Tag Archives: recover

Won’t Commit

01 Saturday Apr 2017

Posted by in Development

Leave a comment

Tags

, , , ,

Sometimes the command line is a better and more reliable way of pushing changes to a Git repository. The sync feature on the Windows client does something the Linux GUI client wasn’t doing, and the latter was refusing to update the remote directory.

First navigate the command line to the local github subdirectory for the project. Next thing is to check a few global variables, if the client hasn’t been set up already. The important ones are username/password and the text editor, otherwise you’d probably be stuck in vim if the ‘-m‘ option isn’t used for adding a commit message:
$ git config --global user.name "Michael"
$ git config --global user.email michael@example.com
$ git config --global core.editor nano

It’s quite possible my local working directory was in a ‘detached HEAD state’, which basically means I could have actually been trying to modify an older version of the project instead of the current one – ‘git checkout [commit identifier]‘ allows this, and ‘git checkout master‘ will point the local directory back to the repository’s master branch.
The ‘pull‘ and ‘push‘ commands should ensure both local and remote directories are in sync again:
$git checkout [branch]
$git pull origin [branch]
$git push origin [branch]

The output should show everything being up to date at this point. This seems to retrieve all files and history, which might be intensive depending on the size of the project.

Submitting the Changes
To see the current status, the differences between the local and remote directories:
$git status

As we can see here, there are two updated files: index.html and main.css. Another two .ttf files were also deleted from the local directory. To commit the changes, both files must be ‘staged’ – the concept is the same as including and excluding files in Visual Studio’s Team Explorer before committing.
$git add [file1] [file2] [file3]

Running ‘git status‘ again lists the staged changes:

Now the changes are ready to commit:
$git commit -m "Updated home page and CSS"

The command without the ‘-m‘ option will open a text editor for entering the commit message.

Finally the changes need to be ‘pushed’ to the remote directory/server.
$git push origin master

Note the 7-digit hexadecimal numbers. These are the first part of the changes’ SHA fingerprints and their identifiers in the history log.

Restore / Recover
The change log can be viewed with the ‘git reflog‘ command, with identifiers and HEAD numbers. Either could be used for selecting entries.

To view the details of a specific entry, use the ‘git show‘ command again. The ‘git show [identifier]‘ command will print the SHA fingerprint, the date/time, change author, files and section(s) of code that were changed.
$git show [change identifier]

To revert to an older version of a file, we can checkout that file from an earlier commit:
$git checkout [commit] [filename]

Omitting the filename will revert everything in the local directory to the specified version. Because the checked out file might differ from the current version in the master branch, it should appear as another change to be committed.

How to Crack Microsoft Windows Passwords, and How to Improve the Security

22 Wednesday Feb 2012

Posted by in Uncategorized

Leave a comment

Tags

, , , , , , , , , ,

Some years ago, when I just did normal PC maintenance monkeywork, an employer decided to resurrect a load of mothballed PCs. Despite the meticuluous record keeping in that place, the passwords for those machines were long forgotten. None of us had a Microsoft Windows installation disc either.
The following is a useful trick for anyone finding themselves in a similar situation. It assumes no drive encryption’s used, and that relatively weak passwords were set. This post will also demonstrate how easy it is to compromise the average desktop system, and provide a few countermeasures.

The Ingredients
For this, you’ll need:
* A fairly high-performance computer.
* a Linux live CD.
* Cracking software.
* Ideally the permission of whoever owns the Windows PC.

There are numerous password cracking programs available, as a quick Google search will reveal. Some cost money, many others are script kiddy programs with a malware payload. I strongly recommend using one that’s included with a freely-available security Linux distribution such as BackTrack, Blackbuntu or Matriux. This should be downloaded from the developer’s site, or another directly linked to it.

Another Linux live CD is also required here, and this should be a small OS, like PuppyOS, Knoppix or Damn Small Linux, that runs comfortably on a low performance machine. Not all PCs will have a DVD drive, the ability to boot from a USB device, or enough memory to run a larger distro. We only need this CD for browsing the target machine’s filesystem and get the hash values of the passwords to crack.

The final ingredient is the explicit permission of whoever owns the machines. Accessing PCs and cracking passwords is normally illegal without that, and a gross invasion of privacy.

Gaining Access
When a password is entered in a Windows login screen, its hash value is compared to the relevant entry in a password file. If there’s a match, the user is logged in. Basically the plan here is to bypass the Windows OS, acquire the password hash for the admin account, and then crack it using a cracking program on a higher-performance machine.

The first step is to get Linux running as the target machine’s OS, which would enable the browsing, modification and copying of whatever files without having to log into Windows. For this to hapen, the BIOS must be configured to boot the machine from the CD/DVD drive instead of the hard disk.

In some cases the BIOS menu is protected by a password. The way around this is to open the PC’s case and remove the battery from the motherboard for a few seconds. This wipes the user settings, including any BIOS passwords. The menu can then be accessed next time the machine’s switched on.

Once the BIOS is confgured, exit the menu and restart the machine. Hopefully it’ll load the Linux OS without any issues, and a desktop should appear after a few minutes. Now we have access to all the files on the local machine.

Cracking the Account Password
What we’re after is something called the SAM file, which is located in the C:\WINDOWS\System32\Config directory:

This file can either be copied to a USB drive, or the hash value of the root/admin password can be noted. This value is what cracking programs test possibilities against until the original password is determined. As I’ve mentioned, the chances are the password is weak, and a high-spec system can bruteforce it within seconds, minutes or hours. The stronger the password is, the longer it takes.

Securing the Windows Desktop
So we know one way (among several) passwords can be cracked for a desktop computer. Preventing it involves making all the above hard as possible.

* Ensure the hard drive is configured as the primary boot device, and set a password for the BIOS.
* The physical security of the PC is important. Secure the case so that nobody can easily remove the internal drives or the battery from the motherboard.
* Set strong passwords for the admin/root and user accounts on the PC.
* Access to the admin account should be restricted to the owner of the machine, or the organisation’s IT staff.
* Having a recovery plan is also an aspect of information security. When purchasing a new Windows PC, make damn sure the supplier provides a Windows installation disk. A ‘recovery partition’ is useless if the drive itself fails.
* Consider using drive encryption.