Code, Security and Server Stuff

Views are my own and not my employer's

Personal Development Blog...

Coding for fun since 1996, Learn by doing and sharing.

Buy a domain name, then create your own server (get $25 free credit)

"If you're not still learning, you're already dying."
- Ryan Holiday - Ego is the Enemy

Follow me on Twitter: @FearbySoftware

View All Posts.

Linux

How to backup and restore a MySQL database on Windows and Linux

by

Why backup and restore

This is a quick guide demonstrating how you can backup and restore a MySQL database on Windows and Linux using Adminer.

You may need to know how to backup a restore a database for a number of reasons..

e.g

  • Send the database to someone to debug or give feedback while learning.
  • Move the database from a local machine to the cloud
  • Move the database from cloud vendor A to cloud vendor B
  • etc.

Advertisement:



Having a backup of the VM is good but having a backup of the database too is better. I use UpCloud for hosting my VM’s and setting backups is easy. But I cannot download those backups.

UpCloud Backup Screen

Murphy’s Law

“If anything can go wrong, it will”

The most important reason for taking a backup and knowing how to restore it is for disaster recovery reasons.

Backup (the easiest way) with Adminer

Adminer is a free PHP based IDE for MySQL and other databases. Simply install Adminer and save the file on your local computer or remote web server directory.

FYI: The Adminer author Jakub Vrana has a patron page, I am a patron of this awesome software.

Snip from Adminers website. “Adminer (formerly phpMinAdmin) is a full-featured database management tool written in PHP. Conversely to phpMyAdmin, it consist of a single file ready to deploy to the target server. Adminer is available for MySQL, MariaDB, PostgreSQL, SQLite, MS SQL, Oracle, Firebird, SimpleDB, Elasticsearch andMongoDB.”

adminer.php file icon screenshot

TIP: The file would be publicly accessible to anyone so don’t save it to a common area, obfuscate the file, protect it of delete the file when you are done using it.

Advertisement:



Once Adminer is installed load it in a web browser, login with your MySQL credentials. Once you login you will see all databases and an Import and Export menu.

Adminer main screen, all databases and import and export menu.

tbtest is a simple database with one table and 4 fields (ID, Key, Value and Modified)

.Click Export to open the export screen.

Export screen showing a list of databases and export options

Click Export, a SQL file will be generated (this is the export of the database).

Here is a save of the file:
https://fearby.com/wp-content/uploads/export.txt

Exported view of https://dev.mysql.com/doc/workbench/en/wb-admin-export-import-management.html

Its that simple.

If I add a binary blob file to the table and upload a PNG file lets see how the export looks.

Screenshot o the new table with a blog field in Adminer UI

Advertisement:



Let export the database again in Adminer and check out the output. I used Sublime Text editor to view the export file.

New Export shows the binary file in the Backup SQL file

Restore (the easiest way) with Adminer

OK lets delete the tbtest database and then restore it with Adminer. I used Adminer to delete (DROP) the database.

Database dropped with Adminer

Database “dbtest” deleted.

Now lets create a blank database to restore to (same name).

Create database screen.

Database created.

dbtest created.

Advertisement:



Now lets import the database backup using Adminer.

Click Import, select the backup file and un-tick Stop on errors.

Import screenshot, dxtest selectded, Restore file selected, stop on errors disabled

TIP: The 2MB next the the choose file button is defined by your web server and PHP configuration. If you are trying to import a larger database (e.g 80MB) first increase the limits in your web server and PHP (via php.ini).

The Import (restore should take seconds)

Import Success

The database was imported from a backup, all tables and records imported just fine.

The database was imported from a backup

Bonus methods.

On Ubuntu use this guide to backup from the command line. If you use the Oracle MySQL Workbench read this.

I hope this helps someone.

Advertisement:



Setting up the Debian Kali Linux distro to perform penetration testing of your systems

by

This post will show you how to setup the Kali Linux distro to perform penetration testing of your systems

Advertisement:



I have a number of guides on moving hasting away form CPanel, Setting up VM’s on AWS, Vultr or Digital Ocean along with installing and managing WordPress from the command line. Securing your systems is very important (don’t stop) and keep learning (securing ubuntu in the cloud, securing checklist, run a Lynis system audit etc)

snip from: https://www.kali.org/about-us/

“Kali Linux is an open source project that is maintained and funded by Offensive Security, a provider of world-class information security training and penetration testing services. In addition to Kali Linux, Offensive Security also maintains the Exploit Database and the free online course, Metasploit Unleashed.”

