Author Topic: IT Secrets thread!  (Read 4840 times)

Offline dimitri

Re: IT Secrets thread!
« Reply #80 on: July 8, 2022, 10:32:46 pm »
Quote from: duvva on June 21, 2022, 12:08:09 am
Thanks for the suggestion, Ill have a look at that tomorrow.

I downloaded one called Disk Drill this evening and it seemed to recover a few photos and videos, but you have to pay to have a pro edition to recover more than 500mg (recovery was over 4gb - which I was a bit surprised at as it only looked like it found an additional video and handful of photos).

Was the Recuva one free or cheaper at least, as this one wants £89! to get the pro edition so I can download most of whats been recovered


Try Photorec
Offline owens_2k

Re: IT Secrets thread!
« Reply #81 on: July 20, 2022, 05:19:38 pm »
A client I'm working for submitted some documents to a firm via a password protected zip file back in 2013 that they cannot remember the password for.

I suggested to my client to contact the original recipient in order to obtain the password but company has since liquidated

Are they beyond recovery or is there a legitimate way to extract the documents from the zip?
Online Elmo!

Re: IT Secrets thread!
« Reply #82 on: July 20, 2022, 06:09:45 pm »
Quote from: owens_2k on July 20, 2022, 05:19:38 pm
A client I'm working for submitted some documents to a firm via a password protected zip file back in 2013 that they cannot remember the password for.

I suggested to my client to contact the original recipient in order to obtain the password but company has since liquidated

Are they beyond recovery or is there a legitimate way to extract the documents from the zip?

I've never tried it myself but my understanding is that the password protection on zip files is pretty weak and there are tools out there that can crack them relatively simply given enough time.
Offline owens_2k

Re: IT Secrets thread!
« Reply #83 on: July 21, 2022, 10:32:29 am »
Quote from: Elmo! on July 20, 2022, 06:09:45 pm
I've never tried it myself but my understanding is that the password protection on zip files is pretty weak and there are tools out there that can crack them relatively simply given enough time.
I'll probably infect my laptop with all kinds trying to find software that can do it.

I'm sure back in the day you could rename zip files to .txt or something and find the password.

I can see all the files within the zip, just can't open or extract them. Very frustrating!
Offline PaulF

Re: IT Secrets thread!
« Reply #84 on: July 21, 2022, 04:21:28 pm »
Again, this is why you spin up a VM. Keep everything sandboxed.
"All the lads have been talking about is walking out in front of the Kop, with 40,000 singing 'You'll Never Walk Alone'," Collins told BBC Radio Solent. "All the money in the world couldn't buy that feeling," he added.

Offline chris2006

Re: IT Secrets thread!
« Reply #85 on: August 1, 2022, 12:11:50 am »
You can dump the hash of the password from a zip archive then attempt to crack it using Hashcat or Johntheripper. Having worked in DFIR for a long time, this kind of practice to gain access to encrypted data quite often works, it just can take time.

If you want a lift with it, drop me a PM.
Offline Andy @ Allerton!

Re: IT Secrets thread!
« Reply #86 on: August 1, 2022, 08:34:05 am »
Quote from: PaulF on July 21, 2022, 04:21:28 pm
Again, this is why you spin up a VM. Keep everything sandboxed.

VMs are old hat mate. Docker is what you want.
Offline sattapaartridge

Re: IT Secrets thread!
« Reply #87 on: August 15, 2022, 12:58:34 pm »
ive not got into Docker yet, is it CPU intensive? im a .net developer/manager.
Quote from: JohnWHenry
We will build and grow from within, buy prudently and cleverly and never again waste resources on inflated transfer fees and unrealistic wages. We have no fear of spending and competing with the very best but we will not overpay for players
Too late eh?

Offline Andy @ Allerton!

Re: IT Secrets thread!
« Reply #88 on: August 15, 2022, 04:44:42 pm »
Quote from: sattapaartridge on August 15, 2022, 12:58:34 pm
ive not got into Docker yet, is it CPU intensive? im a .net developer/manager.

