Categories
Linux Notepad++ Windows 7

Add “Open with Notepad++” to the Context Menu for All Files in Windows 7

Having the context menu option, “Open with Notepad++” (my favorite FREE Windows text editor) is invaluable, making it easy to quickly and easily open files with just a (right) mouse click or two.

This registry hack is nothing new, it’s been around forever… think of this as a refresher course. Also note that you can use this same technique to substitute any other application that you’d like by adjusting the path in the registry to point to the different editor or to add other “open with” Context Menu options.

Registry Hack
Open regedit.exe and navigate to the following key:

HKEY_CLASSES_ROOT*shell

  • Right-click on “shell” and choose to create a new key, calling it “Open with Notepad++”. 
  • Create a new key below that one called “command”.
  • Double-click on the (Default) value in the right-hand pane and enter in the following:

C:Program Files (x86)Notepad++notepad++.exe %1

NOTE: your path may be different.

The change should take effect immediately.  Now you can right-click on any file and you’ll see the new “Open With Notepad++” menu entry.

Download Registry Hack
Just copy the following and save it to a file with a .reg extension.  Double-click the file and import to your registry.

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT*shellOpen With Notepad++]

[HKEY_CLASSES_ROOT*shellOpen With Notepad++command]
@=”C:\Program Files (x86)\Notepad++\notepad++.exe %1″

NOTE: This will work on previous Windows versions as well – Vista, Windows 2008, Windows 2003, etc.

Categories
Amazon Web Services EC2 Linux Windows 2008

Windows 2008 Server on Amazon’s EC2 – a First Look

Within a couple hours of Amazon’s announcement of the availability of Windows 2008 machine images (AMI’s) on their EC2 (Elastic Compute Cloud) platform a few days ago I had to give it a try – see my previous post, “Amazon EC2 Now Offers Windows Server 2008 – Finally!”

I used RightScale to locate and launch a Windows 2008 instance.

Now that I know the AMI (ami-5a07e533) I can easily launch instances in the future from the command line using Amazon’s command line tools:

ec2-run-instances ami-5a07e533 -n 1 -g <group1> -g <group2> -g <group3> -k <My AWS Key> -t m1.small -z us-east-1a

Once it was up and running I got the administrator password in ElasticFox, launched RD & went to work checking it out and setting it up to suit my needs.

Here are a couple things I noticed:

  • I knew the 10GB “C” drive partition Windows 2003 instances have wouldn’t be big enough for Windows 2008 so I started there. I was pleasantly surprised to see a 30GB partition, however that’s all, it didn’t have a “D” drive like with other instances (both Linux and Windows 2003 have a 340GB partition, at least on m1.small instances, larger instances have larger data drives). Needless to say I was a little disappointed the Windows 2008 instance didn’t have an additional drive for data. Guess I’ll just have to use EBS (Elastic Block Storage) volume(s).
  • Looks like the Windows 2008 instances are priced the same as the Windows 2003 instances, albeit a with a little disk space – probably have to squeeze a little more $$$ out of us to pay the mighty Microsoft. When you break it down it could actually cost you quite a bit more for Windows 2008 than 2003.

Windows 2003 small instance: 720 hour/mo. * $.12 = $86.40 per month.
Windows 2008 small instance: 720 hour/mo. * $.12 = $86.40 per month + $36 (to make up for the lost disk space) = $122.40 per month, or 30% more.

Of course I had to check the Windows Update status & found it needed 14 “recommended” or critical updates, which I promptly installed. Probably 1/2 of these were release two days ago by Microsoft on Patch Tuesday. But even still I hoped the image would have been a little more up-to-date.

While the updates were downloading and installing I tweaked my desktop a little so it would be setup the way I like.