Download Kali

I downloaded the torrent version (as the HTTP version kept stopping (even on 50/20 NBN).

Download Kali

After the download finished I checked the SHA sum to verify it’a integrity

A least it matched the known (or hacked) hash here.

Installing Parallels in a VM on OSX

I use Parallels 11 on OSX to set up a VM os Demina Kali, you can use VirtualBox, VMWare etc.

VM Setup in Parallels

Hardware: 2x CPU, 2048MB Ram, 32MB Graphics, 64GB Disk.

I selected Graphical Install (English, Australia, American English, host: kali, network: hyrule, New South Wales, Partition: Guided – entire disk, Default, Default, Default, Continue, Yes, Network Mirror: Yes, No Proxy, Installed GRUB bootloader on VM HD.

Post Install

Install Parallel Tools

Official Guide: https://kb.parallels.com/en/123968

I opened the VM then selected the Actions then Install Parallels Tools, this mounted /media/cdrom/, I copied all contents to /temp/

As recommended by the Parallels instal bash script I updated headers.

Then the following from https://kb.parallels.com/en/123968

Parallels will not install, I think I need to upgrade to parallel 12 or 12 as the printer driver detection is not detecting (even though it is installed).

Installing Google Chrome

I used the video below

I have to run chrome with

It works.

Chrome

Running your first remote vulnerability scan in Kali

I found this video useful in helping me scan and check my systems for exploits

Simple exploit search in Armitage (metasploit)

Armitage Scan

A quick scan of my server revealed three ports open and (22, 80 and 443). Port 80 redirects to 443 and port 22 is firewalled.  I have WordPress and exploits I rued failed to work thanks to patching (always stay ahead of patching and updating of software and the OS.

k006-ports

Without knowing what I was doing I was able to check my WordPress against known exploits. 

If you open the Check Exploits menu at the end of the Attacks menu you can do a bulk exploit check.

kali_bulk

WP Scan

Kali also comes with a WordPress scanner

This will try and output everything from your web server and WordPress plugins.

/xmlrpc.php was found and I was advised to deny access to that file in NGINX. xmlrpc.php is ok but can be used in denial of service attacks.

I had a hit for a vulnerability in a Youtube Embed plugin but I had a patched version.

k007-wpscan

TIP: Check your WordPress often.

More to come (Draft Post).

  • OWASP scanner
  • WPSCAN
  • Ethical Hacker modules
  • Cybrary training
  • Sent tips to @FearbySoftware

Tips

Don’t have unwanted ports open, securely installed software, Use unattended security updates in Ubuntu, update WordPress frequently and limit plugins and also consider running more verbose audit tools like Lynis.

More Reading

Read my OWASP Zap guide on application testing and Cloudflare guide.

I hope this guide helps someone.

Ask a question or recommend an article

Your Name (required)

Your Email (required)

Your Question

Revision History

v1.2 added More Reading links.

v1.1 Added bulk exploit check.

v1.0 Initial post

Useful Linux Terminal Commands

by

Below are Ubuntu Linux commands I use often to setup, debug maintain servers.

Advertisement:



Read this guide for Useful OSX Commands (for setting up Apache, PHP, MySQL, Adminer etc on OSX)

I recently moved my domain from a C-Panel hosted domain (and Email to Google G Suite (my guide here)) to a self-managed Digital Ocean domain (my LetsEncrypt Guide here, my Digital Ocean guide here, my AWS setup guide here, my Vultr setup guide here) and needed to transfer my WordPress site. Setup your own Digital Ocean Ubuntu server form $5  a month (get the first 2 months free by clicking here) or setup your own Vultr Ubuntu server for as low as $2.5/month by clicking here.

How to Reboot (from time to time when prompted with *** system restart required ***” messages appear).

How to set up a  bash file (*.sh) as Executable.

The file will now be executable.

Viewing your crontab (Windows Task Scheduler equiv)

Ping a port

Rename a folder

Set the owner of a folder

Check the rsync port

Run a file every 1 minute

Show server name

How to verify patch status for Meltdown and Spectre

Read my guide here to install the patch here.

Verify Spectre and Meltdown patch status

or

Restart network

More here.

