Tuesday, April 08, 2008

Repairing Grub

Ever installed linux, then had to install windows or fix windows by reinstalling it, only to see that the Grub menu u used to log into linux from has disappeared?
This has happened to me all too many times, therefore i put the instructions here for future reference, as a friend has advised me to do...
The removal of the grub boot menu happens because it resides on Master boot Record(MBR) part of the harddrive, a portion that windows deletes and installs it boot loader instead, which is called NTLDR or NT bootloader...
wat u have to do to install grub back is to boot from a live linux cd and run the command grub in a root konsole, then type the following assuming that (hd0) where u installed ur grub or u could issue the command "find /boot/grub/stage1" in the grub prompt to find where is the linux boot loader is residing and use the result in lieu of (hd0).
or as a last resort u can try changing the no. after hd followed by a comma and another no. till the grub reports the linux filesystem...
root (hd0,0)
setyp (hd0)
exit [or quit since some report exit not working]


should u not find ur windows entry in grub menu then type in a root konsole

nano /boot/grub/menu.lst

scroll down till u see the line starting with a pound sign (#) saying #title Windows 95/98/NT/2000 and uncomment the lines including #chainloader +1 by removing the leading pound symbol.
also besure where ur windows parition resides and adjust the windows root entry accordingly since the default in the menu.lst file is (hd0,0)

Goodluck!

Labels:

Smilar pages

Thursday, April 03, 2008

hunted..yet the hunter :D

Long time ago i posted about Pro-Rat, and how bad guys(!?) use it to hack into others pcs!!
Now what about retrieving information about those evil people :D

according to the rat server i got (1.9 FIX-18):
This Registry :

HKEY_CURRENT_USER\Software\Microsoft\Windows NT Script Host\Microsoft DxDiag\WinSettings


Inside it resides the info u need, all the info are encrypted by xor!!! in this occasion xored by 01h
You can retrieve sensitive info about the attacker (his email,ip,report victim site..etc).
Then i got one more thing ,if u get to the cgi site(if the attacker setuped one) then replace that cgi file with log.dat and u can get all the victims ips!!
(or you just run the server and monitor its activities it with ethereal)
Enjoy the hunt!

Labels: , ,

Smilar pages