Jump to content

justhink

Member
  • Posts

    31
  • Joined

  • Last visited

  • Donations

    0.00 USD 
  • Country

    India

Everything posted by justhink

  1. Sure, that's the same link. jaclaz I am extremely sorry for doing so, I was i hurry to solve the problem, and after it solved, i was busy with another problem. So sorry again, and in future i will not do the same.. JusTy
  2. Hmm Nice Features!!

  3. Hi All, I have created following batch file which will read value from a text file and set a variable. But somehow it's not working, to debug, i have added several pause on the file, and found that it's automatically closing after executing FOR statement. But if i execute the for statement on direct command line it's working and also it's setting the variable. Please help me to fix this @echo off pause FOR /F "tokens=2" %a in (C:\chk.txt) do set _port=%a pause ::set _reg=open if "%_port%" == "open" ( echo : True : pause exit) echo : False : pause exit Content of the chk.txt is: 25/tcp open smtp After executing FOR statement directly on command prompt. C:\>FOR /F "tokens=2" %a in (C:\chk.txt) do set _port=%a C:\>set _port=open C:\>echo %_port% open C:\>
  4. This 1 works fine but after few little modification, but thank you.. Option Explicit Dim objItem, colItems, objWMIService, strComputer, objShell strComputer = "." Set objShell = CreateObject("WScript.Shell") Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2") Set colItems = objWMIService.ExecQuery("Select * from Win32_OperatingSystem",,48) For Each objItem in colItems If InStr(objItem.Caption,"2000") Then objShell.Run "secedit /refreshpolicy", 1, True End If If InStr(LCase(objItem.Caption),Lcase("XP")) Then objShell.Run "gpupdate", 1, True End If Next
  5. I can do this much.. This script can detect and run specific file for on specific os, there is a problem, when i run it on Windows 2003 it's opening both notepad and calculator, but on XP it opens calculator only, so how do i add stop execution after it open notepad on 2003.. Thanks..
  6. Nedd to run a vbs script on logon, which update group policy, but there are few clients are using 2000 professional, so GPUPDATE won't use, hav to use SECEDIT so, can some 1 tell me how to determin OS via VBS so it can run GPEDIT on XP clients and SECEDIT on 2000 clients, Please help me, urgent, Script is >
  7. System Rebuild complete, rebuild in offiline, then fully patched, also blocked all direct internet access... Till now no more hack, If there is any new vulnerability on 2003 server, then i am sure they will hack again, coz our external ip are same.. Now we just ahv to wait untill next attack.. Thanks for your kind help.. JusThinK Are these proxy servers behind a firewall at all? Yea, all are behind PIX Firewall, but allowed to access direct internet using DNS ip of ISP.
  8. System Rebuild complete, rebuild in offiline, then fully patched, also blocked all direct internet access... Till now no more hack, If there is any new vulnerability on 2003 server, then i am sure they will hack again, coz our external ip are same.. Now we just ahv to wait untill next attack.. Thanks for your kind help.. JusThinK
  9. Hi All, Today 3 Proxy server in on my workplace attacked by some hacker, Server running Windows 2003 Std Edition(Service Pack 2). Attack Details, A account created with administrative privilege and while we checked, it 's logged on with that account, strange thing is, it's showing built in account, also a exe file called AutoSQL and it started scanning lot's of Public IP's, looks like it broadcasting, created account is hackp13$, and on event log, it showing following successful logon. Event Type: Success Audit Event Source: Security Event Category: Logon/Logoff Event ID: 551 Date: 25/04/2008 Time: 6:25:01 PM User: AFT-PROXY\hackp13$ Computer: AFT-PROXY