CONTIKI : How to write hello-world program in MICAZ mote

Contiki is a open source operating system for the IoT (Internet of Things). Contiki connects tiny low power, low cost micro-controllers to the Internet. While there are many similar OS such as TinyOS, what makes Contiki different is the completeness and flexibility it offers to the programmers.

Gets Start…

Installing Contiki

1. Download Instant Contiki

http://sourceforge.net/projects/contiki/files/Instant%20Contiki/

Try to download the latest version of Instant Contiki.

2. Install VMPlayer

https://my.vmware.com/web/vmware/free#desktop_end_user_computing/vmware_player/6_0

3. Start Instant Contiki. The password for instant contiki is  user.

Hello-world program

There are alot of examples provided in the Instant contiki itself. Here I am going to upload hello-world program into MIcaz mote connected to my pc.

Steps:

1. Open a terminal, go to the code directory

#cd contiki/examples/hello-world

2. Compile Contiki and the application

Now compile the Hello World application for our hardware platform. For MIcaz

#make TARGET=micaz hello-world

#make TARGET=micaz savetarget

3. Now it is ready to upload in our MIcaz platform

#make hello-world.upload

Error 1

For the first time I am trying to upload hello-world, I found the following error

user@instant-contiki:~/contiki/examples/hello-world$ make hello-world.upload
using saved target 'micaz'
avr-objcopy -O srec hello-world.micaz hello-world.srec
uisp -dprog=mib510 -dserial=/dev/ttyS0 -dpart=ATmega128 --wr_fuse_h=0xd1 --wr_fuse_e=ff --erase --upload if=hello-world.srec --verify
Direct Parallel Access not defined.
make: *** [hello-world.upload] Error 2
rm hello-world.srec

 Solution for this is to install uisp. Try to install latest version of uisp

Steps :

Download the lastet version of uisp from here

http://kasun.ch.googlepages.com/uisp.tar.gz

Compile and install using terminal.

    # tar -xvzf uisp.tar.gz
    # cd uisp
    # ./bootstrap
    # ./configure
    # make
    # sudo make install

This definitely solve the problem of “Direct Parallel Access not defined.”

Error 2

user@instant-contiki:~/contiki/examples/hello-world$ make hello-world.upload
using saved target 'micaz'
avr-objcopy -O srec hello-world.micaz hello-world.srec
uisp -dprog=mib510 -dserial=/dev/ttyS0 -dpart=ATmega128 --wr_fuse_h=0xd1 --wr_fuse_e=ff --erase --upload if=hello-world.srec --verify
Error: Permission denied
 -> /dev/ttyS0
make: *** [hello-world.upload] Error 1
rm hello-world.srec

Solution

Give permission to USB port. Because the micaz mote is connected to our pc directly.

# sudo  chmod  777  /dev/ttyUSB*

And use this command to upload hello-world in to Micaz mote

# make hello-world.upload  PORT=/dev/ttyUSB0

Capturing the SSL packets using Wireshark

1.For each of the first 8 Ethernet frames, specify the source of the frame (client or server),determine the number of SSL records that are included in the frame, and list the SSL record types that are included in the frame. Draw a timing diagram between client and server, with one arrow for each SSL record.

Frame number	Source	Number of SSL record	Name of record
1	10.30.52.254	1	Client Hello
2	74.125.236.203	1	Server Hello
3	74.125.236.203	3	Certificate, Server Key Exchange, Server Hello Done
4	10.30.52.254	3	Client Key Exchange, Change Cipher Spec, Encrypted Handshake Message
5	74.125.236.203	3	Encrypted Handshake Message, Change Cipher Spec, Encrypted Handshake Message
6	10.30.52.254	1	Application Data
7	74.125.236.203	1	Application Data
8	74.125.236.203	1	Application Data

Timing diagram

Screen-shot

2.Each of the SSL records begins with the same three fields (with possibly different values).One of these fields is “content type” and has length of one byte. List all three fields and their lengths.

Three fields in Record protocol are:

Content type - 1 bytes
Version - 2 bytes
Length - 2 bytes 

3.Expand the ClientHello record. (If your trace contains multiple ClientHello records, expand the frame that contains the first one.) What is the value of the content type?