Another feature Amazon announced recently, “Booting From Amazon EBS,” is being used by the Windows 2008 instances. This is what enables the larger system partition, or “C” drive. This also enables the ability to “shutdown” the instance, then you can start it back up at a later time & it will pick up where it left off. While the machine is shutdown you won’t be charged for computing resources time, but you will still be charged for the EBS volume(s) on which the server is based.

Bundling an Instance Backed by Amazon EBS
One common use case is the desire to make a point‐in‐time copy of the contents of the root device so that another instance could boot off of that image. Images are typically created for backup purposes or to make clones of the existing instance. Previously, this process on Linux required you to create an image of your instance on the instance itself and no APIs were available to assist. On Windows, there was an API that you could call to create an image of the instance, but had to make another subsequent call to register the AMI. Now, there is one API for both Linux/UNIX and Windows that allows you to bundle your AMI backed by Amazon EBS and register it.

After setting up and playing with my new EC2 Windows 2008 server for a while I shut it down so I could start it up in the future when I’m ready to dive a little deeper into it. Right now it’s costing me $3 a month to sit there – not bad.

All in all I’m glad Amazon finally supports Windows 2008 & it seems to function just fine. My existing tools, from ElasticFox, to RightScale, to Amazon Command Line Tools, all work with Windows 2008 without any upgrade or modification, which is a definite plus. I was a little disappointed my small instance has 320GB less storage than a small Linux or Windows 2003 instance, which means I’ll have to pay $32/mo. more to get that back – the more I think about it I’m a lot disappointed about the hidden price increase.

Categories
YouTube

How to start a YouTube video at a certain point

In order to start a YouTube video at a certain point you would add this to the video URL:

#t=2m25s

Where “2m” indicates 2 minutes and the “25s” indicates 25 seconds. So, the following will cause the video to begin playing at 2:25 of the video:

http://www.youtube.com/watch?v=dMH0bHeiRNg#t=2m25s

This method only works for directly linking to YouTube videos.  But, what if you want to start an embeded YouTube video at a certain point?  That’s simple as well.

First, grab the video embed code after specifying your desired settings.

It will look something like this:

<object width="480" height="385"><param name="movie" value="http://www.youtube.com/v/dMH0bHeiRNg&hl=en_US&fs=1&rel=0"></param><param name="allowFullScreen" value="true"></param><param name="allowscriptaccess" value="always"></param><embed src="http://www.youtube.com/v/dMH0bHeiRNg&hl=en_US&fs=1&rel=0" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="480" height="385"></embed></object>

You need to add the command &start=145 (for this example we are using 145 seconds, which is the same as 2 minutes, 25 seconds) to the end of both URLs in the embed code.  It will look like this:

<object width="480" height="385"><param name="movie" value="http://www.youtube.com/v/dMH0bHeiRNg&hl=en_US&fs=1&rel=0&start=145"></param><param name="allowFullScreen" value="true"></param><param name="allowscriptaccess" value="always"></param><embed src="http://www.youtube.com/v/dMH0bHeiRNg&hl=en_US&fs=1&rel=0&start=145" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="480" height="385"></embed></object>

Don’t believe me?  Just click the embeded video below and see for yourself.

“Well that’s just great!” By Nikki of Nikki and Jon, AKA Pranksters In Love.

“Evolution of Dance.” One of the most popular YouTube videos ever.

Categories
DNS lookup Linux ping traceroute

Web-based ping, traceroute and DNS lookup

Today I ran across three useful online tools to do a quick test from multiple locations worldwide of ping, traceroute and DNS lookup.

  • just-ping.com – Online web-based ping: remote ping a server or web site using our network with 40 checkpoints worldwide.
  • just-traceroute.com – Online traceroute from 4 locations worldwide.
  • just-dnslookup.com – Remote DNS lookup (nslookup/dig) from 30+ locations worldwide.
Categories
CDN CDN Comparison

CDN Performance Comparison

Here is a great CDN comparison of performance (latency) from Mudy’s Blog.  Visit the original post for more information and supporting documentation.

