Daily Cup of Tech

Sometimes it takes the worst of situations to bring out the best in us.  This is what happened to me the other day.  A woman comes into the office that I work in, obviously quite distraught.  We quickly discover that she is the widow of a popular local doctor whom recently passed away suddenly.  She was carrying with her a laptop and was looking for some help.

It appears that when her husband passed away, he did not leave a record of the user names and passwords for his laptop and there was a lot of information on the system that she would be needing in the near future.  She was hoping that we could help.  Of course we could.

We Hate F8! We Hate F8!

Initially, I assumed that the users would not have changed the default administrative password from blank.  So, all I needed to do was use F8 when booting, go into safe mode, then create a new account with administrative access.

Unfortunately, F8 was disabled on the system and the only way to enable it was to log into Windows.  Time to look for something else.

Linux To The Rescue…NOT

My next reaction was to try one of the Linux based password recovery tools.  There are a number of boot CDs out there that boot a small Linux kernel and then attempt to recover the password.  After trying two different boot CDs, I quickly came to the realization that Linux was going to be of no help this time around.

It just so happens that this was no ordinary laptop.  This laptop was a Dell XPS M1730.  And, it came with dual hard drives running off a RAID array using the Intel Matrix Storage Manager.  And, it had no Linux drivers.

Ask Bart

So, how was I going to proceed.  It was obvious that there was no way to get access from a download and boot Linux CD.  Then I thought of Bart.  Since BartPE creates a self-contained bootable Windows CD, this might do the trick!

I got together the following items:

1. A blank CDR
2. A copy of the latest BartPE package
3. The RAID drivers
4. A copy of Windows XP Pro with Service Pack 1 (Sorry, you’re on your own for that one)

I installed the BartPE package to C:\pebuilder3110a on my hard drive.  Then, I extracted the drivers that I got from the Dell website and placed them in the C:\pebuilder3110a\drivers\SCSIAdapter folder in a directory called iastor. The \drivers\SCSIAdapter folder is where you can put any number of non-standard drivers that will automatically load then you boot the BartPE CD.  (For more information on the on adding drivers to a BartPE CD, see their Adding drivers page.)  I then proceeded to create the BartPE image and burn it to CD.

Getting the Files

The next step was to get access to the laptop.  I put my newly minted CD into the laptop and booted the machine from it.  Everything worked like a charm and on first try, too! (That almost never happens for me!)  I was able to access the files on the RAID array without any problem.

Now, I could probably have stopped here and copied the files that were needed to a USB drive or even burned them to a CD/DVD.  But, I wanted to provide full access to the system so that they would not have to keep coming back to me for help whenever they wanted to get something off the computer.  I would have to get the passwords for her.

All Your Passwords Are Belong To Us

To start the process of password recovery, I needed to get a few things:

1. USB flash drive
2. ophcrack password recovery software
3. Vista password tables for ophcrack

I booted the laptop one again with the BartPE disk and made sure the USB flash drive was available to the system on boot up.

Next, I started to look through the system and I searched for two files:

• C:\Windows\System32\config\SAM
• C:\Windows\System32\config\SYSTEM

I copied these two files over to the flash drive, took out the flash drive and shut down the computer.

I then installed ophcrack on my other computer and installed the Vista tables.

Next, I used the Encrypted SAM option to load the files into ophcrack.  It immediately recognized all of the accounts that were on the system.  It also indicated that the Administrator account and the Guest account had blank passwords.  That means that if F8 had been available, I could have gotten into the system in Safe Mode (stupid F8).

So, I started the password recovery process and DING! 29 seconds later I had all of the passwords for the three other accounts on the system.  I tried all three and they all worked.

Looking back at the passwords now and the hints that were given in Windows for the passwords, I was on the right track to guessing them but this was a much quicker process.

Lessons Learned

Through all of this, I have learned some lessons about security, passwords, and computers:

1. Unless you encrypt your hard drive or use some other form of access other than a password (e,g, biometrics, smart card, etc.), it is relatively trivial for someone to get your passwords if they have physical access to your system
2. Someone does not have to have physical access to your system the entire time they are trying to hack your password.  Simply grabbing a couple of files from your computer takes a couple of minutes and they can hack away at your system at their convenience
3. In the event of your untimely passing, would your loved ones know how to get access to your computer, e-mail, Internet accounts, etc.?  If not, you may want to consider a way of getting that information to them

Trackback link - http://www.dailycupoftech.com/2009/02/26/vista-password-recovery-helps-widow/trackback/

This is part eight of our series on configuring a Slicehost slice.  We are finally at the last part of this series.  Here goes!