Content Type: Handshake (22)

4.Does the ClientHello record advertise the cipher suites it supports? If so, in the first listed suite, what are the public-key algorithm, the symmetric-key algorithm, and the hash algorithm?

Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (0xc00a)

Public-key algorithm : ECDHE

Symmertic-key algorithm:AES

Hash algorithm:SHA

5.Look to the ServerHello packet. What cipher suite does it choose?

Cipher Suite: TLS_ECDHE_RSA_WITH_RC4_128_SHA (0xc011)

6.Does this record include a nonce? If so, how long is it? What is the purpose of the client and server nonces in SSL?

Yes.It contains 28bytes.Used for session communication between unique nodes. 

7. Does this record include a session ID? What is the purpose of the session ID?

Yes this record include session ID of length 32 bytes.The purpose of session ID is to keep track of the session between client and server.

8. How many frames does the SSL certificate take to send?

One frame

Setting up the Webserver and enabling https connection

HTTPS stands for HyperText Transfer Protocol over SSL(Secure Socket Layer).It encrypts and decrypts user page requests as well as the pages that are returned by the Web server.

Steps for set up a web server and enabling https on it

1. Activate apache2 ssl module.

sudo a2enmod ssl

3.Apache ssl virtual host activation.

sudo a2ensite default-ssl

4.Restart the apache2 web server

sudo /etc/init.d/apache2 restart

5.Create a self-signed SSL certificate

sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/apache2/ssl/apache.key -out /etc/apache2/ssl/apache.crt

The terminal look like this:

-----You are about to be asked to enter information that will be incorporatedinto your certificate request.What you are about to enter is what is called a Distinguished Name or a DN.There are quite a few fields but you can leave some blankFor some fields there will be a default value,If you enter '.', the field will be left blank.-----
Country Name (2 letter code) [AU]:In
State or Province Name (full name) [Some-State]:kerala
Locality Name (eg, city) []:kollam
Organization Name (eg, company) [Internet Widgits Pty Ltd]:amrita
Organizational Unit Name (eg, section) []:csn
Common Name (e.g. server FQDN or YOUR name) []:mtech
Email Address []:chindunair12@gmail.com

6.Set up the certificate

We need to set up the virtual hosts to display the new certificate.
6.1 Open up the SSL config file:

sudo nano /etc/apache2/sites-available/default

We need to make the following changes
Change the port on the virtual host to 443, the default SSL port:

<VirtualHost:*443>

Add a line with your server name right below the Server Admin email:

ServerName mtech:443

Add the following three lines to the virtual host configuration

SSLEngine on
SSLCertificateFile /etc/apache2/ssl/apache.crt
SSLCertificateKeyFile /etc/apache2/ssl/apache.key

Save and exit out of the file.

7.Activate new virtual host

sudo a2ensite default

8.Restart your apache server

sudo service apache2 reload

9.Checking for https activation.

Open the web browser and type localhost. You will be connected through secure http connection.

ie, It displays ” https://localhost” in the browser url space.

The certificate is look like this:

 

TOP ATTACKS IN WEB APPLICATION AND MITIGATION STEPS

1.CROSS-SITE SCRIPTING(XSS)

Cross site scripting are injection type attack,in which malicious scripts are injected in to trusted website.Attacker usually inject malicious code through hyperlinks.They commonly used Javascript,ActiveX, HTML, or Flash.The end user will most likely click on this link from another website, instant message, or email message.The user’s browser has no way to know that the script should not be trusted, and will execute the script.The malicious script can access any cookies, session tokens, or other sensitive information retained in the browser and used with that site. These scripts can even rewrite the content of the HTML page.

 Mitigation

• Flitering from XSS

The simplest and the easiest form of XSS protection would be to pass all external data through a filter which will remove dangerous keywords, such as the infamous <SCRIPT> tag, JavaScript commands, CSS styles and other dangerous HTML markup.

•  Escaping from XSS

While performing escaping,it effectively telling the browser that the data we are sending should be treated as data itself and should not interpreted in any other way.If a attacker putting some malicious code in to our website,it will not affect the victim because will executed the script if it is properly scripted.

