Jimmy’s weblog

Finally I managed to use my “Bankomatkarte” to login at my bank’s e-banking site. I’ve tested it on two machines, one running kernel 2.6.9, the other one running 2.4.27. The cardreader is a “Cyberjack pinpad”. Both kernels had a module called cyberjack to handle the cardreader (USB). Only a few steps are necessary to install all necessary software:

• Compile and install the kernel module (cyberjack, located in USB-serial drivers)
• Install ctapi (can be found on the CD that comes with the reader
• Plug in the reader to the usb port and insert your card
• Test ctapi by executing “cjgeldkarte”
• Open your e-banking site and test the login

Unfortunately it didn’t work under 2.6.9. I always had problems with permissions, it only worked for root. I have to test other 2.6.x kernels to find out if the problem is kernel-related.

Usually the mysql server is configured not to allow network connections. Recently I had to find a way to allow connections over the internet, even the root account should be able to connect. I decided to use a ssh tunnel and configured the mysql daemon to listen on 127.0.0.1. Additionally the mysql port (3306) is blocked by the packetfilter.
Thus I had to add the “bind-address” option to /etc/mysql/my.cnf:

[mysqld]
user            = mysql
pid-file        = /var/run/mysqld/mysqld.pid
socket          = /var/run/mysqld/mysqld.sock
port            = 3306
bind-address    = 127.0.0.1

Furthermore I had to comment out “skip-networking”:

# skip-networking

Otherwise mysqld would only work with sockets and not with TCP/IP connections.

To start the ssh tunnel run:

ssh -N -L 3306:localhost:3306 jimmy@mysql_host.com

Now connect to mysql with:

mysql -h 127.0.0.1

Use 127.0.0.1, not localhost, when connecting to the server. Otherwise the mysql-client will try to connect to localhost, without using the tunnel.

When testing security of wireless networks, you need to set your wireless card into monitor mode to capture packets. It works out of the box with linux-wlan-ng drivers, but it you want to use the orinoco driver which in included in the official kernel source, you are out of luck. It doesn’t support the monitor mode, but you can patch the orinoco source to get back the monitor mode.
First, download the patch (The patch is for version 0.13e which is included in the latest 2.6.x kernels).
Next, patch the kernel source:

devil:~# cd /usr/src/linux/drivers/net/wireless/
devil:/usr/src/linux/drivers/net/wireless# patch -p1 < monitor-0.13e.patch

Now recompile your kernel. In my case the drivers are compiled as modules, so I only had to run

devil:/usr/src/linux/drivers/net/wireless# cd /usr/src/linux/
devil:/usr/src/linux# make modules && make modules_install

iwpriv should now list the monitor mode.