Posts | Tags | Archive

Queen's University Resnet without IDA (Windows)

Storytime

So you're in your first year at Queen's University residence and you want to access the internet. Sounds reasonable. You plug in your Windows laptop, open your browser, and...nothing. Well, mostly nothing. A page that tells you that you've been quarantined and to please click here, download IDA, install it, and let it work it's magic.

Sounds easy right? What they don't tell you is that IDA holds ResNet access hostage until you've installed some garbage antivirus, downloaded all the new windows updates (IDA actually does this itself, it doesn't step back and let Windows Update do it's job), and a few other things. After all that, you enter your NetID and password, and it registers you. In theory.

What I ran into every single time I ran it with my laptop (running Windows XP at the time) was it failing to download something, throwing an error message and refusing to register me. I gave up after a few times and plugged in my other computer (Running the relatively obscure Windows XP x64). What I noticed is that I didn't get the typical quarantine page, I got a simple page that asked for a NetID and password. I entered my information and got a message stating I was good to go. I checked a few pages and they all seemed to work.

I plugged my laptop back in and tried to load a page. The same quarantine screen. Since the main way a webpage tells the difference between two operating systems is the user agent, I fired up Tamper Data and submitted a request with a blank one. I got the same page that asked for my NetID and password.

I assume this works because if the registration server decides (based on your user agent) that IDA won't run on your computer, instead of leaving you screwed, it'll give you an alternate way out. Since when you take away the user agent the server can't tell what kind of operating system you're running, they assume that IDA won't work on it and give you the simple "Enter your account details" prompt.

Register a computer without IDA

  1. Acquire unblocked internet (the queensu wireless is a good bet).
  2. Download and install Firefox and the Tamper Data addon.
  3. Disconnect from the internet and plug in to ResNet.
  4. In Firefox, click Tools, Tamper Data.
  5. In the window that pops up, click "Start Tamper".
  6. Try to load a website.
  7. A window will pop up asking you if you want to tamper with the request. Click the "Tamper" option.
  8. In the windows that pops up, delete everything in the "User-Agent" field and hit OK.
  9. Repeat steps 8 and 9 until the popups stop and the page loads.
  10. Click "Stop Tamper" and close the Tamper Data window.
  11. You should be on a page that tells you to enter your NetID and password, do so and hit OK.

Your computer should now be able to use ResNet normally.

Registering other devices

Your computer is registered via it's MAC address. This means that if you want to use ResNet with a device that can't run IDA, doesn't have a web browser, and is against IT policy *cough* wireless router *cough*, you can't. In theory.

The easy way of course, it to call up ITS and tell them your Xbox can't connect. They'll ask you for your Xbox's MAC address, you'll give them the router's MAC address, and they'll register it. Aside from lying to ITS being morally wrong, this works. However, I've heard complaints that devices registered via calling ITS have had their speed throttled. Throttling non-school-related devices on a school network makes sense, but I haven't seen any actual proof of this.

The better way of registering your other devices though, is to trick the registration server into thinking that your device is just a normal computer. Since computers are registered by their MAC addresses, you just need to register the MAC address of your device with the system.

The following steps will show you how to spoof your device's MAC address and register it from your computer.

  1. Find the MAC address of your device. It will probably be somewhere in the Advanced Options.
  2. Unplug your device from ResNet and plug in your computer.
  3. Open Control Panel, Network and Internet, Network Connections and note the name of your connection. Usually it's "Local Area Connection"
  4. Download and extract Macshift into a folder somewhere.
  5. Open a command prompt window in the Macshift folder.
  6. In the command prompt window type

    1
    macshift.exe -i "[connection name]" [device MAC address, no dashes]
    

    For example, if my device's MAC address was "00-11-22-33-44-55" and my connection name was "Local Area Connection", I would run

    1
    macshift.exe -i "Local Area Connection" 001122334455
    
  7. Wait until you have network access again and try to load a page. If everything went as planned, you should be seeing the ResNet quarantine page.

  8. Use the steps in the section above to register your computer again.
  9. Once you have ResNet access, go back to the command prompt and run

    1
    macshift.exe -i "[connection name]" -d
    

    This restores your MAC address back to it's original value.

Your device should now be able to use ResNet normally.

Disclaimer

All information above is provided for informational purposes only. I take no responsibility for the outcome of your actions. Furthermore, all information on IDA is based on experiences in 2009, It may have improved over time (ha).


Resolving Windows NetBIOS names in Linux

When accessing computers on a LAN, it's often useful to access them by name instead of IP. This is especially true when dealing with dynamic IP addresses.

In Windows, other Windows computer names are automatically resolved to an IP address. In most Linux distros however, this is not the case (by default).

To resolve Windows NetBIOS names in Linux, you'll need the winbind component of the Samba suite. Winbind allows a UNIX box to become a full member of an NT domain, giving the ability to resolve names from it.

Install winbind via your preferred package manager. For Debian and derivatives, the following should work.

1
apt-get install winbind

Now that winbind is installed, the OS must be configured to use it when looking up hostnames. Open the file /etc/nsswitch.conf and add "wins" to the end of the line starting with "hosts:".

For example, the line in my file now looks like

1
hosts: files dns wins

Save the file and reboot to start the winbindd deamon.

To test if if worked, try pinging a computer on your LAN by name. For example:

1
2
3
4
5
$ ping windows-server
PING windows-server (192.168.0.107) 56(84) bytes of data.
64 bytes from 192.168.0.107: icmp_req=1 ttl=128 time=0.268 ms
64 bytes from 192.168.0.107: icmp_req=2 ttl=128 time=0.604 ms
64 bytes from 192.168.0.107: icmp_req=3 ttl=128 time=0.607 ms

Vim: Search and replace in multiple files

As is the way with Vim, there are a ton of features, but stumbling on the combination of commands that does what you want can be a bit difficult sometimes. In this case, the objective is to perform a search and replace over some files.

This is done in two steps: loading up the files to process, then issuing a command to run on each of the files.

Load up the files to search using the args command. This command supports multiple arguments and can use bash-style path completion.

1
:args src/*.cpp src/*.hpp README.txt

Perform a replace using sed-style syntax using the argdo command. This command iterates over all the files loaded by the args command and performs a command on them. In this case, it's performing the replace operation.

1
:argdo %s/FindMe/ReplaceWithMe/gec | update

The flags used in this case are:

  • g: global search (find more than a single occurance per line)
  • e: suppress "string not found" error messages
  • c: confirm each replace

Running update after the replace operation saves any changes to the file before moving to the next one.

© Carey Metcalfe. Built using Pelican. Theme is subtle by Carey Metcalfe. Based on svbhack by Giulio Fidente.