Friday 22 January 2010

Sharepoint 2007 - UNC access - "You were not connected because a Duplicate Name exists on the Network"

Alright figured it out - you have to enable Webclient service on the server and restart the server.

I guess "You were not connected because a Duplicate Name exists on the Network"  is one of those Microsoft errors that doesn't help much.


 

 

Tuesday 19 January 2010

VMware Workstation 7 and Slackware 13 (kernel 2.6.32)

Download the bundle file from VMware.com and install it.
When you got error message when compiling, go to http://communities.vmware.com/message/1401588#1401588 and download the two attached files.
Run the file patch-modules.sh

Sunday 17 January 2010

xvnkb and slackware 13

Get xvnkb from here:
http://xvnkb.sourceforge.net/xvnkb-0.2.9a.tar.gz

compile as instructed:
# ./configure
# make && make install

Download unicode font from here:http://fontchu.com/unicode.htm

Change slackware default settings to support unicode (/etc/profile.d/lang.sh):
export LANG=en-US.UTF-8

Thursday 14 January 2010

mount.ntfs consumes 100% CPU

have high cpu usage problem for your vmware application which runs on linux and the virtual machine files in NTFS partition,

you have to add:


mainMem.useNamedFile= FALSE"

to your .vmx file of you virtual machine.

this will solve the high cpu usage of mount.ntfs-3g.

Tuesday 12 January 2010

install vmware server 2.0.2 on slackware 13 (kernel 2.6.32)

SOURCE:
http://risesecurity.org/2010/01/10/vmware-server-2-0-2-update-patch/

------------------------------

The following are instructions on how to apply the patch:

Download the VMware Server:

Download the VMware Server update patch:

$ wget -N http://risesecurity.org/~rcvalle/VMware-server-2.0.2-203138-update.patch

Extract VMware Server:

$ tar -xzf VMware-server-2.0.2-203138.i386.tar.gz

Extract VMware Server modules:

Change working directory to vmware-server-distrib/lib/modules/source/
$ tar -xf vmci.tar
$ tar -xf vmmon.tar
$ tar -xf vmnet.tar
$ tar -xf vsock.tar

Apply the patch:

Change working directory to vmware-server-distrib/
patch -p1 < ../VMware-server-2.0.2-203138-update.patch


Change working directory to vmware-server-distrib/lib/modules/source/
$ rm -f vmci.tar
$ rm -f vmmon.tar
$ rm -f vmnet.tar
$ rm -f vsock.tar

* cd vmnet-only
* vim vnetUserListener.c
* go to the last include line
* add this line #include “compat_sched.h”


Archive VMware Server modules again:
$ tar -cf vmci.tar vmci-only/
$ tar -cf vmmon.tar vmmon-only/
$ tar -cf vmnet.tar vmnet-only/
$ tar -cf vsock.tar vsock-only/

Run installer script as root:

Change working directory to vmware-server-distrib/
$ sudo ./vmware-install.pl


Note about VMware Remote Console Plug-in:

The VMware Remote Console Plug-in does not work properly on Ubuntu 9.10, Fedora 12 and other newer distributions. A workaround for this is to set the environment variable VMWARE_USE_SHIPPED_GTK before running the VMware Remote Console Plug-in. To set this environment variable at login time, add the following line to your ~/.profile:

export VMWARE_USE_SHIPPED_GTK=yes


install package linux-pam
rename the file /etc/pam.d/vmware-authd.slack to "other"
open the file and change the link to your lib folder where containing pam lib files (lib/security)

How to umount when the device is busy

It happens all the time doesn’t it? You need to unmount a CD or you want to pack away the external drive but when you try to umount it you get the dreaded “device is busy” message. Wouldn’t it be great if Linux actually told you what was keeping the drive busy? Here we are in 2008, I’m using Ubuntu Gutsy, and that message hasn’t changed in all the years I’ve used Linux.

# umount /media/disk/
umount: /media/disk: device is busy
umount: /media/disk: device is busy

First thing you’ll do will probably be to close down all your terminals and xterms but here’s a better way. You can use the fuser command to find out which process was keeping the device busy:

# fuser -m /dev/sdc1
/dev/sdc1: 538
# ps auxw|grep 538
donncha 538 0.4 2.7 219212 56792 ? SLl Feb11 11:25 rhythmbox

Rhythmbox is the culprit! Close that down and umount the drive. Problem solved!

---------
SOURCE: http://ocaoimh.ie/how-to-umount-when-the-device-is-busy/

Compile TrueCrypt 6.3a in Slackware 13 (kernel 2.6.32)

1. Download truecrypt source (6.3a) from www.truecrypt.org and expand it in a temporary folder. (/tmp)

2. Ftp the files below from ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20 and copy them into the truecrypt source directory (/tmp/truecrypt-6.3a-source in my case)

cryptoki.h
ct-kip.h
opt-pkcs11.h
pkcs-11v2-20a3.h
pkcs-11v2-20a3d3.h
pkcs11.h
pkcs11f.h
pkcs11t-consolidated-d1.h
pkcs11t.h
pkcs11t.h.org

3. Download wxWidgets from: http://www.wxwidgets.org/downloads/ wxAll is what you want.

4. Unpack wxWidgets in the truecrypt source directory.

5. Run the following command from the truecrypt source directory
# make WX_ROOT=/tmp/truecrypt-6.3a-source/wxWidgets-2.8.10 wxbuild

Note: change directories to match your installation

6. Run the following command: make WXSTATIC=1
7. After the compiling is completed, copy the truecrypt file in the Main folder to /usr/bin

Sunday 10 January 2010

2.6.32 kernel & vmware

For those who choose to try using the 2.6.32 kernel, there are two fixes to get the modules to compile. In each of

vmet-only/vnetUserListener.c
vmci-only/linux/vmciKernelIf.c



add an #include for compat_sched.h. Repackage the .tar files, and VMware will happily compile the modules.

Tuesday 5 January 2010

http://www.notebookrepairguide.com/laptop-notebook-repair-service-manuals/

http://www.notebookrepairguide.com/laptop-notebook-repair-service-manuals/

 

 

 

Saturday 2 January 2010

Bypassing Windows Unknown Publisher Verification For Web Downloaded Executables

SOURCE:
http://www.efblog.net/2009/12/bypassing-windows-unknown-publisher.html
I was in another day of jumping from a client to a client, securing another bank in Israel when my girlfriend called and said "Honey, I am at the office, I have absolutely nothing to do and I can't connect from here to our computer at home to continue my project". I said, O.K, let's see what we can do on a 5 minute phone call. Now just want to make it clear, my girlfriend is an Information System Instructor, she is no developer or hacker.

Me: "Honey, go to http://www.teamviewer.com, can you download it?"
Her: "yes, but when I run the setup.exe it says something weired like 'windows has blocked this software because it can't verify the publisher' and it won't let me install"












Me: "O.K, Open Start-Run, type notepad and space, now click on setup.exe and drag it to the text box at Start->Run. Now add ':Zone.Identifier' just before the last quotes. What do you see?"
Her: "I see something like ZoneId=3, now what?"
Me: "I can't talk, going into a meeting, try to change it to 1 or delete everything, bye bye bye"

After 10 minutes I get an SMS "thanks honey it worked!!!".
Well we found a bug, I wouldn't really call it a "Privilege Escalation" but I guess you don't have to be a hacker to bypass windows security restrictions :)