Philipp Küng

Guy behind @bitfondue, @sharelephant and @trainshare

Automatically deploy to Heroku from Github

While starting on a new project the other day I decided to automate as much as possible. One of those tasks was deploying to Heroku when pushing the master branch to Github. It took me some time to figure certain parts out, even though the documentation is quite extensive; guess it being a beta feature didn’t help.

  1. Start by going into the Settings > Webhooks & Services view and add the HerokuBeta Service.
  2. Create the app on Heroku via the command line heroku create myapp
  3. Fill in myapp as the Name in the HerokuBeta settings view and leave Github api url empty.
  4. Then for the Heroku token, you’ll need your Heroku api token, which you get via heroku auth:token (eg. token123) and your email address you’re using to login to Heroku (eg. [email protected]). Then convert the two into a base64 hash for the Authorization header by issuing this command on a Unix system echo "[email protected]:token123" | base64 (eg. base64-123).

    curl -X POST \
    -H "Accept: application/vnd.heroku+json; version=3" \
    -H "Authorization: Basic base64-123" \
    -H "Content-Type: application/json" \
    -d "{\"description\":\"direct token description (preferably meaningful)\"}"
  5. For the Github token follow the instructions and head to where you can click Create new token, then give it a name and leave the default settings before hitting Generate token. Then copy this token and fill it into the form.

  6. Save the configuration with Add service.

  7. I first thought the hook is already working, however it’s only working with Github deployment events, which you can add by adding another service called Github Auto-Deployment.

  8. Repeat step 5 to acquire a new Github token and add it there, save and from now on your automatic Heroku deployment should be fully working.

Reset your Synology NAS after a SynoLocker attack

Encrypted Data

Personal NAS-es are quite handy, however their wide spread usage and the fact that people don’t often check their system via the web dashboard makes it a perfect target for crackers trying to extort you for money or just using your machine to mine bitcoins for them.

In this case I had a DS213j delivered to me with SynoLocker on it. A malicious piece of code that encrypts all your files and holds them hostage until you give in and pay them what they ask for. Please don’t ever give in. Just accept that your data is lost forever and you hopefully have a backup of it somewhere else, if not, now would be a good time to start thinking about one.

So on that basis, the fix is fairly trivial.

  1. Open the lid and take out all of the drives.
  2. Put one into a desktop computer or use a S-ATA to USB docking station to connect it to a working machine so you can format the drive with FAT.
  3. Put the one drive back into the NAS and boot it up.
  4. As soon as it’s booted, reset it by taking a paperclip and pressing the reset button on the back for 4 seconds until it beeps. Release. Press again for 4 seconds until it beeps again for 3 times. This will initiate a restart.
  5. Download the Synology Assistant and install it on your computer, then start it up.
  6. If your NAS isn’t already showing up, give it some time to finish the booting process and then click the search button in the Synology Assistant.
  7. Double click on the entry for your NAS which will open a browser window.
  8. Download the latest Diskstation Firmware (DSM) from the Synology Download Center and go through the questions in the browser.
  9. Upload your firmware and let the NAS re-format your disk, then give it some time for it to re-install.
  10. When all is done, format all the other drives with the same process you used for the first drive. Shutdown the NAS and put them back in. Restart and go into the Storage Manager > Volume where you can add the newly inserted drives to your volume. Once added it will take a while for them to be added and re-index, partitiend, etc., you can safely use your NAS from now on however.
  11. Now you might want to re-add your video, music and photo folders. That’s it.

On a further note, since crackers were able to get into your NAS once, I’d ask yourself whether you really need external access to it and otherwise make sure there are no ports being forwarded by your router. Also I recommend changing your router password, especially in case it’s still the factory default one. If you really do need remote access, at least change the ports which are used externally, eg. map 3001 to 5000 internally.

Lastly, I’ve used automatic DNS updating services quite a bit too, however they could have been the enabling party for the attack. Once such a provider is compromised, crackers can check their attacks against all your ports which makes the previous advice in-effective. Since routers nowadays don’t change their ip addresses that much I usually look up my home address via the GMail login history and use the naked IP. Less convenient, but more secure.

Hope this short summary helped during your reset and it’s the last time something like that happened.

The Bourne Identity - A lot realer than one might think

US Predator Drone

Last sunday I enjoyed watching all four Bourne movies including the newest one. Additionally I like the TV series Homeland and Person of Interest. However what is shocking to me, is that while those stories are just made up by writers, situations like those on TV actually occur in real life to people like you and me (well sort of). Algorithms decide whom to kill and drone pilots carry out the strikes like robots. Without formal charges. Without asking questions.

If you have two hours to spare I encourage you to watch the full length track of the #29c3 session entitled Enemies of the State in which the three Whistleblowers Jesselyn Radack (former ethics advisor to the Department of Justice), Thomas Drake (former senior executive of the NSA) and William Binney (former senior technical leader of the NSA) talk about what the government did to them while they played by the rules. Quite an eye opener.