty scary privacy flaw heh. It also has recursion disabled, so the DNS server seems quite weak, but I've never tried to exploit DNS

Happy hacking

Posted: 6/1/2013 8:42:45 PM

Command line SUMP logic analyzer client

So, I've been trying to poke around on this modem I received. One problem, I don't have an oscilloscope. I do however have an FPGA. And, FPGAs and be almost anything they wanted to be, so mine became a SUMP logic analyzer, thanks to the porting effort at gadget factory

Anyway, problem is the official Java client doesn't appear to work on Linux 3.x, or on 64-bit machines. I avoid having to do multilib (running 32bit programs on 64bit linux) like the plague, so I decided this will not do. On my quest I also found a half working python logic analyzer client. This one I got to work, but it's quite clunky and the code is GPL licensed. Where's the fun in that?

So, I wrote my own client, apparently in only a week. It's called monosump. It has zero external dependencies and as long as mono/.Net4 works, this client works. I've even tested it on the raspberry pi and it worked fine.

Here are the big features:

  • API-centric. The command line client is just a separate project consuming the easy to use API
  • Command line. Ever wanted to do some analysis with awk and friends? now you can
  • Plain text and JSON data output. Easy to consume.
  • BSD licensed. Have a commercial project in mind? Go ahead and use my code
  • Works everywhere there is a mono implementation(which is everywhere with the processing power to use this)
  • Simple (but limited) command line interface and powerful configuration file interface

Of course, this all being said. It sucks currently. I have a v1.0 release, but that's because I'm impatient. Next steps are getting analysis plugins, serial support at the command line, and maybe a simple web-app interface to take advantage of existing cross platform javascript libraries for graphing.

Posted: 5/29/2013 4:59:33 AM

Hacking Another Modem

So someone was nice enough to donate a 2-Wire 3801HGV to me. For what purpose? I don't have U-Verse! Why to root it of course! Apparently no one knows how to make a decent modem these days. So, my goals for this are to get as much info as possible, hopefully find a remote exploit like I did with the NVG510 and publish what's possible and what's not, as well as lay the groundwork for future hackers that probably know a lot more about this stuff than I do. My primary goal at this very second is to get a serial port working and get a root shell.

I'll publish more as I work through this

Posted: 5/21/2013 12:43:19 AM

Free Startup Idea: online yardsales

Go ahead and check out this page: Pittsburgh County Yard Sale

I'm not sure you'll be able to actually see the group without being in it or logged in on Facebook, so here is a summary:

yardsale

It's a group on Facebook with rules and you must be "accepted" to post to it. The moderator generally accepts anyone who asks though. There are over 10,000 people in this single group. This group targets a specific rural county in Oklahoma. According to the 2010 census, there are about 45,000 people in the county total. This means that roughly 1/4 of the county uses this group. ONE FOURTH of the county. That is HUGE!

How does it work? Basically, it's free-form. It has a few rules like "no business ads", but beyond that, it's just post stuff you want to buy or sell. So there are some posts with things like "selling Samsung Galaxy S $200 obo(or best offer)". Or there are people requesting to buy things "Looking for otter box defender camo for iPhone 4s".

People post these and then people who are interested comment. Usually it goes something like this:

  1. Bob: Looking to sell iPhone for $100
  2. Alice: I'll give $75. Call me at 555-1234
  3. Bob: Sold!

First thing you'll notice: Oh my god Facebook is horrible at managing such a thing!

Second thing you'll notice: How is this so freaking popular!?

Here's my analysis for why this Facebook group is so hugely popular(relatively):

  1. High signal to noise ratio (no spam, usually little pointless junk)
  2. It's easy. You're in Facebook and you can just click on it and click join group. Afterwards you have a simple topic sell stuff or offer to buy stuff.
  3. It's viral. All the time I see people posting stuff to this group, friends and otherwise.
  4. It's local. It's for southeastern Oklahoma in a rural county. You know there won't be anyone posting stuff you'll have to drive more than 30 miles for

Let's analyze this a bit more.

  1. The group is technically "closed" so that people can get kicked out. This moderation process weeds out the spam
  2. If you have a Facebook account, you can almost instantly join the group and sell or buy something
  3. There a huge amount of posts per day(you'll quickly lose where your post was after a few days). Facebook apparently has a loophole so that I end up seeing a good percentage of these
  4. Facebook is huge in that corner of Oklahoma. I didn't get a Twitter until moving to Cleveland, and I'm a programmer.

Why haven't other competing and arguably more suitable products win out? Frankly, there aren't any. The only semi good competitor is Craigslist. You can't post to Craigslist from within Facebook. Craigslist is (mostly) anonymous. On Facebook you can see the person's face your going to be meeting. This in itself instills a good amount of trust.

So, why shouldn't it just stay on Facebook's group thing?

  1. It's not possible to search the group AT ALL
  2. There is no way to monetize it for anyone other than Facebook
  3. Because it's so active it's extremely easy to "lose your post". This is when it gets to a point that you're scrolling several screens down but just can't find where your post is to check it's comments or comment on it
  4. There is no filter. If you're looking for electronics, the only thing you can do is skim through the feed manually

Free startup idea?

I've toyed with the idea of making a product to "fix" this and to let the idea easily expand to other counties (at first the plan was only Oklahoma). However, I can't stand developing against Facebook, because Facebook Integration is an absolute must. So, I give it to you, the community. If it sparks an idea and you go off to make a million dollars, awesome! (maybe you can send me a few thousand dollars as a gift :) )

Anyway, I wish this situation was better, but it's not. It sucks horribly. Hence this is why I'm putting the idea out there. Someone make the world suck less! Please!

Posted: 5/15/2013 4:35:45 AM

A preview of my next project

Not going to go into details just yet, but here is a teaser of what I've been working on recently

It's all HTML5/Canvas, including the way I actually created it (ie, I created it in a browser).

If you look at the code, notice it's in no way open source right now. It may be though at some later point.

Posted: 5/8/2013 7:15:28 AM