To properly go under the hood and hack around on a Samsung Chromebook 2, you’ll need to put it into developer mode. Whether using crosh or installing Chromium or other operating systems or just doing some pretty cool stuff, you’ll need to throw the thing into developer mode. Because you have so much control you should leave developer mode off when you’re not hacking around for security purposes.
Note: Before you switch back and forth, know that user accounts will be reset each time you switch.
Now, to enter developer mode, we’ll first go into recovery mode, using the Escape (ESC) and Refresh (F3) buttons on the keyboard when you press the Power button. When the Recovery screen comes up, use Ctrl-D to switch to developer mode and then when prompted, confirm and the device will reboot into developer mode (or dev-mode for the geeky). When you see the boot screen, wait 30 seconds to boot or just hit Control-D.
To switch back to normal mode from developer mode use the crossystem command followed by disable_dev_request and set that to one and then reboot. To make this a shell one-liner:
crossystem disable_dev_request=1; reboot
And that’s it. Happy hackin’!
krypted October 2nd, 2014
Before I post the new stencil, let me just show you how it came to be (I needed to do something, which required me to do something else, which in turn caused me to need to create this):
Anyway, here’s the stencil. It’s version .1 so don’t make fun: AWS.gstencil.
To install the stencil, download, extract from the zip and then open. When prompted, click on Move to move it to the Stencils directory.
Good luck writing/documenting/flowcharting!
krypted June 5th, 2014
Especially in environments with files in Google Docs, Dropbox, Box, Wikis, file servers, portals and any other place that makes it hard to aggregate exactly what you need.
krypted May 30th, 2014
Meraki has a syslog option. To configure a Meraki to push logs to a syslog server, open your Meraki Dashboard and click on a device. From there, click on “Alerts & administration”.
At the “Alerts & administration” page scroll down to the Logging section. Click on the “Add a syslog server” link and type the IP address of your syslog servers name or IP. Put the port number into the Port field. Choose what types of events to export. This could be Event Log, Flows or URLs, where:
Note that you can direct each type of traffic to a different syslog server.
krypted April 16th, 2014
Any time doing a migration of data from one IP to another where that data has a DNS record that points users towards the data, we need to keep the amount of time it takes to repoint the record to a minimum. To see the TTL of a given record, let’s run dig using +trace, +nocmd to turn off showing the version and query options, +noall to turn off display flags, +answer to still show the answer section of my reponse and most importantly for these purposes +ttlid to toggle showing the TTL on. Here, we’ll use these to lookup the TTL for the www.krypted.com A record:
dig +trace +nocmd +noall +answer +ttlid a www.krypted.com
The output follows the CNAME (as many a www record happen to be) to the A record and shows the TTL value (3600) for each:
www.krypted.com. 3600 IN CNAME krypted.com.
krypted.com. 3600 IN A 22.214.171.124
We can also lookup the MX using the same structure, just swapping out the a for an MX and the FQDN with just the domain name itself:
dig +trace +nocmd +noall +answer +ttlid mx krypted.com
The response is a similar output where
krypted.com. 3600 IN MX 0 smtp.secureserver.net.
krypted.com. 3600 IN MX 10 mailstore1.secureserver.net.
krypted January 23rd, 2014
I had previously been using the gcutil command. But I cheated a little with the one liner promise to get the new tool, gcloud, installed:
curl https://dl.google.com/dl/cloudsdk/release/install_google_cloud_sdk.bash | bash ; unzip google-cloud-sdk.zip ; ./google-cloud-sdk/install.sh
The installation shell script is interactive and will ask if you want to update your bash profile. Once run, kill your terminal app and the new invocation will allow you to log into App Engine using the gcloud command followed by auth and then login:
gcloud auth login
Provided you’re logged into Google using your default browser, you’ll then be prompted to Accept the federation. Click Accept.
The gcloud command can then be used to check your account name:
gcloud config list
To then set a project as active to manage it, use the set option (or unset to not manage it any longer:
gcloud config set project kryptedmuncas
You can then use components, sql or interactive verbs to connect to and manage instances. Each of these commands are interfacing with the API, so if you ever find that you’ve exceeded what this simple command provides for, you can always hit the API directly as well. I found that the interactive command was my favorite as I could figure out what limitations I had using interactive and then try and figure out how to accomplish tasks with commands from there.
krypted January 8th, 2014
Microsoft Azure is Microsoft’s cloud services. Azure can host virtual machines and act as a location to store files. However, Azure can do much more as well, providing an Active Directory instance, provide SQL database access, work with hosted Visual Studio, host web sites or provide BizTalk services. All of these can be managed at https://manage.windowsazure.com.
You can also manage Windows Azure from the command line on Linux, Windows or Mac. To download command line tools, visit http://www.windowsazure.com/en-us/downloads/#cmd-line-tools. Once downloaded, run the package installer.
When the package is finished installing, visit /usr/local/bin where you’ll find the azure binary. Once installed, you’ll need to configure your account from the windowsazure.com site to work with your computer. To do so, log into the windowsazure.com portal.