Result Summary:

Network Average Median
Akamai 9.67 2.9
Aol CDN 9.22 4
Panthercdn 62.36 12.7
LimeLight 58.04 13.2
Mosso Cloud Files 56.81 13.5
Amazon Cloudfront 62.82 18.6
Google Homepage 53.53 23.15
Cachefly 54.57 28.2
Google Ajax Library 54.96 28.5
Homemade CDN 76.31 29
Yahoo Homepage 82.77 38.4
Google App Engine 76.03 42.8
US East 130.11 96.9
SimpleCDN 142.84 100.8
US West 156.32 165.4



Chart:

Categories
CDN CDN Comparison Linux

Comparison of CDN’s used by major websites

Comparison of CDN’s (Akami, Limelicht and SAVVIS) used by Amazon.com, Yahoo.com, Wikipedia.org, MySpace.com, MSN.com, Google.com, CNN.com, eBay.com, AOL.com and YouTube.com.

Big Websites and CDN comparison by Narabe
Akamai Limelight SAVVIS
Amazon
Yahoo
Wikipedia
MySpace
MSN
Google
eBay
CNN
AOL
YouTube
Categories
BackTrack Grep Linux SSL Ubuntu USB VMWare

Building the Perfect Backtrack 4 USB Thumb Drive

This post will show you how to build a USB thumb drive with the following features:

  • Persistent Changes
  • Nessus and NessusClient installed
  • Encryption configured for storing data

Tools and Supplies

  1. USB thumbdrive – minimum capacity 4GB
  2. BackTrack 3 CDROM, BackTrack 4 DVD or an additional USB thumbdrive (minimum 2GB) – Used to partition the thumbdrive.
  3. Optional: UNetbootin – A tool to transfer an iso image to a USB drive.

Download the BackTrack ISO (BackTrack 4 Pre Release is the latest as of this posting)

This tutorial is based commands executed from BackTrack, so you will have to boot BackTrack 4 first. The easiest way to do this is to boot from the BackTrack 4 DVD, which is a live CD.

Partition the USB thumbdrive
First, boot to BackTrack 4. You will have to figure out which drive is the target drive. The following command will show the drives available and you can determine from that which is the new USB drive:

dmesg | egrep hd.|sd.

Partition and format the drive as follows:

  1. The first partition needs to be a primary partition of at least 1.5 GB and set to type vfat. Also remember to make this partition active when you are creating it. Otherwise you might have some boot problems.
  2. The second Partition can be the rest of the thumb drive.

Below are the steps to take to get the drive partitioned and formatted, and were taken from this video on the Offensive Security website. A ‘#‘ indicates a comment and is not part of the command and user typed commands are blue bold. Note, make sure to delete any existing partitions on the drive first.

fdisk /dev/sda # use the appropriate drive letter for your system
# delete existing partitions, of which there may be more than one. 

Command (m for help): d
Partition number (1-4): 1 

# create the first partition 

Command (m for help): n
Command action
e extended
p primary partition (1-4)
p
Partition number (1-4): 1
First cylinder (1-522, default 1): <enter>
Using default value 1
Last cylinder, +cylinders or +size{K,M,G} (1-522, default 522): +1500M 

#create the second partition 

Command (m for help): n
Command action
e extended
p primary partition (1-4)
p
Partition number (1-4): 2
First cylinder (193-522, default 193): <enter>
Using default value 193
Last cylinder, +cylinders or +size{K,M,G} (193-522, default 522): <enter>
Using default value 522

# Setting the partition type for the first partition to vfat/fat32 

Command (m for help): t
Partition number (1-4): 1
Hex code (type L to list codes): b
Changed system type of partition 1 to b (W95 FAT32) 

# Setting the partition type for the second partition to Linux 

Command (m for help): t
Partition number (1-4): 2
Hex code (type L to list codes): 83 

# Setting the first partition active 

Command (m for help): a
Partition number (1-4): 1 

Command (m for help): w 

# now it is time to format the partitions 

mkfs.vfat /dev/sdb1
mkfs.ext3 -b 4096 -L casper-rw /dev/sdb2

Two things to notice above in the format commands:

  1. We are using ext3 instead of ext2
  2. You must include the -L casper-rw portion of the command.

Being able to use ext3 is great because of journaling. The -L casper-rw option helps to get around the problem where we had to enter the partition name in order to get persistence working.

