IDA Debugger: you don’t have the necessary privileges.

during reverse engineering session, I encountered error from IDA saying

“The debugger could not attach to the selected process. This can perhaps indicate the process was just terminated, or that you don’t have the necessary privileges.”

I was debugging a 64-bit console application under WinDBG, and I did start IDA as Administrator, but it still complaining about necessary privileges!

a quick solution I found is to run win64_remotex64 as administrator from \dbgsrv of your IDA installation and configure IDA to use a remote debugging session with a target host localhost

GDB init

Native GDB settings that help without third-party apps

Learn How to Learn

focused and diffuse mood 

1 – concentration in something for a period of time (pomodoro)

  • 25 min focus
  • no interruptions
  • reward

 

memory

  • working memory 4 slots so it needs to chunk the data
  • long term memory hard to find ur way in

moving from working memory to long-term memory need

  • the time between memory to make it have a strong base
  • repeating it many times per week

known something doesn’t mean u can do it

data chunks

  • understanding the small parts how it works
  •  focused attention
  • the full picture
  • practice

top to down (big picture)

bottom to up (chunking)

deep learning

  • recall from your memory  (look away and recall what u read )
  • illusion from your self (very dangerous)  (highlight carefully(misleading ) )
  • a mini test is a kind of recall (mistakes is valuable )
  • changing the place you are reading the book in and connected the stuff you read to this place will help you to remember it when u set in the exam lab
  • mind mapping and connections between the concepts

Shellcode validation via C pointer

C snippet to test the shellcode

replace your shellcode with your custom payload

 

Continue reading Shellcode validation via C pointer

Run MySQL Cluster Multi Masters For High Availability

Hello Folks, it’s has been a while I didn’t write new articles,

it’s has been a while I didn’t write new articles, so time to give back to the community, I will describe how to implement MySQL cluster for high-availability and disturbed workload

MySQL Cluster Architect comes with new process ndbd and ndb_mgmd

ndb is used to handle all data and table using the NDB Cluster Engine

ndbmtd multi-threaded data  handler in NDB Cluster Engine

ndb_mgmd is the Cluster Management Server Daemon responsible for distributing the configuration and log around the cluster

in this setup, we will use 4 servers to distribute MySQL service cluster process

Group Beta

  • 172.31.24.183  ndbd
  • 172.31.23.137 ndbd

Group Alpha

  • 172.31.16.43 mysqld & ndb_mgmd
  • 172.31.16.34 mysql & ndb_mgmd

our applications will communicate to load balance that distributes the workload  to Alpha Group

to begin setup we have to download MySQL cluster manager package from Oracle website https://edelivery.oracle.com/osdc/faces/Home.jspx feel free to create your account

pickup your platform and download the package for I use the Cluster+Generic Linux x86 (64bit) version

download and extract the package  in all nodes

inside the mcm1.4.3 folder  is a bin folder  has 2 files mcm and mcmd the client and the demon for the cluster manager

we need to run mcmd in all nodes so they can communicate to each other

lets setup out cluster first we need to create a site ( all nodes we need to group it in a site )

now lets run the client add the site  MySQL Cluster Manager Interface

mcm client

 

second, we need to load the cluster package in the site we created

 

now let’s define the roles for the node who plays what

172.31.23.137  & 172.31.24.183 plays data role

172.31.16.43 & 172.31.16.34  mysqld & cluster management

now run the cluster and check the services status

confirm the roles for each host upon your design

now we want to communicate with out lovely cluster

as we built 2 servers with mysqld they are up and running under node id 51,52

by default, mysql cluster will not sync the mysql.user table as it running in MyISM and for that, we need to enable a MySQL routine that sync the users over the cluster

to do that first login to mysqld nodes as a root and import distribute MySQL privileges routine .sql

now create your remote account and it will be synced over the cluster

Now feel free to scale up alpha or beta to any number you want also you can create nodes mixed of alpha and beta.

and keep your eyes on the nodes

to add a new node to our cluster we load the mcm package in the node and the demon

mcm> add package -b /home/ec2-user/mcm/cluster -h 172.31.20.215 7_6_8;

