background preloader

Recover MySQL root Password

Recover MySQL root Password
You can recover MySQL database server password with following five easy steps. Step # 1: Stop the MySQL server process. Step # 2: Start the MySQL (mysqld) server/daemon process with the --skip-grant-tables option so that it will not prompt for password. Step # 3: Connect to mysql server as the root user. Step # 4: Setup new mysql root account password i.e. reset mysql password. Step # 5: Exit and restart the MySQL server. Here are commands you need to type for each step (login as the root user): Step # 1 : Stop mysql service # /etc/init.d/mysql stop Output: Stopping MySQL database server: mysqld. Step # 2: Start to MySQL server w/o password: # mysqld_safe --skip-grant-tables & Output: [1] 5988 Starting mysqld daemon with databases from /var/lib/mysql mysqld_safe[6025]: started Step # 3: Connect to mysql server using mysql client: # mysql -u root Output: Welcome to the MySQL monitor. Step # 4: Setup new MySQL root user password Step # 5: Stop MySQL Server: Step # 6: Start MySQL server and test it Related:  SYSAD 2

c# - Install a .NET windows service without InstallUtil.exe Configure apt-get with proxy [Archive] Ubuntu Forums > The Ubuntu Forum Community > Forum Archive > Main Support Categories > General Help > Configure apt-get with proxy Hello, Does anyone know: - How do I configure apt-get to work with a proxy? - How do I configure kynaptic (not synaptic) to work with a proxy? Put the following into your /etc/bash.bashrc file (after putting in the proper servername/IP and port number). Put the following into your /home/username/.bashrc file (after putting in the proper servername/IP and port number). export http_proxy= export ftp_proxy= I know that'll work if you add the lines, open a new Konsole prompt, and then launch Kynaptic from there. And tried all combinations (only to .bashrc, only to, both) with no luck :-| I know that will work for apt-get from the command line because I helped a guy ( Hi, It seems that I have a similar problem..

Writing buffer overflow exploits - a tutorial for beginners by or Buffer overflows in user input dependent buffers have become one of the biggest security hazards on the internet and to modern computing in general. This is because such an error can easily be made at programming level, and while invisible for the user who does not understand or cannot acquire the source code, many of those errors are easy to exploit. 1. Note: The way I describe it here, memory for a process is organized on most computers, however it depends on the type of processor architecture. The principle of exploiting a buffer overflow is to overwrite parts of memory which aren't supposed to be overwritten by arbitrary input and making the process execute this code. - code segment, data in this segment are assembler instructions that the processor executes. 2. A function is a piece of code in the code segment, that is called, performs a task, and then returns to the previous thread of execution. What happens here? 3.

ubuntu set system proxy from command line Create a private "Dropbox" file host using BitTorrent Sync / iGARET Why create your own cloud host when there are services like Dropbox that already exist? This is a very valid question; however, if you really think about it, I think it’ll be pretty obvious. On a daily basis, many people are constantly backing up files on their personal Dropbox drive. While there’s really nothing wrong with this, what would happen if Dropbox were to get hacked? I’m sure nobody saw it coming when PlayStation Network got hacked, yet, around 77 million people had their personal information stolen. What would happen if that same thing happened to Dropbox, where millions of people store sensitive data? Sure this is probably an extreme case, but one that hits closer to home would be the recent unveiling of project PRISM. So what’s the solution? No doubt we’re in the mobile age of computing. What is BitTorrent Sync? Don’t get discouraged after seeing the word “Torrent” included in it. There is however one drawback to this method of file syncing. The solution So what’s next?

La Zona Linux - Cómo hacer un Backup completo de tu sistema Linu Oracle estaría intentando destruir el Open Source 20 de agosto 2010.- Recordará el lector que cuando Oracle y Sun anunciaron el acuerdo para que la primera absorbiera a la segunda, los grandes defensores del Open Sourse y el software libre (incluyendo la Free Software Foundation, Richard Stallman y el fundador de MySQL ) se mostraron opuestos al acuerdo, argumentando que Oracle, famoso por su base de datos, tenía una enorme motivación para bajarle la cortina a MySQL, adquirido por Sun un año antes. Oracle tranquilizó a todo el mundo sosteniendo que en realidad estaba interesado en el hardware de Sun y que no tocaría los proyectos Open Source, logrando convencer al DOJ de Estados Unidos y a la Unión Europea. La teoría la plantea Dana Blankenhorn de ZDNet y, aunque soy reacio a prender con las ideas de conspiraciones, hay que reconocer que tiene bastante sentido. Básicamente, Oracle puede permitirse destruir lo que ha comprado.

Taming the Stubborn Tomcat Today I ran into a problem that most penetration testers will encounter at some point, and whose solution required a creative approach. Therefore, I'm writing this brief article as a reference for future encounters with stubborn Tomcat servers. I found an up-to-date Tomcat 7 server with easily guessable credentials and was able to access the Tomcat management console. At this point, compromising the server is usually a done deal. Typically, I would deploy a meterpreter shell via the Remote WAR deployment panel and proceed to pillage and pivot through the server using the SYSTEM level access that Tomcat granted me. However, this Tomcat was running on a fully patched and protected Windows Server 2008 R2 system which made this a bit more challenging. Once I gained access to a Tomcat management console, I took the standard approach and deployed a meterpreter WAR application to the Tomcat server, but something was preventing meterpreter from exfiltrating the network. Mission complete.

