Open.View.Security

Google Hacking Database

jbrown — Fri, 13 Jun 2008 11:18:53 -0700

Google Hacking Database (GHDB)!
http://johnny.ihackstuff.com/ghdb.php

Advisories and Vulnerabilities (215 entries)
These searches locate vulnerable servers. These searches are often generated from various security advisory posts, and in many cases are product or version-specific.

Error Messages (68 entries)
Really retarded error messages that say WAY too much!

Files containing juicy info (230 entries)
No usernames or passwords, but interesting stuff none the less.

Files containing passwords (135 entries)
PASSWORDS, for the LOVE OF GOD!!! Google found PASSWORDS!

Files containing usernames (15 entries)
These files contain usernames, but no passwords... Still, google finding usernames on a web site..

Footholds (21 entries)
Examples of queries that can help a hacker gain a foothold into a web server

Pages containing login portals (232 entries)
These are login pages for various services. Consider them the front door of a website's more sensitive functions.

Pages containing network or vulnerability data (59 entries)
These pages contain such things as firewall logs, honeypot logs, network information, IDS logs... all sorts of fun stuff!

Sensitive Directories (61 entries)
Google's collection of web sites sharing sensitive directories. The files contained in here will vary from sesitive to uber-secret!

Sensitive Online Shopping Info (9 entries)
Examples of queries that can reveal online shopping info like customer data, suppliers, orders, creditcard numbers, credit card info, etc

Various Online Devices (201 entries)
This category contains things like printers, video cameras, and all sorts of cool things found on the web with Google.

Vulnerable Files (57 entries)
HUNDREDS of vulnerable files that Google can find on websites...

Vulnerable Servers (48 entries)
These searches reveal servers with specific vulnerabilities. These are found in a different way than the searches found in the "Vulnerable Files" section.

Web Server Detection (72 entries)
These links demonstrate Google's awesome ability to profile web servers..

Unfreeze Deep Freeze

jbrown — Fri, 13 Jun 2008 10:38:50 -0700

Deep Freeze use a unique method of disk protection to preserve the exact original standard system configuration on over five million Windows and Macintosh computers worldwide!

According to the Faronics(Developers of Deep Freeze): "Deep Freeze instantly protects and preserves baseline computer configurations. No matter what changes a user makes to a workstation, simply restart to eradicate all changes and reset the computer to its original state - right down to the last byte."

However, the following is a step by step instruction on how to bypass the Deep Freeze security.

Note: Tested on

OS - Windows 2000 and XP edition
Deep Freeze - 4.20.020.0598, 4.20.120.0598, 4.20.121.0613, 5.20.220.1125 and 5.30.120.1181

Tools Required

>> Ollydbg (http://www.ollydbg.de/)
to patch the program and run it.
>> OllyScript (Attached or go to -> http://www.theadmins.info/files/OllyScript.zip)
to run scripts on Ollydgb
>> ASPack 2.12 OEP finder script by hacnho/VCT2k4 (Attached or go to -> http://www.theadmins.info/files/ASPackOEPfinderScript.txt )
to find the OEP
>> Process Explorer for 2K/XP (http://www.sysinternals.com/)
to see the login program command line

Summary

What we are going to do is to load a new instance of Deep Freeze login program and we'll change it in such a way that it will accept any password as a valid one.

Let the Play Begin

The first thing to do is to find some data that we are going to use later to load our login program instance. For this, load the Process Explorer. Once it is loaded, we can see a list of all the processes our system is running, among them is the login program called FrzState.exe or FrzState2k.exe. You may expand the tree if required to find this program. Right click over the program's name and select "Properties". A new window will be opened with the process properties.

Under the Image tab, note the property named "Command Line". Note down the value of "Command Line" including the three numbers at the end of the property for future use in this tutorial.

Run Ollydbg.

Quote

Note: Make sure that OllyScript is properly installed. Make sure that the menu "Plugins" and submenu "OllyScript" is available. If this menu doesn't appear in the program, that means the plugin is not installed properly. To install it, go to the menu "Options" and select "Appearance". In the "Plugin path" box write the address where you copied OllyScript files, press OK and restart the program.

On the 'File' menu select 'Open' and look for the login program file (remember that Process Explorer told you where it was). In the 'Arguments' box write the three numbers you've written down. Click 'Open'. If a warning message box shows up press 'OK'. If a message box is encountered with the content "Do you want to continue the code analysis?" - press 'No'.

We have successfully loaded the program. However the problem we face here is that it is protected with Aspack 2.12 due to which we cannot see the real code. To solve this, we are going to use OllyScript and the ASPack 2.12 OEP finder script. Go to the "Plugins' menu, and then to the "OllyScript" submenu and select "Run Script".

Look for the script and open it. The script will find the OEP (original entry point). If any window shows up dismiss it.

Quote

Note: We are now on the OEP. If you are an experienced user you can dump the program using OllyDump to analyze the code with a disassembler.

Right click over the code and a context menu will appear, select 'Go to' and then 'Expression' (or use the shortcut Ctrl+G).

In the text box enter the following value according to the Deep Freeze version you have installed and press OK.

VERSION/VALUE
4.20.020.0598 / 40368D
4.20.120.0598 / 40368D
4.20.121.0613 / 4034F5
5.20.220.1125 / 4037E9
5.30.120.1181 / 4037E9

The program will jump to the line of code.

This is the line from where the password verification procedure is called. Let's set a breakpoint here. To do that right click over the line and in the context menu select 'Breakpoint' and then 'Toggle' (or press F2).

We are almost done! Now let's run this new Deep Freeze login program instance. To do that press F9. If everything went right now you should see two Deep Freeze icons on the system tray next to the clock. If Deep Freeze was configured to hide it , instead of two icons you'll see an empty icon.

Quote

Note: If the icon doesn't show up is possible that you haven't written the argument three numbers correctly or that you haven't opened the right file.

Now activate the login program by double clicking over the icon while you keep the shift key pressed. If there are two icons, is important that you click over the new icon and not over the old one. The login window will appear asking for the password. Write anything in the password box and press ENTER. The breakpoing we set earlier in Ollydbg will activate and the login program will freeze.

