Ophcrack is a Microsoft Windows password cracker. It’s uses Rainbow table to crack the passwords, while still be able to use brute-force to do the job. Ophcrack can recover password from all version of Windows.
For this example, we’ll be using Ophcrack Live CD which already has all the software and required packages installed and can do the password cracking automatically.
To recover your Windows passwords, follow the following steps.
Programs compiled for Linux normally use shared libraries rather than being statically linked. The advantage to this is that it’ll save disk spaces as programs don’t need to include libraries in their package. The disadvantage to this is that a program compiled for one system, might not work on another system (distribution) as libraries might not be identically configured on different systems.
ldd can be used to display shared libraries used by a program, along with the path of where the library is expected to be found in the filesystem.
The following example shows dependencies of the program bash in a 64 bit machine:
$ ldd /bin/bash linux-vdso.so.1 => (0x00007fff8a372000) libncurses.so.5 => /lib/libncurses.so.5 (0x00007fa53a974000) libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007fa53a770000) libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007fa53a3db000) /lib64/ld-linux-x86-64.so.2 (0x00007fa53abe2000)
To display more information and to not need to type the program’s full path, run the command as the following.
$ ldd -v `which bash` linux-vdso.so.1 => (0x00007fff855ff000) libncurses.so.5 => /lib/libncurses.so.5 (0x00007f0cc4c11000) libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007f0cc4a0d000) libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f0cc4678000) /lib64/ld-linux-x86-64.so.2 (0x00007f0cc4e7f000) Version information: /bin/bash: libdl.so.2 (GLIBC_2.2.5) => /lib/x86_64-linux-gnu/libdl.so.2 libc.so.6 (GLIBC_2.4) => /lib/x86_64-linux-gnu/libc.so.6 libc.so.6 (GLIBC_2.8) => /lib/x86_64-linux-gnu/libc.so.6 libc.so.6 (GLIBC_2.3) => /lib/x86_64-linux-gnu/libc.so.6 libc.so.6 (GLIBC_2.11) => /lib/x86_64-linux-gnu/libc.so.6 libc.so.6 (GLIBC_2.3.4) => /lib/x86_64-linux-gnu/libc.so.6 libc.so.6 (GLIBC_2.2.5) => /lib/x86_64-linux-gnu/libc.so.6 /lib/libncurses.so.5: libdl.so.2 (GLIBC_2.2.5) => /lib/x86_64-linux-gnu/libdl.so.2 libc.so.6 (GLIBC_2.4) => /lib/x86_64-linux-gnu/libc.so.6 libc.so.6 (GLIBC_2.3) => /lib/x86_64-linux-gnu/libc.so.6 libc.so.6 (GLIBC_2.3.4) => /lib/x86_64-linux-gnu/libc.so.6 libc.so.6 (GLIBC_2.2.5) => /lib/x86_64-linux-gnu/libc.so.6 /lib/x86_64-linux-gnu/libdl.so.2: ld-linux-x86-64.so.2 (GLIBC_PRIVATE) => /lib64/ld-linux-x86-64.so.2 libc.so.6 (GLIBC_PRIVATE) => /lib/x86_64-linux-gnu/libc.so.6 libc.so.6 (GLIBC_2.2.5) => /lib/x86_64-linux-gnu/libc.so.6 /lib/x86_64-linux-gnu/libc.so.6: ld-linux-x86-64.so.2 (GLIBC_PRIVATE) => /lib64/ld-linux-x86-64.so.2 ld-linux-x86-64.so.2 (GLIBC_2.3) => /lib64/ld-linux-x86-64.so.2
tar.bz2 is a file format for
tar.bz2 files are normally small in size but require more
CPU power to compress and extract as compared to
To view the content of a
tar.bz2 file without uncompressing, use
tar with the
tf options as follows;
$ tar tf filename.tar.bz2
The command will produce a list of files contained in the archive. Use
less if the list is too long;
$ tar tf filename.tar.bz2 | less
The easiest way to shutdown a Windows machine from Linux is by using Samba’s net command. The following command will send an RPC call to the Windows machine, telling it to shutdown;
$ net rpc SHUTDOWN -C "Comment here" -f -I xxx.xxx.xxx.xxx -U username%password
If successful, we’ll be presented with the following mesage;
Shutdown of remote machine succeeded
Change “Comment here” with whatever shutdown comment that you would like for the shutdown, and replace xxx.xxx.xxx.xxx with the IP address of the Windows machine that we are to shutdown. A valid username and password also need to be supplied as a parameter to the the -U switch.
For this command to be successful, the user we use must have shutdown privilege on the windows machine. The Windows machine also need to have RPC enabled, and no firewall is blocking port 135 as the port used by RPC. The net command itself however is only available if Samba is installed.