Cómo encriptar una memoria USB Artículo de Usemos Linux Cómo encriptar una memoria USB Navegando en Internet pude descubrir este sencillo tuto en el que el usuario amzertech explica cómo hacerlo. Para aquellos que prefieran seguir el instructivo en forma escrita y en español, aquí va. Pasos a seguir 1. sudo apt-get install cryptsetup 2. 3. 4. 5. 6. Para crear la partición encriptada, hacé clic en el botón Crear partición. Esperá un ratito hasta que termine de hacer el trabajo sucio. Una vez que terminó, creá la segunda partición: la que NO va a estar encriptada y que vas a usar para llevar y traer información. Sentate, tomate un mate y esperá. 7. Ahora, cada vez que montes la partición encriptada, vas a ver que ésta aparece con un candadito abierto, indicando que ingresaste la contraseña correcta y que está accediendo a una unidad encriptada. Nota: no sé si es un “bug” o qué, pero NUNCA Expulses en forma segura alguna de las particiones. 8.

Tunnelling Remote Desktop over SSH (PuTTY Settings) Assuming that the following settings are used - User - account name on SSH Server 7071 - port on Client PC to be forwarded user-PC1 - Server name 3389 - port on Server used for Remote desktop connections C:\keyfile.ppk - private keyfile used to authenticate login to the SSH Server - IP Address of SSH Server It is possible to automate this task by creating a batch file. Copy the following text into notepad then save with a .cmd file extension -

IptablesHowTo Basic iptables howto Iptables is a firewall, installed by default on all official Ubuntu distributions (Ubuntu, Kubuntu, Xubuntu). When you install Ubuntu, iptables is there, but it allows all traffic by default. Ubuntu 8.04 Comes with ufw - a program for managing the iptables firewall easily. There is a wealth of information available about iptables, but much of it is fairly complex, and if you want to do a few basic things, this How To is for you. Basic Commands Typing sudo iptables -L lists your current rules in iptables. Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Basic Iptables Options Here are explanations for some of the iptables options you will see in this tutorial. -A - Append this rule to a rule chain. Allowing Established Sessions We can allow established sessions to receive traffic: Allowing Incoming Traffic on Specific Ports Logging #! #!

How To Use Netcat to Establish and Test TCP and UDP Connections on a VPS Introduction Linux is known for having a great number of mature, useful command line utilities available out of the box in most distributions. Skilled system administrators can do much of their work using the built-in tools without having to install additional software. In this guide, we will discuss how to use the netcat utility. We will be exploring this on an Ubuntu 12.04 VPS, but netcat should be available on almost any modern Linux distribution. General Syntax By default, netcat operates by initiating a TCP connection to a remote host. The most basic syntax is: netcat [options] host port This will attempt to initiate a TCP to the defined host on the port number specified. If you would like to send a UDP packet instead of initiating a TCP connection, you can use the -u option: netcat -u host port You can specify a range of ports by placing a dash between the first and last: netcat host startport-endport This is generally used with some additional flags. How To Use Netcat for Port Scanning

Intrustion detection and prevention for Apache with mod-security Posted by Steve on Tue 28 Dec 2004 at 19:35 mod-security is a simple intrusion detector and preventor for Apache, allowing you to wrap an additional layer of protection around your webserver. mod-security is a rule-based IDS (intrusion protection system) which allows you to create rules describing abnormal requests to your webserver. When malicious requests are made which match your rules the request can be denied, and the details logged. With the rise of recent PHP-based worms, (such as Santy.E, or the renamed version PhpIncludeWorm ), which attempt to exploit any PHP script they find it's suddenly much more important to protect your server. The real protection, of course, is to only install and use secure code but if you're not auditing the code yourself, and the author was careless you could suddenly find yourself attacked with no warning. Installing mod-security on Woody Installing mod-security on an Unstable machine Configuring It Testing It Links

Evade Windows Firewall by SSH Tunneling using Metasploit | LINUX DIGEST A lot of times the victim machine may have windows firewall turned on thus making exploitation of vulnerable services on the victim tough. In this tutorial, we will look at how to workaround this restriction. The attacker lures the victim to view his malicious webpage which is a riddled with a browser exploit. Once the victim gets compromised, the attacker notices that we still only has privileges of the local user. Using this tunnel and port forwarding we going to compromises the SMB service running on the victim which has privileges of the Local System. Once his privileges are escalated we can enable to access the meterpreter fom his system. Below is the example image of all port filtered by windows firewall. NMAP TCP ACK Scan (-sA) Open port (few ports in the case of the firewall) Closed port (most ports are closed because of the firewall) Filtered (Nmap is not sure whether the port is open or not) Unfiltered (Nmap can access the port but is still confused about the open status of the port)

Bypass new generation Firewalls with meterpreter and ssh tunnels | H4rds3c Blog In this post I’m going to show the main content of an article published in Kali Linux 2 | Pentest Extra 05/2013 by me. I hope you enjoy it. During a recent penetration test I found a Windows host running a web application that let me execute code via an SQL injection error. The host was a Windows 2003 Server with an SQL Server 2005. It was part of a local area network (LAN), and my intention was to use it to pivot to other hosts on the LAN, up to create me an account of “Domain Administrator” and take possession of the entire Network . At this point, my attack vector was very clear: Upload and run a meterpreter payload to get a remote session.Escalate privileges on the remote host.Capture the “hash” of the Administrator to use it on other hosts.Use a “Delegation Auth Token” of a Domain Admin user to impersonate it, and use it to create a Domain Administrator user.Use the host as gateway to access other hosts and servers on LAN. But in Windows, things are different. So, What then? BINGO!!!