January 2017 – Page 2

Fun-Day Friday – Wildcraft Board Game

Before we get to the meat of today’s post, I wanted to let you all know that yesterday my email subscribers received the first weekly email only content. It’s something that was sent directly via my list provider, and is not on the website anywhere. If you aren’t subscribed, you might be missing out. Anyway… onward to today’s post!

Over the holiday season, our household received several new games as gifts. Among them, we got Mastermind (similar to battleship, but not really,) ION (card and dice game,) Settlers of Catan (board game,) and a few video games for the kids. I received the elusive NES Classic gaming console I lamented not being able to purchase on launch day, as well.

All of these games gave me the idea that I should cover some of our collection of physical games (board, card, and dice,) over the next several Fridays. Instead of starting with the ones we received THIS year, I thought I’d start with one that is probably a lot less known. I have a thing for “underdogs,” and this game kind of fits that bill.

The game is called “Wildcraft!” and is a cooperative board game. It is designed for 2 to 4 players. Each player uses a token like the ones in the game “Sorry!” to represent their progress along the board path. There are also black and blue coin shaped tokens that are used to represent the “passing of the sun” and “baskets of huckleberries” respectively.

Three decks of cards are used. One deck contains various plants. One deck contains various “trouble” cards. One deck contains a stack of “cooperation” cards. A spinner with 6 possible outcomes is included.

The premise is to leave Grandma’s house, travel the spiraling path up the hill to the huckleberry patch, gather two baskets of huckleberries per player, then return back down the path to Grandma’s house before the sun sets. The path has a couple of spots that let you jump gaps bi-directionally, and a couple that let you jump gaps in one direction only. Each spot on the path represents either a “rest” area, a “moon,” a “trouble spot,” a “harvest spot,” or a “cooperation spot.” Across one side of the board are sections showing the sun passing across the sky.

If you land on a “moon,” you place a black token on the next free “sun movement” spot. This is the only antagonist in the game. If all of those sun progress spots are filled up before the last player makes it back to Grandma’s house, everyone loses. The more players there are, the longer a game takes, but the more likely the team is to lose, as well.

If you land on a “cooperation” block, (represented by a rainbow,) you draw a cooperation card. This card can either be used immediately to pull the person furthest behind up to your position, or it can be saved to aid another player later.

If you land on a “trouble” block, you draw a trouble card. This could be something as simple as just being “Hungry” or it could be that you got poison ivy, for example. The trouble card does nothing to hinder your progress, but “fixing” an ailment lets you move to the next rest spot, so there is incentive to do so.

If you land on a “harvest” block, you draw a plant card. These are the cards that help you fix the ailments from trouble cards. If you have an ailment, and a plant card that fixes it, you discard both, move to the next rest spot available, and end your turn.

Rest blocks do nothing.

The “1” on the spinner also has a rainbow. If you spin a “1” you draw a cooperation card, and the rules for this are the same as if you land on a rainbow spot on the board.

Once a player reaches the berry patch, they stop spinning on their turn, and instead collect huckleberry bucket tokens. After the correct number of berry buckets are gathered (2 per player overall, so 4 if there are 2 players, 8 if there are 4,) the player spins and begins working their way back down the hill. If a player passes someone on their way UP the hill, that player is now able to turn around and start back down.

Wildcraft! - Kids Playing — Wildcraft! – Kids Playing

This game is educational and a TON of fun. Game play can take anywhere from about an hour to several hours, depending on number of players and how many times people hit the “short cuts” in the wrong direction. It’s great for an afternoon of quality time with friends and family.

The game can be found HERE.

They have a Twitter and Facebook page, if you want to check out their feed.

The Lab – Gear Check – The BeagleBone Black

We’re taking a break from the “Hacker-Tool Hump Day” posts to cover some of the gear being used in the Security Lab. There aren’t too many physical pieces, since a hypervisor for virtual machines is involved, but there are a few.

Today, we’ll take a look at the BeagleBone Black. Many people are familiar with the single board computers (SBC) that have sprung up over the last few years. The Raspberry Pi series had much to do with this, and we will definitely cover it, but I wanted to cover one of the underdogs, first.