2.SQL INJECTION

The SQL Injection attack consist of injecting sql query in to a web application through input data.The web applications may result in SQL Injection attacks that allow hackers to view information from the database and/or even wipe it out.

Example for SQL injection:

Suppose there is a website log-in page.The sql query for that login page is

SELECT * FROM users WHERE login = 'admin' AND pass ='pass123';

In a system that is not well designed and vulnerable to SQL injection all the attacker has to do is to type in log-in form password like:

' OR '1' = '1

The attacker use the following query that allow him to log-in to the the website to view confidential data without using the password

SELECT * FROM users WHERE login = 'admin' AND pass = '' OR '1' = '1';

 3.CROSS SITE REQUEST FORGERY (CSRF)

CSRF is an attack which forces an end user to execute unwanted actions on a web application in which he/she is currently authenticated.

Suppose the user visit a malicious website soon after visiting a bank website with out logged off. If he/she clicked on a link in that malicious website,it could cause a form post to the previous bank website. The user’s browser would send the authentication cookie back to that site and appear to be making a request on user’s befalf, even though he/she did not intend to do so.After logging in, the attacker get a simple form that allows us to transfer money to another account in the bank.

 CSRF Mitigation by Users :

•  Logoff when you are done using a site.

• Use multiple browsers.

4. MALICIOUS FILE EXECUTION

Some web applications allows the user to upload files to the server. At a later time the web application accesses the user supplied input in the web application context.By doing this, the web application is allowing the potential for malicious file execution.Typical examples of malicious file execution are remote file includes and local file includes.

Mitigations

• Strongly Validating user input using an only accept known good input.
• Adding firewall rules that prevent web servers from making new connections to external websites will aid in preventing remote file include vulnerabilities.
• Implementing a sandbox to isolate applications from one another.

5.INSECURE DIRECT OBJECT REFERENCE

An insecure direct object reference vulnerability occurs when the administrator fails to secure the directories and folders in the server.This enables the attacker to traverse through the web’s server directories

 Mitigations

• Minimize user ability to predict object IDs/Names
• Don’t expose the actual ID/name of objects
• Verify user authorization each time sensitive objects/files/contents are accessed

CRYPTOGRAPHIC HASH OF A FILE

Cryptographic hash functions take an input of arbitrary length and produces a message digest that is of a fixed, short length.The digest is called the “hash” of the input.In cryptographic hash function,instead of encrypting the whole message with the secret key, only the message digest is encrypted.

Algorithms used for determine the cryptographic hash of a message is MD5 and SHA1

MD5 Message-Digest Algorithm is a widely uses cryptographic hash function that produces a 128-bits hash values.It is commonly used in security applications and also used for checking the data integrity.It is not suitable for applications like digital signature and ssl certificate.

SHA1 is stands for Secure Hashing Algorithm.This is the most widely used of the existing SHA hash functions, and is used in several  applications and protocols.

How to find the data integrity using cryptographic hash function

Basic Steps:

Create a file

Create a file with some content in it.

For example out.txt

Finding Cryptographic Hash function using MD5

Execute the following command in the terminal

$  md5sum <file_name.txt>

Output of this file is a hash value.For out.txt i got

2196fb4aea7a750b32eb3c9abcedc89b  out.txt as its hash value.

Checking the integrity using MD5

Make some modification in the file that we are created.And calculate the hash value using MD5.For a small variation in the data,we can seen that the hash value is changed.

For example:When i change the content in out.txt, the corresponding hash value i got was

f00755d751964fddf6196f047fc674ea  out.txt

Finding Cryptographic Hash function using SH1

sha1sum <file_name.txt>

The above command generate the cryptographic hash value.

The cryptographic hash function for out.txt is

7011dd2d9ad3e336c727683ac2031825e1721021  out.txt

Checking the integrity using SH1

After modifying the file and again calculate the hash function using SH1.For out.txt we got the value 50544c5dd3218b1be60ad15479ac6e06cefd2234  out.txt

From this it is clear that even a small change in the data can identified by using the hash function. If the data is not modified the hash value remains the same.So this cryptographic hash function is used to check the data integrity.