Quote

Note: If the breakpoint doesn't activate is possible that you've chosen the wrong icon. Try with the other one.

On Ollydbg press F8 to step over the function call. On the registers window (to the right of the code) you'll see that EAX register has the value 00000000. That means the password is incorrect, let's change that. Double click over the value of EAX to open the modification window. In the 'Hexadecimal' text box write 1 and press OK.

Now press F9 to continue. If everything went right the Deep Freeze configuration dialog will show up.

National Security Association

jbrown — Sat, 12 Apr 2008 06:24:26 -0700

Confronting the Surveillance Society

Outstanding talk by James Bamford author of “The Puzzle Palace” and “Body of Secrets” & Chris Calabrese Program Counsel of the ACLU Technology and Liberty Project.

See more @ http://ph33r.org/

MySQL Common Part II

jbrown — Mon, 10 Mar 2008 21:31:27 -0700

Selecting a database:

mysql> USE database;

Listing databases:

mysql> SHOW DATABASES;

Listing tables in a db:

mysql> SHOW TABLES;

Describing the format of a table:

mysql> DESCRIBE table;

Creating a database:

mysql> CREATE DATABASE db_name;

Creating a table:

mysql> CREATE TABLE table_name (field1_name TYPE(SIZE), field2_name TYPE(SIZE));
Ex: mysql> CREATE TABLE pet (name VARCHAR(20), sex CHAR(1), birth DATE);

Load tab-delimited data into a table:

mysql> LOAD DATA LOCAL INFILE 'infile.txt' INTO TABLE table_name;
(Use n for NULL or n)

Example:

mysql> LOAD DATA LOCAL INFILE 'C:/menagerie-db/pet.txt' INTO TABLE pet;

| Slim     | Benny | snake    | m    | 1996-04-29 | NULL       |
|          | NULL   | NULL     | NULL | NULL       | NULL       |
| Puffball | Daine | hampster | f    | 1999-03-30 | NULL       |

Inserting one row at a time:

mysql> INSERT INTO table_name VALUES ('MyName', 'MyOwner', '2002-08-31');
(Use NULL for NULL)

Retrieving information (general):

mysql> SELECT from_columns FROM table WHERE conditions;
All values: SELECT * FROM table;
Some values: SELECT * FROM table WHERE rec_name = "value";
Multiple critera: SELECT * FROM TABLE WHERE rec1 = "value1" AND rec2 = "value2";

Reloading a new data set into existing table:

mysql> SET AUTOCOMMIT=1; # used for quick recreation of table
mysql> DELETE FROM pet;
mysql> LOAD DATA LOCAL INFILE "infile.txt" INTO TABLE table;

Fixing all records with a certain value:

mysql> UPDATE table SET column_name = "new_value" WHERE record_name = "value";

Selecting specific columns:

mysql> SELECT column_name FROM table;

Retrieving unique output records:

mysql> SELECT DISTINCT column_name FROM table;

Sorting:

mysql> SELECT col1, col2 FROM table ORDER BY col2;
Backwards: SELECT col1, col2 FROM table ORDER BY col2 DESC;

Date calculations:

mysql> SELECT CURRENT_DATE, (YEAR(CURRENT_DATE)-YEAR(date_col)) AS time_diff [FROM table];
MONTH(some_date) extracts the month value and DAYOFMONTH() extracts day.

Pattern Matching:

mysql> SELECT * FROM table WHERE rec LIKE "blah%";
(% is wildcard - arbitrary # of chars)
Find 5-char values: SELECT * FROM table WHERE rec like "_____";
(_ is any single character)

Extended Regular Expression Matching:

mysql> SELECT * FROM table WHERE rec RLIKE "^b$";
(. for char, [...] for char class, * for 0 or more instances
^ for beginning, {n} for repeat n times, and $ for end)
(RLIKE or REGEXP)
To force case-sensitivity, use "REGEXP BINARY"

Counting Rows:

mysql> SELECT COUNT(*) FROM table;

Grouping with Counting:

mysql> SELECT owner, COUNT(*) FROM table GROUP BY owner;
(GROUP BY groups together all records for each 'owner')

Selecting from multiple tables:

(Example)
mysql> SELECT pet.name, comment FROM pet, event WHERE pet.name = event.name;
(You can join a table to itself to compare by using 'AS')

Currently selected database:

mysql> SELECT DATABASE();

Maximum value:

mysql> SELECT MAX(col_name) AS label FROM table;

Auto-incrementing rows:

mysql> CREATE TABLE table (number INT NOT NULL AUTO_INCREMENT, name CHAR(10) NOT NULL);
mysql> INSERT INTO table (name) VALUES ("tom"),("dick"),("harry");

Adding a column to an already-created table:

mysql> ALTER TABLE tbl ADD COLUMN [column_create syntax] AFTER col_name;

Removing a column:

mysql> ALTER TABLE tbl DROP COLUMN col;
(Full ALTER TABLE syntax available at mysql.com.)

Batch mode (feeding in a script):

# mysql -u user -p < batch_file
(Use -t for nice table layout and -vvv for command echoing.)
Alternatively: mysql> source batch_file;

Backing up a database with mysqldump:

# mysqldump --opt -u username -p database > database_backup.sql
(Use 'mysqldump --opt --all-databases > all_backup.sql' to backup everything.)
(More info at MySQL's docs.)

Download MySQL HERE - http://dev.mysql.com/downloads/mysql/5.0.html

How To reset your TCP/IP protocol in windows

jbrown — Sat, 08 Mar 2008 07:40:55 -0700

How to reset Internet Protocol (TCP/IP) in Windows XP

View products that this article applies to.

Article ID	:	299357
Last Review	:	February 8, 2008
Revision	:	7.0

This article was previously published under Q299357

For a Windows Server 2003 version of this article, see 317518 (http://support.microsoft.com/kb/317518/).

