GeekTank

I was working on a server and for some reason lighttpd wouldn’t start for some odd reason. Running it via Debian/Ubuntu “invoke-rc.d lighttpd start” or “/etc/init.d/lighttpd start” wouldn’t reveal an error message or anything in the log.

I hop’d on irc.freenode.net and put some information about my problem in the channel #lighttpd channel.

11:15 < comm> Hi, lighttpd recently won’t start up and doesn’t give any error output in the logs or stdout, I have an strace log.
11:17 < comm> The following is the strace output http://pastebin.com/m74389d99
11:35 < hoffie> comm: you are probably running in the bug that there are some error messages in a bad stage (right after forking, but
before having the errorlog available), so you cannot see the message…
11:35 < hoffie> this is being worked on
11:36 < hoffie> strace -ff -ewrite lighttpd … should reveal it
11:48 < comm> hoffie: danke!
11:49 < comm> hoffie: and it did find my error, thank you!

Now I can go about fixing this blunder!

If you’ve ever used Apache2 and .htaccess with the “Options Indexes” value to show the content listing of a directory. You would know that unfortunately Apache2 doesn’t show folders that are forbidden or password protected.

What can you do about it? You could try using “IndexOptions ShowForbidden” which states “If specified, Apache will show files normally hidden because the subrequest returned HTTP_UNAUTHORIZED or HTTP_FORBIDDEN" however this won't show Folders that are protected for some reason. So at this point there is no way to show passworded folders.

It looks as though a company called “Elcomsoft” is using NVIDIA developer tools to create software that cracks Secured Wireless AP’s.

There’s a new application from Elcomsoft that explicitly uses NVIDIA development tools to work its magic, but the GPU manufacturer may be less than thrilled about it. NVIDIA’s Compute Unified Device Architecture, or CUDA, is a set of development tools (including compiler) designed to simplify the task of coding for the company’s GPU products. The toolset has been available since February, 2007, but NVIDIA has heavily emphasized CUDA throughout 2008, touting it as a development platform for the company’s upcoming Tegra line of products, and as an important component of GPU software development. NVIDIA fully intends to continue developing top-end GPUs, but the company has broadened its market focus; CUDA, and the development of CUDA-enabled software are both major initiatives.

NVIDIA basically has its own development suite that allows you to code for the processor on the NVIDIA line of graphics card. Much like x86 processors, the code would only work on the NVIDIA processors. Elcomsoft’s use for the language probably departs from the sorts of software development projects NVIDIA had in mind. A year ago, we covered Elcomsoft’s work in GPU-assisted password cracking; now the company is ready to debut a shipping product along the same lines. Elcomsoft boasts that its new “Elcomsoft Distributed Password Recovery” software is quite a piece of work, and describes it thusly. “ElcomSoft patent-pending GPU acceleration technology implemented in Elcomsoft Distributed Password Recovery allows using laptop, desktop or server computers equipped with supported NVIDIA video cards to break WiFi encryption up to 100 times faster than by using CPU only.”

And how fast can these cards crack Wireless Security, lets just say its fast.

The list of goodies continues. Elcomsoft supports (meaning, can crack) both WPA and WPA2 10 to 15 times faster when using a modest 8800M or 9800M GPU, and up to 100 times faster if you happen to have a GeForce GTX 280 handy. Elcomsoft, of course, envisions only legitimate uses for its software, stressing its applicability to government, forensic and corporate use. Hackers, of course, are not mentioned as a beneficiary, though it’s possible that they just might glean some unspecified gain from such software.

Read the arstechnica.com article “Company puts NVIDA GPUs to work cracking wireless security”