Admin’s Arsenal: Notepad++

Ok, so anyone that knows me (or has dealt with me for anything technical that involves a text file of any kind) knows that I loathe Windows Notepad. If you are just going to write a quick couple lines of notes it’s ok, but anything beyond that, it’s just the wrong tool for the job. That’s where Notepad++ comes in.

Notepad++ is an open source text editor extraordinaire, making short work of even the most convoluted of text files with the greatest of ease. Here is just a partial list of the features of Notepad++:

• Syntax Highlighting and Syntax Folding
• WYSIWYG editor (if you have color source code, print it in color)
• Auto Completion
• Multi-Document (tabbed view)
• Multi-View (view multiple documents at the same time)
• Regular Expression Search/Replace supported
• Full Drag & Drop support
• Zoom in and Zoom out
• Bookmark
• Line numbering
• Macro recording and playback
• FTP support

And that’s not even all of the features!

 However for me the best features are the syntax highlighting and the line numbering. Do you have any idea how easy it is to explain a (printed out) script to someone when you can just tell them, “and starting on line 324…”? It’s GREAT!!!

Read more »

Admin’s Arsenal: Explorer++

Explorer++(no relation to Notepad++, but you can easily see that the developer of Explorer++ was heavily influenced by notepad++) is an attempt to do with Windows Explorer what Notepad++ has already done with Windows Notepad; replace it completely.

WARNING: Explorer++ is in its’ second Alpha release (meaning it is not even a BETA release yet so it will likely have bugs aplenty). Use this software at your own risk.

Now that said, I have not had any issues with it. Normally I do not recommend products that are in Beta, let alone those in ALPHA (like Explorer++), however I’ve only been using Explorer++ for a couple weeks now, but I am already starting to feel that Windows Explorer just seems weak when compared to Explorer++.

Unlike some other Windows Explorer replacements I’ve tried, this one isn’t trying to be everything to everyone (I’m looking directly at you Directory Opus), it is simply trying to give you a better file management tool.

Like Notepad++, Explorer++ also supports tabbed views (really handy when you are trying to work with files in multiple directories), and does it very well.

Explorer++ is also portable by default, you can just drop it on a USB drive and run it from there (this also scores major points with me).

The developer of this software is off to a fantastic start, and I will be keeping an eye on this product as it matures. If this product matures half as well as Notepad++ it will be absolutely indispensable as part of my toolkit.

Explorer++ can be downloaded here.

Using Shadow Copy to save the day from the beach. (reRun)

“What do you mean the backup did not run last night?”

“Why exactly wouldn’t the tape drive be plugged into the same UPS as the library?”

“His WHAT was plugged into the ups? His cell phone? Why wouldn’t you move it?”

“Yeah, yeah yeah, Of course I can get your files back I have plan 1-di0-t in place.”

I checked the file server and someone definitely deleted moved or otherwise did something to our main executive share. The deleted files were already mirrored to the raid mirror and via my xcop

Did I mention I am not in the office and in Costa Rica? (business not pleasure kids! I’m building wireless infrastructure. Don’t be jealous.)

I saw this:

Antivirus software on a voting machine? Diebold you have done it again!

Damn I love XKCD!

I hope you enjoy this as much as I did. Obviously I am getting a lot of my news from the comics nowadays… I knew DieBold Voting machines have been suspect for a while with all there ease of hacking methods…

But now it looks as if Diebold is blaming issues with their voting machines on poor old Mcafee… If the device was created properly it would not need antivirus software running on it. Hello?

Is this thing on? Maybe I can help you make a more secure OS for your device… It’s called Linux. Look into it.

_TheSayWhatAdmiN_

Did You Know You Can Unlock YOUR User’s XP Workstation?

So…I’ve always wondered if there was a way to remotely unlock a users workstation. I mean c’mon, who wouldn’t want to sneak up and see what your employees are typing about you in an email, or things they have open and are doing!

Naw really, this really shouldn’t be used in malicious ways. It can be a very useful tool, and for me it was, being in IT it meant I could quickly check up on an employees machine if I needed to find an IP address or if they had something open from the network that someone else needed to get in.

There are a ton of legitimate reasons that this would be useful.

So after hours and hours of scouring the Internet many months ago, I managed to find a tool somehow by a man named Dan Farino. Props go to this guy! He users a process to create a service on the remote machine and inject a DLL into the Winlogon process. Of course you need the administrator password to the machine or the domain. You could use that password to log into the machine directly - but it will log off the current user killing any documents they have opened and in a un-saved state.

I won’t go too much into detail, because most of the overview can be found here. I highly encourage you to read the little that there is behind how this thing works. It’s basically a shell command you run in a command prompt.

The format is: RemoteUnlock.exe computername

Please Note: This only works on XP workstations as far as my testing goes. It’s a no go on Windows 2000, specially anything earlier. Vista I’m unsure about as well.

Also, a fundamental step you must not forget in this process is to relock the workstation after your through with it. You type in that command, do what you need to do on the computer, then you need to hit ENTER. Good Luck!!

A tool to evaluate SQL injection vulnerabilities

The other night at school we got on the discussion of SQL injection website attacks. I happen to know someone who has a website that has been the victim of multiple SQL injection attacks. This person was getting really fed up with it, and they were finding them selves restoring backups about three times a day due to some script kiddie trying to make name for themselves, and trying to be a 1337 H4×0r.

SQL injection has been around for a while, and isn’t anything new. If you are just climbing out from under your rock, and have never heard of SQL injection here is a good definition of what SQL injection is from Wikipedia:

SQL injection is a technique that exploits a security vulnerability occurring in the database layer of an application. The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and thereby unexpectedly executed. It is in fact an instance of a more general class of vulnerabilities that can occur whenever one programming or scripting language is embedded inside another.

Well my instructor pointed out a pretty cool free application one can use to test their web page for basic, simple SQL injection attacks to see if they are vulnerable. If they are vulnerable, this application will give them a nice little report telling them how many vulnerabilities a website might have, which pages vulnerabilities have been found on, and what database information is found on the back end.

This application is from HP, and is called Scrawlr. Since it is free, the scans it does, and the attack methods it uses is fairly basic. For a more robust scan, HP has another enterprise product you can pay for. However if you use Scrawlr, and you do find vulnerabilities, that means your site is open to even the most novice of script kiddies, and you will be able to patch up your site to protect against basic attacks.

Do you know of any other SQL injection scanning/evaluating programs? If you do, I would love to play with some so please let me know in the comments.

Originally Posted on Bauer-Power