INTRODUCTION

In Windows XP, the TCP/IP stack is considered a core component of the operating system, and you cannot remove TCP/IP. Therefore, when you view the list of components for a network interface, you may notice that the Uninstall button is disabled when Internet Protocol (TCP/IP) is selected. In extreme cases, the best solution for this issue may be to reinstall the IP stack. But with the NetShell utility, you can reset the TCP/IP stack to restore it to its state that existed when the operating system was installed. This article describes how to use the NetShell utility for this purpose.

Back to the top

MORE INFORMATION

Guided Help to reset TCP/IP

Guided Help is available to reset TCP/IP. Guided Help can automatically perform the steps for you.

The actions that this Guided Help performs cannot be undone after Guided Help is finished.

For more information about Guided Help, click the following article number to view the article in the Microsoft Knowledge Base:

915092 (http://support.microsoft.com/kb/915092/) Description of Guided Help for Microsoft Knowledge Base articles

Requirements to install and to use this Guided Help

•	You must be logged on to Windows by using a computer administrator account to install and to use this Guided Help.
•	You must be running Windows XP Home Edition, Windows XP Professional, Windows XP Media Center Edition, or Windows XP Tablet PC Edition to install and to use this Guided Help.

You must first download Guided Help. To start, click the following link.

Download Guided Help

(http://support.microsoft.com/kb/299357/) To download Guided Help for another computer that does not have a working Internet connection, click Another Computer when you are prompted by Guided Help. Save the Guided_Help.exe file to a removable medium, such as a USB flash drive. Insert the removable medium in the other computer, and then run the Guided_Help.exe program file.

Manual method to reset TCP/IP

Note This section is intended for advanced computer users. If you are not comfortable with advanced troubleshooting, ask someone for help or contact support. For information about how to contact support, see the Microsoft Help and Support contact information Web site:

http://support.microsoft.com/contactus (http://support.microsoft.com/contactus)

The NetShell utility (netsh) is a command-line scripting interface for configuring and monitoring Windows XP networking. This tool provides an interactive network shell interface to the user.

In Windows XP, a reset command is available in the IP context of the NetShell utility. When you run the reset command, it rewrites pertinent registry keys that are used by the IP (TCP/IP) stack to reach the same result as the removal and the reinstallation of the protocol.

SYSTEMCurrentControlSetServicesTcpipParameters 
SYSTEMCurrentControlSetServicesDHCPParameters

Command usage

netsh int ip reset [log_file_name]

To manually run the command successfully, you must specify a file name for the log where actions that are taken by netsh will be recorded. For example, at a command prompt, type either of the samples that are listed in the "Command samples" section. The TCP/IP stack will then be reset on a system, and the actions that were taken will be recorded in the log file, Resetlog.txt. The first sample creates the log file in the current directory, while the second sample creates a path where the log will reside. In either case, where the specified log file already exists, the new log will be appended to the end of the existing file.

Warning Programs that access or monitor the Internet such as antivirus, firewall or proxy clients may be adversely affected when you run the netsh winsock reset command. If you have a program that no longer functions correctly after you use this resolution, reinstall the program to restore functionality.

Command samples

netsh int ip reset resetlog.txt
netsh int ip reset c:resetlog.txt

MYSQL Common Commands

jbrown — Mon, 18 Feb 2008 10:03:28 -0700

To login (from unix shell) use -h only if needed.

[mysql dir]/bin/mysql -h hostname -u root -p

Create a database on the sql server.

create database [databasename];

List all databases on the sql server.

show databases;

Switch to a database.

use [db name];

To see all the tables in the db.

show tables;

To see database's field formats.

describe [table name];

To delete a db.

drop database [database name];

To delete a table.

drop table [table name];

Show all data in a table.

SELECT * FROM [table name];

Returns the columns and column information pertaining to the designated table.

show columns from [table name];

Show certain selected rows with the value "whatever".

SELECT * FROM [table name] WHERE [field name] = "whatever";

Show all records containing the name "Bob" AND the phone number '3444444'.

SELECT * FROM [table name] WHERE name = "Bob" AND phone_number = '3444444';

Show all records not containing the name "Bob" AND the phone number '3444444' order by the phone_number field.

SELECT * FROM [table name] WHERE name != "Bob" AND phone_number = '3444444' order by phone_number;

Show all records starting with the letters 'bob' AND the phone number '3444444'.

SELECT * FROM [table name] WHERE name like "Bob%" AND phone_number = '3444444';

Use a regular expression to find records. Use "REGEXP BINARY" to force case-sensitivity. This finds any record beginning with a.

SELECT * FROM [table name] WHERE rec RLIKE "^a$";

Show unique records.

SELECT DISTINCT [column name] FROM [table name];

Show selected records sorted in an ascending (asc) or descending (desc).

SELECT [col1],[col2] FROM [table name] ORDER BY [col2] DESC;

Return number of rows.

SELECT COUNT(*) FROM [table name];

Sum column.

SELECT SUM(*) FROM [table name];

Join tables on common columns.

select lookup.illustrationid, lookup.personid,person.birthday from lookup
left join person on lookup.personid=person.personid=statement to join birthday in person table with primary illustration id;

Switch to the mysql db. Create a new user.

INSERT INTO [table name] (Host,User,Password) VALUES('%','user',PASSWORD('password'));

Change a users password.(from unix shell).

[mysql dir]/bin/mysqladmin -u root -h hostname.blah.org -p password 'new-password'

Change a users password.(from MySQL prompt).

SET PASSWORD FOR 'user'@'hostname' = PASSWORD('passwordhere');

Allow the user "bob" to connect to the server from localhost using the password "passwd"

grant usage on *.* to bob@localhost identified by 'passwd';

Switch to mysql db.Give user privilages for a db.

INSERT INTO [table name] (Host,Db,User,Select_priv,Insert_priv,Update_priv,Delete_priv,Create_priv,Drop_priv) VALUES ('%','databasename','username','Y','Y','Y','Y','Y','N');

or

grant all privileges on databasename.* to username@localhost;

To update info already in a table.

UPDATE [table name] SET Select_priv = 'Y',Insert_priv = 'Y',Update_priv = 'Y' where [field name] = 'user';

Delete a row(s) from a table.

DELETE from [table name] where [field name] = 'whatever';

Update database permissions/privilages.

