Author: rdircio

First node where the FS are currently mounted:
umount FS
vgchange -an vgdata
vgexport vgdata
Second node, where we want to mount the volumes:
vgimport vgdata
vgchange -ay vgdata
pvscan (will show you the active/inactive volumes)
Thx to Hiram Ruiz
45/433

My disk is pgp encrypted so i can’t mount it and image it from outside, if i image it from inside, when i restore it i’ll need
to add pgp again.
So i booted off backtrack 4 in a usb disk, used old dd to image my drive, compress it and dump it to a nfs
mounted directory.
dd if=/dev/sda | gzip -c -9 > /a/disk.iso.gz
If i ever want to restore it i’ll do
gunzip -cd
/a/disk.iso.gz
| dd of=/dev/sda
39/433

The compiler is gcc version 3.4.5, from blastwave.
Got the sources for:
zlib-1.2.3
openssl-0.9.8d
openssh-4.5.1
Untar them all and apply the chroot patch “openssh-4.5p1-sshjail.patch” to openssh-4.5.1
Build them in that order.
To build zlib do:
# ./configure –prefix=/opt/acsssh –shared
# make && make install
To build openssl:
# ./config shared –prefix=/opt/acsssh
# make && make install
To build openssh
#./configure –with-pam –prefix=/opt/acsssh –with-ssl-dir=/opt/acsssh –with-zlib=/opt/acsssh
# make && make install
To build the chrooted jail i modded a script, jail.ksh, with contents:
#!/usr/bin/ksh
JAILUSER=juser
JAILGROUP=jgroup
echo “deleting previous structures”
userdel -r $JAILUSER
groupdel $JAILGROUP
rm -fR /export/home/jail
echo ” deleted”
SDIR=opt/acsssh
/usr/sbin/groupadd $JAILGROUP
mkdir -p /export/home/jail
chown root:$JAILGROUP /export/home/jail
chmod 750 /export/home/jail
/usr/sbin/useradd -g $JAILGROUP -c “Jail user $JAILUSER” -d /export/home/jail/$JAILUSER/export/home/$JAILUSER -s /bin/sh $JAILUSER
mkdir -p /export/home/jail/$JAILUSER
202/433
chown $JAILUSER:$JAILGROUP /export/home/jail/$JAILUSER
cd /export/home/jail/$JAILUSER
mkdir etc
mkdir bin
mkdir usr
mkdir usr/bin
mkdir -p $SDIR/bin
mkdir -p $SDIR/lib
mkdir -p $SDIR/sbin
mkdir -p $SDIR/etc
mkdir -p $SDIR/ssl/lib
mkdir -p $SDIR/libexec
mkdir usr/lib
mkdir usr/platform
mkdir usr/platform/`uname -i`
mkdir usr/platform/`uname -i`/lib
mkdir -p usr/platform/sun4u/lib/sparcv9
mkdir -p platform/sun4u/lib/sparcv9
mkdir lib
mkdir dev
mkdir devices
mkdir devices/pseudo
cd /export/home/jail/$JAILUSER
APPS=’bin/cp bin/ls bin/mkdir bin/mv bin/pwd bin/rm bin/rmdir bin/sh’
for i in $APPS; do
cp /$i ./$i
LIBS=`ldd ./$i | awk ‘{print $3}’`
for l in $LIBS; do
if [[ ! -d ./`dirname $l` ]]; then
mkdir ./`dirname $l` > /dev/null
fi
cp $l .$l
done
done
cd /export/home/jail/$JAILUSER/devices/pseudo
mknod mm@0:zero c 13 12
mknod mm@0:null c 13 2
cd /export/home/jail/$JAILUSER/dev
ln -s ../devices/psuedo/mm@0:zero zero
ln -s ../devices/pseudo/mm@0:null null
cd /export/home/jail/$JAILUSER
BINS=”lib/ld.so. 1 $SDIR/bin/ssh $SDIR/libexec/sftp-server $SDIR/sbin/sshd $SDIR/lib/libz.so
$SDIR/lib/libcrypto.so.0.9.8 usr/lib/ld.so.1 usr/lib/nss_files.so.1 platform/sun4u/lib/libc_psr.so.1
platform/sun4u/lib/sparcv9/libc_psr.so.1″
for i in $BINS; do
cp /$i ./$i
done
mkdir -p /export/home/jail/$JAILUSER/export/home/$JAILUSER
chown $JAILUSER:$JAILGROUP /export/home/jail/$JAILUSER/export/home/$JAILUSER
touch /export/home/jail/$JAILUSER/etc/passwd
touch /export/home/jail/$JAILUSER/etc/group
echo “$JAILUSER:x:`/usr/xpg4/bin/id -u $JAILUSER`:`/usr/xpg4/bin/id -g
$JAILUSER`::/export/home/$JAILUSER:/bin/sh” > /export/home/jail/$JAILUSER/etc/passwd
203/433
echo “$JAILGROUP::`/usr/xpg4/bin/id -g $JAILUSER`:$JAILUSER” > /export/home/jail/$JAILUSER/etc/group
echo “done!”
here
!
204/433

mysql limits you by default to search for strings no smaller than 3 characters, so, if i wanted to look for “dd” in
s9y i had no luck.
F*n grep is better than mysql with that > 3 chars limit.
s9y also uses MATCH and AGAINST which makes searches a bit dumb.
To overcome this i added the parameter “–ft_min_word_len=1” to mysql startup, so we can search strings
shorter than 3 chars.
/usr/bin/mysqld_safe –ft_min_word_len=1 –datadir=/var/lib/mysql –pid-file=/var/run/mysql/mysql. pid $SKIP &
To make ft_min_word_len take effect you have to reindex the tables you wish to search with less than 3
chars. To do it:
mysql> repair table serendipity_entries quick;
+———————————+——–+———-+———-+
| Table | Op | Msg_type | Msg_text |
+———————————+——–+———-+———-+
| serendipity.serendipity_entries | repair | status | OK |
+———————————+——–+———-+———-+
1 row in set (0.20 sec)
mysql> repair table serendipity_authors quick;
+———————————+——–+———-+———-+
| Table | Op | Msg_type | Msg_text |
+———————————+——–+———-+———-+
| serendipity.serendipity_authors | repair | status | OK |
+———————————+——–+———-+———-+
1 row in set (0.00 sec)
mysql> repair table serendipity_entrycat quick;
+———————————-+——–+———-+———-+
| Table | Op | Msg_type | Msg_text |
+———————————-+——–+———-+———-+
| serendipity.serendipity_entrycat | repair | status | OK |
+———————————-+——–+———-+———-+
around line 773 of s9y include/functions_entries.inc.php we changed MATCH and AGAINST for LIKE
//– rdircio, better searches here
// $cond[‘find_part’] = “MATCH(title,body,extended) AGAINST(‘$term’ IN BOOLEAN MODE)”;
50/433
$cond[‘find_part’] = “(title LIKE ‘%$term%’ OR body LIKE ‘%$term%’ OR extended LIKE
‘%$term%’)”;
} else {
// $cond[‘find_part’] = “MATCH(title,body,extended) AGAINST(‘$term’) “;
$cond[‘find_part’] = “(title LIKE ‘%$term%’ OR body LIKE ‘%$term%’ OR extended LIKE
‘%$term%’)”;
}
Now, you can enter text in the quicksearch like ” tar c ” at this blog and it will find entries like ” tar cvf” and not
entries like “start”
51/433

We got many keys for some wifi APs around, so we put them in a delimited text file like:
ap8599:5537801570
sd6980:5202140314
wq0858:5953230520
now, when we are around, we want a script that we can tell: “connect to ap6980 if you see it around, if you
need a key, take it from the text file”. Called without arguments, it scans all available networks, and tries to
connect to all of the ones that we have a key or that are open.
This is our connection script:
#!/bin/bash
ap=$@
i=wlan0
en=0
#——————————————————————————————————————
# Scan for wireless networks, and pretty print the quality, the essid, and if we require encryption
#—————————————————————————————————————–
scanw () {
i=$1
( ifconfig $i up
iwlist $i scan | egrep -i ‘essid|freq|qual|encr’ |nawk ‘ORS=NR%4?” “:”n”‘| tr -s ‘ ‘| while read l;do
AP=`echo “$l “|awk ‘{s=substr($0,index($0,”ESSID:”) +7);print substr(s,1,index (s,”””)-1)}’`
EN=`echo “$l “|awk ‘{s=substr($0,index($0,”Encryption key:”)+15);print substr(s,1,index (s,” “)-1)}’`
QU=`echo “$l “|awk ‘{s=substr($0,index($0,”Quality=”)+8);print substr(s,1,index (s,”/”)-1)}’`
K=`grep “^$AP” keys.txt| awk -F’:’ ‘{ print $2 }’`
echo “$QU:$EN:$AP:$i: $K”
done
) | sort -n
}
#—————————————————————————————————————–
# Connect to the accespoint determined by the “$ap” variable
#—————————————————————————————————————–
conn(){
L=`grep -i “$ap” ~/keys.txt| head -1`
C=`echo -n $L | wc -c`
indb=1
if [ $C -lt 1 ];then
40/433
# echo “————- WARNING: AP $ap not found in database”
indb=0
fi
S=`grep “$ap” /tmp/scan.$$|wc -c`
if [ $S -lt 1 ];then
echo “————- ERROR: AP $ap is not in range, cannot connect”
exit 1
fi
if [ $indb -eq 1 ];then
#—if we found an accesspoint in our database work with it
AP=`echo $L | awk -F’:’ ‘{ print $1 }’`
K=`echo $L | awk -F’:’ ‘{ print $2 }’`
echo “————- Connecting to $AP with key $K”
iwconfig $i mode managed key $K essid “$AP” rate auto
else
AP=`grep “$ap” /tmp/scan.$$|awk -F’:’ ‘{ print $3 }’`
en=`grep “$AP” /tmp/scan.$$|awk -F’:’ ‘{ print $2 }’`
if [ $en == “off” ];then
echo “————- Connecting to $AP without key”
iwconfig $i mode managed key off essid “$AP” rate auto
else
echo “———— ERROR: Encryption needed for $AP but i don’t have the key”
return 1
fi
fi
x=0
echo -n “————- Associating with $AP”
while [ $x -lt 10 ];do
A=`iwconfig $i | grep -i ‘Not-Associated’|wc -c`
if [ ${A} -eq 0 ];then
echo “”;echo “————- Associated to $AP !!!”
dhclient -q -r $i
dhclient $i
exit 0
else
echo -n “.”
fi
sleep 1
x=`echo “$x + 1” | bc`
done
echo “”;echo “————- ERROR: Could not associate”
}
#——————————————————————————————————————-
# Connect to any accesspoint we can sniff
#——————————————————————————————————————-
auto () {
cat /tmp/scan.$$ | awk -F’:’ ‘{ print $3 }’ |while read ap;do
echo “———- trying to connect to $ap”
conn $ap
done
}
#——————————————————————————————————————-
# Main
41/433
#——————————————————————————————————————-
ifconfig -a | egrep -i ‘mon|wlan’ | awk ‘{ print $1 }’ |while read i;do airmon-ng stop $i; done > /dev/null 2>&1
ifconfig $i down
ifconfig $i up
scanw $i > /tmp/scan.$$
cat /tmp/scan.$$
if [ $# -lt 1 ];then
echo “——– WARNING: no Accesspoint specified, will try to connect to the ones i see alive”
auto
else
conn
fi
rm /tmp/scan.$$
Scan for wireless accesspoints, parse the output
so, iwlist throws its output in different order depending of the wifi nic, so we need to scan and parse, to see 3 columns:
signal strength: encryption needed: ESSID
27:on:CASA
27:on:AP1133
30:on:CC5763
32:on:XX1330
36:off:gg54g
So, we wrote a script called “scan” that loops to all wlan interfaces and scans for APs.
#!/bin/bash
ifconfig -a |grep -i wlan | awk ‘{ print $1 }’|while read i;do
echo “#—- scanning on $i”
( ifconfig $i up
iwlist $i scan | egrep -i ‘essid|freq|qual|encr’ |nawk ‘ORS=NR%4?” “:”n”‘| tr -s ‘ ‘| while read l;do
AP=`echo “$l “|awk ‘{s=substr($0,index($0,”ESSID:”) +7);print substr(s,1,index (s,”””)-1)}’`
EN=`echo “$l “|awk ‘{s=substr($0,index($0,”Encryption key:”)+15);print substr(s,1,index (s,” “)-1)}’`
QU=`echo “$l “|awk ‘{s=substr($0,index($0,”Quality=”)+8);print substr(s,1,index (s,”/”)-1)}’`
echo “$QU:$EN:$AP”
done
) | sort -n
done
42/433

if

sendbreak -y -d 0

doesn’t work, then

reset -d 0 xir

# chage -d 0 username
Unlock account
In redhat…
# passwd -u rdircio
# faiilog -u rdircio -r
pwconv and pwck cannot lock /etc/passwd
[root@myserver root]# pwck
pwck: cannot lock file /etc/passwd
you need to remove the lock file
[root@myserver root]# ls -la /etc/.pwd.lock
-rw——- 1 root root 0 Jul 14 2003 /etc/.pwd.lock
[root@myserver root]# rm /etc/.pwd.lock
rm: remove `/etc/.pwd.lock’? y
[root@dbn-ie2k214 root]# pwck
user adm: directory /var/adm does not exist
user news: directory /var/spool/news does not exist
user uucp: directory /var/spool/uucp does not exist
user gopher: directory /var/gopher does not exist
user wnn: directory /home/wnn does not exist
user gdm: directory /var/gdm does not exist
pwck: no changes
ck
95/433

zfs set mountpoint=/mount/point/dir mypool/myfs
74/433

Soalris doesn’t have md5sum, so there’s a workaround
digest -a md5 -v /path/file
Thx to Justin Lim
19/433

If for any reason your vcs node falls into STALE_ADMIN_WAIT, issue
# hasys -force <nodename>
193/433