Pages

Showing posts with label hacking. Show all posts
Showing posts with label hacking. Show all posts

Tuesday, August 1, 2017

Fedora 26 : reset root password .

Although most believe that they know the answer to this question then in Fedora 26 you have to adopt a method other than the classic one.
Start with select the boot line and press e key to edit.
Find the line with linux16 and add this on the end of this row:

rd.break
Press Ctr+x or F10 keys to reboot.
#mount | grep root
#mount -o remount,rw /sysroot
#mount | grep root
#chroot /sysroot/
#passwd root
...
#touch /.autorelabel
#exit
#reboot

Now you can use the new password for user root to login the system.
I try the old way with init=/bin/bash but I got a panic kernel ( maybe is the SELinux performs a complete file system relabel).
Anyway this solve my problem with reset the root password on Fedora 26 Server.

About rd.break, this interrupt the boot process before control is passed from initramfs to systemd.
The disadvantage of this method is that it requires more steps, includes having to edit the GRUB menu, and involves choosing between a possibly time consuming SELinux file relabel or changing the SELinux enforcing mode and then restoring the SELinux security context for /etc/shadow/ when the boot completes.

Wednesday, December 30, 2015

Joanna Rutkowska talk on the 32C3 streaming site.

Joanna Rutkowska covered the last few decades of security on computers.
You can see Joanna Rutkowska 32c3 streaming media.

Thursday, October 9, 2014

News: the versions 3.13 and 3.14 of the kernel can be hijacking.

A vulnerability in the Linux kernel has the consequence that a remote attacker TCP hijacking.
According to this, the kernel can be hijacking.
This some numerical values of the kernel, like TCP sequence number, which an attacker can take over TCP connections easier.

Monday, September 15, 2014

News: Hacking gmail - 5 Million gmail addresses and passwords.

A user named tvskit published a link to 4,929,090 Gmail addresses and passwords on the Russian Bitcoin Security forum.
Seam more than 60 percent of the passwords were still valid.
Source: www.esecurityplanet.com

Thursday, March 20, 2014

Google Glass Spyware - install malware on the device -simply looked at a crafted QR code.

Seam google development team don’t really protect us from Google Glass device.
The main reason is one malware that uploaded more than 150 snapshots of his vision with no signal. The malware, designed by Mike Lady- 22, and Kim Paterson- 24, is disguised as note-taking software.
It takes and uploads a photo every 10 seconds when the display is off.
Read more about this here.

Thursday, May 16, 2013

Using nethogs like top command .

NetHogs is a net tool like command top but show us bandwidth by process.

Now supported:

Shows TCP download- and upload-speed per process

Supports both IPv4 and IPv6

Supports both Ethernet and PPP

You can read and get archive from here.

Unarchive then use make and make install.

# ls
Changelog       decpcap.h         INSTALL      process.h
connection.cpp  decpcap_test      Makefile     README
connection.h    decpcap_test.cpp  nethogs.8    README.decpcap.txt
conninode.cpp   DESIGN            nethogs.cpp  refresh.cpp
conninode.h     devices.cpp       nethogs.h    refresh.h
cui.cpp         devices.h         packet.cpp
cui.h           inode2prog.cpp    packet.h
decpcap.c       inode2prog.h      process.cpp
# make
# make install 
install -d -m 755 /usr/local/sbin
install -m 755 nethogs /usr/local/sbin
install -d -m 755 /usr/local/share/man/man8/
install -m 644 nethogs.8 /usr/local/share/man/man8/

After that you have this files:

# ls
Changelog       decpcap.c         inode2prog.h  packet.o
connection.cpp  decpcap.h         inode2prog.o  process.cpp
connection.h    decpcap.o         INSTALL       process.h
connection.o    decpcap_test      Makefile      process.o
conninode.cpp   decpcap_test.cpp  nethogs       README
conninode.h     DESIGN            nethogs.8     README.decpcap.txt
conninode.o     devices.cpp       nethogs.cpp   refresh.cpp
cui.cpp         devices.h         nethogs.h     refresh.h
cui.h           devices.o         packet.cpp    refresh.o
cui.o           inode2prog.cpp    packet.h

Can you use now binary nethogs to run it.

The binary # ./decpcap_test not working on my system.

I don't know what is the reason.

Monday, February 4, 2013

News: DroidCleaner App infects connected PCs

Linux friends with android device another problem can infect your device.
DroidCleaner, an Android app that claims to free up smartphone memory but actually infects connected PCs, has been removed from Google Play but is still available from third-party app stores.
Read more here.

Wednesday, January 2, 2013

Vulnerability? google paypal facebook and internal ip


Do you have any idea about an Internal IP Address or a Private IP Address that too assigned for Multinational Companies? Yeah, today we are gonna discuss about Internal IP or Private IP address Disclosure.
Disclosure of an Internal IP like 192.168.*.* or 172.16.*.* , can really Impact? Most security researchers call it as "bull shit" vulnerability. But when it comes to impact calculation even if the server is behind a firewall or NAT, an attacker can see internal IP of the remote host and this may be used to further attacks.
Read more here.