Step Eight – Install WordPress via Subversion

Install Subversion

Using Subversion is a much easier way to install Wordpress.  Install Subversion with this command:

sudo aptitude install subversion

Install WordPress

Move your working directory to the root of the directory that you want to install Wordpress in:

cd /home/<username>/public_html/<domain.name>/public

Install the latest stable version of Wordpress:

svn co http://svn.automattic.com/wordpress/tags/2.7 .

We’re done.  Now you can connect to your website and walk through the standard Wordpress installation.

Conclusion

I hope that you found this to be a useful series.  I have put this entire series into a PDF document (along with a few extras) so that you can have a nice printed version available.

Basic Slicehost Slice Setup Series List:

1. Part 1 - Updating Ubuntu
2. Part 2 - Configure iptables
3. Part 3 - Install and Configure OpenSSH
4. Part 4 - Install nginx Web Server
5. Part 5 - Installing MySQL
6. Part 6 - Installing PHP5 with fastcgi
7. Part 7 - Create the Virtual Host Website
8. Part 8 - Install WordPress via Subversion

Trackback link - http://www.dailycupoftech.com/2009/02/25/basic-slicehost-slice-setup-part-8-install-wordpress-via-subversion/trackback/

This is part seven of our series on configuring a Slicehost slice.  Today is going to be another heavy day.

Step Seven – Create the Website

Create Directory Structure

mkdir -p /home/<username>/public_html/<domain.name>/{public,private,log,backup}

where <username> is your username in the VPS and <domain.name> is the name of the domain that you are creating.

Create Default Index Page

In /home/<username>/public_html/<domain.name>/public/, create an index.php file as a placeholder.  I generally create the standard phpinfo page:

<?php
phpinfo();
?>

Create the vhost File

Open /etc/nginx/sites-available/<domain.name> in a text editor as root:

sudo nano /etc/nginx/sites-available/<domain.name>

where <domain.name> is the website that you are creating.

Add the following as the content, replacing <domain.name> and <username> accordingly:

server {

        listen   80;
        server_name <domain.name>;
    #rewrite ^/(.*) http://www.<domain.name> permanent;

        access_log /home/<username>/public_html/<domain.name>/log/access.log;
        error_log /home/<username>/public_html/<domain.name>/log/error.log;

        location / {

                root   /home/<username>/public_html/<domain.name>/public/;
                index  index.php;
                # wordpress fancy rewrites
                        if (-f $request_filename) {
                            break;
                        }
                        if (-d $request_filename) {
                            break;
                        }
                        rewrite ^(.+)$ /index.php?q=$1 last;

                }

        location ~ .*\.php[345]?$ {
                include /etc/nginx/fcgi.conf;
                fastcgi_pass    127.0.0.1:10005;
                fastcgi_index   index.php;
        fastcgi_param SCRIPT_FILENAME /home/<username>/public_html/<domain.name>/public$fastcgi_script_name;
                }

           }


server {

        listen   80;
        server_name www.<domain.name>;

        access_log /home/<username>/public_html/<domain.name>/log/access.log;
        error_log /home/<username>/public_html/<domain.name>/log/error.log;

        location / {

        root   /home/<username>/public_html/<domain.name>/public/;
                index  index.php;
        # wordpress fancy rewrites
            if (-f $request_filename) {
                    break;
                }
                if (-d $request_filename) {
                    break;
                }
                rewrite ^(.+)$ /index.php?q=$1 last;

                }

    location ~ .*\.php[345]?$ {
        include    /etc/nginx/fcgi.conf;
        fastcgi_pass    127.0.0.1:10005;
        fastcgi_index    index.php;
        fastcgi_param SCRIPT_FILENAME /home/<username>/public_html/<domain.name>/public$fastcgi_script_name;
        }

            }

Enable the Website

sudo ln -s /etc/nginx/sites-available/<domain.name> /etc/nginx/sites-enabled/<domain.name>

Restart nginx

sudo /etc/init.d/nginx stop
sudo /etc/init.d/nginx start

Part 8

Tomrrow is the final installment on this series. We are finally going to get Wordpress up and running.

