Posts tagged windows

powershell ip reverse resolution

posted on 2017-01-27 15:22

A quick script to do reverse resolution of a textfile containing ips called ips.txt located in the same directory as the the file you put this content into:

$erroractionpreference = 'silentlycontinue'
get-content .\ips.txt | foreach-object {
        $resolvedip = [System.Net.Dns]::gethostentry($_).hostname
        echo "$_        : $resolvedip"
}

Save and execute. Might have some rough edges, this did not get much testing.

windows: static routing

posted on 2016-05-20 19:08

Handling of static routes in windows can be easily done through the commandline.

Information is specified like this:

route COMMAND DEST-NETWORK-IP mask SUBNETMASK YOUR-GATEWAY

show

route print

add

# temporary
route add  10.0.0.0  mask 255.255.255.255  192.168.0.1
# permanent: just add the -p switch
route add  10.0.0.0  mask 255.255.255.255  192.168.0.1 -p

delete

# temporary
route delete  10.0.0.0  mask 255.255.255.255  192.168.0.1
# permanent: just add the -p switch
route delete  10.0.0.0  mask 255.255.255.255  192.168.0.1 -p

ASA: access console via serial port

posted on 2015-02-21 18:02:56

To connect to one of Cisco's ASA's (short for Adaptive Security Appliance), you have several options.

Either use the management ethernet port (labelled MGMT) or via the serial interface (CONSOLE), which are both rj45 outlets. This methods of access are the same for most other hardware appliances.

If the ASA was not accessed in a while and the network config was lost (or if it's a leftover from an old customer), you are likely unable to access it through the management port, because you do not know the subnet you have to be in to connect to it, anymore.

If you still happen to know your credentials, you might try the serial interface.

If your computer has a serial interface, too, you only need a rs232-to-rj45 cable for the asa. If you have a laptop its much more likely that you just lack the serial port, you need an adapter from serial to ethernet, plus an adapter from serial-to-usb.

From here the steps differ, depending on your operating system.

windows

  1. plug in the adapter, which is connected to the devices CONSOLE port, too
  2. open the device manager
  3. look up which COM port just got added
  4. open putty
  5. connection destination is i.e. COM-7, if thats the one you saw
  6. enter baud rate (9600 for cisco devices AFAIK)
  7. connect

You should be greeted by a prompt of the ASA. Hit space, in case putty does not update your console window.

linux

  1. plug in the adapter connected to the ASA
  2. ls -alh /dev/tty*
  3. You should see a device called something like /dev/ttyUSB0
  4. sudo screen /dev/ttyUSB0 9600, with baud rate of 9600 like mentioned in the windows manual above
  5. you should be connected, hit spacebar if nothing is shown.

If you happen to have problems to find out which device is added when you insert the adapter into your usb port, try:

watch --differences -n.2 ls /dev/tty*

grub2: Windows boot entry fix

posted on 2015-02-10 17:57:13

If you have linux along with windows installed on different partitions, and you somehow manage to lose your windows boot entry, try the following.

setup

Either edit /etc/grub.d/40_custom, or if the file does not exist, create a new one. Prefix it with a number you like, it will let grub decide where the boot menu entry will appear. If put into the 40_custom, it will appear on the end of the boot menu.

There add this:

menuentry "Windows" {
set root=(hd0,3)
chainloader +1
}

Then issue the command update-grub in the shell (which should be aliased to update-grub2, in case you wondered), to update the /boot/grub/grub.cfg. Else your changes will not have any effect.

It is however EXTREMELY likely, that hd0,3 from above will not work in your case. More on this later on.

So reboot, and try booting the new entry.

explanation

As menuentry chose whatever you like, that is just the string which will appear in the menu.

set root=... decides which partition will be loaded.
chainloader +1 tells grub to chainload the next bootlader from there if one is present, starting on the first block of the partition, IIRC, no warranty on that. It is basically the same as chainloader 0+1, for more info on the block list syntax see here.

