Wednesday, May 20, 2009

Recovering a lost Windows XP password

I have a computer that run linux 99% of the time... But I also boot windows XP once in a while (every year or so) to do something specific like trying out some 3d game. Don't ask why, but I tend to forget that password. It happened twice already, so I am documenting the workaround for the next time it happens!

Very quickly, here are the steps:
  1. Download ophcrack: http://ophcrack.sourceforge.net/
  2. Download also some rainbow tables. I have used xp_free_small (380mb). The smallest but not fastest or strongest table -- enough for my purposes.
  3. ./configure && make
  4. (I skip the make install -- I am going to use the binary that is left in src/)
  5. I am running windows in the same computer, so I will just mount the windows partition: sudo mount /dev/sda1 /mnt/xp
  6. Click Load -> Encripted SAM. Choose /mnt/xp/WINDOWS/system32/config . This will load all your password hashes directly from that Windows.
  7. Select accounts you don't want to crack (e.g. you already know the password), to save cpu time, and click Delete on them.
  8. Tables -> Install , add the one(s) that you downloaded.
  9. Click Crack!
That's it. If you are lucky, just as I am, you will have your password shown in screen, in the clear, for anyone looking on your shoulders.

ophcrack has a lot of useful options, I strongly recommend reading at least the help (big Help button on top of main window).

happy cracking!

Monday, May 11, 2009

Trac and Subversion in Apache, on Ubuntu

I got tired of developing senderos.net.ar without source control. Yes, I know, I should have done all this before.

Anyway... These are the notes to setup a subversion repository and a trac server (to browse it and to keep an internal wiki for myself).

I am running Kubuntu 8.10.

These instructions are somewhat based on this tutorial and this blog post (and many other pages I read in between).

I am going to create

  • a repository in /home/svnrepo,

  • trac environment in /home/tracrepo,

  • a single project 'senderos' (subprojects as children, then trunk/tags/branches structure)

  • reuse my already working apache server

  • use single http authentication



Create subversion server.


As root:

svnadmin create /home/svnrepo --fs-type fsfs
chown www-data:www-data /home/svnrepo -R
vim /home/svnrepo/conf/svnserve.conf
anon-access = none
auth-access = write
password-db = passwd
vim /home/svnrepo/conf/passwd
herchu=myPassword


Test: Run svnserve -d , then stop it.

Apache setup for subversion


As root:

apt-get install libapache2-svn
/etc/init.d/apache2 restart
a2enmod dav_svn
sudo vim /etc/apache2/mods-enabled/dav_svn.conf
<Location /svn>
DAVsvn
SVNPath /home/svnrepo
AuthType Basic
AuthName "Earthsea Subversion"
AuthUserFile /etc/apache2/dav_svn.passwd
require valid-user
</Location>
htpasswd -cm /etc/apache2/svn_dav.passwd herchu
New password: xxx
Re-type new password: xxx
Adding password for user herchu
/etc/init.d/apache2 restart


Testing subversion



svn info http://localhost/svn
Authentication realm: <http://localhost:80> Earthsea Subversion
Password for 'herchu': ....
...
Repository UUID: aabbccdd-1122-3344-5566-77889900aabb
Revision: 0
...


Upload my already crowded dirs:


From an empty dir: svn import . http://localhost/svn/senderos/web/trunk
From ~/mapsWeb: svn co http://localhost/svn/senderos/web/trunk .
Then svn add of the files I wanted, and svn ci.

Create the Trac server


Partially based on ubuntu howto

apt-get install trac
trac-admin /home/tracrepo initenv
Project Name [My Project]> senderos
Database connection string [sqlite:db/trac.db]> sqlite:db/senderos.db
Repository type [svn]> svn
Path to repository [/path/to/repos]> /home/svnrepo
sudo chown www-data:www-data /home/tracrepo/ -R


Test trac with manually loaded server




tracd --port 8000 /home/tracrepo


Open http://localhost:8000 and browse your svn repository and see things are working ok...

Run trac from within apache


This is not installed by default, and I need it:

apt-get install libapache2-mod-python
a2enmod python
sudo /etc/init.d/apache2 restart


More testing...



Temporarily add this in sites-enabled/default
<Location /mpinfo>
SetHandler mod_python
PythonInterpreter main_interpreter
PythonHandler mod_python.testhandler
</Location>


and load http://localhost/mpinfo (If it works, remove this config part)

Finally, setup trac:
Add to sites-enabled/default:

<Location /trac>
SetHandler mod_python
PythonInterpreter main_interpreter
PythonHandler trac.web.modpython_frontend
PythonOption TracEnv /home/tracrepo
# PythonOption TracUriRoot /trac
PythonOption PYTHON_EGG_CACHE /tmp
</Location>

<Location /trac/login>
AuthType Basic
AuthName "senderos"
AuthUserFile /etc/apache2/dav_svn.passwd
Require valid-user
</Location>


Make sure you restart your browser while restarting apache!! (you will mess with /login and sessions otherwise)

Check if:
  • load http://localhost/trac - Check in "browse" button if the svn repository is browsable

  • try editing a wiki page (requires to be logged in, you must see a "create" button on unexistent wiki pages)



good luck!

Sunday, May 10, 2009

first post

testing first post...

I will regularly post any kind of activity to this log.