Tuesday, April 08, 2008

Repairing Grub

Ever installed linux, then had to install windows or fix windows by reinstalling it, only to see that the Grub menu u used to log into linux from has disappeared?
This has happened to me all too many times, therefore i put the instructions here for future reference, as a friend has advised me to do...
The removal of the grub boot menu happens because it resides on Master boot Record(MBR) part of the harddrive, a portion that windows deletes and installs it boot loader instead, which is called NTLDR or NT bootloader...
wat u have to do to install grub back is to boot from a live linux cd and run the command grub in a root konsole, then type the following assuming that (hd0) where u installed ur grub or u could issue the command "find /boot/grub/stage1" in the grub prompt to find where is the linux boot loader is residing and use the result in lieu of (hd0).
or as a last resort u can try changing the no. after hd followed by a comma and another no. till the grub reports the linux filesystem...
root (hd0,0)
setyp (hd0)
exit [or quit since some report exit not working]

should u not find ur windows entry in grub menu then type in a root konsole

nano /boot/grub/menu.lst

scroll down till u see the line starting with a pound sign (#) saying #title Windows 95/98/NT/2000 and uncomment the lines including #chainloader +1 by removing the leading pound symbol.
also besure where ur windows parition resides and adjust the windows root entry accordingly since the default in the menu.lst file is (hd0,0)



Smilar pages

Thursday, April 03, 2008

hunted..yet the hunter :D

Long time ago i posted about Pro-Rat, and how bad guys(!?) use it to hack into others pcs!!
Now what about retrieving information about those evil people :D

according to the rat server i got (1.9 FIX-18):
This Registry :

HKEY_CURRENT_USER\Software\Microsoft\Windows NT Script Host\Microsoft DxDiag\WinSettings

Inside it resides the info u need, all the info are encrypted by xor!!! in this occasion xored by 01h
You can retrieve sensitive info about the attacker (his email,ip,report victim site..etc).
Then i got one more thing ,if u get to the cgi site(if the attacker setuped one) then replace that cgi file with log.dat and u can get all the victims ips!!
(or you just run the server and monitor its activities it with ethereal)
Enjoy the hunt!

Labels: , ,

Smilar pages