From the man page, axel is a program that downloads a file from a FTP or HTTP server through multiple connection, each connection downloads its own part of the file.
Unlike most other programs, Axel downloads all the data directly to the destination file, using one single thread. It just saves some time at the end because the program doesn’t have to concatenate all the downloaded parts.
The following is an example of using axel to download a Linux kernel;
$ axel http://www.kernel.org/pub/linux/kernel/v2.2/linux-2.2.26.tar.bz2 Initializing download: http://www.kernel.org/pub/linux/kernel/v2.2/linux-2.2.26.tar.bz2 File size: 15754692 bytes Opening output file linux-2.2.26.tar.bz2 State file found: 140628 bytes downloaded, 15614064 to go. Starting download [ 1%] [0 1 2 3 ] [ 17.3KB/s] [14:38]
It accept the following options;
--max-speed=x -s x Specify maximum speed (bytes per second) --num-connections=x -n x Specify maximum number of connections --output=f -o f Specify local output file --search[=x] -S [x] Search for mirrors and download from x servers --no-proxy -N Just don't use any proxy server --quiet -q Leave stdout alone --verbose -v More status information --alternate -a Alternate progress indicator
To view processes owned by the user
shakir, simply issue the following command at the command line;
$ ps U shakir
You should get something like the following as output;
PID TTY STAT TIME COMMAND 1504 ? Sl 0:00 /usr/bin/gnome-keyring-daemon --daemonize --login 1522 ? Ssl 0:02 gnome-session 1556 ? Ss 0:00 /usr/bin/ssh-agent /usr/bin/dbus-launch --exit-with-session gnome-session 1559 ? S 0:00 /usr/bin/dbus-launch --exit-with-session gnome-session 1560 ? Ss 0:04 /bin/dbus-daemon --fork --print-pid 5 --print-address 7 --session 1563 ? S 0:03 /usr/lib/libgconf2-4/gconfd-2 1570 ? Ssl 0:09 /usr/lib/gnome-settings-daemon/gnome-settings-daemon 1572 ? S 0:00 /usr/lib/gvfs/gvfsd ...... ...... ......
PNG or Portable Network Graphics is a file format for image that employs lossless data compression. It is meant to replace patent encumbered GIF file format, hence the acronym itself is optionally recursive, which unofficially stands for PNG’s Not Gif.
Employing a lossless data compression, PNG’s images while being sharp can sometimes relatively be big in size. To keep the file size small while maintaining the sharpness of the image, there is a tool available that can further compress a PNG image, losslessly.
The command line based program is called Pngcrush, and is available for both Windows and Linux. The program can reduce the file size for up to 40% less from the original by trying various compression levels of PNG filter methods.
Running the program is as simple as supplying the input and output file, as in the following example;
$ pngcrush input.png output.png | pngcrush 1.6.6 | Copyright (C) 1998-2002,2006-2008 Glenn Randers-Pehrson | Copyright (C) 2005 Greg Roelofs | This is a free, open-source program. Permission is irrevocably | granted to everyone to use this version of pngcrush without | payment of any fee. | Executable name is pngcrush | It was built with libpng version 1.2.27, and is | running with libpng version 1.2.27 - April 29, 2008 | Copyright (C) 1998-2004,2006-2008 Glenn Randers-Pehrson, | Copyright (C) 1996, 1997 Andreas Dilger, | Copyright (C) 1995, Guy Eric Schalnat, Group 42 Inc., | and zlib version 220.127.116.11, Copyright (C) 1998-2002 (or later), | Jean-loup Gailly and Mark Adler. | It was compiled with gcc version 4.3.1 and gas version 18.104.22.16880610. Recompressing input.png Total length of data found in IDAT chunks = 90188 unknown chunk handling done. IDAT length with method 1 (fm 0 zl 4 zs 0) = 94524 IDAT length with method 2 (fm 1 zl 4 zs 0) = 94871 IDAT length with method 3 (fm 5 zl 4 zs 1) = 93666 IDAT length with method 9 (fm 5 zl 2 zs 2) = 181820 IDAT length with method 10 (fm 5 zl 9 zs 1) = 88388 Best pngcrush method = 10 (fm 5 zl 9 zs 1) for output.png (2.00% IDAT reduction) (2.14% filesize reduction) CPU time used = 0.510 seconds (decoding 0.060, encoding 0.450, other 0.000 seconds)
Pngcrush can also run in batch mode, where running the following command will compress all the PNG files in the current folder, and save it to a folder named compressed, adding the suffix -compr to the file name.
$ pngcrush -d compressed -e -compr.png *.png
A network switch doesn’t foward packets to everyone in the network the same way as a network hub do, and so theoretically a person in the network cannot look at other person’s traffic. There are ways however to get through this problem, which is by performing arp spoofing.