Barely noticeable on a modern machine, depending on what you're doing

You can also play with Kubernetes for free on your local machine (Look at Docker Desktop, Kind or Minikube)

Kind is good because you can try out multi-clusters on just your own machine and even build a microservices system that you can try out locally before you deploy wherever
Offline glasgowsmvp

Re: IT Secrets thread!
« Reply #89 on: August 17, 2022, 01:32:52 pm »
12ft.io to get around TheAthetic pay wall :D
Offline PaulF

Re: IT Secrets thread!
« Reply #90 on: August 19, 2022, 12:12:07 pm »
Quote from: Andy @ Allerton! on August  1, 2022, 08:34:05 am
VMs are old hat mate. Docker is what you want.
Soooo.. I created a VM running SQL express on an ubuntu 20.04 box. All working beautifully.
Now I'm trying to test a back up and restore.  BUT I can't install another copy of sql on ubuntu. A chain of errors :(
So I'm going to try docker.  I'm starting up a VM with docker preinstalled.  How would I connect to the container (ideally from windows) , to tell it to pull and start a sql image?  I assume all I need is the IP address of the VM host and the root login.
( I am assuming of course that the container isolates me from nasty messages about not being able to find mssql or outdated keychain bollox)

Not using a windows host as I'm cheap. Though I may give up soon , because time is money...
"All the lads have been talking about is walking out in front of the Kop, with 40,000 singing 'You'll Never Walk Alone'," Collins told BBC Radio Solent. "All the money in the world couldn't buy that feeling," he added.

Offline Andy @ Allerton!

Re: IT Secrets thread!
« Reply #91 on: August 19, 2022, 01:20:46 pm »
Quote from: PaulF on August 19, 2022, 12:12:07 pm
Soooo.. I created a VM running SQL express on an ubuntu 20.04 box. All working beautifully.
Now I'm trying to test a back up and restore.  BUT I can't install another copy of sql on ubuntu. A chain of errors :(
So I'm going to try docker.  I'm starting up a VM with docker preinstalled.  How would I connect to the container (ideally from windows) , to tell it to pull and start a sql image?  I assume all I need is the IP address of the VM host and the root login.
( I am assuming of course that the container isolates me from nasty messages about not being able to find mssql or outdated keychain bollox)

Not using a windows host as I'm cheap. Though I may give up soon , because time is money...


Install WSL

Upgrade WSL to WSL 2

Install docker desktop

Allow Docker Desktop to use WSL2

COMMANDS:

docker pull mcr.microsoft.com/mssql/server:2019-latest

docker run -e "ACCEPT_EULA=Y" -e "SA_PASSWORD=34r0TNhvgOde" -p 1433:1433 --name sql2019 -h sql2019 -d mcr.microsoft.com/mssql/server:2019-latest




(More info here: https://theserogroup.com/sql-server/getting-started-with-sql-server-in-a-docker-container/   and this shows you how to set up a backup/restore as well)


To get started with Docker/Kubernetes, I'd recommend this excellent course: https://www.udemy.com/course/docker-kubernetes-the-practical-guide/

Offline owens_2k

Re: IT Secrets thread!
« Reply #92 on: September 1, 2022, 04:08:07 pm »
I have a wireless keyboard and on startup of my computer, the F keys on the keyboard always default to the function rather than the F key. So for example when my computer starts, F5 acts as a pause/play button for audio rather than F5 for refresh. I can fix this by pressing a function button which makes the F keys act as F keys.

Is there a way I can make it so the keyboard uses F keys as default rather than the functions? Its annoying me that if I leave the computer for a period of time and come back to it, the keyboard has reverted again (Im assuming due to disconnected from the PC during idle time to save power)
Offline Andy @ Allerton!

Re: IT Secrets thread!
« Reply #93 on: Yesterday at 10:33:18 am »
Quote from: owens_2k on September  1, 2022, 04:08:07 pm
I have a wireless keyboard and on startup of my computer, the F keys on the keyboard always default to the function rather than the F key. So for example when my computer starts, F5 acts as a pause/play button for audio rather than F5 for refresh. I can fix this by pressing a function button which makes the F keys act as F keys.

Is there a way I can make it so the keyboard uses F keys as default rather than the functions? Its annoying me that if I leave the computer for a period of time and come back to it, the keyboard has reverted again (Im assuming due to disconnected from the PC during idle time to save power)

Depends on the make and model of the keyboard
Offline Crosby Nick

Re: IT Secrets thread!
« Reply #94 on: Yesterday at 02:18:38 pm »
Quote from: Andy @ Allerton! on Yesterday at 10:33:18 am
Depends on the make and model of the keyboard

Its a VTech.
Offline Andy @ Allerton!

Re: IT Secrets thread!
« Reply #95 on: Today at 12:24:33 am »
