Archive

Archive for the ‘Software’ Category

Norton Fucking Ghost

October 19, 2011 Leave a comment

I was working on a machine a few weeks back that suffered a hardware failure – I ended up having to rebuild all the components I could save into a new box – and it got me thinking that this would be a real good time to practice-what-you-preach, and do a backup.

Two birds with one stone and all that, I thought this might be the right time to do an upgrade on the boot drive too.

In my setup right now is a 32Gb SLC Intel SSD and I’m upgrading to a 64Gb Patriot drive, both have roughly the the same 250MB/sec throughput, but the inferno is larger in size. Windows 7 used only a fraction of the original 32 gig, but the patriot supports trim and I can move the static page file onto it too.

So I get Norton Symantec Ghost 15 up and running, set about making an clone of my Win 7 boot drive, turn off the PC when it’s done and exchange the Intel for the Patriot on the original SATA cable.

I turn on the computer, and it doesn’t boot. I take the case apart again, checking I didn’t accidentally cause a disconnect when I put the case back together, I checked the boot order in BIOS, nothing wrong. Maybe it’s faulty? I put the original drive back in, and it doesn’t boot.

Norton Fucking  Ghost

So I do a search on the internet through my Android phone and it’s apparent this is a known bug.

Source and destination drives do not start after I perform Copy My Hard Drive operation in Norton Ghost 15.0 on Windows 7 or Vista

https://www-secure.symantec.com/norton-support/1.6/jsp/help-solutions.jsp?docid=kb20100119144100EN_EndUserProfile_en_us

It destroys the Boot Configuration Data, or BCD, that Windows needs to locate and boot the OS. The solution? Boot off your Windows installation disk and do a repair. Or DOS.

Ghost SRD

I was able to boot off the Ghost 15 System Recovery Disk, and get the BCD re-built using the following DOS commands.

To create a new bootloader, type the following commands one at a time.
Press Enter after you type each line:

del c:\boot\bcd
bcdedit /createstore c:\boot\bcd.temp
bcdedit /store c:\boot\bcd.temp /create {bootmgr} /d "Windows Boot Manager"
bcdedit /import c:\boot\bcd.temp
bcdedit /set {bootmgr} device partition=C:
bcdedit /timeout 10
del c:\boot\bcd.temp

That completes the steps required to rebuild the bootloader, and now we need to add our OS to it.

bcdedit /create /d "Windows 7" /application osloader

bcdedit should return a message with a unique GUID for the newly-created entry, something like this,

The entry {c0dfc4fa-cb21-11dc-81bf-005056c00008} was successfully created.

You’ll need to use the UNIQUE value that bcdedit returned for you below, instead of {your-guid}, along with the drive letter for the drive that Windows is installed on.

bcdedit /set {your-guid} device partition=C:
bcdedit /set {your-guid} osdevice partition=C:
bcdedit /set {your-guid} path \Windows\system32\winload.exe
bcdedit /set {your-guid} systemroot \Windows

And, last of all, tell the Windows bootloader to boot the new entry by default:

bcdedit /displayorder {your-guid}
bcdedit /default {your-guid}

Now the BCD has been completely rebuilt from scratch. Some of the details included here taken from Symantec and also NeoSmart. The NeoSmart article gives you more options and screen shots, including details on the repair of the bootloader using the Windows installation disk and how to attempt automatic repair with /rebuildbcd.

Advertisements

tcpdump on Android

September 11, 2011 2 comments

I’m interested in intercepting the data my Android device is sending – I use Wireshark under windows, using winPcap to capture packets.

WinPcap consists of a driver, that extends the operating system to provide low-level network access, and a library that is used to easily access the low-level network layers.

http://www.winpcap.org

WinPcap is based on libpcap, a linux tool that’s been ported to Windows.

porting is the process of adapting software so that an executable program can be created for a computing environment that is different from the one for which it was originally designed

http://en.wikipedia.org/wiki/Porting

Linux Kernel, Linux tools?

Android has a linux kernel, so surely there must be a libpcab based tool out there to capture packets?

tcpdump is a command line tool for linux that can capture and analyse packets from the console, or write them to a file. Luckily, the files generated are compatible with Wireshark, being based on the same packet capture software.
The only issue now is to find a version made for Android.. I know some basic shell command like cat, grep, ls, but not enough to do my own Android cross compile..

Strazzere.com

So I was searching around for a tool and came across Strazzere.com – A site about Android and software engineering, and very kindly they host an Android version of tcpdump. It’s based on

tcpdump version 3.9.8 libpcap version 0.9.8

and the latest versions are 4.1.1 and 1.1.1 respectively, so it’s a little out of date, but fully functional.

Installation

So this probably only works if you have root – I have root, and I’m afraid I’m not going back to stock to test it. I have VillainRom 2.4.2 and these instructions are based on the steps I’ve taken to get packet capture working.

You need the Terminal Emulator installed, or you can run the same commands from the ADB shell on your computer, but this post is specifically about the terminal.

Download the file from your phone, so now the tcpdump file is on the handset. In this example, the file is stored in /sdcard/data/

The commands, file and directory names are all case sensitive, so tcpdump is NOT the same as TCPdump.

Terminal

Just cp file to bin and chmod

Now, in the terminal type;

  1. su
  2. mount -o remount,rw /system
  3. cp /sdcard/data/tcpdump system/bin
  4. cd system/bin
  5. chmod 777 tcpdump
  6. mount -o remount,ro /system

To explain the commands; you need to request root, set /system as read-write, copy tcpdump to /system, give it read/write/exec permissions and finally remount /system as read-only.

