The Barack Obama Donations Site was Hacked

This morning a security researcher identified that he was able to carry out a successful SQL Injection attack against donate.barackobama.com, the official campaign donation site of current President Barack Obama, and gain access to credentials such as user names and passwords for persons who have donated to the Obama campaign, as well as administrative user credentials. On his blog he goes on to postulate the further attack possibilities with admin access such as web site defacement, uploading phpshells, and so forth. The problem is that the researcher Unu didn’t find an SQL injection site on donate.barackobama.com, he found one on a calendar application at Roosevelt University. In the process of finding out how that would be possible, a real web site vulnerability on the Obama web site reveals itself.


You will get the detail explanation in the given below URL


http://praetorianprefect.com/archives/2009/10/the-barack-obama-donations-site-was-hacked…err-no-it-wasn’t/

martuz.cn injection attack

In the past couple of weeks, thousands of websites were hit with an injection attack pointing to gumblar.cn.. this week it has changed to martuz.cn. It's not a SQL injection attack as far as I can tell, the smart money is that it is using compromised FTP credentials, possibly harvested from end-user PCs rather than a problem with the web server itself.

A typical attack is that JS files on the victim's server are altered with an obfuscated (i.e. partly encrypted) script which might vector through martuz.cn/vid/?id=5718066 or martuz.cn/vid/?id=575730 or something similar, then leading to martuz.cn/vid/?id=3 or another similarly named page (the exact URLs may vary depending on the client software).

Use an Old Linux Computer to Put your Baby to Sleep

If you are not a geek, let me explain the logic of this very simple program.

The program will first auto-eject the CD-ROM drive of your computer and then it will close that open tray. This open-close loop will run forever unless you terminate the program manually.

while [1 = 1]
do
#eject cdrom
eject

#pull cdrom tray back in
eject -t
done
Now the interesting part -- using just these four lines of code, a geek turned his old Linux* computer into a baby rocker.



He attached a string between the tray of the CD-ROM drive and the baby seat and as the tray would open and close repeatedly, the smooth movements were enough to put his baby to sleep. Awesome.

[*] you are not on on Linux, you can build a similar Baby rocker program for Windows using Autohotkey software.

Create a short cut for CD Ejecting in windows

To assign and add a shortcut key to eject and open CD or DVD drive, firstly create a shortcut to eject CD or DVD drive according to this guide. Note that keyboard shortcut or hotkey can only be assigned to shortcut, and not on the executable (with .exe extension) itself.

Once the “Eject CD” or “Eject DVD” shortcut has been created, right click on the icon and the select Properties. Go to Shortcut tab if you’re not already on the tab, and then click once on the text field of Shortcut Key.

Press a keyboard sequence or hot key that you want to use to eject CD/DVD drive. The field will automatically reflect the keys that you press. When done, click “OK” button to apply the change.

The trick works on windows XP

, Windows Vista, Windows 2003, and Windows 2008, and other Windows versions too. In Windows Vista and XP, it’s possible to place the Eject CD/DVD shortcut in Quick Launch bar, and use Quick Launch bar built-in keyboard shortcut as an alternative to open or eject the optical drive.


Later on Install Autohotkey in your machine

Code:
Create a infinite loop , inside the loop use the given below code

Loop Loop  ; Since no number is specified with it, this is an infinite loop unless "break" or "return" is encountered inside.

{
          Send ^+C

}

or u can use "Send {Ctrl}+{Shift}+C" instead of "Send ^+C"




compile the code , it will create an Exe file , assiagn an shortcut to exe / just run the exe... thats it....!

Create a Virtual Machine of your Existing Computer

Whether you are a tech newbie or a geek, you’ll probably enjoy using this.

Virtualization, in simple English, is a interesting technology that helps you run multiple operating systems on the same machine.

For instance, if you are running Windows Vista on a computer, you can create virtual machines for Windows XP or Ubuntu and run these operating systems on your existing Vista machine just like any other Windows application.

How to Create a Virtual Machine

Windows Virtual PC, Virtual Box and VMware Workstation are some popular applications that allow you to create new virtual machines on a Windows PC but the only problem with these programs is that they require you do everything from scratch.

That is, if you want to create a new virtual machine, you will have to install the whole operating system first using the original installer DVD and then configure it with your favorite programs. This can be both time consuming and difficult.

What if you could use your existing Windows computer, that already has all your favorite programs installed, and turn into a virtual machine?

Convert your Computer into a Virtual Machine

While it has always been possible to convert an existing hard drive into a virtual machine, the process was difficult and often required expensive programs.

Well, not anymore. There’s a new utility from Microsoft that makes it both simple and free to convert an existing installation of Windows into a virtual machine ready to run on any other computer.