FLUSH PRIVILEGES;

Delete a column.

alter table [table name] drop column [column name];

Add a new column to db.

alter table [table name] add column [new column name] varchar (20);

Change column name.

alter table [table name] change [old column name] [new column name] varchar (50);

Make a unique column so you get no dupes.

alter table [table name] add unique ([column name]);

Make a column bigger.

alter table [table name] modify [column name] VARCHAR(3);

Delete unique from table.

alter table [table name] drop index [colmn name];

Load a CSV file into a table.

LOAD DATA INFILE '/tmp/filename.csv' replace INTO TABLE [table name] FIELDS TERMINATED BY ',' LINES TERMINATED BY 'n' (field1,field2,field3);

Dump all databases for backup. Backup file is sql commands to recreate all db's.

[mysql dir]/bin/mysqldump -u root -ppassword --opt >/tmp/alldatabases.sql

Dump one database for backup.

[mysql dir]/bin/mysqldump -u username -ppassword --databases databasename >/tmp/databasename.sql

Dump a table from a database.

[mysql dir]/bin/mysqldump -c -u username -ppassword databasename tablename > /tmp/databasename.tablename.sql

Restore database (or database table) from backup.

[mysql dir]/bin/mysql -u username -ppassword databasename < /tmp/databasename.sql

Create Table Example 1.

CREATE TABLE [table name] (firstname VARCHAR(20), middleinitial VARCHAR(3), lastname VARCHAR(35),suffix VARCHAR(3),officeid VARCHAR(10),userid VARCHAR(15),username VARCHAR(8),email VARCHAR(35),phone VARCHAR(25), groups
VARCHAR(15),datestamp DATE,timestamp time,pgpemail VARCHAR(255));

Create Table Example 2.

create table [table name] (personid int(50) not null auto_increment primary key,firstname varchar(35),middlename varchar(50),lastnamevarchar(50) default 'bato');