Packet Capture

Finally, you’re ready to capture some packets. In terminal window, type;

tcpdump -vv -s 0 -w /sdcard/tcp.cap

-vv puts tcpdump into verbose mode – to give us some extra information
-s 0 sets the size of sender to look for to zero, telling the program to grab all packets
-w /sdcard/output.cap will let us set the packets grabbed to be written to the sdcard for analysis later.

http://strazzere.com/blog/?p=286

and all packets will be logged to tcp.cap – Ctrl+C ends capture. This can be done with volume down and C in the emulator.

tcpdump in the Terminal window

Categories: Android, Software Tags: , ,

Quidco App for Android Updated – v1.0.5 and v1.0.6

August 24, 2011 2 comments

On the 23rd August, a new version of the Quidco App for Android was released to the Android  market. It claims to resolve the security problem indicated here.

v1.0.5

Quidco App for Android Updated - v1.0.5

Quidco App for Android Updated - v1.0.5

The updates include #11 – Removed debug logs..
It’s great to see such a quick response to a problem, however the raft of updates created some further bugs, and v1.0.5 was quickly superceded by v1.0.6.

v1.0.6

Quidco App for Android Updated - v1.0.6

 

Software Updates

As always, I advise you to keep all your software up to date. You can access the latest version of the Quidco app for Android directly from the Android Market.

I have not yet confirmed the claims that logging is removed and the log file created by the v1.0.4 version is deleted, will update when these checks have been completed.

Beta Testing

If you’re going to release beta software, make it by invite only, then you know who is running it.
If you get a serious issue, you know who’s affected and have a central place to disseminate information.

Wikipedia says

Versions of the software, known as beta versions, are released to a limited audience outside of the programming team. The software is released to groups of people so that further testing can ensure the product has few faults or bugs. Sometimes, beta versions are made available to the open public to increase the feedback field to a maximal number of future users.

http://en.wikipedia.org/wiki/Beta_testing#Beta_testing

 

Want To Know More About Quidco?

Read my post on Quidco – how it works and why you should sign up.

Adobe Reader X – 10.1 Update Fixes Sym Link Bugs

June 25, 2011 Leave a comment

Adobe Reader X aims to solve many of the serious security flaws found in older versions of Reader by implementing ‘Protected Mode‘, a type of sandboxing. This is a serious attempt by Adobe to stop malware authors exploiting their software.

The first version of Abobe Reader 10 recreated an old bug, evident in the 9 release, where it failed to load on systems with remote or roaming profiles.

mklink C:Users /J D:Users

There is a patch pushed through the new update mechanism to version 10.0.1 which Adobe claim contains ‘Numerous security fixes as well as improvements to Protected Mode..’ However, the cause of the fault is now acknowledged in the Protected Mode Troubleshooting guide –

Launching Reader 10.0  via a user profile that has been moved to a different drive using a symbolic link; that is, profiles that have been copied from one drive to another cannot use Reader with Protected Mode enabled.

This is now resolved in a new 10.1 update, available from filehippo.com or Adobe directly.


Adobe Reader X - 10.1 Update

Flash Player 10.3 Beta 2

April 12, 2011 Leave a comment

Flash Player has been updated to version 10.3 beta 2, (minor build v 180.65,) for 32bit browsers.

Check which version of the plug-in you have installed, and see which is the latest build for your OS / browser.

FileHippo.com

Click to download the latest IE ActiveX plugin, or you might want to download the plugin for Firefox.
I love full direct downloads, perfect for storing on a memory stick. Get your updates for IE or Firefox quickly with these direct download links from FileHippo.com – On the right hand side, just click the green arrow or the Download Latest Version text..

FileHippo.com Download

Add to favourites for future use; the page content updates, but the URL stays the same, so you can quickly find the updates you need..

64 bit Browsers

If you run a 64 bit Firefox Nightly build or the custom 64 bit Namoroka or IE9 x64, Adobe recommend you Download Flash Player 'Square'Download Flash Player “Square” because they still don’t support 64bit browsers.

It’s important to note that you must download the uninstaller too, there is a separate link to it from the download page.
You will need to un-install this preview version manually before you can update to a newer version.

Java Runtime Env 6 – Update 24

February 23, 2011 Leave a comment

Java Runtime Environment, or JRE has been updated to version 24.
Click here to check out your Java version

Incorrect Java Version

 

You can directly download the whole install package for both 32 and 64 bit windows versions from FileHippo, or visit the Java website directly to be offered an installation suitable for your OS and language.

 

The Oracle advisory to accompany the release Advises 21 security patches, of which..

19 of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without the need for a username and password.

 

As always, remember to keep your software patched!

Categories: Internet, Patch, Software Tags: , , , , , ,

Firefox 4 Approaches RC?

February 23, 2011 Leave a comment

7 patches to RC?

In a twitter post by Dotzler, Director of Community Development, Mozilla Corp, it looks like the beta 12 release of firefox 4, which is currently available as a pre release from the nightly build, will go live soon.
You can read in the the Beta Schedule that beta 11 had 14 serious bugs, but click the link, and there seem to be zero outstading..

Ship eleventh revision of beta, with more betaN+ hardblockers fixed (14 betaN+ hardblockers not fixed)

Keep an eye on firefox.com/beta for the official release of beta 12 and CanWeShipYet? for a coundown to the RC.