Which one is faster:Assymertic key encryption or symmertic key encryption

Basic steps:

Install OpenSSL

$ sudo apt-get install openssl

Generate public key-private key

$ openssl req -x509 -nodes -days 30 -newkey rsa:2048 -keyout private.pem
 -out public.pem

Create files of different sizes

$ dd if=/dev/zero of=100mb bs=1MB count=100

Using the above command we can create several files of different size.

Run the assymmertic and symmertic shell code and calculate the time taken for each files.

File size in mb	Assymertic(time in ms)	Symmertic(time in ms)
100	602	330
200	1000	538
500	4038	1783
1000	8153	4030

The above table contains the file sizes and the corresponding time taken for assymertic and symmertic key encryption.

Plot the graph using gnuplot.

Install gnuplot

$ sudo apt-get install gnuplot

Ploting the graph

Use the following commands to plot the graph

 gnuplot> set xlabel “Time in milli seconds”

gnuplot> set ylabel “File size in MB”

gnuplot> plot “assymertic” using 2:1 with lines,”symmertic” using 2:1 with lines

assymertic contains the file sizes and the corresponding time for assymertic key.

symmertic also contains the file sizes and the corresponding time for symmertic key.

Graph

From the graph, we can conclude that assymertic key encryption is more time consuming than symmertic key encryption.Symmertic is faster.

NETCAT

Netcat uses TCP/UDP protocol, which reads and writes data across network connections.This is tool to do some bidirectional network communication over these TCP/IP protocol.It can run on both Linux and Windows.Netcat can be used as port scanner, a backdoor, a port redirector, a port listen,file transferring,telnet usage.

Chat using Netcat

Chat between host A and host B

Install netcat in ubundu

$ sudo apt-get install netcat-traditional

In machine a,go to terminal and type

$ nc -l -p <port_no.>

The Netcat binary is called nc and can often be found at /bin/nc on a Linux system.

In machine b,type

$ nc <ip_address of A> <port_no.>

NCAT

Ncat is a modern version of Netcat.Nmap also comes with a netcat implementation called ncat.Ncat adds many capabilities in nmap, including SSL support, proxy connections, IPv6, and connection brokering.

Nmap(Network Mapper)

Nmap is a free, open-source port scanner available for both LINIX and Windows.They are designed to detect any ports on a computer and to determine which services may be running on those ports. Nmap uses the IP packets for determining what hosts are available on the network, what services (application name and version) those hosts are offering,they are, what type of firewalls are in use.It can also be used to ‘fingerprint’ the Operating System of the target machine – by analysing the manner in which the machine responds to the scan, NMap can make a guess as to what OS the target may be running.

Nmap installation

In Ubuntu,nmap is installed using the syntax

$ sudo apt-get install nmap

Nmap Port Scanning

Nmap port scanning gives the port and services opened by the target machine.Port can be scanned by using the ip address of the target machine.

$ nmap <ip address of target machine>

 eg: nmap 10.30.52.155

If you run the above command, your terminal will look like this:

Starting Nmap 5.21 ( http://nmap.org ) at 2013-01-29 20:35 IST

Nmap scan report for localhost (10.30.52.155)

Host is up (0.00020s latency).

Not shown: 994 closed ports

PORT STATE SERVICE

22/tcp open ssh

23/tcp open telnet

53/tcp open domain

80/tcp open http

631/tcp open ipp

3306/tcp open mysql

Nmap done: 1 IP address (1 host up) scanned in 0.04 seconds

OS fingerprint detection using Nmap

Nmap fingerprinting tool identifies a base OS or service version number by its TCP/IP response’s unique characteristics in the target machine.

$ sudo nmap -w -O <ip address of target machine>

eg:sudo nmap -w -O 10.30.52.155

[sudo] password for student:

If you run the above command, your terminal will look like this:

Starting Nmap 5.21 ( http://nmap.org ) at 2013-01-29 21:15 IST

Nmap scan report for 10.30.52.155

Host is up (0.00082s latency).

