Saturday, 31 December 2011

Sound fix

Problem:

Can see the card... music is playing.. no sound on the speakers

Solution:

chmod o+rw /dev/snd/* 
authconfig --updateall --nostart 
rm -rf ~/.pulse 
killall pulseaudio
 
 
Cheers :)

Wednesday, 24 August 2011

Solaris package management 2

Solaris notes

cksum for checksuming stuff since md5 of shasum is not installed by default..

pkg and rpm useful commands

pkgrpmfunction
pkgadd -d 'pkg'rpm -ivh 'rpm'install
pkgrm 'pkg'rpm -e 'rpm'uninstall
pkginforpm -qalist all
pkginfo -l 'pkg'rpm -i 'rpm'info
pkgchk-l -p 'file'rpm -qf 'file'package of file
grep 'file' /var/sadm/install/contents
same as above
pkgchk -l 'pkg'rpm -ql 'rpm'list installed package contents
pkgchk -l -d 'pkg'rpm -qlp 'rpm'list uninstalled package contents
pkgchk 'pkg'rpm -V 'rpm'verify package contents


Thanks for reading :)

Tuesday, 28 June 2011

tor xchat

Lets connect to IRC using tor :)

yum install xchat -y
echo "mapaddress 10.40.40.40 p4fsi4ockecnea7l.onion" >> /etc/tor/torrc
/etc/init.d/tor restart

Setup xchat to use proxy 127.0.0.1 port 9050

Setup xchat to connect to server 10.40.40.40

Use SSL and accept invalid SSL certs
cd ~/.xchat2/
wget http://freenode.net/sasl/cap_sasl_xchat.pl

Start xchat

Confirm that sasl is loaded by running /sasl
/sasl set server_name nickname password PLAIN
/sasl save

Connect to server_name and done!

Hurray for TOR  :)

Thursday, 23 June 2011

dns enumeration

Quick note on DNS enumeration since I might not remember this tool in the morning..

Fierce will use the hosts.txt file that lives in the directory below to lookup any possible DNS A records
root@bt:/pentest/enumeration/dns/fierce# ./fierce.pl -dns domain.com -threads 5 -wide
DNS Servers for domain.com:
xns1.domain.com
xns2.domain.com

Trying zone transfer first...
Testing xns1.domain.com
Request timed out or transfer not allowed.
Testing xns2.domain.com
Request timed out or transfer not allowed.

Unsuccessful in zone transfer (it was worth a shot)
Okay, trying the good old fashioned way... brute force

Checking for wildcard DNS...
Nope. Good.
Now performing 1895 test(s)...

result snip

Subnets found (may want to probe here using nmap or unicornscan):
127.0.0.0-255 : 1 hostnames found.
194.xxx.xxx.0-255 : 8 hostnames found.
194.xxx.xxx.0-255 : 9 hostnames found.
194.xxx.xxx.0-255 : 19 hostnames found.
194.xxx.xxx.0-255 : 2 hostnames found.
212.xxx.xxx.0-255 : 3 hostnames found.

Done with Fierce scan: http://ha.ckers.org/fierce/
Found 42 entries.

Have a nice day.

Indeed we will :)

lovely sed

If you dont love sed you are not an admin. (non negotiable)

Useful notes:

Lets say we have a file named "files" that has names of rpm packages in them

Removing first character from each filename/string
cat files |sed 's/.\(.*\)/\1/'

Removing last character from each filename/string
cat files |sed 's/\(.*\)./\1/'

Removing the last three characters from every filename
cat files | sed 's/\(.*\).../\1/'

Replacing extensions  from each filename/string
cat files | sed 's/\(.*\).../\1tar/' 

This is an addition to the original post.. I found some old notes on a txt file so...

Clean chars from files
sed -i 's/#//' *
sed -i '/^$/d'
sed -i '/^M/d'


Print file in reverse
cat | filename sed '1!G;h;$!d'


Want even more? Check this and this



:)


Tuesday, 21 June 2011

iscsi trouble

What do we have today!