Partition and format the drive according the layout above.

Make it a bootable BackTrack 4 USB thumb drive
These steps are also taken from the Offensive Security video mentioned above.  They are:

  1. Mount the first partition
  2. Copy the BackTrack files to it
  3. Install grub

Execute the following commands.

# mount the first partition, sda1 in my case. 

mkdir /mnt/sda1
mount /dev/sda1 /mnt/sda1
 

# copy the files, you will need to find where the ISO is mounted on your system. 

cd /mnt/sda1
rsync -r /media/cdrom0/* .
 

# install grub 

grub-install --no-floppy --root-directory=/mnt/sda1 /dev/sda

Now you have a bootable BackTrack 4 USB thumb drive. Next let’s configure persistent changes.

Persistent Changes
This is done much differently and more easily than it was in BackTrack 4 Beta or BackTrack 3. First of all, for basic persistence, no configuration is required. There is already a menu option for this, however, it is only for console mode so you will have to make a couple changes:

  1. Change the default boot selection to persistent
  2. Set the resolution for the GUI

cd /mnt/sda1/boot/grub
vi menu.lst 

# change the default line below to ‘default 4' and append ‘vga=0×317' (that’s a zero) to the kernel line to set the resolution to 1024×768 

# By default, boot the first entry.
default 4
.
.
.
title Start Persistent Live CD
kernel /boot/vmlinuz BOOT=casper boot=casper persistent rw quiet vga=0×317
initrd /boot/initrd.gz

:wq

Reboot and either select “Start Persistent Live CD” or just wait since we set it to auto-boot to persistent mode. To testit, create a file and reboot again. If your file is still there, everything is working.

Install Nessus
Download the Ubuntu Nessus and NessusClient packages from nessus.org.

Again, with BackTrack 4 things are little easier. To install the Nessus server, simply execute the following command to install the package.

dpkg –install Nessus-4.0.2-ubuntu810_i386.deb

Things used to be a little bit more complicated for the client, but with the release of the pre-final version, it is just as easy as installing as the server.

dpkg –install NessusClient-4.0.2-ubuntu810_i386.deb

Finally it’s time to configure Nessus. Execute each of the following and follow the prompts.

#create server certificate 

/opt/nessus/sbin/nessus-mkcert

This script will now ask you the relevant information to create the SSL
certificate of Nessus. Note that this information will *NOT* be sent to
anybody (everything stays local), but anyone with the ability to connect to your Nessus daemon will be able to retrieve this information.
CA certificate life time in days [1460]:<enter>
Server certificate life time in days [365]:<enter>
Your country (two letter code) [FR]:US
Your state or province name [none]:State
Your location (e.g. town) [Paris]:City
Your organization [Nessus Users United]:<enter>
.
.
.
Congratulations. Your server certificate was properly created.
.
. 

# add user 

/opt/nessus/sbin/nessus-adduser 

Login :Admin
Authentication (pass/cert) : [pass]<enter>
Login password :
Login password (again) :
Do you want this user to be a Nessus ‘admin’ user ? (can upload plugins, etc…) (y/n) [n]:y
User rules
———-
nessusd has a rules system which allows you to restrict the hosts
that Me has the right to test. For instance, you may want
him to be able to scan his own host only.
Please see the nessus-adduser manual for the rules syntax
Enter the rules for this user, and enter a BLANK LINE once you are done :
(the user can have an empty rules set)
Login : Admin
Password : ***********
This user will have ‘admin’ privileges within the Nessus server
Rules :
Is that ok ? (y/n) [y]y
User added
We want to disable Nessus starting at boot. We are going to do some things a little later than require that Nessus not be running at boot. 

