Categories

Beeld advertenties

# -->

November 23, 2009

Login to Windows server using SSH

Sometimes it can be extremely useful to login to a Windows server using SSH. This is a procedure to achieve this.

First, download and install Bitvise WinSSHD on the Windows server. If needed, you can read the documentation first. After installation, you have to start the WinSSHD service in order to activate SSH.

Winssh1

Continue reading "Login to Windows server using SSH" »

Posted in SSH | | Comments (0) | TrackBack (0)

|

November 22, 2009

Create diagrams with multi-platform DIA

Do you want people to know what you're developing ? I have found a nice free (and multi-platform) program to make diagrams (in order to make things a lot more understandable). The name of the tool is Dia and you can find all information at:

http://live.gnome.org/Dia (Linux)
http://dia-installer.de/index_en.html (Windows)

Dia is roughly inspired by the commercial Windows program 'Visio', though more geared towards informal diagrams for casual use. It can be used to draw many different kinds of diagrams and has standard sheets for a.o. network, cisco, sybase, database, UML etc. etc. I think it's really a great product !

Dia

Posted in Web/Technologie | | Comments (0) | TrackBack (0)

|

November 13, 2009

Synchronize files and folders

I was looking for a free Windows tool to synchronize files and folders between two locations on my network. I have tried Microsoft SyncToy 2.1. Both 32 and 64 bits versions are available.

Synctoy_01
 

The GUI is easy to understand. But, there's also a command line tool available (SyncToyCmd.exe) which is nice when you want to use a batch job to synchronize your files automatically on a daily basis. I think this is one of the most comfortable tools available for this job!

Posted in Windows | | Comments (0) | TrackBack (0)

|

October 21, 2009

View the contents of a DD image while it's being made

I'm acquiring an old hard drive. The hard drive is not recognized in Windows. So, the only option for me is to make the image with Linux. At the moment I'm making a DD image, using this command:

dd if=/dev/sdc1 of=/home/my_name/my_dir/partition.image bs=4096 conv=notrunc,noerror

To my surprise, I can open and view the contents of the DD image with FTK Imager, while the DD image is being made and certainly not ready yet. No error warnings at all, in the background the DD process keeps goin' on and the image get's bigger and bigger.

I think this is quiet cool, maybe this trick can be usefull in very urgent cases, what do you think ?

Posted in Forensics, FTK Imager | | Comments (0) | TrackBack (0)

|

October 20, 2009

About base64

The new release of UltraEdit offers the possibility to encode / decode files with base46. I want to know more about it. I found nice information in this file from Chris Melnick  (2004).

Continue reading "About base64" »

Posted in Web/Technologie | | Comments (0) | TrackBack (0)

|

October 09, 2009

Lab FTK Imager: file carving using the MFT

NTFS uses the MFT as a kind of database to keep track of files. We can use the MFT to find the location (cluster) of the file and we can carve the file in order to study it. Let's use FTK Imager to see how it works. 

Continue reading "Lab FTK Imager: file carving using the MFT " »

Posted in Forensics, FTK Imager | | Comments (3) | TrackBack (0)

|

October 05, 2009

Windows: simple web scraping with Wget.exe

I just stumbled upon wget.exe, a free, GNU win32 edition of the great wget tool which I used under Linux a lot. Wget is a very simple tool to scrape webpages.

How does it work:

wget.exe "http://somesite.com/somepage.html" -O yourfile.htm

Other variables:

wget --help
GNU Wget 1.11.4, a non-interactive network retriever.
Usage: wget [OPTION]... [URL]...

Mandatory arguments to long options are mandatory for short options too.

Startup:
  -V,  --version           display the version of Wget and exit.
  -h,  --help              print this help.
  -b,  --background        go to background after startup.
  -e,  --execute=COMMAND   execute a `.wgetrc'-style command.

Logging and input file:
  -o,  --output-file=FILE    log messages to FILE.
  -a,  --append-output=FILE  append messages to FILE.
  -d,  --debug               print lots of debugging information.
  -q,  --quiet               quiet (no output).
  -v,  --verbose             be verbose (this is the default).
  -nv, --no-verbose          turn off verboseness, without being quiet.
  -i,  --input-file=FILE     download URLs found in FILE.
  -F,  --force-html          treat input file as HTML.
  -B,  --base=URL            prepends URL to relative links in -F -i file.

Download:
  -t,  --tries=NUMBER            set number of retries to NUMBER (0 unlimits).
       --retry-connrefused       retry even if connection is refused.
  -O,  --output-document=FILE    write documents to FILE.
  -nc, --no-clobber              skip downloads that would download to existing files.
  -c,  --continue                resume getting a partially-downloaded file.
       --progress=TYPE           select progress gauge type.
  -N,  --timestamping            don't re-retrieve files unless newer than local.
  -S,  --server-response         print server response.
       --spider                  don't download anything.
  -T,  --timeout=SECONDS         set all timeout values to SECONDS.
       --dns-timeout=SECS        set the DNS lookup timeout to SECS.
       --connect-timeout=SECS    set the connect timeout to SECS.
       --read-timeout=SECS       set the read timeout to SECS.
  -w,  --wait=SECONDS            wait SECONDS between retrievals.
       --waitretry=SECONDS       wait 1..SECONDS between retries of a retrieval 
       --random-wait             wait from 0...2*WAIT secs between retrievals.
       --no-proxy                explicitly turn off proxy.
  -Q,  --quota=NUMBER            set retrieval quota to NUMBER.
       --bind-address=ADDRESS    bind to ADDRESS (hostname or IP) on local host 
       --limit-rate=RATE         limit download rate to RATE.
       --no-dns-cache            disable caching DNS lookups.
       --restrict-file-names=OS  restrict chars in file names to ones OS allows 
       --ignore-case             ignore case when matching files/directories.
       --user=USER               set both ftp and http user to USER.
       --password=PASS           set both ftp and http password to PASS.

Directories:
  -nd, --no-directories           don't create directories.
  -x,  --force-directories        force creation of directories.
  -nH, --no-host-directories      don't create host directories.
       --protocol-directories     use protocol name in directories.
  -P,  --directory-prefix=PREFIX  save files to PREFIX/...
       --cut-dirs=NUMBER          ignore NUMBER remote directory components.

HTTP options:
       --http-user=USER        set http user to USER.
       --http-password=PASS    set http password to PASS.
       --no-cache              disallow server-cached data.
  -E,  --html-extension        save HTML documents with `.html' extension.
       --ignore-length         ignore `Content-Length' header field.
       --header=STRING         insert STRING among the headers.
       --max-redirect          maximum redirections allowed per page.
       --proxy-user=USER       set USER as proxy username.
       --proxy-password=PASS   set PASS as proxy password.
       --referer=URL           include `Referer: URL' header in HTTP request.
       --save-headers          save the HTTP headers to file.
  -U,  --user-agent=AGENT      identify as AGENT instead of Wget/VERSION.
       --no-http-keep-alive    disable HTTP keep-alive (persistent connections)
       --no-cookies            don't use cookies.
       --load-cookies=FILE     load cookies from FILE before session.
       --save-cookies=FILE     save cookies to FILE after session.
       --keep-session-cookies  load and save session (non-permanent) cookies.
       --post-data=STRING      use the POST method; send STRING as the data.
       --post-file=FILE        use the POST method; send contents of FILE.
       --content-disposition   honor the Content-Disposition header when choosing local file names (EXPERIMENTAL).
       --auth-no-challenge     Send Basic HTTP authentication information without first waiting for the server's challenge.

HTTPS (SSL/TLS) options:
       --secure-protocol=PR     choose secure protocol, one of auto, SSLv2, SSLv3, and TLSv1.
       --no-check-certificate   don't validate the server's certificate.
       --certificate=FILE       client certificate file.
       --certificate-type=TYPE  client certificate type, PEM or DER.
       --private-key=FILE       private key file.
       --private-key-type=TYPE  private key type, PEM or DER.
       --ca-certificate=FILE    file with the bundle of CA's.
       --ca-directory=DIR       directory where hash list of CA's is stored.
       --random-file=FILE       file with random data for seeding the SSL PRNG.
       --egd-file=FILE          file naming the EGD socket with random data.

FTP options:
       --ftp-user=USER         set ftp user to USER.
       --ftp-password=PASS     set ftp password to PASS.
       --no-remove-listing     don't remove `.listing' files.
       --no-glob               turn off FTP file name globbing.
       --no-passive-ftp        disable the "passive" transfer mode.
       --retr-symlinks         when recursing, get linked-to files (not dir).
       --preserve-permissions  preserve remote file permissions.

Recursive download:
  -r,  --recursive          specify recursive download.
  -l,  --level=NUMBER       maximum recursion depth (inf or 0 for infinite).
       --delete-after       delete files locally after downloading them.
  -k,  --convert-links      make links in downloaded HTML point to local files.
  -K,  --backup-converted   before converting file X, back up as X.orig.
  -m,  --mirror             shortcut for -N -r -l inf --no-remove-listing.
  -p,  --page-requisites    get all images, etc. needed to display HTML page.
       --strict-comments    turn on strict (SGML) handling of HTML comments.

Recursive accept/reject:
  -A,  --accept=LIST               comma-separated list of accepted extensions.
  -R,  --reject=LIST               comma-separated list of rejected extensions.
  -D,  --domains=LIST              comma-separated list of accepted domains.
       --exclude-domains=LIST      comma-separated list of rejected domains.
       --follow-ftp                follow FTP links from HTML documents.
       --follow-tags=LIST          comma-separated list of followed HTML tags.
       --ignore-tags=LIST          comma-separated list of ignored HTML tags.
  -H,  --span-hosts                go to foreign hosts when recursive.
  -L,  --relative                  follow relative links only.
  -I,  --include-directories=LIST  list of allowed directories.
  -X,  --exclude-directories=LIST  list of excluded directories.
  -np, --no-parent                 don't ascend to the parent directory.

Mail bug reports and suggestions to <bug-wget@gnu.org>.