Netapp is awesome.... (there is always a but! and here it is!) BUT

When configuring an iscsi lun on CentOS we change first of all the initiator name:
echo 'InitiatorName=iqn.1994-05.com.redhat:somenodename > /etc/iscsi/initiatorname.iscsi

after that we try to discover our targets
iscsiadm -m discovery -t sendtargets -p xxx.xxx.xxx.xxx

Well as you would know this end up giving you as many targets as the NetApp filer has interfaces! (pretty much the same lun on all VLANS), which you cant access because you only have 2 NICs (one for the LAN and one for the storage LAN... and in the end of the day thats all you need! Anyway... so we add the interface
iscsiadm -m iface -I eth1 -o new

and change the configuration
sed -i -e '/node.startup/s/automatic/manual/g' /etc/iscsi/iscsid.conf

That is not enough though... the discovered targets are set to automatic already... soooo lets make them all to manual:
iscsiadm -m node -o update -n node.startup -v manual

and make the one we want automatic (so it doesnt take 100mins to start iscsi :P)
iscsiadm -m node -o update -n node.startup -v automatic -p xxx.xxx.xxx.xxx,3260 -I eth1

Now restart iscsi and presto!
service iscsi restart

Wooohoo! Victory!

Many thanks to Pete for helping out with this :)

Sunday, 15 May 2011

tor loveliness

Lets install tor (http and socks proxy) in our fedora (14)

Create a file in /etc/yum.repos.d/ called tor.repo or whaterver.repo
[torproject]
name=Tor and Vidalia
enabled=1
autorefresh=0
baseurl=http://deb.torproject.org/torproject.org/rpm/fc14/
type=rpm-md
gpgcheck=1
gpgkey=http://deb.torproject.org/torproject.org/rpm/RPM-GPG-KEY-torproject.org


now install:
yum install tor polipo
wget https://gitweb.torproject.org/torbrowser.git/blob_plain/HEAD:/build-scripts/config/polipo.conf 
mv /e_t_c/polipo/config /e_t_c/polipo/config-default
mv polipo.conf /e_t_c/polipo/config
echo 'daemonise = true' >> /e_t_c/polipo/config
echo 'pidFile = /var/run/polipo/polipo.pid' >> /e_t_c/polipo/config
service tor start
service polipo start

For firefox 4 use this plugin



restart firefox

and done!

:)

Wednesday, 23 March 2011

steghide

Hey pervs,

quick notes :P

[root@hermes]#yum install steghide -y

[root@hermes]#steghide --embed --embedfile call-handling.pdf --passphrase salami \
--coverfile DSC02036.jpg --stegofile image.jpg --encryption rijndael-256
embedding "call-handling.pdf" in "DSC02036.jpg"... done%
writing stego file "image.jpg"... done

[root@hermes]#steghide --extract --stegofile image.jpg --passphrase <some_pass> \ 
--extractfile file.pdf
wrote extracted data to "file.pdf".

[root@hermes]# du -sk image.jpg DSC02036.jpg call-handling.pdf
2716    image.jpg
2724    DSC02036.jpg
108    call-handling.pdf


nough said :)

Thursday, 17 March 2011

simple mysql backup

A simple mysqldump script.. keep only 7 days of backups

#!/bin/bash
USER=root
PASS=your_password

mkdir -p /backup/mysqldump/
find /backup/mysqldump/ -mtime +7 -exec rm {} \;

for x in `mysql -Bse "show databases" -u $USER --password=$PASS` ; do
mysqldump -u $USER --password=$PASS $x | gzip -9 > /backup/mysqldump/$x.`date +%Y%m%d`.gz
done


Linux Server Hacks (v1)

:)

cool tricks with pv

Blog come... blogs go... Im just keeping some notes here...

1) Simulate typing
echo "You can simulate on-screen typing just like in the movies" | pv -qL 10

2) Monitor progress of a command
pv access.log | gzip > access.log.gz

3) copy working directory and compress it on-the-fly while showing progress

tar -cf - . | pv -s $(du -sb . | awk '{print $1}') | gzip > out.tgz

4) dd with progress bar and statistics

dd if=/dev/sdc bs=4096 | pv -s 2G | sudo dd bs=4096 of=~/USB_BLACK_BACKUP.IMG

5) [re]verify a disc with very friendly output

dd if=/dev/cdrom | pv -s 700m | md5sum | tee test.md5

6) time how fast the computer reads from /dev/zero

pv /dev/zero > /dev/null


Cheers to UrFix's Blog

:)

Monday, 28 February 2011

ossec centralized management

Some notes on my efforts to centrally manage ossec-clients with one ossec-server installation.

Some facts:

How does the whole agent-server configuration work?:
  1. agent monitors files, does system and root checks, etc
  2. forwards all configured inputs to the server
  3. server checks events against the rules, sends alerts/reports and tells the agent to run active responses
  4. agent runs active responses

The only thing I've found that HAS to be defined in the agent's ossec.conf file is the server IP. Everything else can be configured in the agent.conf on the server.

agent.conf is stored in /var/ossec/etc/shared/

/var/ossec/bin/agent_control -i 016

This will provide information on the client in question (ID = 016) as well as the version its running as such:

Client version:      OSSEC HIDS v2.5.1 / 00e5770b1c88ce9e9500de69e03e6c21

The md5sum of the agent.conf file should be the same at the signature above

00e5770b1c88ce9e9500de69e03e6c21  /var/ossec/etc/shared/agent.conf

More to come :)


Wednesday, 23 February 2011

sniffer log analysis

Just a quick note for when using Wireshark to sniff http traffic.
Facebook: &pass=
POST /login.php?login_attempt=1

Gmail: &Passwd=
POST /accounts/ServiceLoginAuth

Hotmail: hotmail.com&passwd=
POST /ppsecure/post.srf

Twitter: &session%5Bpassword%5D=
POST /sessions

Just so you dont spend your life looking for the passwords you need :)

Saturday, 22 January 2011

resolution fedora

Annoying when fedora does not pick up the actual resolution your monitor can do...

God bless linux cli though.. let see
gtf 1680 1050 60 -x

# 1680x1050 @ 60.00 Hz (GTF) hsync: 65.22 kHz; pclk: 147.14 MHz
Modeline "1680x1050_60.00"  147.14  1680 1784 1968 2256  1050 1051 1054 1087  -HSync +Vsync

This is the mode you want to add to your display
xrandr --newmode "1680x1050_60.00" 147.14  1680 1784 1968 2256  1050 1051 1054 1087  -HSync +Vsync

Now that it is added we have to assign it to the monitor you want to use it in
xrandr

Screen 0: minimum 320 x 200, current 2304 x 768, maximum 8192 x 8192
LVDS1 connected (normal left inverted right x axis y axis)
1366x768       60.2 +
1024x768       60.0
800x600        60.3     56.2
640x480        59.9
VGA1 connected 1024x768+0+0 (normal left inverted right x axis y axis) 0mm x 0mm
1024x768       60.0*
800x600        60.3     56.2
848x480        60.0
640x480        59.9
HDMI1 disconnected (normal left inverted right x axis y axis)
DP1 disconnected (normal left inverted right x axis y axis)
HDMI2 connected 1280x720+1024+0 (normal left inverted right x axis y axis) 160mm x 90mm
1280x720       60.0*+   50.0
720x576        50.0
720x480        59.9
640x480        60.0
DP2 disconnected (normal left inverted right x axis y axis)

In this case it is VGA1 so:
xrandr --addmode VGA1 1680x1050_60.00

And done! If you go to System -> Preferences -> Monitors the new mode will be available :D

Have fun :D