/usr/sbin/update-rc.d -f nessusd remove

This command does not remove the Nessus start scripts. It only removes the links that cause Nessus to start at boot time.

The next thing to do is register the installation so you can get the plugin feed. You need to go here and request
a key.

Once you have your key. Execute the following to update your plugins. Please note that there are two dashes before register in the nessus-fetch line below. They can display as one sometimes.

/opt/nessus/bin/nessus-fetch –register [your feed code here]

When that is done, and it is going to take a few minutes, you are ready to start the server and client. Be aware that with version 4.0, while the command to start returns quickly, the actual starting of the service may take a minute or two. You may have to reboot before Nessus will work. You can use netstat -na to check that the
server is listening on port 1241.

/etc/init.d/nessusd start
/opt/nessus/bin/NessusClient

Time to find those vulnerabilities.

Configure Encryption
Since BackTrack will be used to poke at peoples networks and systems, with permission of course, it is very important that the information we find be protected. To do this, we are going to setup an encrypted volume that will eventually become our home directory.

This can be done with the GUI or via command line. We will be using the gui because we need to be able to format the volume with ext3 and, as yet, I have not been able to figure out how to do that via the command line on linux.

  • Launch truecrypt from a terminal window.  
  • When truecrypt opens click the “Create Volume” button.  
  • In the Volume Location field enter the path to your volume, like /work_dir, click next.  
  • Leave the default Encryption Options & click next.  
  • Enter the volume size, say 1GB or so.  
  • Enter and confirm your desired password. 
  •  Select ext3 for the file system type, click next.  
  • Click next on the Cross-Platform Support page leaving the default values.  
  • Click format – you should move your mouse to create randomness for higher security.

You will get a message that the volume was successful created. Click on the ‘OK’ button, then exit the Truecrypt gui, both the ‘Create Volume’ windows and the main windows, going back to your terminal (command line) window.

To test the filesystem, execute the following, note the -k ” is two single quotes, not a double quote:

truecrypt -t -k ” --protect-hidden=no /work_dir /media/truecrypt1
mount
cd /media/truecrypt1
df .

This will show that the volume is mounted and the amount of disk space you have left. The next step is to have this volume mounted when you log in. This can be done by editing the root user’s .profile file. Add the truecrypt command above to root’s .profile so it looks like this:

# ~/.profile: executed by Bourne-compatible login shells.
if [ "$BASH" ]; then
if [ -f ~/.bashrc ]; then
. ~/.bashrc
fi
fi
truecrypt -t -k '' --protect-hidden=no /my_secret_stuff /media/truecrypt1
mesg n

The next time you reboot you will be asked for the password for the volume and it will be mounted for you.

Now let’s tweak a few tings
The first thing we are going to do is configure networking to start at boot time. It’s convenient and easy to
disable later if necessary. All you have to do is execute the following command.

/usr/sbin/update-rc.d networking defaults

Next, make sure all the BackTrack tools and the system itself is up-to-date. First execute the following:

apt-get update

This is update the software repository information. Next, execute:

apt-get upgrade

The system will determine if there is anything that needs to be updated and then prompt you to continue. Individual packages can be updated by including the package name after upgrade.

Next reset the root user’s home directory during the login process to the mounted truecrypt volume. This will ensure that anything written to the home directory will be encrypted. Enter the following commands:

cd /media/truecrypt1
rsync -r –links /root/ .
 