 

as it clear our new node 172.31.20.215 is in the sites but didn’t join the cluster yet because he has no rule to add it  and after that, we need to start the role inside the cluster so nodes can collaborate and sync

now adding extra node and load more database data store on 172.31.20.215

checking our cluster status

to run added processes  on target cluster we use start process -a mycluster

now everything should be steady for our cluster

now let’s change all ndbd to multi-threaded version

all our data engine now running multi-threaded version

 

Happy Hits 😀

Linux Performance Co-Pilot with WebUI

Performance Co-Pilot allow sysadmins to collect and measure data from various systems, it comes in RPM packages for Red Hat 6 to 7

website http://pcp.io/

installing Performance CO-Pilot

pcp  packages comes with different services pmcd,pmlogger 

pmcd  : performance metrics collector daemon

pcp packages come with many commands to gather information about the machine like pmatop, pmstat, pminfo,  pmval

pmatop one of my favourite tool as it gives you a big picture

it shows information about disk , memory, cpu , network , process , swap , lvm

 

Screen Shot 2016-07-23 at 1.23.04 PM

pmstat   it show loadavg, memory ,  swap , io , system , cpu come with -s ( sample counter [how many times it should collect this data ] ) and -t for the time interval

pminfo command to list all available metrics

lets use metrics called network.interface.in.bytes to see how many bytes we receive in our interface

let’s start pmlogger

the pmlogger service will save the log archievs into /var/log/pcp/pmlogger/[hostname]/date-day

we can use pmval with parameter -a to tell it to use this archive and set the matrix

we can assign specified start and end time for pmval

-S start time, -T end time

with  ISO-formatted date example -S  ‘@ Wed Feb 25 05:01:00 2016’ -T ‘@ Wed Feb 25 06:01:00 2016’

this will query 2 hours from 5am Feb 25 2016 TO 7am Feb 25 2016 with the metrics  you like

not the fun part pcp offer a web real-time monitor in different flavours and styles one of my best is called vector.

first we need to install and run the pcp web service

check which port this service use

access to localhost:44323/vector

it shows nice metrics of disk IOPS, Throughputs, Network Packets and more

vector

happy debugging folks

Facebook Mass Invite to Like script

today I wrote  a script to help in sending an invitation to like your page

this happens when you promote a post for your audience and they interact with your post but they forget to like your page

so this script will help you to mass invite them in once

Screen Shot 2016-07-21 at 1.30.18 PM

1 – click on the likes for the post

2- open your browser console

paste this code

 

hit enter

and result should be like this

Screen Shot 2016-07-21 at 1.23.20 PM

as you can see I sent around 200 invitation in once 😀

enjoy

Docker Persistent Storage for MySQL Server and SELinux

hello everyone today we will make

MySQL Docker Container with Shared Storage

first let’s pull latest MySQL  version of docker

after we did download the latest image

this image come in handy with some awesome parameters

  1. MYSQL_ROOT_PASSWORD
  2. MYSQL_DATABASE

with this  parameters, we can create a database and set root password for mysql

now let’s create a folder in our host so we can use it instead of /var/lib/mysql (let’s keep the mysql data in the host not inside a container)

remember it should be numeric formate

then we change the folder context to for selinux to  treat this as a virtualized sandbox

here we created a database called unixawy and root password un1x4wyp4ssw0rd

inspect your docker and connect to it IP

now each container you run with this command will share the same database data

check database content in your node storage via ls /var/mysql_data_store

cheers

IPtables PREROUTING, POSTROUTING for mixed interfaces via DNAT & SNAT

hello world,

let’s hit the point directly

1 – we have traffic coming from Source IP to our box and we need to Route it to another destination ( traffic forwarding )

2- we have traffic coming from Source IP to our box and we need to Route it to another destination ( traffic forwarding )  through a specified interface Continue reading IPtables PREROUTING, POSTROUTING for mixed interfaces via DNAT & SNAT

phpMyAdmin error #1146

#1146 – Table ‘phpmyadmin.pma_tracking’ doesn’t exist

Screen Shot 2016-06-26 at 1.21.13 PM

 

this error indicates that phpmyadmin pages failed in setup  and you just ignored it in the setup process

you need to reconfigure the package again

 

 

Screen Shot 2016-06-26 at 1.29.55 PM

after you follow the reinstall steps it will setup the missing sql files for pma tables