MYSQL Statements and clauses

ALTER DATABASE

ALTER TABLE

ALTER VIEW

ANALYZE TABLE

BACKUP TABLE

CACHE INDEX

CHANGE MASTER TO

CHECK TABLE

CHECKSUM TABLE

COMMIT

CREATE DATABASE

CREATE INDEX

CREATE TABLE

CREATE VIEW

DELETE

DESCRIBE

DO

DROP DATABASE

DROP INDEX

DROP TABLE

DROP USER

DROP VIEW

EXPLAIN

FLUSH

GRANT

HANDLER

INSERT

JOIN

KILL

LOAD DATA FROM MASTER

LOAD DATA INFILE

LOAD INDEX INTO CACHE

LOAD TABLE...FROM MASTER

LOCK TABLES

OPTIMIZE TABLE

PURGE MASTER LOGS

RENAME TABLE

REPAIR TABLE

REPLACE

RESET

RESET MASTER

RESET SLAVE

RESTORE TABLE

REVOKE

ROLLBACK

ROLLBACK TO SAVEPOINT

SAVEPOINT

SELECT

SET

SET PASSWORD

SET SQL_LOG_BIN

SET TRANSACTION

SHOW BINLOG EVENTS

SHOW CHARACTER SET

SHOW COLLATION

SHOW COLUMNS

SHOW CREATE DATABASE

SHOW CREATE TABLE

SHOW CREATE VIEW

SHOW DATABASES

SHOW ENGINES

SHOW ERRORS

SHOW GRANTS

SHOW INDEX

SHOW INNODB STATUS

SHOW LOGS

SHOW MASTER LOGS

SHOW MASTER STATUS

SHOW PRIVILEGES

SHOW PROCESSLIST

SHOW SLAVE HOSTS

SHOW SLAVE STATUS

SHOW STATUS

SHOW TABLE STATUS

SHOW TABLES

SHOW VARIABLES

SHOW WARNINGS

START SLAVE

START TRANSACTION

STOP SLAVE

TRUNCATE TABLE

UNION

UNLOCK TABLES

USE

String Functions

AES_DECRYPT

AES_ENCRYPT

ASCII

BIN

BINARY

BIT_LENGTH

CHAR

CHAR_LENGTH

CHARACTER_LENGTH

COMPRESS

CONCAT

CONCAT_WS

CONV

DECODE

DES_DECRYPT

DES_ENCRYPT

ELT

ENCODE

ENCRYPT

EXPORT_SET

FIELD

FIND_IN_SET

HEX

INET_ATON

INET_NTOA

INSERT

INSTR

LCASE

LEFT

LENGTH

LOAD_FILE

LOCATE

LOWER

LPAD

LTRIM

MAKE_SET

MATCH    AGAINST

MD5

MID

OCT

OCTET_LENGTH

OLD_PASSWORD

ORD

PASSWORD

POSITION

QUOTE

REPEAT

REPLACE

REVERSE

RIGHT

RPAD

RTRIM

SHA

SHA1

SOUNDEX

SPACE

STRCMP

SUBSTRING

SUBSTRING_INDEX

TRIM

UCASE

UNCOMPRESS

UNCOMPRESSED_LENGTH

UNHEX

UPPER

Date and Time Functions

ADDDATE

ADDTIME

CONVERT_TZ

CURDATE

CURRENT_DATE

CURRENT_TIME

CURRENT_TIMESTAMP

CURTIME

DATE

DATE_ADD

DATE_FORMAT

DATE_SUB

DATEDIFF

DAY

DAYNAME

DAYOFMONTH

DAYOFWEEK

DAYOFYEAR

EXTRACT

FROM_DAYS

FROM_UNIXTIME

GET_FORMAT

HOUR

LAST_DAY

LOCALTIME

LOCALTIMESTAMP

MAKEDATE

MAKETIME

MICROSECOND

MINUTE

MONTH

MONTHNAME

NOW

PERIOD_ADD

PERIOD_DIFF

QUARTER

SEC_TO_TIME

SECOND

STR_TO_DATE

SUBDATE

SUBTIME

SYSDATE

TIME

TIMEDIFF

TIMESTAMP

TIMESTAMPDIFF

TIMESTAMPADD

TIME_FORMAT

TIME_TO_SEC

TO_DAYS

UNIX_TIMESTAMP

UTC_DATE

UTC_TIME

UTC_TIMESTAMP

WEEK

WEEKDAY

WEEKOFYEAR

YEAR

YEARWEEK

Mathematical and Aggregate Functions

ABS

ACOS

ASIN

ATAN

ATAN2

AVG

BIT_AND

BIT_OR

BIT_XOR

CEIL

CEILING

COS

COT

COUNT

CRC32

DEGREES

EXP

FLOOR

FORMAT

GREATEST

GROUP_CONCAT

LEAST

LN

LOG

LOG2

LOG10

MAX

MIN

MOD

PI

POW

POWER

RADIANS

RAND

ROUND

SIGN

SIN

SQRT

STD

STDDEV

SUM

TAN

TRUNCATE

VARIANCE

Flow Control Functions

CASE

IF

IFNULL

NULLIF

Command-Line Utilities

comp_err

isamchk

make_binary_distribution

msql2mysql

my_print_defaults

myisamchk

myisamlog

myisampack

mysqlaccess

mysqladmin

mysqlbinlog

mysqlbug

mysqlcheck

mysqldump

mysqldumpslow

mysqlhotcopy

mysqlimport

mysqlshow

perror

Perl API - using functions and methods built into the Perl DBI with MySQL

available_drivers

begin_work

bind_col

bind_columns

bind_param

bind_param_array

bind_param_inout

can

clone

column_info

commit

connect

connect_cached

data_sources

disconnect

do

dump_results

err

errstr

execute

execute_array

execute_for_fetch

fetch

fetchall_arrayref

fetchall_hashref

fetchrow_array

fetchrow_arrayref

fetchrow_hashref

finish

foreign_key_info

func

get_info

installed_versions

last_insert_id

looks_like_number

neat

neat_list

parse_dsn

parse_trace_flag

parse_trace_flags

ping

prepare

prepare_cached

primary_key

primary_key_info

quote

quote_identifier

rollback

rows

selectall_arrayref

selectall_hashref

selectcol_arrayref

selectrow_array

selectrow_arrayref

selectrow_hashref

set_err

state

table_info

table_info_all

tables

trace

trace_msg

type_info

type_info_all

Attributes for Handles

PHP API - using functions built into PHP with MySQL

mysql_affected_rows

mysql_change_user

mysql_client_encoding

mysql_close

mysql_connect

mysql_create_db

mysql_data_seek

mysql_db_name

mysql_db_query

mysql_drop_db

mysql_errno

mysql_error

mysql_escape_string

mysql_fetch_array

mysql_fetch_assoc

mysql_fetch_field

mysql_fetch_lengths

mysql_fetch_object

mysql_fetch_row

mysql_field_flags

mysql_field_len

mysql_field_name

mysql_field_seek

mysql_field_table

mysql_field_type

mysql_free_result

mysql_get_client_info

mysql_get_host_info

mysql_get_proto_info

mysql_get_server_info

mysql_info

mysql_insert_id

mysql_list_dbs

mysql_list_fields

mysql_list_processes

mysql_list_tables

mysql_num_fields

mysql_num_rows

mysql_pconnect

mysql_ping

mysql_query

mysql_real_escape_string

mysql_result

mysql_select_db

mysql_stat

mysql_tablename

mysql_thread_id

mysql_unbuffered_query

Stop SSH User Hacking / Cracking Attacks with DenyHosts Software

jbrown — Sun, 17 Feb 2008 17:50:01 -0700

Debian Linux Stop SSH User Hacking / Cracking Attacks with DenyHosts Software

Q. I’ve noticed lots of failed login attempt for my Debian Linux VPS root server account. How do I stop automated bot based SSH attacks on my server?

A. You can use DenyHosts - a Python based script that analyzes the sshd server log messages to determine what hosts are attempting to hack into your system. It is an utility to help sys admins thwart ssh crackers. It also determines what user accounts are being targeted. It keeps track of the frequency of atempts from each host. It will automatically blocks ssh attacks by adding entries to /etc/hosts.deny. DenyHosts will also inform Linux administrators about offending hosts, attacked users and suspicious logins. Step # 1: Make Sure Python is installed

First, make sure python is installed under Debian / Ubuntu Linux:
# dpkg --list | grep python2
Find out version (DenyHosts requires 2.3 or above version)
$ python -V
Output:
Python 2.5.1

Step # 2: Download DenyHosts

Visit official project home page to grab latest source code or packages. Use apt-get command under Debian / Ubuntu Linux, enter
$ sudo apt-get install denyhost

DenyHosts configuration - /etc/denyhosts.conf

The default configuration file is /etc/denyhosts.conf.
You also need to create / update a whitelist in /etc/hosts.allow. For example, if you have static IP assigned by ISP, enter in this file. You can add all the important hosts that you never want blocked.

Step # 1: Setup a whitelist

Open /etc/hosts.allow:
# vi /etc/hosts.allow
Allow sshd from 202.54.1.2 i.e. you never want to block yourself
sshd: 202.54.1.2
Save and close the file. Verify and examines your tcp wrapper configuration file and reports all potential and real problems:
# tcpdchk -v

Step # 1: Configure DenyHosts

Open default configuration file - /etc/denyhosts.conf, enter:
# vi /etc/denyhosts.conf
Setup your email ID so you would receive emails regarding newly restricted hosts and suspicious logins, set this address to match your email address.
ADMIN_EMAIL = vivek@nixcraft.com
Save and close the file. Here is my own sample configuration file for Debian Linux 4.0 server (config file is documented very well, just open and read it):