Microsoft’s Sysinternals team has released a simple application called Disk2vhd, that lets you easily migrate an existing computer to a virtualized hard drive (VHD). It’s a tiny utility doesn’t even require instillation.

Create Virtual Hard Disks with Disk2VHD

When you run Disk2vhd, it will immediately show you all the drives and partitions on your computer that it can migrate to a VHD.  Simply select a drive that you wish to create a VHD file from and click “Create.” Disk2vhd will convert the hard drive into a VHD file even if the computer /drive is currently in use.

When the Virtual Machine VHD file is created, you can run it in any desktop virtualization program including the free Windows Virtual PC, Virtual Box, or VMware Player. You can also mount the virtual machine as a standard hard drive in Windows 7, and can even boot from it if your computer is running Windows 7 Ultimate.

You may use Disk2vhd to create virtual machines of your Windows XP, Windows Server 2003, Windows Vista and higher machines, including x64 systems.

Usage Scenario

Let’s say you have a computer that is already running all the software programs you frequently use, but you now want to move to a new computer or upgrade your operating system. You can then consider creating a virtual machine of your old machine using the Microsoft utility and this will help you use all your favorite programs (with the same settings) on the new machine.

You can also use virtualization to create a ghost image of your hard drive in a single file and this will be handy in the event of a disk failure.

Disk2vhd is an useful tool that will make it much easier for you to enjoy the benefits of virtualization without being too technical.

Restoring Lost Partition Table

People usually ask

How do I restore my lost partition table? 
I accidently deleted my partition table, how do I recover my data? 
How to recover deleted partitions and data in them? 
Recover data from deleted drives.

Note : If you’ve formatted and/or added new data to the drive, or carried on with an OS installation, chances of recovery are very less.
Most people end up deleting their partition table while they try to install a new OS for the first time, I personally know a couple of them who ended up deleting their partition table while they tried to install Linux for the first time, (more on that later), Now what I am going to introduce to you a tiny tool called “gpart” which will help you restore your deleted partition table.
Things you’ll need.

An Ubuntu or similar, live CD (actually any Linux live CD / USB will do, but I am demonstrating here using Ubuntu 9.04 (Jaunty Jackalope)
A working internet connection or this file (35.8 KiB)
Patience!

Here is the step by step procedure for restoring your lost partition table, and hence your lost data

Boot using your live cd, I am using Ubuntu 9.04, Jackalope here.
You will need this file (35.8 KiB), or if you’re using another version of Ubuntu or a different Linux distro, the name of the package you need is gpart.
You can install these packages using apt-get as well, from the terminal, if you have a working internet connection, here is the procedure for that



 Open the repository file by typing the following at the terminal :
sudo gedit /etc/apt/sources.list
 Add the following line to it :
deb http://archive.ubuntu.com/ubuntu gutsy main restricted universe
 Install gpart by typing the following commands in the terminal :
sudo apt-get update
sudo apt-get install gpart



Once you’ve downloaded and installed it, (it’s a binary file, just double click and go)
Open up terminal from the applications menu at the top
And type in the following command to detect the lost partitions : sudo gpart /dev/sda [This might take some time]

This command assume that the drive is detected as /dev/sda if this is the only drive you’ve got, 99% chances are that it will be detected like this, otherwise change the /dev/sda parameter accordingly.
This command will output the detected partitions that might have been lost due to some reasons, if they’re correct, and then this partition table needs to be written to the disk, use the following command for it.

sudo gpart /dev/sda -W /dev/sda



After the partition table has been successfully written [after considerable time], you will be asked to restart the computer, if everything goes well, you will be presented with your lost partition table and data on the next restart!
Now, if you’re using terminal for everything, here is a short-cut.


 ubuntu@ubuntu:~$ sudo gedit /etc/apt/sources.list
[You will have to add the following line to the end of the file that is opened: deb http://archive.ubuntu.com/ubuntu gutsy main restricted universe, save and close this file.]
ubuntu@ubuntu:~$ sudo apt-get update
ubuntu@ubuntu:~$ sudo apt-get install gpart


ubuntu@ubuntu:~$ sudo gpart /dev/sda
[you will have to verify if the detected partition data is correct before proceeding, this command is supposed to take some time]


ubuntu@ubuntu:~$ sudo gpart /dev/sda -W sudo gpart /dev/sda
[Restart if this command is completed successfully, This command may take considerable time.]

Restoring Grub Boot Loader

Method 1: The Usual Way....

After Installing WindowsXP, Boot a Linux Rescue Disk and Re-Install Grub with the command. "grub-install"

read man grub for more info.

typically....

CODE

mount /dev/your_boot_partiton /boot

grub-install --root-directory /boot /dev/hda

Method 2: The Easy, 733T haX0r Linux GuRu Way....

The Boot Sector is Stored on the first 512 Bytes of the physical Disk.

so... Backup your boot sector to a file like so...

CODE

dd if=/dev/hda of=/BootSectorBackup.bin bs=512 count=1

Copy the backup file to a floppy disk / whatever.

Install Windows XP.

Boot a Linux Rescue Disk.

then Copy your Origonal Boot Sector Over whatever Garbage WindowsXP put there with the command

CODE

dd if=/BootSectorBackup.bin of=/dev/hda bs=512 count=1

If at all in Doubt... Use Method 1..

If you Make a Mistake With Method 2, you can waye boodbye to your Partiton Table... File System, and look forward to a full re-partiton and re-format.

In case of Any problem use below methods

If you can boot from CD, simplest method is to mount linux partitions, then chroot to it, then run grub-install.

TIP: fdisk -l will display all partitions at all drives.

Method 3:

In general, for any distro, even you havn't live CD, restoring can be done in such steps:

1) Find any working linux sustem

2) Create GRUB boot floppy:

# cd /usr/share/grub/i386-pc

# dd if=stage1 of=/dev/fd0 bs=512 count=1

1+0 records in

1+0 records out

# dd if=stage2 of=/dev/fd0 bs=512 seek=1

153+1 records in

153+1 records out

3) Boot from that floppy, then (quote from GRUB info page):

Once started, GRUB will show the command-line interface (*note

Command-line interface:. First, set the GRUB's "root device"(1)

(*note Installing GRUB natively-Footnote-1: to the partition

containing the boot directory, like this:

grub> root (hd0,0)

If you are not sure which partition actually holds this directory,

use the command `find' (*note find:, like this:

grub> find /boot/grub/stage1

This will search for the file name `/boot/grub/stage1' and show the

devices which contain the file.

Once you've set the root device correctly, run the command `setup'

(*note setup::

grub> setup (hd0)

For more information type info grub

The RHEL installer provides the GRUB boot loader, GRUB (the GRand Unified Boot-loader).

/boot/grub/grub/grub.conf has a format of global options followed by boot stanzas. Here is a sample grub.conf:

timeout=5

splashimage=(hd0,0) /grub/splash.xpm.gz

password --md5 $1$/iX9y$Bkskfdsd4443gnff

default=0

title Red Hat Enterprise Linux AS (2.6.9-648_EL)

root(hd0,1)

kernel /vmlinuz-2.6.9.EL ro root=/dev/VolGroup00/LogVol00

initrd /initrd-2.6.9-648.EL.img

title Windows XP Pro

rootnoverify (hd0,0)

chainloader +1

IF ggrub-install fails for some reason try the following:

1. type the command grub and press enter

2. type root (hd0,0)

3. type setup (hd0)

4. type quit

IF still problem occures, then reinstall the grub by

/sbin/grub-install /dev/hda or use these three commands:

Restore Lost Partitions to a Deleted or Corrupt Partition Table using Edgy LiveCD

This HOWTO will tell you how to recover your lost partitions if the partition data on your hard drive got wiped by some malicious program (windows in my case). If the new/incorrect partitions have been formatted, then you've probably lost data. If all that got wiped was the partition table, then this should help you recover all of your data! I searched in the Tutorials and Tips forum and couldn't find anything quite like this, so I thought I'd write it up. If someone knows of a better thread, point me to it! 

I have tested this on a Dapper install using an Edgy LiveCD.

All that is needed is an Edgy LiveCD, a cd drive you can boot from, and a working internet connection. A dapper cd would most likely work, but I have not tested it.
WARNING: This HOWTO is most likely to be used at your own risk, as I'm not sure if I'll be able to test it on future distributions (nor do I feel like destroying my partition info to do so).

1.) Enable your computer to boot from the cd drive. You may have to enter your computer's BIOS to do this.

2.) Boot from the Edgy LiveCD.

3.) Assuming the LiveCD loaded just fine, enable the universe and multiverse repositories by System -> Administration -> Software Properties and checking the appropriate boxes.

4.) Open up a terminal (Applications -> Accessories -> Terminal), and type

Code:

sudo apt-get install gpart

Yes, gpart, not gparted. gpart is a program that will scan your drive for existing partitions, and output the cylinders that they are on.

5.) In the terminal, run

Code:

sudo gpart /dev/hda

or substitute whichever drive you are looking at (hdc, sda, etc.) and note the output. Mine looks like:

Code:

sudo gpart /dev/hdc

Begin scan...
Possible partition(Linux ext2), size(149660mb), offset(0mb)
Possible extended partition at offset(149660mb)
   Possible partition(Linux swap), size(2965mb), offset(149660mb)
End scan.

Checking partitions...
Partition(Linux ext2 filesystem): primary
Partition(Linux swap or Solaris/x86): primary
Ok.

Guessed primary partition table:
Primary partition(1)
   type: 131(0x83)(Linux ext2 filesystem)
   size: 149660mb #s(306504072) s(63-306504134)
   chs:  (0/1/1)-(1023/254/63)d (0/1/1)-(19078/254/63)r

Primary partition(2)
   type: 130(0x82)(Linux swap or Solaris/x86)
   size: 2965mb #s(6072504) s(306504198-312576701)
   chs:  (1023/254/63)-(1023/254/63)d (19079/1/1)-(19456/254/60)r

Primary partition(3)
   type: 000(0x00)(unused)
   size: 0mb #s(0) s(0-0)
   chs:  (0/0/0)-(0/0/0)d (0/0/0)-(0/0/0)r

Primary partition(4)
   type: 000(0x00)(unused)
   size: 0mb #s(0) s(0-0)
   chs:  (0/0/0)-(0/0/0)d (0/0/0)-(0/0/0)r

The "size" line is telling you first the number of mb of the partition, then the number of sectors (#s) and then the actual sectors that the partition is on (s). The last set of numbers (actual sectors the partition is on) is what we want. Write those down! With those in hand,

5.a) Now we have to restore the partition table. We'll use parted.

Code:

sudo parted /dev/hda

again substituting the drive you're interested in for hda.

You should be at a prompt that looks like

Code:

(parted)

5.b) At that prompt, type

Code:

unit s

to make sure that parted is using units of sectors.


5.c) Just in case we want to undo any changes, type "print", and be sure to write down the start and end sectors of all of the partitions on the disk! NOTE: The reason you don't want to use this method to get the start/end sectors of the partitions you're trying to restore is that parted just reads the partition table on the disk itself, even if it is incorrect or corrupt. If parted throws up errors about nonexisting partitions or a corrupt table, then there is no need for this step.

6.) Now we actually restore the partitions! Still at the (parted) prompt, type

Code:

rescue

, and you will be prompted for the start and end sectors of the partition you want to rescue. In my example, these numbers would be 63 for the start and 306504134 for the end of the first partition.

7.) Repeat step 6 for all partitions that need to be recued.

8.)

Code:

quit

to exit out of parted.

That's it! You should have access to all of your old partitions, and you can check this by mounting the various partitions in the live cd.

9.) If you find out you messed with the partition table on the wrong disk, and you followed step 5.c), you can use steps 6-8 to restore the partition table you just wiped, using the numbers you wrote down from the print command in parted rather than the output from gpart.

NOTE: If your partition table was wiped, it's quite possible (as it was in my case) that your MBR got killed as well, and you'll need to restore grub. You can try starting here: How to install Grub from a live Ubuntu CD, though I'll admit the first method failed for me. If the admins let this HOWTO through, I'll add on what I did to get GRUB back.

Reset forgotten root password under Linux

Method : 1

You can reset forgotten root password under Linux by booting system into single user mode or emergency mode (also known as rescue mode).

My boot loader is GRUB (see LILO boot loader below)
)Following is the procedure to reset root password if you are using GRUB as a boot loader:

Select the kernel
Press the e key to edit the entry
Select second line (the line starting with the word kernel)
Press the e key to edit kernel entry so that you can append single user mode
Append the letter S (or word Single) to the end of the (kernel) line
Press ENTER key
Now press the b key to boot the Linux kernel into single user mode
At prompt type passwd command to reset password:
You need to mount at least / and other partitions:
# mount -t proc proc /proc
# mount -o remount,rw /

Change the root password, enter:
# passwd

Finally reboot system:
# sync
# reboot


My boot loader is LILO
At LILO boot loader type linux single and press [ENTER] key:
Boot: linux single

When you get the # prompt you will need to type passwd root to reset password:
# passwd

Reboot system:
# sync
# reboot

Method : 2


If you don't have a LiveCD, or the system doesn't have CDROM drive, you can reboot the system into single user mode to reset the password. Simply pass the options "init=/bin/sh" to the kernel from the bootloader menu. When the system boots it will drop you into a root shell. The disk will be mounted read-only so remount it read-write with

mount -o rw,remount /dev/ROOT

(be sure to change ROOT to your actual root partition). Edit /etc/shadow and remove the encrypted password. Reset the root password with passwd and reboot the system.
You should now be able to login with the new password.