Password reset via Recovery mode + Passwd protecting GRUB entries.

This is the most common technique used, what I try when i get an Ubuntu System with un-protected Recovery Mode GRUB entries. Read this from howtogeek.com


First a quick look into how to reset password via the Recovery mode.

When a ubuntu machine boots up it presents us with a GRUB loading screen. Hit "Esc" to get to the menu as shown below :

Now the highlighted entry is the Recovery Mode. From here you can either select "drop to shell prompt" and if it still asks for a password, then you can try this.
Select the Recovery mode entry and press "e" to edit the entry.

Then in next screen select the Kernel entry. You are presented as an entry like this.

 

 

 Now replace "ro quiet splash" with

rw init=/bin/bash

Once you have done this hit "Enter" and use "b" to boot

You are presented with a root shell

Issue "passwd" command to change password for root.
Issue "passwd <username>" to change password for a user.


Issue "sync" command to write the changes to disk.

BackTrack5 Released !!

This new revision has been built from scratch, and boasts several major improvements over all previous releases.Based on Ubuntu Lucid LTS. Kernel 2.6.38, patched with all relevant wireless injection patches. Fully open source and GPL compliant. BackTrack 5 comes in several flavors and architectures.

BackTrack5 Codename "Revolution" this time comes with GNOME Desktop Environment for the first time. There is a whole lot of architectures to chose from e.g arm, x86, x86_64 and also there is a choice between Virtual Image and ISO download. I am particularly excited about the GNOME Environment x86 architecture, going to try it soon.

Grab Yourself a Copy at --->> http://www.backtrack-linux.org/downloads/

Extracting META DATA from Photographs !!

Recently, I read a nice blog somewhere about "How" a person caught someone who was posting offensive pictures to a social-networking site using the EXIF Data stored in a photograph to get the GPS location of the offender.
I looked around and found that my BackTrack R2 has got a perfect tool to strip metadata in /pentest/misc directory called "exiftool". You would be surprised as how much information does the smartphones are storing in the photographs you click.(Have plenty if these pics @ facebook of my friends with smartphones)

How to use the tool ?? Well there is a README file.

Or you can just fire the tool like this

root@bt /pentest/misc/exiftool # ./exiftool  <path of image>

Following is a screenshot showing its usage

The Pic shows the camera used is of make "Motorola" , well this is just a snippet of the information the tool also gives GPS location as shown below in another screenshot. See the first few lines.

WARNING !! This tool is used in Forensics and Reconnaissance work on a target. So don't use it to stalk people.

Micromax 3G sticks in Ubuntu (Debian based distro)!!

MICROMAX 310G USB stick in Ubuntu 9.10

Recently tried to use  Micromac310G with my installed BackTrack4 R2 (Ubuntu based distro). But the distro detects it as a CD-ROM.
Read a lot of forums and googled the problem and it came to my knowledge that Ubuntu 10.10 supports these Modems. So , I had one option of updating my whole distro. But I decided to follow it on my current distro and i came across a nice blog which explains most of the process which requires a bit patience and requires basic Linux knowledge. Link is  here

Or for Ubuntu 10.04 and newer version can just try the sakis3g script which can be found here.
After downloading the script execute it with root privileges

root#./sakis3g  --interactive "verbose"

and then  the process is pretty explanatory.


P. S. :: sakis3g script requires usb_modeswitch, so if your Ubuntu doesn't have it   then go for the Full version of sakis3g script. Otherwise Binary free version works fine with already installed usb_modeswitch.