Basic Slicehost Slice Setup Series List:

1. Part 1 - Updating Ubuntu
2. Part 2 - Configure iptables
3. Part 3 - Install and Configure OpenSSH
4. Part 4 - Install nginx Web Server
5. Part 5 - Installing MySQL
6. Part 6 - Installing PHP5 with fastcgi
7. Part 7 - Create the Virtual Host Website
8. Part 8 - Install WordPress via Subversion

Related articles:

• Understanding the Different Types of Web Hosting
• Advantages of Sharing a Virtual Private Server
• To Succeed With Your Blog, Use Successful Hosting
• What is a Virtual Private Server?

Trackback link - http://www.dailycupoftech.com/2009/02/24/basic-slicehost-slice-setup-part-7-create-the-virtual-host-website/trackback/

This is part six of our series on configuring a Slicehost slice. Today, we get into the meat of things. Put on your propeller hat because things get pretty geeky!

Step Six – Install PHP5 with fastcgi

Install PHP5

Create /etc/init.d/php-fastcgi

and add this for its content:

#! /bin/sh
### BEGIN INIT INFO
# Provides: php-fastcgi
# Required-Start: $all
# Required-Stop: $all
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Start and stop php-cgi in external FASTCGI mode
# Description: Start and stop php-cgi in external FASTCGI mode
### END INIT INFO

# Do NOT "set -e"

PATH=/sbin:/usr/sbin:/bin:/usr/bin
DESC="php-cgi in external FASTCGI mode"
NAME=php-fastcgi
DAEMON=/usr/bin/php-cgi
PIDFILE=/var/run/$NAME.pid
SCRIPTNAME=/etc/init.d/$NAME
PHP_CONFIG_FILE=/etc/php5/cgi/php.ini

# Exit if the package is not installed
[ -x "$DAEMON" ] || exit 0

# Read configuration variable file if it is present
[ -r /etc/default/$NAME ] && . /etc/default/$NAME

# Load the VERBOSE setting and other rcS variables
. /lib/init/vars.sh

# Define LSB log_* functions.
# Depend on lsb-base (>= 3.0-6) to ensure that this file is present.
. /lib/lsb/init-functions

# If the daemon is not enabled, give the user a warning and then exit,
# unless we are stopping the daemon
if [ "$START" != "yes" -a "$1" != "stop" ]; then
log_warning_msg "To enable $NAME, edit /etc/default/$NAME and set START=yes"
exit 0
fi

# Process configuration
export PHP_FCGI_CHILDREN PHP_FCGI_MAX_REQUESTS
DAEMON_ARGS="-q -b $FCGI_HOST:$FCGI_PORT -c $PHP_CONFIG_FILE"

do_start()
{
# Return
# 0 if daemon has been started
# 1 if daemon was already running
# 2 if daemon could not be started
start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \
|| return 1
start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON \
--background --make-pidfile --chuid $EXEC_AS_USER --startas $DAEMON -- \
$DAEMON_ARGS \
|| return 2
}

do_stop()
{
# Return
# 0 if daemon has been stopped
# 1 if daemon was already stopped
# 2 if daemon could not be stopped
# other if a failure occurred
start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE > /dev/null # --name $DAEMON
RETVAL="$?"
[ "$RETVAL" = 2 ] && return 2
# Wait for children to finish too if this is a daemon that forks
# and if the daemon is only ever run from this initscript.
# If the above conditions are not satisfied then add some other code
# that waits for the process to drop all resources that could be
# needed by services started subsequently. A last resort is to
# sleep for some time.
start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 --exec $DAEMON
[ "$?" = 2 ] && return 2
# Many daemons don’t delete their pidfiles when they exit.
rm -f $PIDFILE
return "$RETVAL"
}
case "$1" in
start)
[ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME"
do_start
case "$?" in
0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
esac
;;
stop)
[ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME"
do_stop
case "$?" in
0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
esac
;;
restart|force-reload)
log_daemon_msg "Restarting $DESC" "$NAME"
do_stop
case "$?" in
0|1)
do_start
case "$?" in
0) log_end_msg 0 ;;
1) log_end_msg 1 ;; # Old process is still running
*) log_end_msg 1 ;; # Failed to start
esac
;;
*)
# Failed to stop
log_end_msg 1
;;
esac
;;
*)
echo "Usage: $SCRIPTNAME {start|stop|restart|force-reload}" >&2
exit 3
;;
esac