Once logged in, open Terminal and then use the azure command along with the account option and the download verb:
azure account download
This account downloads the .publishsettings file for the account you’re logged in as in your browser. Once downloaded, run azure with the account option and the import verb, dragging the path to your .publishsettings file from https://manage.windowsazure.com/publishsettings/index?client=xplat:
azure account import /Users/krypted/Downloads/WindowsAzure-credentials.publishsettings
The account import then completes and your user is imported into azure. Once imported, run azure with the account option and then storage list:
azure account storage list
You might not have any storage configured yet, but at this point you should see the following to indicate that the account is working:
info: No storage accounts defined
info: account storage list command OK
You can also run the azure command by itself to see some neat ascii-art (although the azure logo doesn’t really come through in this spiffy cut and paste job):
info: _ _____ _ ___ ___________________
info: /_\ |__ / | | | _ \ __|
info: _ ___ / _ \__/ /| |_| | / _|___ _ _
info: (___ /_/ \_\/___|\___/|_|_\___| _____)
info: (_______ _ _) _ ______ _)_ _
info: (______________ _ ) (___ _ _)
info: Windows Azure: Microsoft's Cloud Platform
info: Tool version 0.7.4
help: Display help for a given command
help: help [options] [command]
help: Open the portal in a browser
help: portal [options]
help: account to manage your account information and publish settings
help: config Commands to manage your local settings
help: hdinsight Commands to manage your HDInsight accounts
help: mobile Commands to manage your Mobile Services
help: network Commands to manage your Networks
help: sb Commands to manage your Service Bus configuration
help: service Commands to manage your Cloud Services
help: site Commands to manage your Web Sites
help: sql Commands to manage your SQL Server accounts
help: storage Commands to manage your Storage objects
help: vm Commands to manage your Virtual Machines
help: -h, --help output usage information
help: -v, --version output the application version
Provided the account is working, you can then use the account, config, hdinsight, mobile, network, sb, service, site, sql, storage or vm options. Each of these can be invoked along with a -h option to show a help page. For example, to see a help page for service:
azure service -h
You can spin up resources including sites, storage containers and even virtual machines (although you might need to create templates for VMs first). As an example, let’s create a new site using the git template:
azure site create --git
Overall, there are a lot of options available in the azure command line interface. The web interface is very simple, with options in the command line interface mirroring the options in the web interface. Running and therefore scripting around these commands is straight forward. I wrote up some Amazon stuff previously at http://krypted.com/commands/amazon-s3cmd-commands, but the azure controls are really full featured and I’m really becoming a huge fan of the service itself the more I use it (which likely means I’ll post more articles on it soon).
krypted December 2nd, 2013
To open Crosh:
Find debugging commands:
To switch to a more bash-like command prompt:
To see the version of Chrome OS running on your Chromebook:
sudo /opt/google/chrome/chrome –version
To show the operating system name:
If the operating system is a bit old, update it using the update_engine_client command:
To see the bios of your Chromebook, open up a command prompt (Control-Alt-T) and use the following command:
sudo /usr/sbin/chromeos-firmwareupdate -V
To record some sound from the microphone, use the sound command:
sound record NUMBEROFSECONDS
Look for (or grep for) BIOS version in the output.
To see the Vital Product Data, or configuration information such as time zone, UUID, IMEI, model, region, language, keyboard layout and serial number:
sudo dump_vpd_log --full --stdout
Or to be specific about what you’re looking for, grep for it:
sudo dump_vpd_log --full --stdout | grep "serial_number"
To capture some logs for debugging, use systrace:
To manage the mouse and keyboard acceleration and autorepeat options, use the xset command:
Trace a network path (like traceroute or tracert):
To run standard network diagnostics:
To capture some packets while troubleshooting network connections, use the packet_capture command:
Check the type, version, etc on your touchpad:
You can also debug network connections by logging data going through either the wifi, cellular or ethernet interface using the network_logging command. To do so for a normal 802.11 connection:
To configure WAP information:
Accept an SSL Cert by using the enterprise_ca_approve command:
enterprise_ca_approve --allow-self-signed https://entca.krypted.com
Many standard Linux commands work as well, including route, mount, cat, cp, chmod, reboot, echo, tr, cut, mkdir, see, if/then, ls, cd, pwd, su, sudo, etc. To see IP address information:
sudo ifconfig eth0
To see all of the running processes:
To see a user’s hid and gid, use id:
To see more information To ping Google:
To connect to another system, you can use ssh and there’s an ssh_forget_host command to clear a given host from your hosts list.
To see a list of the commands you’ve run:
Finally, to close the command prompt:
krypted November 19th, 2013
If you ever loose track of the password on your Chromebook, find that the Chromebook is running oddly or want to sell a Chromebook, you can remove your Google account and readd it. The easiest way to do this is a feature called Powerwash. To pull it up, open Settings and then click on Advanced Settings. There, you’ll see the Powerwash button. Click it and then you will remove all of the user accounts installed on the device, basically performing a factory reset.
Powerwash can also be run by clicking Restart while holding down Control-Alt-Shift-R at the login screen. This brings up a Powerwash prompt where you simply need to click Powerwash to remove your data. The first time you login once the Powerwash process is complete, your apps and data start to sync back to the Chromebook.
krypted November 18th, 2013
Posted In: cloud