############ THESE SETTINGS ARE REQUIRED ############
SECURE_LOG = /var/log/auth.log
HOSTS_DENY = /etc/hosts.deny
PURGE_DENY =
BLOCK_SERVICE  = sshd
DENY_THRESHOLD_INVALID = 5
DENY_THRESHOLD_VALID = 10
DENY_THRESHOLD_ROOT = 1
DENY_THRESHOLD_RESTRICTED = 1
WORK_DIR = /var/lib/denyhosts
SUSPICIOUS_LOGIN_REPORT_ALLOWED_HOSTS=YES
HOSTNAME_LOOKUP=YES
LOCK_FILE = /var/run/denyhosts.pid
############ THESE SETTINGS ARE OPTIONAL ############
ADMIN_EMAIL = vivek@nixcraft.com
SMTP_HOST = localhost
SMTP_PORT = 25
SMTP_FROM = DenyHosts 
SMTP_SUBJECT = DenyHosts Report
AGE_RESET_VALID=5d
AGE_RESET_ROOT=25d
AGE_RESET_RESTRICTED=25d
AGE_RESET_INVALID=10d
######### THESE SETTINGS ARE SPECIFIC TO DAEMON MODE  ##########
DAEMON_LOG = /var/log/denyhosts
DAEMON_SLEEP = 30s
DAEMON_PURGE = 1h

Restart the daemon:
# /etc/init.d/denyhosts restart

Linux Text Editor: Vi

jbrown — Sun, 17 Feb 2008 17:31:57 -0700

The vi editor comes with every version of Linux or Unix. It's a terribly unfriendly beast of an editor, but you should know about it because someday you're likely to find yourself on a system where you have no other choice but to use it. A friend of mine calls vi the Heart of Evil, but that might be just a bit harsh--you decide

Using vi is similar to using other editors in that you can see your file on the screen (this is not the case with a line editor, for example), move from point to point in the file, and make changes. But that's where the similarities end. Cryptic commands, a frustrating user interface, and the absence of prompts can all drive you up a wall. Still, if you focus on a few basics, you'll get the job done.

Command and Input Mode

The hardest thing to understand about vi is the concept of modes. When using vi, you're always in either Command or Input mode. Unfortunately there's no clue as to which mode is currently active. In Command mode, you can move the cursor, search for characters, and delete existing text. But to enter or edit new text, you have to switch to Input mode.

When you start vi, you're in Command mode. To enter Input mode, type the letter a (lowercase only) to signal that you want to add text after the cursor position. Press esc to switch back to Command mode at any time.

Here's how to create a file from scratch using vi. To start, create a new file named cow.joke by typing

vi cow.joke

You'll see a screen that looks like this:

"cow.joke" [New file]

Adding New Text to Your File

Your cursor (the vertical bar at the top of the figure below is in the upper-left corner of the screen, and the message at the bottom tells you that a new file called cow.joke was just created. The tilde characters in the first column are just placeholders for empty lines.

Now press the letter a to enter Input mode and type the lines shown in here. Press enter at the end of each line to go on to the next.

Jane: Knock, knock...

Bill: Who's there?

Jane: The Interrupting Cow.

Bill: The Interrupting Cow wh...

Jane: MOOOOOO!

"cow.joke" [New file]

Saving Your Work

So far, so good--let's save this little masterpiece. You're still in Input mode, so press esc to enter Command mode; then type ZZ (to put your file to sleep). You won't see any Z's on the screen, but after you've entered the second Z, your file will disappear, your Linux command prompt will return, and you'll see this message, indicating that your file was successfully saved:

"cow.joke" 6 lines, 113 characters.

Congratulations--you've just survived your first encounter with vi. You know that the a command switches to Input mode, esc gets you back to Command mode, and ZZ saves the file, but you'll have to expand this limited repertoire to get any real work done.

Common vi Commands

Have a look at this list of common vi commands (there are many more, but these will at least allow you to get some basic work done). Then we'll do one more exercise before moving on.

Note: As with all of Linux, vi commands are case sensitive.

Positioning the Cursor

®	Move cursor one space right.
¬	Move cursor one space left.
	Move cursor up one line.
¯	Move cursor down one line.
ctrl-F	Move forward one screen.
ctrl-B	Move backward one screen.
$	Move cursor to end of line.
^	Move cursor to beginning of line.
:1	Move to first line of file
:$	Move to last line of file
/	Search for a character string.
?	Reverse search for a character string.
x	Delete the character at the cursor position.
dd	Delete the current line.
p	Paste data that was cut with x or dd commands.
u	Undo.

Entering Input Mode

a	Add text after the cursor.
i	Insert text before the cursor.
R	Replace text starting at the cursor.
o	Insert a new line after the current one.

Entering Command Mode

esc

Switch from Input mode to Command mode.

Exiting or Saving Your File

:w	Write file to disk, without exiting editor.
ZZ	Save the file and exit.
:q!	Quit without saving.

Trying Out Some vi Commands

Here's another example to try out some of the vi commands. Enter the following command to fire up vi again, and you should see the file as we left it in the last example:

vi cow.joke

Changing Text

Let's change Bill's name to Biff on the second line. To do so, use the arrow keys to position your cursor on the third character of line 2 (the letter "l" in Bill); then press x twice (to delete the two l's). Now press i (to enter Input mode) and then type ff to complete the change from Bill to Biff.

Tip: Be careful about pressing the arrow keys while you're in Input mode. In some versions of vi you can position the cursor only in Command mode. Yuck.

You could also have used the R command to do this job of replacing text, so use it to change the other Bill now. Press esc to enter Command mode; then type /Bill to search for the word Bill. The cursor should move to line 4, right to where Bill is located.

Now position your cursor on the third character (the letter "l"), press R to replace the characters, and type ff. Both Bills should now be Biffs.

Adding and Deleting Lines

Here's how to add or delete a line. Press esc to enter Command mode; then press the o key to add a new line. You're in Input mode again, so you can type whatever you like on this new line. But that would ruin the joke, so delete this new line by pressing esc and then entering the dd command. The line you just added should go away.

Quitting without Saving Your Changes

Hmmm. . . . "Biff" just doesn't have that wholesome ring to it, so let's forget about all the changes we've made in this editing session and exit vi without saving the file. Make sure you're in Command mode, enter the :q! command, and then press enter. Your Linux prompt should return, and the cow.joke file will be just as it was before.

Parting Words about vi

Using vi can be frustrating, but it really isn't rocket science once you get used to the concept of the two modes and get the hang of when it's okay to move your cursor or enter text. If you're ever unsure about which mode you're in, simply press esc once or twice, and you can be sure you're in Command mode.

There are some powerful (but arcane) commands that diehard vi users use to get things done quickly in this relic-of-the-sixties text editor. The man vi command will tell you a lot more about vi if you decide you want to become proficient.

The Usenet newsgroup comp.editors is a good place to discuss vi or ask questions. You can find the vi FAQ (Frequently Asked Questions) file on the Web at http://www.faqs.org/faqs/editor-faq/vi/.

For more information on the vi command, see the vi manual.

SSH: Best Practices

jbrown — Sun, 17 Feb 2008 17:04:03 -0700

SSH: Best Practices

Introduction

Are you using SSH in the best way possible? Have you configured it to be as limited and secure as possible? The goal of this document is to kick in the new year with some best practices for SSH: why you should use them, how to set them up, and how to verify that they are in place.

All of the examples below assume that you are using EnGarde Secure Linux but any modern Linux distribution will do just fine since, as far as I know, everybody ships OpenSSH.

SSHv2 vs. SSHv1

There are numerous benefits to using the latest version of the SSH protocol, version 2, over it's older counterpart, version 1 and I'm not going into a lot of details on those benefits here - if you're interested, see the URL in the reference below or Google around. That being said if you don't have an explicit reason to use the older version 1, you should always be using version 2.

To use SSHv2 by default but permit SSHv1, locate the "Protocol" line in your sshd_config file and change it to:

Protocol 2,1

When doing 2,1 please note that the protocol selection is left up to the client. Most clients will default to v2 and "fall back" to v1, while legacy clients may continue to use v1. To force everybody to use SSHv2, change it to:

Protocol 2

When you make this change don't forget to generate the appropriate HostKey's as well! SSHv2 requires the following keys:

# HostKeys for protocol version 2
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key

While SSHv1 requires:

# HostKey for protocol version 1
HostKey /etc/ssh/ssh_host_key

Once your changes are made, restart the SSH daemon:

# /etc/init.d/sshd restart

[ SUCCESSFUL ] Secure Shell Daemon
[ SUCCESSFUL ] Secure Shell Daemon

From another machine, try SSH'ing in. You can use the -v option to see which protocol is being used, and the '-oProtocol=' option to force one or the other - for example, "ssh -v -oProtocol=2 " would force protocol version 2.

Binding to a Specific Address or Non-Standard Port

If you're running SSH on an internal, firewalled, workstation then you can probably skip this section, but if you're running SSH on a firewall or on a machine with two network interfaces, this section is for you.

Out of the box OpenSSH will bind to every available network address; while convenient and suitable for most installations, this is far from optimal. If your machine has two or more interfaces then the odds are that one is "trusted" and the other is "untrusted." If this is the case, and you don't need nor want SSH access coming in on the untrusted interface, then you should configure OpenSSH to listen on a specific interface.

To have OpenSSH only bind to your internal interface, 192.168.0.1 in the example below, locate the following line in your sshd_config file:

ListenAddress 0.0.0.0

and change the 0.0.0.0 to 192.168.0.1:

ListenAddress 192.168.0.1

To verify that this change took, restart OpenSSH and look at netstat:

# /etc/init.d/sshd restart

[ SUCCESSFUL ] Secure Shell Daemon
[ SUCCESSFUL ] Secure Shell Daemon

# netstat -anp | grep sshd

tcp 0 0 192.168.0.1:22 0.0.0.0:* LISTEN 7868/sshd

As you can see, the sshd daemon is now only listening on 192.168.0.1. SSH requests coming in any other interface will be ignored.

Similarly, you may want to change the port that the SSH daemon binds to. Sometimes there is a functional need for this (ie, your employer blocks outbound 22/tcp) but there is also security-through-obscurity value in this as well. While not providing any real security benefit against a determined attacker, moving the SSH daemon off of port 22 protects you against automated attacks which assume that the daemon is running on port 22.

To have OpenSSH bind to a port other than port 22, 31337 in the example below, locate the following line in your sshd_config file:

Port 22

and change the 22 to 31337:

Port 31337

To verify that this change took, restart OpenSSH and, again, look at netstat:

# netstat -anp | grep sshd

tcp 0 0 192.168.0.1:31337 0.0.0.0:* LISTEN 330/sshd

Finally, to SSH into a host whose SSH daemon is listening on a non-standard port, use the -p option:

ssh -p 31337 user@192.168.0.1

Using TCP Wrappers

TCP Wrappers are used to limit access to TCP services on your machine. If you haven't heard of TCP Wrappers you've probably heard of /etc/hosts.allow and /etc/hosts.deny: these are the two configuration files for TCP Wrappers. In the context of SSH, TCP Wrappers allow you to decide what specific addresses or networks have access to the SSH service.

To use TCP Wrappers with SSH you need to make sure that OpenSSH was built with the -with-tcp-wrappers. This is the case on any modern distribution.

As I indicated earlier, TCP Wrappers are configured by editing the /etc/hosts.deny and /etc/hosts.allow files. Typically you tell hosts.deny to deny everything, then add entries to hosts.allow to permit specific hosts access to specific services.

An example:

#
# hosts.deny    This file describes the names of the hosts which are
#               *not* allowed to use the local INET services, as decided
#               by the '/usr/sbin/tcpd' server.
#
ALL: ALL
#
# hosts.allow   This file describes the names of the hosts which are
#               allowed to use the local INET services, as decided
#               by the '/usr/sbin/tcpd' server.
#
sshd: 207.46.236. 198.133.219.25

In the example above, access to SSH is limited to the network 207.46.236.0/24 and the address 198.133.219.25. Requests to any other service from any other address are denied by the "ALL: ALL" in hosts.deny. If you try to SSH into a machine and TCP Wrappers denies your access, you'll see something like this:

ssh_exchange_identification: Connection closed by remote host

This simple configuration change significantly hardens your installation since, with it in place, packets from hostile clients are dropped very early in the TCP session -- and before they can do any real damage to a potentially vulnerable daemon.

Public Key Authentication

The last item I will cover is public key authentication. One of the best things you can do to tighten the security of your SSH installation is to disable password authentication and to use public key authentication instead. Password authentication is suboptimal for many reasons, but mostly because people choose bad passwords and attackers routinely try to brute-force passwords. If the systems administrator has chosen a bad password and he's permitting root logins... game over.