Posted in Web/Technologie | | Comments (0) | TrackBack (0)

|

September 21, 2009

Some cool command line tricks in Windows Server 2008 (and Vista)

I recently started to work with Microsoft Windows Server 2008 (IIS7) and I have detected some really cool command line tricks:

ForFiles

Use ForFiles to delete files older than (for example) two days:

Forfiles /P C:\Downloads\ /S /M *.jpg /D -2 /C "cmd /C del /Q @path"

More information about ForFiles is available using this command:

forfiles /?

Schtasks

Use Schtasks to schedule tasks from the command line. For example, create a scheduled task that runs every hour:

schtasks /create /tn "Name of the task" /tr run this command /sc HOURLY

another example:

create a scheduled task that runs every day at a specific time:

schtasks /create /tn "My script" /tr C:\Users\Administrator\MyScripts\myscript.bat /sc daily /st 08:00

The scheduled task shows up in Windows Task Manager (library). More information about schtasks is available using this command:

schtasks /?

and is also available at:

http://technet.microsoft.com/en-us/library/cc725744(WS.10).aspx 

Please let me know if you know other, really useful command line tricks that I can use under Windows Server 2008 !

Posted in Windows | | Comments (0) | TrackBack (0)

|

August 11, 2009

How to prevent your Windows clipboard is stolen

Unfortunately, some webpages can steal the text you last copied for pasting (copy & paste) in Windows. With a combination of JavaScript, ASP, PHP or CGI, those webpages may be able to write your possible sensitive data (like your credit card number) to a database on another server.

An example of this is available here.

Fortunately, the fix for this is quite simple:

1. In Internet Explorer, go to Tools -> Internet Options -> Security
2. Click on Custom Level
3. In the security settings, click to Disable the “Allow Paste Operations via Script.” That will keep your clipboard contents private !

Posted in Windows | | Comments (0) | TrackBack (0)

|

August 09, 2009

Connect to SSH server with Windows command line

Today I was playing with Tunnelier for Windows and so I discovered some nice command line tools. During installation of the free Tunnelier, several command line tools are automatically installed:

  • sftpc
  • sexec

Sftpc is an advanced command-line SFTP.

USAGE:
sftpc [username@]host[:port] OR -profile=file [-host=host] [-port=port]
      [-spn=SPN] [-sspi=y|n] [-dlg=y|n]
      [-user=username] [-gka] [-gma [-krb OR -ntlm]] [-pk=slot [-pp=passphrase]]
      [-pw=password] [-kbdi [-sub=submethods]]
      [-cmd=commands OR -cmdFile=file [-ce]] [-bg]
      [-encr=list] [-mac=list] [-cmpr=list] [-dhkex=list] [-hkey=list] [-ka=y|n]
      [-kre=y|n]
      [-unat=y|n]
      [-noRegistry OR -baseRegistry=registry-key]
      [-proxy=y|n [-proxyType=type] -proxyServer=server [-proxyPort=port]
      [-proxyUsername=username [-proxyPassword=password]]
      [-proxyResolveLocally]]
      [-hostKeyMD5=MD5-fingerprint] [-hostKeyBB=Bubble-Babble]
      [-hostKeyFile=file]
      [-keypairFile=file [-keypairPassphrase=passphrase]]
      [-traceLevel=level [-traceFile=file]]

I did a test and connected to a remote OpenSSH server, like this:

sftpc username@ip-address:port -pw=password -cmd="put this_local_file.txt"

It works like a charm, and you can up- and download files via your well known dosbox.

With Sexec, a scriptable command-line remote execution client, you can execute programs on remote machines from a batch file.

For example:

sexec username@ip-address:port -pw=password -cmd="cd /var/www/mysite;ls"

USAGE:
sexec [username@]host[:port] OR -profile=file [-host=host] [-port=port]
      [-spn=SPN] [-sspi=y|n] [-dlg=y|n]
      [-user=username] [-gka] [-gma [-krb OR -ntlm]] [-pk=slot [-pp=passphrase]]
      [-pw=password] [-kbdi [-sub=submethods]]
      [-encr=list] [-mac=list] [-cmpr=list] [-dhkex=list] [-hkey=list] [-ka=y|n]
      [-kre=y|n]
      [-unat=y|n]
      [-noRegistry OR -baseRegistry=registry-key]
      [-proxy=y|n [-proxyType=type] -proxyServer=server [-proxyPort=port]
      [-proxyUsername=username [-proxyPassword=password]]
      [-proxyResolveLocally]]
      [-hostKeyMD5=MD5-fingerprint] [-hostKeyBB=Bubble-Babble]
      [-hostKeyFile=file]
      [-keypairFile=file [-keypairPassphrase=passphrase]]
      [-traceLevel=level [-traceFile=file]]
      [-shell OR -cmd=command OR command]

Another example:

sexec username@ip-address:port -pw=password -cmd="
/usr/local/bin/sendEmail -f username@gmail.com -t recipient@mail.com -s smtp.gmail.com:587 -xu username -xp password -o tls=yes -u ssh testje -m testje"

Posted in SSH | | Comments (0) | TrackBack (0)

|

»