This is one of the best guides/references I have found online about SQL Injections – The SQL Injection Knowledge Base
Have fun :)
If you liked the post, we should get connected - follow me on Twitter
Post Category → blog
How to enable General Query Log in MySQL under Linux
The general query log is a general record of what mysqld is doing. The server writes information to this log when clients connect or disconnect, and it logs each SQL statement received from clients. The general query log can be very useful when you suspect an error in a client and want to know exactly what the client sent to mysqld. More about General query log
So if you have some bug or problem with database, one of the way to trace the problem in turning on this log, and check what is happening.
General query log is disabled by default, and to enable it, in Linux, you should do this:
Edit mysql configuration file:
vi /etc/my.cnf
Enable logging file, under [mysqld] section:
log=/var/log/mysql.general.log
Save the file. Then create log file and set mysql ownership:
touch /var/log/mysql.general.log chown mysql.mysql /var/log/mysql.general.log
Now, restart the mysql service:
/etc/init.d/mysql restart
You can now use your applications/scripts, run queries, etc. and everything will be logged. To see real time logging, run:
tail -f /var/log/mysql.general.log
Just be careful with this, log file can become big pretty fast.
When you want to disable General query log, just delete the line you have added in my.cnf, and restart mysql server.
If you liked the post, we should get connected - follow me on Twitter
Control more servers at once – via Putty and PuTTYCS
Have you ever thought about how to control more servers at once? For example, you need to update few or more Linux servers. In Linux, you can use great tool called Cluster SSH, which controls a number of xterm windows via a single graphical console window to allow commands to be interactively run on multiple servers over an ssh connection.
When you’re running Windows, and want to do something like this, you can use great little application PuTTYCS.
Just start your PuTTY sessions, and then start PuTTYCS. Here is how it looks like:
Now just type command you need, and click Send. For example, I use it to control my CentOS servers. When I want to update all of them, I just type in here: yum update
Makes life easier.
If you liked the post, we should get connected - follow me on Twitter
Tunneling applications with TSocks for anonymity using TOR
Have you ever thought how great it would be if you could run your hacking tools for information gathering/scanning/exploiting anonymously from terminal?
Here is one of the ways to do this, even your tools are without options for proxy.
You will need TSocks, and Tor installed. Nothing more.
In my BackTrack machine, TSocks is already installed. If you don’t have it, install it first.
After you do this, open /etc/tsocks.conf and edit server_port line, to port 9050 (default Tor port):
server_port = 9050
Then, you need to install Tor. Here you have simply explained how to install Tor. Install just Tor, you don’t need Privoxy.
After configuring tsocks, try to check if it’s working good by using the lynx web browser to connect to a website which will show you your current IP address. So when you want to run your tool anonymously, just add tsocks at the beginning. For example, to run lynx:
tsocks lynx whatismyip.net
If everything works fine, you will get some address from Tor network, and not your private:
Just to make sure, run the same application without tsocks:
lynx whatismyip.net
Here is how it looks now, with my real IP address:
So now, when you are sure that tsocks tunelling works fine, you can run all your nasty tools anonymously. Also, you can start f.e. Firefox and surf anonymously this way, just with typing:
tsocks firefox
That’s it! It’s just one of the ways. Have fun ;)
If you liked the post, we should get connected - follow me on Twitter
Oracle PeopleSoft – PeopleTools License Code Problems
If you are installing Oracle PeopleTools or any other Oracle PeopleSoft module on Linux/Unix machine, in console, then it’s possible that you will get into problem with entering valid license code.
When you get to part of installation where it asks you for license code, go to Oracle products license codes.
Find code for software you are installing and enter it. You will get an error that license code is not valid, if you just copy/paste code, or you enter it how it’s shown on Oracle page.
The thing is, you need to remove the “-” from code you are entering. After this, license code will be accepted, and installation will continue. This applies only for Linux/Unix systems.
Picture source.
If you liked the post, we should get connected - follow me on Twitter
How To Install and Configure freeNX
If you need to setup GUI access on a remote server system(Linux) and connect to it, you can try freeNX.
This is example how to install and configure freeNX in CentOS 5.
Server installation
On the server you want to control with freeNX you need to do next:
Install freenx using yum:
# yum install nx freenx
Copy minimal configuration file:
# cp /etc/nxserver/node.conf.sample /etc/nxserver/node.conf
Enable PASSDB for NX Database User Authentication pass-through:
Uncomment and change the following line in /etc/nxserver/node.conf
ENABLE_PASSDB_AUTHENTICATION="1"
Add a user account to the nxserver database ( the user account must already exist on the system as a standard linux user account):
# nxserver --adduser <username>
Give the user a password:
# nxserver --passwd <username>
Optional: If your SSH server is not at default port (22), you have to configure this also. So, open node.conf, find line #SSHD_PORT=22, uncomment it, set your port, and save changes.
Client installation
The NoMachine client needs to be downloaded from their site. Download the client that matches the operating system on your local machine.
http://www.nomachine.com/download.php
After installing the NoMachine client open the NX Connection Wizard.
Enter a Session Name, Hostname or IP of the remote server system, SSH Port number of the remote server system (usually 22), and select your connection type, desktop system and the size of the desktop. In this case, for connection to CentOS, in desktop settings, select Unix, Gnome.
In order for freeNX to function securely we need to copy the ssh key from the remote server system to the local machines NoMachine client software.
On the remote server system copy the client.id_dsa.key contents (including the —BEGIN— and —- END— lines):
# cat /var/lib/nxserver/home/.ssh/client.id_dsa.key
On the local client system open the NX client software and click on “Configure”:
Under the General tab, click “Key”
Delete the contents and paste in the contents from the remote server system/var/lib/nxserver/home/.ssh/client.id_dsa.key
Now connect using the username and password you created when you configured freeNX on the remote server system.
Common Error:
The nx service is not available or the nx access was disabled
The issue with the above error is that you copied the wrong ssh key and most likely followed the process from an old tutorial that told you to copy the key from /etc/nxserver or told you to create your own key. The key you should copy is found at /var/lib/nxserver/home/.ssh/client.id_dsa.key
If you liked the post, we should get connected - follow me on Twitter