Scamming the scammers or getting a free micro sd card to my raspberry pi.

Ebay and wish.com are full with surprisingly cheap “too good to be true” sd cards. I have decided to take my chances and buy 2 most likely fake sd cards from wish.com

I deliberately choose one that appeared a little bit more expensive comparing to the rest of the cards, in the hope that the actual fake cards are not the worst of the worst quality. So I ended up hitting on this ad:

Fake sd card ad on wish.com

So this “Lexar” card was for $5 +$5 shipping adding up to $10 / piece. I bought 2 of these, and a wish.com special is no matter how many items you purchase you get charged for shipping regardless of how many would actually fit in a single jiffy for shared posting. So I ended up paying $20 for 2 most likely fake cards.

couple of weeks later the cards have arrived. And after unpacking the first thing i’ve noticed is it didn’t come with the usb card reader. it was just the card itself in a very convincing looking packaging.

After unpacking the actual SD card looks pretty damn convincing still. The etching on the card looks flawless as well.

Now the way they make these fake sd cards is they pick up a smaller sized ones, and they somehow edit the otherwise read only part which presents the actual total size. So they pick a small and usually slow sd card and they bump it up to 128G size. As these cards have “some amount” of actual working storage, if you end up using it in a phone or camera and you only start to fill with pictures slowly by the time you notice that it’s fake, the sellers are all gone from wish.

Now my plan was to get a 2-4G card i can use with a raspberry pi. Testing these cards are not actually simple because under windows whatever i copied to them got cached, and it looked “healthy” as long as i didn’t pull out and plug back in. I’ve ended up trying this out with a program called f3 I’ve run it on a linux vm, and in matter of seconds I got the results which I’ve expected.

8G usable

So as per the tests above the fake card has 8G usable space which is more than enough for what I needed it for. The only problem I had is I couldn’t use “noobs” to deploy raspbian because it wanted to resize my card to 128G, I had to deploy it manually to a 7G partition.

With the evidence above I’ve openned a ticket with wish.com and about 2-3 messages back and forth I’ve received a full refund including shipping as well.

The infamous iDrac6 “Connection failed.” error

In my previous post I’ve covered a few issues with the dell idrac remote console, and presented a script as well to connect from command line, however another piece of headache was the “Connection failed.” error. To make this even better as you can see from the screen it comes without any useful indication on what it was failing on. The only clear fact which i had is I was able to telnet to the drac ip on port 5900

Connection faliled.

Digging a bit deeper into this with tcpdump and strace it turned out that this was again failing on java security. To make it even worse it’s not the one of the ones where you can just open up java configuration and add some site exceptions or set some radio buttons to less secure. To resolve this you have to edit your java.security file.

In my example I’m using java 1.8, so my full path is:

C:\Program Files\Java\jre1.8.0_161\lib\security\java.security

In this file i had to comment out the following 2 blocks (I’ve used triple # so i know what was the lines I’ve changed):

### jdk.certpath.disabledAlgorithms=MD2, MD5, SHA1 jdkCA & usage TLSServer, \
###   RSA keySize < 1024, DSA keySize < 1024, EC keySize < 224
...
### jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 1024, \
###    EC keySize < 224, DES40_CBC, RC4_40

After saving this, and trying my script again the result was instantly better:

drac after changing java security

A simple but powerful script for dell drac console.

In our organization we are using dell servers. Age of the servers vary from pretty much drac6 to idrac9.

Normally to access the remote console of the server you have to log on idrac web gui and from there you can launch the remote console. This all sounds pretty nice but over past few years, for me this has been a real hell on wheels. Usually what I find is the web gui for dell is extremely laggy, sometimes it doesn’t even load at all. Also when it comes to launch the actual jnlp file to get the process of loading up the console I’m getting various kinds of nasty java errors, mainly about security. The actual kvm is listening on port 5900 and no matter how i tried I couldn’t find a native binary client that would just simply connect to that port without any java hassle. Recently i came up with a partial solution to this problem. It is possible to launch the kvm jar file from command line, and it skip the entire web gui, and as the jar file is being called without using the jnlp it also steps over most of the java security madness. My script by default is also using a socks (dynamic ssh) proxy on port 8080. This helps to get through firewalls if your drac is not directly accessible. you just need to ssh to your gateway host first in a different shell using a -D8080 flag to open a socks proxy.

ihorvath@DBF3GQC2:~$ cat ./drac_all.sh
#!/bin/bash

echo -n 'Host: '
read drachost

echo -n 'Username: '
read dracuser

echo -n 'Password: '
read -s dracpwd
echo

# if you are lucky enough to use the same drac versions everywhere you can comment out the next line if you whish once you've initially downloaded the kvm jar file.
curl -k --preproxy socks5://127.0.0.1:8080  https://$drachost:443/software/avctKVM.jar -o kvm.jar

# path to java. change that accordingly.
/cygdrive/c/Program\ Files/Java/jre1.8.0_161/bin/java -cp kvm.jar -DsocksProxyHost=127.0.0.1 -DsocksProxyPort=8080 -Djava.library.path=./lib com.avocent.idrac.kvm.Main ip=$drachost kmport=5900 vport=5900 user=$dracuser passwd=$dracpwd apcp=1 reconnect=2 chat=1 F1=1 version=2 custom=0 scaling=15 vm=1 title=Istys-omgwtf-cli-executed-drac-console

Interestingly enough as you can see from the script to fetch the jar file from the drac you do need to get authenticated at all. I find this a bit odd, but at least we can abuse it.

If things go well, you should get a similar outcome:

dell drac from cli

Starting my first personal blogsite.

Welcome to my blog. My name is Istvan. I’m working with linux servers for about 20 years, and on this site I’m going to share interesting bits and bobs from various taks and problems I have encountered recently in the hope that other will find it useful as well. The areas I’m focusing on are: Server management / Linux / Networking / MySQL databases