Darik’s Boot and Nuke 2.2.6

It has been some time since I last did a secure wipe on my laptop. I thought I would just blog it here for this easy to use and effective software.

1. Boot your DBAN media after downloading from http://www.dban.org/download.

2. Press F4 to read the disclaimer. A warning message appears that RAID configuration is not supported.

3. Press F3 for quick commands. A list of secure erase algorithms is available for selection.

4. I typed in dod – DoD 5220.22-M method.

5. It has taken quite a while and is currently at pass 4 of 7 since late morning.

6. Finally, it has completed. Sweet.

Nessus 4.4.1 in Backtrack 5 R1

1. Download a copy of debian Nessus from http://www.tenable.com/products/nessus/select-your-operating-system.

2. Downloaded my Nessus 4.4.1.

3. Install in command line – dpkg –i Nessus-4.4.1-debian5_i386.deb.

4. Next, register your Nessus via http://www.tenable.com/register.

5. Retrieve the activation code in your registered email.

6. Enter the key in Nessus. /opt/nessus/bin/nessus-fetch –register xxxx-xxxx-xxxx-xxxx-xxxx.

7. Add user in Nessus. /opt/nessus/sbin/nessus-adduser.

8. Start the service. nessusd start.

9. Access the GUI. https://localhost:8834/. Key in your username and password.

10. I need an interesting host, isn’t it? Download Bad Store from www.badstore.net.

11. Scanning Bad Store. Almost done.

12. Report from the scan.

13. Drilling down to port 3306 (mysql).

14. Drilling down to zero-length vulnerability.

15. Other high http findings.

16. Other high https findings.

Strong Passcode for iPhone

One of the most effective deterrent to prevent information leakage through loss of device, is still having a strong passcode. If you do not have one, my recommendation is for you to at least have a 4 digit passcode.

A. 4 Digit Passcode
It is easy to do this. Go to your Passcode Lock, turn it on, and enable Simple Passcode. Key in your preferred 4 digits passcode and you are ready to go.

Here’s what it looks like.

B. Strong Passcode
Here’s what you can do to make it even better. Turn off the Simple Passcode.

Key in your alphanumeric passcode. But here’s what it looks like after screen lockout. A keyboard appears. Ouch… what am I getting into? Unsexy for your iPhone?

Fret not. If you keyed in all numeric passcode (more than 4 digits), you will still get a nice numeric pad. Clearly, this is my preferred choice.

Hackintosh’ed!

I have finally laid my hands on Mac OS X, after scouring the internet – a virtualized one though!

A few prerequisites are required.
1. Vmware Workstation 7, but I ran it on vmware player anyway.
2. Premade OS X Virtual Machine, you can easily download it.
3. Darwin_snow.iso, which you must use it to boot with your image everytime.
4. 64-bit Intel processor with Virtualisation Technology.

The specifications that I ran on:
1. Lenovo x200
2. Intel(R) Core™2 Duo CPU, P8600 @ 2.40GHz
3. 64bit Windows 7
4. 4GB Memory (RAM)

It isn’t all just plug and play. A few minor tweaks are still required at your end.
1. Turn on hardware virtualization at your bios, under cpu settings.
2. Modify ‘guestOS = “darwin10-64″ ‘, in your .vmx file settings.
3. Boot it, of course. : )

Tada! Mac OS X 10.6.2 “Snow Leopard” is loaded. The premade image comes with a default account called ‘User’. Password is blank and you have to change that under Account Settings, before you can perform sudo for your administrative tasks.

To change your screen resolution, add the following in the main body (before </dict>) to your /Library/Preferences/SystemConfiguration/com.apple.Boot.plist, and reboot.
<key>Graphics Mode</key>
<string>1280x800x32</string>

Native Boot Your VHD Image in Windows 7

This article assumes you
1. Run command prompt as Administrator.
2. Has a working vhd that you would like to native boot.
3. Knows what an identifier looks like – basically some scrambled alphabets.
4. Has backup your current bcd configuration, if it is any important to you.

bcdedit /copy {current} /d “Give it a name”
*This gives the boot entry a name. Use the output as identifier to next set of actions.

bcdedit /set {identifier} device vhd=[c:]\newVHD\windows7.vhd
bcdedit /set {identifier} osdevice vhd=[c:]\newVHD\windows7.vhd
bcdedit /set {identifier} detecthal on
*These point the vhd file location to a boot entry.

bcdedit /v
*Verify the boot entry is created as you desired. i.e. entry name, identifier, vhd file location.

Copy this vhd file to another location so that you always have a pristine image. Should you wish to roll back, just overwrite the old file.