Description: User initiated logoff: User Name: hackp13$ Domain: AFT-PROXY Logon ID: (0x0,0x3b7fec) After initial shock, we did scan with Microsoft Baseline Security Analyzer, it's showing 3 critical update, and 2 important update reqd. and most interesting part is when I was installing update via Windows update, suddenly hacker take my full desktop control, accessing my mouse, keyboard, and cancel update, then open Internet Explorer, open a site, Service Window. AutoSql IP Scan Netstat 1 Microsoft Windows 2000 [Version 5.00.2195] (C) Copyright 1985-2000 Microsoft Corp. C:\Documents and Settings\hackp13$>netstat Active Connections Proto Local Address Foreign Address State TCP asdf:1047 asdf:ms-sql-s ESTABLISHED TCP asdf:1048 asdf:ms-sql-s ESTABLISHED TCP asdf:1050 asdf:ms-sql-s ESTABLISHED TCP asdf:1051 asdf:ms-sql-s ESTABLISHED TCP asdf:1052 asdf:ms-sql-s ESTABLISHED TCP asdf:1053 asdf:ms-sql-s ESTABLISHED TCP asdf:1054 asdf:ms-sql-s ESTABLISHED TCP asdf:ms-sql-s asdf:1047 ESTABLISHED TCP asdf:ms-sql-s asdf:1048 ESTABLISHED TCP asdf:ms-sql-s asdf:1050 ESTABLISHED TCP asdf:ms-sql-s asdf:1051 ESTABLISHED TCP asdf:ms-sql-s asdf:1052 ESTABLISHED TCP asdf:ms-sql-s asdf:1053 ESTABLISHED TCP asdf:ms-sql-s asdf:1054 ESTABLISHED TCP asdf:2602 asdf:7000 ESTABLISHED TCP asdf:3103 asdf:7000 CLOSE_WAIT TCP asdf:5001 asdf:1088 CLOSE_WAIT TCP asdf:7000 asdf:2602 ESTABLISHED TCP asdf:7000 asdf:3103 FIN_WAIT_2 TCP asdf:1637 222.76.64.57:8000 ESTABLISHED TCP asdf:2603 207.46.110.40:http ESTABLISHED TCP asdf:8080 192.168.16.29:1529 ESTABLISHED TCP asdf:8080 192.168.33.75:4849 TIME_WAIT TCP asdf:8080 192.168.33.75:4854 TIME_WAIT ^C C:\Documents and Settings\hackp13$>netstat -n Active Connections Proto Local Address Foreign Address State TCP 127.0.0.1:1047 127.0.0.1:1433 ESTABLISHED TCP 127.0.0.1:1048 127.0.0.1:1433 ESTABLISHED TCP 127.0.0.1:1050 127.0.0.1:1433 ESTABLISHED TCP 127.0.0.1:1051 127.0.0.1:1433 ESTABLISHED TCP 127.0.0.1:1052 127.0.0.1:1433 ESTABLISHED TCP 127.0.0.1:1053 127.0.0.1:1433 ESTABLISHED TCP 127.0.0.1:1054 127.0.0.1:1433 ESTABLISHED TCP 127.0.0.1:1433 127.0.0.1:1047 ESTABLISHED TCP 127.0.0.1:1433 127.0.0.1:1048 ESTABLISHED TCP 127.0.0.1:1433 127.0.0.1:1050 ESTABLISHED TCP 127.0.0.1:1433 127.0.0.1:1051 ESTABLISHED TCP 127.0.0.1:1433 127.0.0.1:1052 ESTABLISHED TCP 127.0.0.1:1433 127.0.0.1:1053 ESTABLISHED TCP 127.0.0.1:1433 127.0.0.1:1054 ESTABLISHED TCP 127.0.0.1:2602 127.0.0.1:7000 ESTABLISHED TCP 127.0.0.1:3175 127.0.0.1:7000 ESTABLISHED TCP 127.0.0.1:5001 127.0.0.1:1088 CLOSE_WAIT TCP 127.0.0.1:7000 127.0.0.1:2602 ESTABLISHED TCP 127.0.0.1:7000 127.0.0.1:3103 TIME_WAIT TCP 127.0.0.1:7000 127.0.0.1:3175 ESTABLISHED TCP 192.168.33.3:1637 222.76.64.57:8000 ESTABLISHED TCP 192.168.33.3:2603 207.46.110.40:80 ESTABLISHED TCP 192.168.33.3:3176 74.54.68.215:80 ESTABLISHED TCP 192.168.33.3:8080 192.168.16.29:1529 ESTABLISHED TCP 192.168.33.3:8080 192.168.33.75:4849 TIME_WAIT TCP 192.168.33.3:8080 192.168.33.75:4854 TIME_WAIT TCP 192.168.33.3:8080 192.168.44.22:2778 TIME_WAIT TCP 192.168.33.3:8080 192.168.44.22:2779 TIME_WAIT TCP 192.168.33.3:8080 192.168.44.22:2780 TIME_WAIT TCP 192.168.33.3:8080 192.168.44.22:2782 ESTABLISHED TCP 192.168.33.3:8080 192.168.44.22:2783 TIME_WAIT TCP 192.168.33.3:8080 192.168.44.22:2784 TIME_WAIT TCP 192.168.33.3:8080 192.168.90.60:1746 FIN_WAIT_2 TCP 192.168.33.3:8080 192.168.90.60:1747 FIN_WAIT_2 C:\Documents and Settings\hackp13$> Netstat 2 Microsoft Windows 2000 [Version 5.00.2195] (C) Copyright 1985-2000 Microsoft Corp. C:\Documents and Settings\hackp13$>netstat -nr Route Table =========================================================================== Interface List 0x1 ........................... MS TCP Loopback interface 0x1000003 ...00 11 11 5f 28 60 ...... Intel(R) PRO/1000 CT Network Connection 0x1000004 ...00 11 11 5f 28 62 ...... Intel(R) PRO/100 VE Network Connection =========================================================================== =========================================================================== Active Routes: Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 192.168.33.154 192.168.33.3 1 127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1 172.0.0.0 255.0.0.0 192.168.33.154 192.168.33.3 1 192.168.10.0 255.255.255.0 192.168.33.154 192.168.33.3 1 192.168.11.0 255.255.255.0 192.168.33.154 192.168.33.3 1 192.168.12.0 255.255.255.0 192.168.33.154 192.168.33.3 1 192.168.14.0 255.255.255.0 192.168.33.154 192.168.33.3 1 192.168.16.0 255.255.255.0 192.168.33.154 192.168.33.3 1 192.168.18.0 255.255.255.0 192.168.33.154 192.168.33.3 1 192.168.20.0 255.255.255.0 192.168.33.154 192.168.33.3 1 192.168.22.0 255.255.255.0 192.168.33.154 192.168.33.3 1 192.168.23.0 255.255.255.0 192.168.33.154 192.168.33.3 1 192.168.24.0 255.255.255.0 192.168.33.154 192.168.33.3 1 192.168.25.0 255.255.255.0 192.168.33.154 192.168.33.3 1 192.168.31.0 255.255.255.0 192.168.33.154 192.168.33.3 1 192.168.33.0 255.255.255.0 192.168.33.3 192.168.33.3 1 192.168.33.3 255.255.255.255 127.0.0.1 127.0.0.1 1 192.168.33.255 255.255.255.255 192.168.33.3 192.168.33.3 1 192.168.36.0 255.255.255.0 192.168.33.154 192.168.33.3 1 192.168.37.0 255.255.255.0 192.168.33.154 192.168.33.3 1 192.168.38.0 255.255.255.0 192.168.33.154 192.168.33.3 1 192.168.39.0 255.255.255.0 192.168.33.154 192.168.33.3 1 192.168.44.0 255.255.255.0 192.168.33.154 192.168.33.3 1 192.168.45.0 255.255.255.0 192.168.33.154 192.168.33.3 1 192.168.60.0 255.255.255.0 192.168.33.154 192.168.33.3 1 192.168.61.0 255.255.255.0 192.168.33.154 192.168.33.3 1 192.168.64.0 255.255.255.0 192.168.33.154 192.168.33.3 1 192.168.65.0 255.255.255.0 192.168.33.154 192.168.33.3 1 192.168.66.0 255.255.255.0 192.168.33.154 192.168.33.3 1 192.168.67.0 255.255.255.0 192.168.33.154 192.168.33.3 1 192.168.68.0 255.255.255.0 192.168.33.154 192.168.33.3 1 192.168.70.0 255.255.255.0 192.168.33.154 192.168.33.3 1 192.168.80.0 255.255.255.0 192.168.33.154 192.168.33.3 1 192.168.88.0 255.255.255.0 192.168.33.154 192.168.33.3 1 192.168.90.0 255.255.255.0 192.168.33.154 192.168.33.3 1 192.168.100.0 255.255.255.0 192.168.33.154 192.168.33.3 1 192.168.140.0 255.255.255.0 192.168.33.154 192.168.33.3 1 192.168.171.0 255.255.255.0 192.168.33.154 192.168.33.3 1 224.0.0.0 224.0.0.0 192.168.33.3 192.168.33.3 1 255.255.255.255 255.255.255.255 192.168.33.3 192.168.33.3 1 Default Gateway: 192.168.33.154 =========================================================================== Persistent Routes: Network Address Netmask Gateway Address Metric 192.168.22.0 255.255.255.0 192.168.33.154 1 192.168.23.0 255.255.255.0 192.168.33.154 1 192.168.11.0 255.255.255.0 192.168.33.154 1 192.168.14.0 255.255.255.0 192.168.33.154 1 192.168.24.0 255.255.255.0 192.168.33.154 1 192.168.16.0 255.255.255.0 192.168.33.154 1 192.168.12.0 255.255.255.0 192.168.33.154 1 192.168.44.0 255.255.255.0 192.168.33.154 1 192.168.45.0 255.255.255.0 192.168.33.154 1 192.168.88.0 255.255.255.0 192.168.33.154 1 192.168.38.0 255.255.255.0 192.168.33.154 1 192.168.31.0 255.255.255.0 192.168.33.154 1 192.168.37.0 255.255.255.0 192.168.33.154 1 192.168.39.0 255.255.255.0 192.168.33.154 1 192.168.36.0 255.255.255.0 192.168.33.154 1 192.168.100.0 255.255.255.0 192.168.33.154 1 192.168.20.0 255.255.255.0 192.168.33.154 1 192.168.80.0 255.255.255.0 192.168.33.154 1 192.168.10.0 255.255.255.0 192.168.33.154 1 192.168.140.0 255.255.255.0 192.168.33.154 1 172.0.0.0 255.0.0.0 192.168.33.154 1 192.168.25.0 255.255.255.0 192.168.33.154 1 192.168.90.0 255.255.255.0 192.168.33.154 1 192.168.60.0 255.255.255.0 192.168.33.154 1 192.168.61.0 255.255.255.0 192.168.33.154 1 192.168.66.0 255.255.255.0 192.168.33.154 1 192.168.67.0 255.255.255.0 192.168.33.154 1 192.168.64.0 255.255.255.0 192.168.33.154 1 192.168.65.0 255.255.255.0 192.168.33.154 1 192.168.68.0 255.255.255.0 192.168.33.154 1 192.168.70.0 255.255.255.0 192.168.33.154 1 192.168.18.0 255.255.255.0 192.168.33.154 1 192.168.171.0 255.255.255.0 192.168.33.154 1 C:\Documents and Settings\hackp13$> We hav PIX in our workplace.. We hav Trend Micro office scan.. Using Trend Micro Proxy Server.. Is there any new vulnerability on 2003 server?? Please help....