The BeagleBone Black is currently at revision “C,” and this is the version I own. The great thing about the BeagleBone Black is that it includes an eMMC chip for on board memory storage, and this is where the built in OS lives. Revision “C” comes with a 4GB eMMC, and is pre-installed with Debian Wheezy. Plugging the board into a USB port on your computer using a USB-mini cable will both power the board and provide a USB ethernet connection to the board. The new virtual interface should get the IP address 192.168.7.1, and the board’s IP should be 192.168.7.2 so that you can log into it. The root account has an empty password by default.

This board includes a power jack for an external power brick so that power hungry accessories won’t draw too much load. It offers a single standard USB port for USB host support, a micro HDMI port for external display. A microSD slot allows for installation of other operating systems without overwriting the eMMC OS, which makes it somewhat versatile. OpenBSD can be installed on this device, which is one of the reasons I wanted to pick this up, but it is still a somewhat new port, so some functionality may be limited. The JTAG port works well to get a serial console into the system, as well. There is also a standard RJ45 jack for a 10/100 ethernet connection.

The processor is a 1GHz, 2000 MIPS Sitara from Texas Instruments. It has more than enough umph for the light workloads we’ll be using in the Lab.

Expansion boards that utilize the GPIO pins are called “capes” in the Beagle Board community. I link to one of these at the bottom of this article. There are other boards offered, and some of them are a lot more powerful and a lot more expensive. The BeagleBoard X15 was just recently released, for example, and costs around $230 to $250, but it has on board gigabit ethernet plus quite a few other peripheral options. I might drop some coin on one for the lab later, especially if OpenBSD brings it into the fold of supported hardware. Until then, the BeagleBone Black is more than sufficient for the kind of testing we’ll be doing.

If you are looking to get into, or try to expand your knowledge of penetration testing techniques, there is also an excellent book on using a handful of these boards specifically for that purpose. Dr. Phil Polstra

Here’s the run down on the bare essentials for this board, and where to get them. Don’t worry, guys. While I definitely would include an affiliate link to help fund this project, Amazon won’t allow Arkansas residents to participate in their A-Store program, so all links are non-affiliate, (even the non-Amazon ones.)

The Board This contains the board, a case, a power supply, and a USB cable for use with the miniUSB client port near the RJ45 jack.

GearMo USB to 3.3v TTL Header like FTDI TTL-232R-3V3 Note that this cable is a 3.3V cable. The Raspberry PI uses a 5V cable. Be careful that you use the correct cable with the correct device if you mix and match like I did.

Samsung EVO 32GB Class 10 Micro SDHC Card These came on sale for ridiculously low prices a few times, so we got them in sets of three or more. Class 10 cards are highly recommended for use with these small Single Board Computing devices. While not necessary with the BeagleBone, it is nice to have options (like OpenBSD) as well as some external storage.

Hacking and Penetration Testing with Low Power Devices The book by Dr Phil Polstra.

Book and Cape bundle I hit up Dr Phil about this a little late, so I’m not sure if this is still valid or not. You might want to contact him on Twitter to verify before pulling the trigger on this, but I included it in case it still works.

EDIT: I got a response from Dr Phil after this post went live.

Sorry, I just got this message. Yes, I do still sell the kits. I have been selling the kits separate from the book mostly because Syngress won’t offer any discounts on my own book unless I buy 50 at a time so people are better off with Amazon etc. Part of the reason I now publish with Pentester Academy.

Welcome to 2017

Happy New Year. I hope your holiday season was pleasant, and full of family, food, and fun. Ours was. The kids are all settling down about now from all of the excitement, and we’re happy to all be together.

Last year was mostly an experiment to see how this site might work. This year is knuckle down time, and I’m hitting the ground running.

The site has had a few changes since last year. I’ve added some new pages, changed the “Recent Posts” link on the right to include the RSS feed link, and categorized things to make them easier to find moving forward. Next Monday will continue the SSH series, picking up where we left off with an introduction to the OpenSSH Certificate Authority.

I will start including a survey every now and then to help me decide on what content to cover next, as well as including some extra content in a news letter format for those folks that have signed up for my mailing list. I’ve left the site RSS feed attached to the mailing list for now, but may change that later. If I do, it’ll be two lists, and people will have the opportunity to adjust their mailing list options to set what feeds they care for most.

I’m going to also be active on three social media platforms. I will probably be primarily active on Twitter, but starting this year, I will be at least sharing my blog content on FaceBook and LinkedIn, as well. Note that there is now a link in the menu on the right, as well as at the bottom of the page for each of these platforms. If you’re on one of those platforms and would like to follow me there, I’d love to have you.