Show Operating System Name

Show installed Packages

Show all packages with “PHP” in the name.

Send Messages Other Logged In Users (CLI)

Show all user logged in

Sent a message to usr1

Sent a message to the root console

Messages will appear at the bottom of the user’s console.

Processor

List processes in a tree view (… = removed)

View major processes by usage/memory

Read more on ps here.

How big is a folder

Change FIle Create/Modify time’s

Change File Creation Date

Change file modify/accessed time

Tree

Tree needs to be installed first

Show an ASCII representation of a folder structure

Show files in a  structure

Show directories

List all files and folders in a structure

Backup a  www folder

Common (Digital Ocean) Debugging commands

Networking

Display all TCP connections

Display all UDP connections

List all Listening Connections

Show all Network stats

Show all UDP Network stats

Show all TCP Network stats

Show network packets

Displaying raw info

Show open ports

Upload a file to a remote server over ssh

Zip files

Install zip

Zip a  whole directory (with high compression)

Zip a  whole directory (excluding *.tmp, *temp, *.bak and *.zip file types)

Zip Help

Backup NGINX

Unzip

Installing Unzip

Unzip a  file

Updates

Setup Unattended Ubuntu Security updates

At login, you should receive

Show Configured NGINX server names

Services

Reload daemon services

Verify the MongoDB service file exists

View the status of services

Local Dump

Show All Defined Ports

Show defined rsync ports

Show listening ports (active connections)

Show service status

View your bash history for a past command (e.g “openssl”).

View last 1 line of a file.

Ping a server

How to check system uptime (and load average)

Uptime in friendly format

The load averages at the end are the last 1, 5 min and 15 minutes.

The w command is handy for showing uptime information as-well as logged in users (The ‘w -i’  parameter -i is handy for seeing what IP people are logged in from).

How to download a file

How to edit NGINX configuration

and

How to find a file

also

Find contents in files (recursive)

Find files by name and run a command on each

Show differences in files

Show contents of file (e.g urls.txt)

Download all files mentioned in a text file.

View all packages with updates

Output:

or (on ubuntu 16.04)

Updates

Always backup your server’s configuration before updating.

Backup MySQL

Crontab

Add this to crontab -e to backup at 1 am every day

/scripts/shrinkmysql.sh  script to shrink SQL files

I had to add this to crontab

Cron job to shrink SQL dumps at 2am every day

Write to a single log file from the crontab at 2 am every day.

todo

Query a package (e.g. siege package)

How to set up a free SSL certificate (see my guide here).

How to set your timezone.

How to restart PHP

How to show the time on the server

Reload and restart the NGINX configuration and web server.

JSON viewing program

Installing

Using

or

output from json tool

Below are utilities I use a lot.

ncdu file size utility

Installing

Using

pydf disk checking utility

Installing

Using

output from pydf tool

ntp timezone service

Installing

Using

Displaying startup processes

Installing

Using

htop process manager.

Installing

Using

output from htop tool

Network Benchmarking (between two servers)

I use iperf to measure total bandwidth between two servers. You will need to allow port 5001 (TCP IPV4 and TCP IPV6 in and out) in any local firewalls and hosts GUIs.

Allow port 5001 on an ufw firewall (IN and OUT)

Deny IP

Allow port 22 access to known IP

Deny Outgoing Port

Allow out on port to known IP

More securing Ubuntu in the cloud here.

Install iperf on the target and source Ubuntu server.

Run this on the listening server.

Run this on benchmarking server (and add the IP of the listening server).

Results

Screen dump of ipref -c ip
iperf benchmarking output

Testing concurrent connections to a web server with siege.

Install siege

Benchmarking a HTTP server

Benchmarking HTTPS sites

Install siege 4.0.2 ( steps here ).

Verify siege 4.0.2 is installed by running

Now can benchmark https sites

View incoming connections on the target server

I always increase my history size and tell it not to store duplicates.

Viewing your typed terminal history

Increasing your history size

How to Update Ubuntu

or

Edit SSH authorized keys

Search file and show lines where text matches

View packages with updates

View Boot Text

Automatic Monitoring (ever 1 second)

Active network connections

Network Packets

Free memory

Memory breakdown

or

Monitor NGINX memory

more soon…

Read this guide for Useful OSX Commands (for setting up Apache, PHP, MySQL, Adminer etc on OSX)

50 most useful Linux commands (view here).