Public key authentication is no silver bullet - similarly, people generate passphrase-less keys or leave ssh-agents running when they shouldn't - but, in my opinion, it's a much better bet.

Just about every distribution ships with public key authentication enabled, but begin by making sure it is:

RSAAuthentication yes
PubkeyAuthentication yes

Both of these options default to "yes" and the "RSAAuthentication" option is for SSHv1 and the "PubkeyAuthentication" option is for SSHv2. If you plan on using this authentication method exclusively, while you're there, you may want to disable password authentication:

PasswordAuthentication no

Before you proceed, make sure you have a terminal open on your target machine. Once you restart the SSH daemon you will no longer be able to log in without a key... which we haven't generated yet!

Once you're sure, restart the SSH daemon:

# /etc/init.d/sshd restart

[ SUCCESSFUL ] Secure Shell Daemon
[ SUCCESSFUL ] Secure Shell Daemon

Now, from your desktop, try to SSH in to your target machine:

$ ssh rwm@brainy

Permission denied (publickey,keyboard-interactive).

We're locked out! This is a good thing. The next step, on your desktop, is to generate a key:

$ ssh-keygen -t dsa -C "Ryan's SSHv2 DSA Key (Jan 2008)"

Generating public/private dsa key pair.
Enter file in which to save the key (/home/rwm/.ssh/id_dsa):
Enter passphrase (empty for no passphrase): **********
Enter same passphrase again: **********
Your identification has been saved in /home/rwm/.ssh/id_dsa.
Your public key has been saved in /home/rwm/.ssh/id_dsa.pub.
The key fingerprint is:
98:4d:50:ba:ee:8b:79:be:b3:36:75:8a:c2:4a:44:4b Ryan's SSHv2 DSA Key (Jan 2008)

A few notes on this:

You can generate a DSA (-t dsa), RSA (-t rsa), or SSHv1 (-t rsa1) key. In the example above I'm using dsa.
I like to put the date I generated the key in the comment (-C) field, that way I can change it out every so often.
You're entering a passphrase, not a password. Use a long string with spaces and punctuation. The longer and more complicated the better!

The command you just ran generated two files - id_dsa, your private key and id_dsa.pub, your public key. It is critical that you keep your private key private, but you can distribute your public key to any machines you would like to access.

Now that you have generated your keys we need to get the public key into the ~/.ssh/authorized_keys file on the target machine. The best way to do this is to copy-and-paste it - begin by concatenating the public key file:

$ cat .ssh/id_dsa.pub

ssh-dss AAAAB3NzaC1kc3MAAACBAL7p6bsg5kK4ES9BWLPCNABl20iQQB3R0ymaPMHK...
... ds= Ryan's SSHv2 DSA Key (Jan 2008)

This is a very long string. Make sure you copy all of it and that you do NOT copy the newline character at the end. In other words, copy from the "ssh" to the "2008)", but not past that.

The next step is to append this key to the end of the ~/.ssh/authorized_keys file on your target machine. Remember that terminal I told you to keep open a few steps ago? Type the following command into it, pasting the key you've just copied into the area noted KEY:

echo "KEY" >> ~/.ssh/authorized_keys

For example:

echo "ssh-dss AAAA5kS9BWLPCN...s= Ryan's SSHv2 DSA Key (Jan 2008)" >> ~/.ssh/authorized_keys

Now, try to SSH in again. If you did this procedure correctly then instead of being denied access, you'll be prompted for your passphrase:

$ ssh rwm@brainy

Enter passphrase for key '/home/rwm/.ssh/id_dsa':
Last login: Thu Jan 10 14:37:14 2008 from papa.engardelinux.org
[rwm@brainy ~]$

Mozilla: View Browser Configuration

jbrown — Sun, 17 Feb 2008 16:38:46 -0700

View Browser Configuration:

List available options. Type the URL: about:config

This will allow you to modify the advanced configuration options found in the various Mozilla configuration files. Right click on the value to alter and a dialog box will appear to allow changes.

The preferences are stored in the file /home/user-id/.mozilla/firefox/..../prefs.js.

Mozilla / Firefox Environment Variables:

Environment Variable	Description
MOZILLA_FIVE_HOME	Home directory path for browser
MOZILLA_PLUGIN_PATH	Directory path for browser plug-ins. (Often `$MOZILLA_FIVE_HOME/plugins`)

Proxy Configuration:

Proxy configuration: Many corporate networks rely on SOCKS proxy servers for access to the internet. Typically a Proxy Auto Configuration (PAC) script is issued to be registered with the browser. These scripts are usually targeted to Microsoft Explorer of Netscape Navigator (4.x) specifically. Try the proxy script: "Edit" + "Preferences" and select "Advanced (+)" and "Proxies" + "Automatic proxy configuration URL", enter the script location and select the "Reload" button. If it works, great your ready to surf. If your corporation uses a proxy directly, enter it under "Manual proxy configuration". If using a script and it does not work, use the command "wget http://proxy-url.domain.com/proxy-script.pac" to download the proxy script. Examine the file proxy-script.pac. Burried in the logic of the script is usually the explicit listing of a proxy server which can be entered under the Mozilla manual configuration. If you are at a corporation using a firewall and have direct access, I'm jealous and you have no need for proxy configuration.

Firefox Extensions:

Firefox extensions are supplemental programs which are installed within Firefox from the Mozilla web site. Extensions are available for Blogging, Web Developer Tools, Dictionaries, Download Tools, Editing and Forms, Image Browsing, Kiosk Browsing Languages, Message Reading, Navigation, News Reading, Privacy and Security, Search Tools, Website Integration, XUL Applications, ...

To add an extension:

Allow the extensions website to install software: Select "Edit" + "Preferences" (or "Tools" + "Options" on newer systems)

Check "Allow web site to install software" then press the corresponding "Allowed Sites" button.	Enter the "allowed" site.

Select and install an extension: Select "Tools" + "Extensions" + "Get more extensions".
This brings up a web page from which you may choose the extension which suits your needs.