If it won't work reboot again, and press 'e' to edit the boot entry. Choose another harddisk or partition until you 'hit ground'. (hd0,1) is for example the first harddisk, with its first partition which will be tried. From there, the numbers are simply incremented. If this is information overflow, it is more condensed int the grub manual. If you use NTFS on the windows partion, you might also try the insmod chain and insmod ntfs commands from the last link.

troubleshooting and finding the correct harddisk and partition

boot a linux for setup inspection

Use a linux (either the installed one if it still boots or a boot stick), and have a look at your existing partitions via either fdisk -l or parted, if you want to du further troubleshooting. An idea would be to search which partition was intended to be the windows boot partition (hint: it should be around 100MB in size), remember the number, it might help you.

use grub to identify the partitions

Also you can use grub's shell to list all possible harddisk/partition combos. Just boot into grub2, hit 'c' to enter the console and do ls.

This will show you something like this:

grub> ls
(hd0,msdos6) (hd0,msdos5) (hd0,msdos4) (hd0,msdos3) (hd0,msdos2)
(hd0,msdos1)
grub>

These are all the partitions you can try, either by editing the grub configs in /etc/grub.d, or when editing the menu entries directly when in grub and hitting 'e' when having chosen your just created entry.

ssh key forwarding

posted on 2014-04-28 18:26:53

To enable ssh key forwarding on startup, use these in .bashrc or .zshrc:

eval $(ssh-agent|grep -v echo)
ssh-add > /dev/null

This has supressed output, and will work next time you login a new shell.

Further you have to have set these in your ssh config.

# Mind the indentation!
Host *
    ForwardAgent yes
    StrictHostkeyChecking no

    # if you want, try these
    User root
    VisualHostkeyChecking yes

User root is the user that will be used, if the username is omitted with the ssh command, and you do not want to use the current user on your machine. VisualHostkeyChecking shows the graphical fingerprint of the machine you are connecting to.

On Linux, for system-wide changes these go into /etc/ssh_config. If you just want to change for a specific user, just change the /home/<username>/.ssh/config file.

User specific changes on windows go into C:\Users\<username>\.ssh\config IIRC.

Windows' cat

posted on 2014-04-21 18:16:39

The linux equivalent of cat (for displaying the contents of a file on the console) is type.

Windows run commands list

posted on 2014-04-11 10:31:03

Accessing most system programs in windows is done easiest through the RUN command box. Start it via WIN + R. After you have had a lot of different windows systems to administer, you may wonder how you lived without this.

Task Manager                    taskmgr         CTRL+SHIFT+ESC
Control Panel                   control
System Information              msinfo32
Version Reporter Applet         winver
Firewall                        firewall.cpl
Downloads                       downloads
Recent Files                    recent
Windows Update                  wuapp
Shell                           cmd
Powershell                      powershell
Windows Explorer                explorer        WIN+E
System Properties               sysdm.cpl
Services                        services.msc
Shared Folders                  fsmgmt.msc
User Account                    control /name Microsoft.UserAccounts
User Account Control Settings   useraccountcontrolsettings
Advanced User Accounts          netplwiz
Authorization Manager           azman.msc
Windows Activation Client       slui
Screen Resolution               desp.cpl
Remote Desktop Connection       mstsc
Power Options                   powercfg.cpl
On Screen Keyboard              osc
Mouse Settings                  main.cpl
Disk Management                 diskmgmt.cpl
Disk Cleanup                    cleanmgr
Disk Defragmenter               dfrgui
Language Pack Installer         lpksetup
Local Group Policy Editor       gpedit.msc
Local Users and Groups          lusrmgr.msc
Local Security Policy           secpol.msc
Computer Management             compmgmt.msc
Certificates                    certmgr.msc
Hardware Wizard                 hdwwiz

Remapping Keys in Windows 7 through registry

posted on 2013-11-24 19:18:44

For easier keyboard handling (and to save my fingers) I tend to switch Capslock and right CTRL, as well as left CTRL and left ALT/ALT Gr. For Windows there exist external programs like AutoHotkey and others, but I prefer doing it more low-level through the Windows Registry.