View other Linux command informing sites here, here and here.

 

Donate and make this blog better




Ask a question or recommend an article

Your Name (required)

Your Email (required)

Your Question

v1.8 Show users and senda messages to other users

v.71 Show Operating System Name

v1.7 added Meltdown and Spectre patch information

v1.6 Removed -x fom zip directory

V1.5 Restart Network

v1.4 added Useful OSX Commands

Setting up a Raspberry Pi Zero W

by

fyi: Here is my guide that I created while I set up a Raspberry Pi Zero W. My previous Raspberry PI 2 Setup Guide here and I wanted to try the single core Raspberry Pi Zero W. Eventually, want to run my Raspberry Pi from batteries (my older guide here).

Advertisement:



I plugged in a  2Amp 5v micro USB powder pack, micro HDMI cable, micro USB keyboard and expected to see a light but nothing.  This guide says the Raspberry Pi has no power LED. Unfortunately, I thought the power pack was faulty and I plugged it in a few times and corrupted the installed SD-card.

Failed Setup

After reading this guide I remembered I forgot to switch the monitor to the HDMI input (oops).

Yep, I realized I corrupted the OS on the SD Card.

Old Noobs Operating System

I checked the SD-Card (that I purchased from eBay) I noticed the SD-Card had an older NOOBS 2.0.0 installation in an in an invalid subfolder (that’s why it would not boot).

I plugged the Micro SD card into an SD-Card adapter and plugged it into my Mac (time to install a newer OS).

 

Downloading the latest Raspian Operating System

I visited https://www.raspberrypi.org/downloads/raspbian/ and download raspbian

I downloaded a 1.66GB Zip File.

The file took 30 mins to download.

I expanded the zip file to a 4.66 img file.

Formatting the SD-Card

I formatted my SD Card with the SD Card Associations SD formatting tool from https://www.sdcard.org/downloads/formatter_4/ here.

Setting up the SD-Card

The Raspberry Pi Foundation has a great guide on how to install the Raspberry Pi Raspian image onto an SD-Card here.

I downloaded the free 64MB Etcher program for Mac OS here https://etcher.io/ in order to copy (flash) Raspian onto the SD-Card.

I opened Etcher and selected the Raspian Jesse image file and clicked flash.

The flash will take between 5-10 minutes.

SD Card Contents

The Raspian image is now ready for reinsertion back into the Raspberry Pi to setup

1st Raspberry Pi (Raspian) boot.

The raspberry pi does, in fact, have a  power/activity led with the latest operating system 🙂

The desktop loaded quite swiftly too. My Bay special keyboard detected just fine. You can manually connect to your wifi by entering the following command in the terminal (thanks to this guide).

Pi

 

Generic Config

I am not using the desktop much so I am happy setting 16MB for the video card.

Get the Mac Address and set a static IP Address (to allow remote SSH management)

After a reboot, I was logged into a shell and was able to bring up the devices network details (including mac address).

Test the network connection

I was successful;y able to ping a remote server via wifi.

Pi Zero Network Update

Static IP Address

Todo: I set up my local ADSL router to give the Raspberry Pi a Static (known) IP every time it boots.

Update the Pi Software (after the network is up)

Now that I knew the network is working I was able to update the Pi software.

Pi Zero

I re-ran the update just in case. Now my Pi is all up to date.

Installed Misc Software

More on setting up a NGINX web server here.

Set the Pi Mouse (regular sized USB devices)

I had small micro USB to larger USB adapters (from eBay)  but could only use a keyboard or mouse at any one time. I Also had a micro USB to multiple micro USB and Ethernet adapter (from eBay) (SN: YS-LAN38) but it failed to work with NOOBS 2.0.0 (maybe it will work with Raspian latest)

I wanted to test regular devices in the case of an emergency.

Pi Zer UBS Adapter

And the mouse works (and the X desktop worked with 16MB assigned)

Help

40 Useful Raspberry Pi Commands.

Todo

Add information on adding and using a 5MP Raspberry Pi camera and setting this up as a https://fearby.com/article/raspberry-pi-2b-security-webcam/secuerity webcam.

 

Donate and make this blog better





Ask a question or recommend an article

Your Name (required)

Your Email (required)

Your Question

v1.2 DRAFT: Added more images