Linux

Running Linux on a Toshiba Z10t requires a fix for the track pad to work: http://ubuntuforums.org/showthread.php?t=2205567

sudo rmmod usbhid && sudo modprobe -v usbhid quirks="0x0930:0x0807:0x0040"

or append:

usbhid.quirks=0x0930:0x0807:0x0040

to the grub command line

VirtualBox on Kali

Perform a dist-upgrade.

dpkg-reconfigure virtualbox-dkms
dpkg-reconfigure virtualbox

oclhashcat

See http://www.blackmoreops.com/2014/06/27/kali-linux-1-0-7-kernel-3-14-install-proprietary-nvidia-driver/ and http://www.blackmoreops.com/2014/06/30/kali-linux-1-0-7-kernel-3-14-install-nvidia-driver-kernel-module-cuda-pyrit/

vncserver

Misc

Reminder on iptables

iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -m state --state NEW -m tcp -p tcp -m multiport --dports 5901:5903,6001:6003 -j ACCEPT
iptables -I INPUT 5 -j ACCEPT -p tcp --dport 3128 -m state --state NEW
sudo iptables -I INPUT -i eth1 -j DROP -p tcp --destination-port 80

Add IP address:

sudo ip addr add dev enp63s0 172.27.128.1/24

Add permissions for individual user/group:

sudo setfacl -m user:<user>:rwx <folder>

Service accounts and Group Policy

I recently came across a situation where I was unable to start the windows internal database.  The service was configured to run as “NT SERVICE\MSSQL$MICROSOFT##WID”.  However, the logon as a service right was controlled through Group Policy.

I was unable to add this account directly and eventually found the Microsoft support article: http://support.microsoft.com/kb/2832204

The solution is grant “NT SERVICE\ALL SERVICES” the logon as a service right through Group Policy.

Update: The microsoft documentation for well known SIDs includes ‘SID S-1-5-80-0 = NT SERVICES\ALL SERVICES’: http://support.microsoft.com/kb/243330/en-gb. This indicates that all services will be added to the all services group. If thie is not required (e.g. may introduce a security risk) don’t use this approach.

Groups.xml

Groups.xml is encrypted with a fixed key, see https://msdn.microsoft.com/en-us/library/2c15cbf0-f086-4c74-8b70-1f2fa45dd4be.aspx

All passwords are encrypted using a derived Advanced Encryption Standard (AES) key.<3>

The 32-byte AES key is as follows:

 4e 99 06 e8  fc b6 6c c9  fa f4 93 10  62 0f fe e8
 f4 96 e8 06  cc 05 79 90  20 9b 09 a4  33 b6 6c 1b
openssl enc -d -base64 -A -in  -aes-256-cbc -K 4e9906e8fcb66cc9faf49310620ffee8f496e806cc057990209b09a433b66c1b -iv 000000000000000000000000000000

Note that windows passwords are unicode.