To do this, a key has to be set at HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Keyboard Layout. To check if it exists (or look up its current setting), WIN+R regedit, and navigate there. (This is just regedit in Windows Run Dialogue.) Note that the key is named Keyboard Layout, not Keyboard Layouts, do not change the latter.

If there is nothing present, do not worry. First a look on the theory and how the key is structured. Easiest to use are .reg files, a working example may look like this:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Keyboard Layout]
"Scancode Map"=hex:00,00,00,00,00,00,00,00,05,00,00,00,1d,00,3a,00,3a,00,1d,00,38,e0,1d,e0,1d,e0,38,e0,00,00,00,00 

This switches right CTRL with right ALT and left CTRL with CapsLock.

Looks complicated? This text here can actually be pasted into an empty .txt file. Rename it then to my_keymap.reg (Change the extension so Windows realizes to process this as a registry file.) and double click. Approve the changes, reboot, and you have a sticking change of your keymap. (To undo, delete the registry key and reboot.)

For easier explaining, the same code again, but with some formatting applied, and line numbers added:

 1      Windows Registry Editor Version 5.00
 2  
 3      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Keyboard Layout]
 4      "Scancode Map"=hex:
 5  
 6      00,00,00,00,
 7      00,00,00,00,
 8      
 9      05,00,00,00,
10  
11      1d,00,3a,00,
12      3a,00,1d,00,
13      38,e0,1d,e0,
14      1d,e0,38,e0,
15  
16      00,00,00,00 

This looks a bit better. But what do these hex-combos mean?

DWORDS (Windows data type representing a 32bit unsigned int) in lines 6, 7 and 16 are ALWAYS zeroes. The last one is a null terminator, the first ones are version information and flags as a header. Header information is always zeroes in the current version of the Scan Code Mapper.

Line 9 is a counter of all the DWORDs representing remappings that follow (Lines 11 to 14 are four mappings) plus the terminator in line 16. That is why there is a 5. This depends on how many mappings you create and has to be set accordingly. For comparison in an example without a single remapping, it should be set to 1 and will then look like this:

 1      Windows Registry Editor Version 5.00
 2  
 3      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Keyboard Layout]
 4      "Scancode Map"=hex:
 5  
 6      00,00,00,00,
 7      00,00,00,00,
 8      
 9      01,00,00,00,
10  
11      00,00,00,00 

But no need to create a reg-key like this if you want to have the changes removed again, just delete the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Keyboard Layout key and reboot.

These lines from the former example:

11      1d,00,3a,00,
12      3a,00,1d,00,
13      38,e0,1d,e0,
14      1d,e0,38,e0,

are where actually keys are remapped. The first two bytes represent the key's keycode that will be used, the last two bytes represent the key that is changed.

So,

11      1d,00,3a,00,

just means map L-Ctrl (1d) onto Caps-Lock (3a). Line 12 is the same keys, but in reverse, 13 and 14 switches R-Alt and R-Ctrl. (Comes in handy for emacs usage.)

Keycodes were taken from this document here, which I stumbled upon somewhere in the msdn pages. See column 'scan 1 make', the first one of each eight entries, page 16 onwards. Note that i.e. Right Alt is noted as e0_38, but when used as the first half of the DWORD in line 13 or the second half in line 14, it's bytes are actually switched.

A last example, this one just replaces Capslock with R-Ctrl:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Keyboard Layout]
"Scancode Map"=hex:

00,00,00,00,
00,00,00,00,

02,00,00,00,

1d,00,3a,00,

00,00,00,00 

Last three DWORDS are 02,00,00,00,, since two more lines are following, the actual rebind and finally the null terminator.

If you copy paste this, it will not work. You have to reformat, so that there are no newlines in there:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Keyboard Layout]
"Scancode Map"=hex:00,00,00,00,00,00,00,00,01,00,00,00,1d,00,3a,00,00,00,00,00 

This code can be pasted to a file named choose-a-name.reg. Save, double-click, reboot, and your CapsLock key will be gone. If you are interested in the original Microsoft article have based this on, which is from 2001, go here. Also this link helped.

