Skip to content

Will Chatham Posts

Music Updates

It’s been a while since I posted any musical updates here, and I don’t have a ton to share, but I did get a surprise email from the venerable Jason Lowenstein the other day, with a remastered set of Crain’s studio appearance on WMBR in Boston back in 1991 that he had made.

The previous version of this, mastered by Bob Weston, who initially recorded it in the studio late that evening way back when, is still here on my Music downloads page, and it is great, but I thought I’d add Jason’s version for you to download in one fell swoop.

Grab it here.

Enjoy it, and let me know what you think!

http://web.archive.org/web/20131220092546im_/http://crainspeed.com/images/crain2.jpg
Crain, circa 1991. Photo by John Kampschaefer.

Picking a Master Lock M5 Magnum

As you may or may not know, I was a locksmith for the better part of a decade, working on campus at Warren Wilson College as a student, learning the trade as I earned my BA in psychology, then being hired to work there and train other students after I graduated for about 4 years. I also ran my own business (Chatham’s Lock & Key) for about two years, and I did a stint at Willis Klein up in Louisville for a summer.

So it was interesting to me that once I started attending information security conferences, I saw how popular lock picking has become among that otherwise computer-based hacking crowd. They have “lock picking villages” where you can learn to pick locks, contests to pit your skills against others, and there are now loads of videos and tutorials online for “locksport” enthusiasts.

I was resistant to get into “locksport” for a while, perhaps because I had “been there, done that,” but also because the phrase “locksport” annoyed me.

However, I lost that battle when I found my old lock pick set from back in the day, and then found myself working a Master lock I had in the garage. Check out my first contribution to the Locksport community in this video.

Stay tuned for more.

OWASP Attack Surface Detector Project

When I did a short work stint at Secure Decisions in 2018, one of the projects I got to work on was helping to create the Attack Surface Detector plugin for ZAP and Burp Suite. I left that position before the project got published, but I am happy to see that it was a success.

Here it is in all its glory.

From the OWASP description:

The Attack Surface Detector tool uncovers the endpoints of a web application, the parameters these endpoints accept, and the data type of those parameters. This includes the unlinked endpoints a spider won’t find in client-side code, or optional parameters totally unused in client-side code. It also has the capability to calculate the changes in attack surface between two versions of an application.

There is a video that demonstrates the plugin, and yes, that is me doing the voice-over.

Kali Linux Dockerfile

Since recently discovering there is now an official Kali Linux docker image, I’ve been fiddling with it and tweaking my own setup to get it to how I like it for the things I use it for. I have a work version and a personal version. What follows is my personal version, used mostly for R&D, CTF challenges, and bug hunting in my free time.

My Kali Dockerfile (for Mac)

# The Kali linux base image
FROM kalilinux/kali-linux-docker

# Update all the things, then install my personal faves
RUN apt-get update && apt-get upgrade -y && apt-get dist-upgrade -y && apt-get install -y \
 cadaver \
 dirb \
 exploitdb \
 exploitdb-bin-sploits \
 git \
 gdb \
 gobuster \
 hashcat \
 hydra \
 man-db \
 medusa \
 minicom \
 nasm \
 nikto \
 nmap \
 sqlmap \
 sslscan \
 webshells \
 wpscan \
 wordlists 

# Create known_hosts for git cloning things I want
RUN mkdir /root/.ssh
RUN touch /root/.ssh/known_hosts
# Add host keys
RUN ssh-keyscan bitbucket.org >> /root/.ssh/known_hosts
RUN ssh-keyscan github.com >> /root/.ssh/known_hosts

# Clone git repos
RUN git clone https://github.com/danielmiessler/SecLists.git /opt/seclists
RUN git clone https://github.com/PowerShellMafia/PowerSploit.git /opt/powersploit
RUN git clone https://github.com/hashcat/hashcat /opt/hashcat
RUN git clone https://github.com/rebootuser/LinEnum /opt/linenum
RUN git clone https://github.com/maurosoria/dirsearch /opt/dirsearch
RUN git clone https://github.com/sdushantha/sherlock.git /opt/sherlock

# Other installs of things I need
RUN apt-get install -y \
    python-pip

RUN pip install pwntools

# Update ENV
ENV PATH=$PATH:/opt/powersploit
ENV PATH=$PATH:/opt/hashcat
ENV PATH=$PATH:/opt/dirsearch
ENV PATH=$PATH:/opt/sherlock

# Set entrypoint and working directory (Mac specific)
WORKDIR /Users/wchatham/kali/

# Expose ports 80 and 443
EXPOSE 80/tcp 443/tcp

Build it

docker build -t yourname/imagename path/to/theDockerfile 

(don’t actually put ‘Dockerfile’ in the path). Do change ‘imagename’ to something apropos, such as ‘kali’

Run it

docker run -ti -p 80:80 -p 443:443 -v /Users/yourname/Desktop:/root yourname/imagename

The above examples require you to replace ‘yourname’ with your Mac username

-ti
Indicates that we want a tty and to keep STDIN open for interactive processes

-p
Expose the listed ports

-v
Mount the defined folders to be shared from host to docker.

Hope that’s useful to someone!

Hat tip: https://www.pentestpartners.com/security-blog/docker-for-hackers-a-pen-testers-guide/

Music Updates

I just updated my My Music page, which was long overdue. There’s not a lot of new stuff to report just yet, but I am in a ska band that is practicing and trying to determine a name. Stay tuned for more about that.

Here is a Spotify playlist featuring my songs, or songs I played on over the years:


And here’s an open directory from which you can download a lot of these goodies:

https://www.willchatham.com/songs/

Lastly, here’s a crappy video I made of me playing with myself the other day:


The InfoSec World Has a Python 2.7 Problem

Welcome to 2019, everyone! The future is bright, and I am sure we will all experience a lot of fun and unexpected things in the world of security. So far this year, we haven’t see anything along the lines of Specre/Meltdown, which helped usher in 2018.

One thing I did realize is that the turning of the calendar to this new year, remarkably, means that there is less than one year until Python 2.7 is officially “unsupported.”

Just check the Python 2.7 Countdown clock if you don’t believe me. Everything should be well on the way to Python 3 by now. Or so you would hope.

I find it somewhat humorous (mildly) that the infosec community still relies so heavily on Python 2.7, given its impending doom. I still see new tools being actively developed in this version of Python crossing my news feed almost daily. So many things on Kali Linux rely on Python 2.7.

I have oberved that longstanding, popular open source stalwarts of the trade have shown little interest in moving to 3.x.

I really have no idea what to do about this, other than encourage contributors to migrate, and to lend a hand if and where possible. But it’s getting really late, and I still have to use python2.7 far too much in my day-to-day pentesting and security research life.

How about a New Year Resolution?