  10. yea, my exception list is really too big.. Running morethan 40 Website, internal cum external.. It's tough to add all of there info in exception list.... it's really mixture list. having .com,.co.in and .in I think i must try first solution.. Thanks
  11. is there any way to increase the limitation of exception list in IE proxy TAB (in Group Policy), coz it's already full, but i still need to add 1 or 2 intranet website info in there, **I am already using wild character. OS: Windows 2000 Advance Server.. Please help me.. Thanks.
  12. what is the silent installation switch of opera9 Final version..
  13. Make a "Remove.cmd" for removing folder with subfolder.. RD /S /Q "Folder Path" DEL /Q /F %systemdrive%\Remove.cmd Example Of RunOnceEX.CMD REG ADD %KEY%\095 /VE /D "Removing Temporary Files and Restarting Computer" /f REG ADD %KEY%\095 /V 1 /D "%systemdrive%\WINDOWS\System32\Remove.cmd" /f [color=#FF0000]REG ADD %KEY%\095 /V 2 /D "psshutdown -t 40 -r -f" /f[/color] --- If You use PSSHUTDOWN tool for Restart your computer..
  14. PEBuilder Tool Kti for PEBuilder... Cuttent version : 1.02 Download link :
  15. Few days ago i download **** Smal lLinux 2.1 Rc1. It just beyound my imagination... It has very good loock with so many utilities.. After downloading i try to put it into my own customize Multiboot CD using EasyBoot Software.... I extract the boot image file from the CD(Using ISO-Blaster) and put it into my run menue...but there is a problem, when i select the DSL boot menu, it wont boot and Displayes "Image Checksum Error"... I also try it with "CD Shell 2.1.6" to boot the full ISO file...Now it boot, but after detecting USB, It shows the following massage... "Can't find KNOPPIX filesystem,sorry Dropping you to a (very limited) shell...." I also try it with "isolinux" command i CD-Shell...Initially it shows startup menu and then stop responding. Is there any way to fix this problem....??? Plz help me.
  16. I know..... But in the parent site, original sof comes with no installer/uninstaller.. I just packed it....and that i mention in my topic....*"Virtual Floppy Drive with Installer(Packed)"
  17. Hi All, Use this.. Virtual Floppy Drive with Installer.. Virtual Floppy This is a very good tools for creating and editing flopy images.........
  18. Hi all, I face some problem in ERD Commander 2005. When i access any other computer via network in ERD commander, den i got two problem.... 1st one is............. 2nd one is............ Plz help me to solve the problem............
  19. hi All, I have some problem in ERD Commander 2005.. When i try to access other computer from ERD Commander via network a error occour. 1st it shows "ERROR 5" and Then "Access Denied".. If there is any solution then plz tell me........
  20. Hi all, In windowsXP, when i connected to internet via my ADSL broadband modem, the upload and download automatically started. I manualy stop "windows automatic updated". I also installed "McAfee AntiSpyware",and removed the listed item which is detected by the spyware, but the problem is still on. Please help me to solve this problem,cause my broadband connection has upload and download limitation and i don't want to weast my limited account.
  21. Hi, All Is there any way to add Bart PE and ERD Commander In One CD...... If so then help me to make the CD.
×
×
  • Create New...