Setting the $PATH env variable in Windows

posted on 2013-10-28 11:28:19

Once in a while a new programm or language needs to be installed, the path needs adjusting. Usually in Windows this is very annoying due to the window where this needs to be done is, erm, 'not very' user-friendly. (Of course this can be done from the shell, too. But besides appending/prepending an entry to the existing ones this is not the best approach to change the values.)

A better approach is RapidEE.

From its about page:

Rapid Environment Editor (RapidEE) is an environment variables editor. It includes an easy to use GUI and replaces the small and inconvenient Windows edit box. RapidEE 8.x supports Windows XP, 2003, Vista, 2008, Windows 7 & Windows 8 (including 64-bit versions). If you still use Windows NT or 2000, then use version 6.1. For Windows 9x or ME use version 2.1.

In short, besides letting you edit the entries much more conveniently, broken links are also shown in red!
Typing errors are also avoided through usage of filechooser menus.

Do yourself a favour and install this. Did I mention this is freeware? :o)

Windows 7 shortcuts

posted on 2013-10-18 16:06:58

Windows

Win + Up - Maximize the current window
Win + Down - Restore down or minimize
Win + Space - makes all Windows transparent
Win + Home - Minimize all but the current Window
Win + M - Minimize all Windows
Win + D - Show/Hide Desktop

Programs / System

Win + Number - Activate the program pinned on Taskbar

Ctrl + Shift + Click - Open with Admin privileges
Win + Pause - Open System Properties
Ctrl + Shift + Esc - Open Task Manager directly
Win + R - Open 'Run' window to directly execute programs

Win + L - Lock Computer

Explorer / Filesystem

Win + E - Open a Windows Explorer window
F2 - To rename a file
Ctrl + Shift + N - Create new folder
Alt + Up - Goto parent folder
Alt + Left - Backward
Alt + Right - Forward

This blog covers .csv, .htaccess, .pfx, .vmx, /etc/crypttab, /etc/network/interfaces, /etc/sudoers, /proc, 10.04, 14.04, AS, ASA, ControlPanel, DS1054Z, GPT, HWR, Hyper-V, IPSEC, KVM, LSI, LVM, LXC, MBR, MTU, MegaCli, PHP, PKI, R, RAID, S.M.A.R.T., SNMP, SSD, SSL, TLS, TRIM, VEEAM, VMware, VServer, VirtualBox, Virtuozzo, XenServer, acpi, adaptec, algorithm, ansible, apache, apachebench, apple, applet, arcconf, arch, architecture, areca, arping, asa, asdm, autoconf, awk, backup, bandit, bar, bash, benchmarking, binding, bitrate, blackarmor, blockdev, blowfish, bochs, bond, bonding, booknotes, bootable, bsd, btrfs, buffer, c-states, cache, caching, ccl, centos, certificate, certtool, cgdisk, cheatsheet, chrome, chroot, cisco, clamav, cli, clp, clush, cluster, coleslaw, colorscheme, common lisp, configuration management, console, container, containers, controller, cron, cryptsetup, csync2, cu, cups, cygwin, d-states, database, date, db2, dcfldd, dcim, dd, debian, debug, debugger, debugging, decimal, desktop, df, dhclient, dhcp, diff, dig, display manager, dm-crypt, dmesg, dmidecode, dns, docker, dos, drivers, dtrace, dtrace4linux, du, dynamictracing, e2fsck, eBPF, ebook, efi, egrep, emacs, encoding, env, error, ess, esx, esxcli, esxi, ethtool, evil, expect, exportfs, factory reset, factory_reset, factoryreset, fail2ban, fbsd, fdisk, fedora, file, filesystem, find, fio, firewall, firmware, fish, flashrom, forensics, free, freebsd, freedos, fritzbox, fsck, fstrim, ftp, ftps, g-states, gentoo, ghostscript, git, git-filter-branch, github, gitolite, global, gnutls, gradle, grep, grml, grub, grub2, guacamole, hardware, haskell, hdd, hdparm, hellowor, hex, hexdump, history, howto, htop, htpasswd, http, httpd, https, i3, icmp, ifenslave, iftop, iis, imagemagick, imap, imaps, init, innoDB, innodb, inodes, intel, ioncube, ios, iostat, ip, iperf, iphone, ipmi, ipmitool, iproute2, ipsec, iptables, ipv6, irc, irssi, iw, iwconfig, iwlist, iwlwifi, jailbreak, jails, java, javascript, javaws, js, juniper, junit, kali, kde, kemp, kernel, keyremap, kill, kpartx, krypton, lacp, lamp, languages, ldap, ldapsearch, less, leviathan, liero, lightning, links, linux, linuxin3months, lisp, list, livedisk, lmctfy, loadbalancing, locale, log, logrotate, looback, loopback, losetup, lsblk, lsi, lsof, lsusb, lsyncd, luks, lvextend, lvm, lvm2, lvreduce, lxc, lxde, macbook, macro, magento, mailclient, mailing, mailq, manpages, markdown, mbr, mdadm, megacli, micro sd, microsoft, minicom, mkfs, mktemp, mod_pagespeed, mod_proxy, modbus, modprobe, mount, mouse, movement, mpstat, multitasking, myISAM, mysql, mysql 5.7, mysql workbench, mysqlcheck, mysqldump, nagios, nas, nat, nc, netfilter, networking, nfs, nginx, nmap, nocaps, nodejs, numberingsystem, numbers, od, onyx, opcode-cache, openVZ, openlierox, openssl, openvpn, openvswitch, openwrt, oracle linux, org-mode, os, oscilloscope, overview, parallel, parameter expansion, parted, partitioning, passwd, patch, pct, pdf, performance, pfsense, php, php7, phpmyadmin, pi, pidgin, pidstat, pins, pkill, plasma, plesk, plugin, posix, postfix, postfixadmin, postgres, postgresql, poudriere, powershell, preview, profiling, prompt, proxmox, ps, puppet, pv, pveam, pvecm, pvesm, pvresize, python, qemu, qemu-img, qm, qmrestore, quicklisp, quickshare, r, racktables, raid, raspberry pi, raspberrypi, raspbian, rbpi, rdp, redhat, redirect, registry, requirements, resize2fs, rewrite, rewrites, rhel, rigol, roccat, routing, rs0485, rs232, rsync, s-states, s_client, samba, sar, sata, sbcl, scite, scp, screen, scripting, seafile, seagate, security, sed, serial, serial port, setup, sftp, sg300, shell, shopware, shortcuts, showmount, signals, slattach, slip, slow-query-log, smbclient, snmpget, snmpwalk, software RAID, software raid, softwareraid, sophos, spacemacs, spam, specification, speedport, spi, sqlite, squid, ssd, ssh, ssh-add, sshd, ssl, stats, storage, strace, stronswan, su, submodules, subzone, sudo, sudoers, sup, swaks, swap, switch, switching, synaptics, synergy, sysfs, systemd, systemtap, tar, tcpdump, tcsh, tee, telnet, terminal, terminator, testdisk, testing, throughput, tmux, todo, tomcat, top, tput, trafficshaping, ttl, tuning, tunnel, tunneling, typo3, uboot, ubuntu, ubuntu 16.04, udev, uefi, ulimit, uname, unetbootin, unit testing, upstart, uptime, usb, usbstick, utf8, utm, utm 220, ux305, vcs, vgchange, vim, vimdiff, virtualbox, virtualization, visual studio code, vlan, vmstat, vmware, vnc, vncviewer, voltage, vpn, vsphere, vzdump, w, w701, wakeonlan, wargames, web, webdav, weechat, wget, whois, wicd, wifi, windowmanager, windows, wine, wireshark, wpa, wpa_passphrase, wpa_supplicant, x11vnc, x2x, xfce, xfreerdp, xmodem, xterm, xxd, yum, zones, zsh


Unless otherwise credited all material Creative Commons License by sjas