All posts by n1x

SMASH THE STACK LEVEL2

time to play

let’s read what it says

first function catcher  and it trigger the suid  and drop the bash nice  this is what we want

Continue reading SMASH THE STACK LEVEL2

SMASH THE STACK Level1

after login to the ssh server

levels located on /levels

so let’s play  level1

as u notice it had suid permeation  -r-sr-x— for level2  so it will lead us to a user (level2 )

I entered any test number and it leads me with no respond 😀 crazy huh!

so I decided to look inside the binary file (quick look )

Continue reading SMASH THE STACK Level1

NGINX forward visitor real ip to apache

let’s assume u have

NGINX on port 80

apache on port 8080

 

in nginx config -> sever config -> virtualhost config

 

Continue reading NGINX forward visitor real ip to apache

Files Encrypt with GPG

GPG = Gnu Privacy Guard

To secure file from unauthorised access with the password in Linux/Unix is very simple method 🙂

lets assume we have a secure file with some financials stuff called orders.xls

and we want to email it to our partners  and we  want to get sure just he is the only one will be able to read it

first we will encrypt the file with password

gpg -c orders.xls

it will create a file orders.xls.gpg   this file that will be sent to our partners

notice the gig extension in the end of the file

this file will be only decrypted if  our partners enter the correct password

decrypt the file with password

 

 

Script : MySQL Create Database UTF-8 with user and password

we do  create many  databases every day and i love UTF-8 data formate so i decided to make  something simple and save my time

here is the syntax to create a database called unixawy in utf8

to add a user for unixawy with password unixawysecret

also, i made a simple script to save my timemysql_utf8

 

 

Rest MySQL root password

we all hate this ERROR 1045 (28000):

the problem starts with  “you can’t access and u will not be able to change the MySQL/MariaDB password while the service is running u have to disable it and run mysqld_safe which will allow u to update the user table inside MySQL database with no password then u will be able to run MySQL/MariaDB again with  the new password”

First Solution

1 – service mysqld stop

2 – mysqld_safe –skip-grant-tables

3 – run mysql command it will let u in without password

4 – now u will be able to  update the user table

apply this code inside mysql shell

the new root password will be UNIXAWY

5 – killall mysqld

6- service mysqld start

Second Solution

1- create file restmysqlpwd.txt

2 – insert this code inside

 

3 – service mysqld stop

4 – mysqld_safe –init-file restmysqlpwd.txt

5- killall mysqld

6 – service mysqld start