psych0tik domains are moving

As part of our general hatred of SOPA, psych0tik has made a few changes to our infrastructure.

Initially, psych0.tk was configured as a mirror domain for psych0tik.net; as it is controlled outside the US it is further seperated from their draconian infrastructure and policy making, and in the event of things going sour should allow us to stay reachable while we sort things out and keep you posted.

The second change is moving registrars. Previously we had been with godaddy, but in light of godaddy’s support of SOPA (Good explanation here) we have migrated to gandi.net. I recommend that any of you with domains registered at godaddy do the same.

The final point is that while the domain transfer should be seemless, there could potentially be a hickup. In that event that this happens, we’ll keep our twitter account @psych0tiknet updated.

Posted in psych0tik News | Tagged , , , , | 5 Comments

psyCA Certificate Authority Management

We use Certificate Authorities indirectly every day while checking webmail and giving minimal thought to the authenticity of the page we’re reading from. Moxie Marlinspike talked about the flaws in the current trust in root CAs at BlackHat USA 2011. While flawed, certificate authorities can still be incredibly useful on a private level. Certificates can be used to authenticate users to VPNs, sign emails between users and organizations using s/MIME, enhance/substitute for password logins on websites, amongst other uses.

In my frustration while attempting to create and manage CAs for some of the above mentioned purposes I decided to fork and enhance the CA.sh script that openSSL ships with. I am currently working on fixing bugs, adding better error checking, extra features, and better usability. I have dubbed the CA.sh fork psyCA and has no dependencies except for OpenSSL and a POSIX shell.

Installation: installing the script consists of cloning the git repository

git clone git://github.com/psych0tik/psyCA.git
chmod +x psyCA/CA.sh

If you would like to contribute changes to the script or the default openssl.cnf please fork our repository and send us pull requests if you’re a GitHub user or email your patches to me or the psych0tik-list mailing list if you’re not a GitHub user.

Posted in psych0tik News, psych0tik software | Leave a comment

New box: Juggernaut

I’ve been working on getting Juggernaut up and running for a couple weeks now and have promised a few people pictures and a summary of what’s going on… so here we have it.

I was lucky enough to be given the majority of the hardware by a coworker who had recently upgraded.  This started me out with the case and motherboard, along with 6 Gigs of ram, a Core2Duo @3.00Ghz, and dual nVidia GeForce 9500 GTs. I had to ditch the IDE CD/DVD drive and use a SATA device, as I’ve only got 1 IDE bus to work with.  The motherboard has 7 SATA slots, so I’ve been stuffing as much SATA into the machine as I could.

For storage, I went a little overboard.  As the primary drive, Juggernaut uses a 40G IDE drive.  On top of that he’s got another 41G IDE (a slave to the former), a 500G internal SATA drive (salvaged from a laptop), a 3T external USB drive, a 300G external firewire drive, a 80G external USB drive and finally a 3.5″ floppy drive.  I’m still looking at getting something to support SD cards, so that this box can interface with pretty much any media around.  The 41G IDE slave also contains a Windows ME install that will try to boot, but fails horribly.

On top of the usual compute-y  things, I’ve also added a few unique input sources in the form of a USB attached tempurature, humidity and pressure sensor (USB-THB) and a RS232 attached (via a USB converter) 270 degree dome security camera.  Both of these were designed by Z.Monkey.

Finally hooked this all up to my KVM to run through my old CRT and purchased a new router (Buffalo makes a nice one that comes stock with ddwrt.)  I’ve installed the AMD64 build of Gentoo and have all the peripherals (minus the security camera) working.

Straight down into the case.

One of the graphics cards

Both graphics cards attached

Side view with camera

Side view of the external storage cluster

Front view.  The small SATA drive is mounted to the DVD drive with duct tape.  You can also see the floppy drive and one of the internal IDE drives.

Security camera mounted to the control board (courtesy of Z.Monkey)

Close up on the control circuit

USBTHB, also courtesy of Z.Monkey

Finished setup, with the security camera on top and the USBTHB on the wall

Routers, including the new Buffalo router with ddwrt

KVM, as well as Storm and the UPS

Posted in Articles, Hax | Tagged , , , , , , , , , | Leave a comment

Transparent logging socks proxy in bash

It’s a quick one, but something I bashed (haha, get it?) up quickly for a coworker.

First, make a socket

Then bind a listening socket (Your netcat implementation may need -p before the port), tee the data back to your terminal and to the endpoint, which in turn talks back to the original netcat instance via the fifo.

Posted in Guides, Hax | Tagged , , | Leave a comment

psych0tik apt repo – powerpc support

On impulse I built myself a debian powerpc machine, which of course meant basking in the glory that is my metapackage environment that makes it stupid simple to set up new machines, however to my horror it all fell apart because a lot of my packages don’t exist for powerpc!

To this end, I’ve rebuilt nearly everything (the metenvironment suite, my openbox fork, my urxvt fork, vimpc) for powerpc and uploaded the resulting binaries to the psych0tik apt repo.

The same lines apply as before.

Posted in psych0tik News | Tagged , , | Leave a comment

Updates to proxyElite: pE-API and fresher proxies

Over the last few months, I’ve been working to refine the beast that is proxyElite to provide more functionality and better results.  One of the key ingredients for that was the pE-API, an HTTP API to our proxy databases.   This API allows for easy use of our proxy lists, including getting current proxies and querying IPs to determine if they are in our lists.  These features have varying levels, some of which require an API key and will be released and documented later on.

Another feature of the new API is to allow us to distribute the proxy scanning workload across multiple hosts.  Currently, this only involves scanning for new IP addresses, but other pieces of proxyElite will be added.  We’ve seen great results replacing our old “acquire new proxies” code with the pE-API driven proxy scanner and have added nearly 200 new proxies in the last few weeks.  These new additions are now keeping our lists well over 20 proxies, and a re-vamp of the pE-core has allowed for faster, more thorough proxy checks via the basicChecker.

If you’re keen on playing with the new features, we’ve got a bit of documentation and sample code (in python) available here.  The sample code includes basic examples of parts of the API that require no key as well as a very alpha version of the autotumbler python library for HTTP proxy tumbling, which uses the pE-API to automatically generate proxy lists.

Posted in psych0tik News, psych0tik software | Tagged , , , , , , | 3 Comments