Administrations | Bots!

Installing SqlMap in Ubuntu / any Linux distro for SQL Injection

January 27, 2017 by Rumi

SQLMAP is a automated SQL injection tool which does most of the work for you. If you don’t know what SQL injection is head over here: https://en.wikipedia.org/wiki/SQL_injection

Using SQLMAP, you can “hack” many databases in very short time. In the next post, i will show you how to dump database tables and credentials from a vulnerable database and explore.

Even if the passwords are stored using hashing functions ( https://en.wikipedia.org/wiki/Hash_function ), you can crack these hashes using online tools.

Here is the complete video guide for installation:

All about VPN ports

January 26, 2017 by Rumi

1) If RRAS based VPN server is behind a firewall (i.e. a firewall is placed between Internet and RRAS server), then following ports need to be opened (bidirectional) on this firewall to allow VPN traffic to pass through: –

For PPTP:
1. IP Protocol=TCP, TCP Port number=1723 <- Used by PPTP control path
2. IP Protocol=GRE (value 47) <- Used by PPTP data path
For L2TP:
1. IP Protocol Type=UDP, UDP Port Number=500 <- Used by IKEv1 (IPSec control path)
2. IP Protocol Type=UDP, UDP Port Number=4500 <- Used by IKEv1 (IPSec control path)
3. IP Protocol Type=ESP (value 50) <- Used by IPSec data path
For SSTP:
1. IP Protocol=TCP, TCP Port number=443 <- Used by SSTP control and data path
For IKEv2:
1. IP Protocol Type=UDP, UDP Port Number=500 <- Used by IKEv2 (IPSec control path)
2. IP Protocol Type=UDP, UDP Port Number=4500 <- Used by IKEv2 (IPSec control path)
3. IP Protocol Type=ESP (value 50) <- Used by IPSec data path

Increase MySQL connections max_connections

January 19, 2017 by Rumi

If you need to increase MySQL Connections without MySQL restart do like below

mysql> show variables like 'max_connections';
+-----------------+-------+
| Variable_name | Value |
+-----------------+-------+
| max_connections | 100 |
+-----------------+-------+
1 row in set (0.00 sec)

mysql> SET GLOBAL max_connections = 150;
Query OK, 0 rows affected (0.00 sec)

mysql> show variables like 'max_connections';
+-----------------+-------+
| Variable_name | Value |
+-----------------+-------+
| max_connections | 150 |
+-----------------+-------+
1 row in set (0.00 sec)
These settings will change at MySQL Restart.

For permanent changes add below line in my.cnf and restart MySQL

max_connections = 150

Learning watch command with examples!

January 18, 2017 by Rumi

watch date

watch -d date

watch -n 10 df -h

watch -t date

watch echo "'"'$$'"'"

watch echo $$

watch -n 0.5 echo $$

watch -n 1 'ps -e -o pid,uname,cmd,pmem,pcpu --sort=-pmem,-pcpu | head -15'

watch -d -n 1 ifconfig

watch -n 1 tail /var/log/messages

watch -d=cumulative date

watch "du -h filename.txt && df -h"

watch -e "! date |grep -m 1 \"Dec\""

watch -n 1 sed 's/A/Ravi/g' file1.txt

Fixing error: ‘Access denied for user ‘debian-sys-maint’@’localhost’ (using password: YES)’

January 17, 2017 by Rumi

For all you Ubuntu/MySQL developers out there, have you ever seen the following?

neo@thematrix:~$ sudo /etc/init.d/mysql restart
* Stopping MySQL database server mysqld [fail]
* Starting MySQL database server mysqld [ OK ]
/usr/bin/mysqladmin: connect to server at 'localhost' failed
error: 'Access denied for user 'debian-sys-maint'@'localhost' (using password: YES)'

So, what is this “debian-sys-maint” user? Well, this MySQL user is created for the Ubuntu to be able to start/stop the database and to carry out other maintenance operations.

Sounds well enough, but then why do I keep running into the “access denied” problem for this user? Well, the issue is that with each update to MySQL, the user’s password in the database is overwritten. Ubuntu seems to go to the file /etc/mysql/debian.cnf in order to find this user’s password, but obviously the password is out of sync after the update has been applied.

As a result of this behaviour, I’ll run into the “access denied” problem every so often. Thankfully, the solution to this issue is fairly simple.

Tightvnc setup on Linux Mint

January 16, 2017 by Rumi

sudo apt-get install tightvncserver

cd ~/.vnc

ls

nano (or your favorite text editor.) xstartup. edit anything you need to. Then run:

tightvncserver

Go to your other computer. Run a vnc viewer. And enter in your IP like-

<vncserverIP>:1

UDP Load Balancing using PEN

January 5, 2017 by Rumi

First setup PEN load balancer using this document.

After that, keep digging below 🙂

And that’s it, so now if we run pen we see it now has UDP support.

root@penudp:~/pen-0.18.0# pen
usage:
pen [-C addr:port] [-X] [-b sec] [-S N] [-c N] [-e host[:port]]
[-t sec] [-x N] [-w dir] [-HPWadfhrs]
[-o option]
[-E certfile] [-K keyfile]
[-G cacertfile] [-A cacertdir]
[-Z] [-R] [-L protocol]
[host:]port h1[:p1[:maxc1[:hard1[:weight1[:prio1]]]]] [h2[:p2[:maxc2[:hard2[:weight2[:prio2]]]]]] ...
-B host:port abuse server for naughty clients
-C port control port
-T sec tracking time in seconds (0 = forever) [0]
-H add X-Forwarded-For header in http requests
-U use udp protocol support

Now to test this I have just brought up a couple of DNS servers running bind.

Linux Remove All Partitions or Data And Create Empty Disk

December 13, 2016 by Rumi

Use the following dd command to remove data from /dev/hdX:

dd if=/dev/zero of=/dev/hdX bs=512 count=1

OR for sata disk, use the following syntax:

dd if=/dev/zero of=/dev/sdX bs=512 count=1

In this example, empty sata disk /dev/sdb, enter (you must be login as the root user):

fdisk /dev/sdb
dd if=/dev/zero of=/dev/sdb bs=512 count=1
fdisk -l /dev/sdb

The safest way to clean up /boot partition in Debian or Ubuntu

December 7, 2016 by Rumi

First check your kernel version, so you won’t delete the in-use kernel image, running:

uname -r

Now run this command for a list of installed kernels:

dpkg --list 'linux-image*'

and delete the kernels you don’t want/need anymore by running this:

sudo apt-get remove linux-image-VERSION

Replace VERSION with the version of the kernel you want to remove.

LEMP on Debian 7

December 3, 2016 by Rumi

Installing MySQL 5

In order to install MySQL, we run

apt-get install mysql-server mysql-client

You will be asked to provide a password for the MySQL root user – this password is valid for the user root@localhost as well as root@server1.example.com, so we don’t have to specify a MySQL root password manually later on:

New password for the MySQL “root” user: <– yourrootsqlpassword
Repeat password for the MySQL “root” user: <– yourrootsqlpassword

PHP-FPM & PHP modules installation

Use the below command to install PHP-FPM & PHP modules. PHP initially called Personal Home Page, now it is called asHypertext Preprocessor. PHP is a opensource software which is designed for web development purpose. It is used for server-side scripting language as well as general-purpose programming language.

$ sudo apt-get install php5 php5-fpm php5-mysql php5-cli php5-curl php5-gd php5-mcrypt