Not shown: 995 closed ports

PORT STATE SERVICE

22/tcp open ssh

23/tcp open telnet

80/tcp open http

139/tcp open netbios-ssn

445/tcp open microsoft-ds

MAC Address: A0:B3:CC:F7:8D:64 (Unknown)

No exact OS matches for host (If you know what OS is running on it, see http://nmap.org/submit/ ).

TCP/IP fingerprint:

OS:SCAN(V=5.21%D=1/29%OT=22%CT=1%CU=35746%PV=Y%DS=1%DC=

D%G=Y%M=A0B3CC%TM=51

OS:07EEBB%P=x86_64-unknown-linux-gnu)SEQ(SP=102%GCD=1%ISR=108%TI=Z%CI=Z%II=

OS:I%TS=8)OPS(O1=M5B4ST11NW7%O2=M5B4ST11NW7%O3=M5B4NNT11

NW7%O4=M5B4ST11NW7%OS:O5=M5B4ST11NW7%O6=M5B4ST11)WIN(W1=

3890%W2=3890%W3=3890%W4=3890%W5=3890%W

OS:6=3890)ECN(R=Y%DF=Y%T=40%W=3908%O=M5B4NNSNW7%CC=Y%Q=)

T1(R=Y%DF=Y%T=40%S=

OS:O%A=S+%F=AS%RD=0%Q=)T2(R=N)T3(R=N)T4(R=Y%DF=Y%T=40%W=

0%S=A%A=Z%F=R%O=%RD

OS:=0%Q=)T5(R=Y%DF=Y%T=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)T6(R=Y%DF=Y%T=40%W=0

OS:%S=A%A=Z%F=R%O=%RD=0%Q=)T7(R=Y%DF=Y%T=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)U1

OS:(R=Y%DF=N%T=40%IPL=164%UN=0%RIPL=G%RID=G%RIPCK=G%RUCK

=G%RUD=G)IE(R=Y%DFI

OS:=N%T=40%CD=S)

Passwordless Login With SSH Keygen

Secure Shell (SSH) is known as Secure Socket Shell.It is a UNIX-based command interface and protocol for securely getting access to a remote computer.It provide a secure channel connection over a insecure channel.It was designed as a replacement for Telnet.SSH uses public-key cryptography to authenticate the remote computer and allow it to authenticate the user.

SSH is often used to login from one system to another without requiring passwords.

Basic Steps:

Install SSH in your local machine:

$sudo apt-get install openssh-client openssh-server

 On the local machine you will want to generate a secure SSH key:

$ssh-keygen

 This is used to generate, manage, and convert authentication keys for ssh authentication.

The user can create a passphrase key for both SSH protocol version 1 and version 2. SSH-keygen creates RSA keys for SSH protocol version 1 and RSA or DSA keys for use by SSH protocol version 2.

$ ssh-copy-id -i <public_keyid of local host user>@<remote_ip address>

 Initially,we required password for establishing the connection.Onces the secure connection is established we can directly access the remote users file without using password.

$ ssh <remote_username>@<remote_ip address>

 Now we can access remote users file and directories.

SSH to connect to a remote server and secruely copying file using scp

Secure Shell (SSH) is known as Secure Socket Shell.It is a UNIX-based command interface and protocol for securely getting access to a remote computer.It provide a secure channel connection over a insecure channel.It was designed as a replacement for Telnet.SSH uses public-key cryptography to authenticate the remote computer and allow it to authenticate the user.

 The basic steps:

 Install OpenSSH

 OpenSSH is a free, open-source implementation of the ssh protocol in Ubuntu.

sudo apt-get install openssh-client openssh-server

 It consist of openssh-client and openssh-server.Client create a connection with the server through a secure channel.

 

Logging into a remote computer over a secure connection

After installing,we can login to the remote user using the command

$ssh <remote_user>@<ip_address>

Thus we created a connection with the remote user.

Exit from the remote user.

You can see a message

“logout

Connection to <ip_address> closed.”

Transferring files and directories between computers over a secure connection.

To transfer files from our local machine to the remote server and vice-versa, we will use SSH’s “secure copy” command, or scp.

To copy a single file use the command:

scp <file_name.txt> <remote_user>@<>ip_address>:/directory

Go to the server's directory,we can see the file that we transferred.