# add the bold lines below 

vi /root/.profile 

# ~/.profile: executed by Bourne-compatible login shells. 

if [ "$BASH" ]; then
if [ -f ~/.bashrc ]; then
. ~/.bashrc
fi
fi
truecrypt -t -k '' --protect-hidden=no /my_secret_stuff /media/truecrypt1 

export HOME=/media/truecrypt1
export HISTFILE=/media/truecrypt1/.bash_history
cd
 

mesg n 

:wq

The next time you reboot, when you are finally in the system, your home directory will be /media/truecrypt1.
There is one last thing we should do – change nessus to log to the encrypted volume. This is very easy. The
file that controls this is /opt/nessus/etc/nessus/nessusd.conf. We need to create a place for the log files to go. Execute the following:

cd /media/truecrypt1
mkdir -p nessus/logs
 

Once you have done that, edit the /opt/nessus/etc/nessus/nessusd.conf file and change this:
.
.
.
# Log file :
logfile = /opt/nessus/var/nessus/logs/nessusd.messages
# Shall we log every details of the attack ? (disk intensive)
log_whole_attack = no
# Dump file for debugging output
dumpfile = /opt/nessus/var/nessus/logs/nessusd.dump
.
.
.

to this:

.
.
.
# Log file :
logfile = /media/truecrypt1/nessus/logs/nessusd.messages
# Shall we log every details of the attack ? (disk intensive)
log_whole_attack = no
# Dump file for debugging output
dumpfile = /media/truecrypt1/nessus/logs/nessusd.dump
.
.
.

That’s it. Now you have the Perfect Backtrack 4 USB Thumb Drive.

More BackTrack:

Categories
Linux Windows

Shortcut to Lock the Windows Desktop

Do you lock your Windows desktop every time you walk away? In Windows 7 (Vista, XP, 2008, 2003 too) you can do this by pressing Windows Key + L. However, to make it easier you should create a shortcut on your desktop, or better yet one in your Quick Launch toolbar.  Start by creating a new shortcut on your Windows desktop & enter the following in the field, “Type the location of the item”:

rundll32.exe user32.dll,LockWorkStation

Name it as desired and change the icon if you’d like.  Then you can copy or move it anywhere you’d like – to the Quick Launch toolbar for example.

Note: to view a list of Windows icons enter shell32.dll in the “Look for icons in this file” field of the “Change Icon” dialog box of the shortcut properties.

Categories
Kon-Boot Linux Security Ubuntu Windows

Bypass Windows or Linux Logon With Kon-Boot

Kon-Boot is an prototype piece of software which allows to change contents of a linux kernel (and now Windows kernel also!!!) on the fly (while booting). In the current compilation state it allows to log into a linux system as ‘root’ user without typing the correct password or to elevate privileges from current user to root. For Windows systems it allows to enter any password protected profile without any knowledge of the password. It was acctually started as silly project of mine, which was born from my never-ending memory problems 🙂 Secondly it was mainly created for Ubuntu, later i have made few add-ons to cover some other linux distributions. Finally, please consider this is my first linux project so far 🙂 Entire Kon-Boot was written in pure x86 assembly, using old grandpa-geezer TASM 4.0.
Additional notes:

Tested Windows versions
Windows Server 2008 Standard SP2 (v.275)
Windows Vista Business SP0
Windows Vista Ultimate SP1
Windows Vista Ultimate SP0
Windows Server 2003 Enterprise
Windows XP
Windows XP SP1
Windows XP SP2
Windows XP SP3
Windows 7

Kon-Boot website & download.
Categories
Aircrack-ng Linux WEP wifi WPA

Aircrack-ng – WEP and WPA-PSK keys cracking program

Aircrack-ng is an 802.11 WEP and WPA-PSK keys cracking program that can recover keys once enough data packets have been captured. It implements the standard FMS attack along with some optimizations like KoreK attacks, as well as the all-new PTW attack, thus making the attack much faster compared to other WEP cracking tools. Aircrack-ng is a set of tools for auditing wireless networks – not for WiFi hacking.  Make sure you use this on your own network or one where you have permission to test.

Aircrack-ng is the next generation of aircrack with lots of new features: