Tikejhya: Ashish Nepal

Knowledgebase

Month: June 2013

mysqlbinlog

Your ads will be inserted here by

Easy Plugin for AdSense.

Please go to the plugin admin page to
Paste your ad code OR
Suppress this ad slot.

mysqlbinlog –start-datetime=”2013-05-07 15:00:00″ –stop-datetime=”2013-05-07 16:20:01″ db1.002428

Reading mysqlbinlog from remote server:
mysqlbinlog -t mysql-bin-changelog.000020 –read-from-remote-server -hxxxxxxxxxxxxxx.com -uroot –password=xxxxxxxxxxxx –raw –result-file=/tmp/binlog-test

kernel: php-cgi[7094]: segfault at in libpthread-2.12.so

Your ads will be inserted here by

Easy Plugin for AdSense.

Please go to the plugin admin page to
Paste your ad code OR
Suppress this ad slot.

Apr 23 17:50:12 web-server kernel: php-cgi[7094]: segfault at ffffffffffffffff ip 00007f27b67e67b8 sp 00007ffff22d8f28 error 6 in libpthread-2.12.so[7f27b67dc000+17000]

Solution:
This is probably permission issue.

SED [Regex]

Your ads will be inserted here by

Easy Plugin for AdSense.

Please go to the plugin admin page to
Paste your ad code OR
Suppress this ad slot.

remove all line starting with string < ^<.*$ SED - remove last four characters from string echo "hello tikejhya whzz" |sed 's/.{4}$//' Sed Delete Empty Line Syntax $ sed '/^$/d' /tmp/data.txt

hping

hping is a command-line oriented TCP/IP packet assembler/analyzer. The interface is inspired to the ping(8) unix command, but hping isn’t only able to send ICMP echo requests. It supports TCP, UDP, ICMP and RAW-IP protocols, has a traceroute mode, the ability to send files between a covered channel, and many other features.

Usages: hping -i u1 -F -p 80 192.168.1.27

strace

The most common usage is to start a program using strace, which prints a list of system calls made by the program.

example:
ps auxw | grep httpd | awk ‘{print”-p ” $2}’ | xargs strace

straceprocessname(){ x=( $(pgrep “$@”) ); [[ ${x[@]} ]] || return 1; strace -vf ${x[@]/#/-p }; }

 

example2:

Find use of config file for php.

strace php 2>&1 | grep php.ini

Or, you might want to check only open syscall.

strace -e open php 2>&1 | grep php.ini

 

example 3:

strace -e open,access 2>&1 | grep your-filename

 

example 4: check using processid

strace -p 15427

 

example 5: check time of system call

strace -c -p 11084

 

example 6: netcat remote access

strace -e poll,select,connect,recvfrom,sendto nc www.tikejhya.com 80

RICHTX32.OCX COMPONENT MISSING

HTTPRecon or HTTP Fingerprinting is a tool developed by computec.ch and modified by w3dt to help return highly accurate identification of given httpd implementations. This is very important within professional vulnerability analysis.

While installation of httprecon i came across this problem.

Problem:
The module “richtx32.ocx” failed to load.
Make sure the binary is stored at the specified path or debug it to check for problems with the binary or dependent .DLL files.
The specified module could not be found.

SOLUTION
Copy RichTx32.ocx to the following directory: C:WindowsSysWoW64
Open “Command Prompt” As “Run as Administrator”
At the command prompt, enter: %systemroot%SysWoW64regsvr32.exe RichTx32.ocx

Increase IPtables hitcount limit

CENTOS IPtables hitcount limit.

echo “options ipt_recent ip_pkt_list_tot=60” > /etc/modprobe.d/ipt.conf
# Above value 60 is the value you want to have as max limit.

modprobe -r ipt_recent
modprobe ipt_recent

Now you are ready to make changes on your limit, and restart iptables.

Powered by WordPress & Theme by Anders Norén