How do I set up a Raspberry Pi if I don’t have a monitor/keyboard/mouse?

Over the last couple of years I’ve been playing with the Raspberry Pi set of single board computers fairly heavily. In that time I’ve found some great uses for these devices, but sometimes it’s just more convenient to plug one into the wall and start configuring it without having to break out a monitor and keyboard. This is especially true for projects like Pi-hole where the end configuration will run headless (I literally have mine plugged into a USB port on my router for power).

To set this up we’re going to enable ssh and wi-fi on the sdcard before we ever boot the Raspberry Pi. It’s a simple process, we just need to create two files in the root of the boot partition of an sdcard that is formatted and ready to boot. If you don’t want to connect wi-fi you can just plug in an ethernet cable (assuming your Pi has an ethernet port), and skip the wireless setup portion.

The first file is an empty file names ‘ssh’ with no file extension. This tells the OS during boot that you want ssh enabled.

The second file is named wpa_supplicant.conf (just a simple text file with .conf as the extension rather than .txt), that contains the information needed to allow the Pi to automatically connect to the specified wireless network. In this example we’re going to connect to a wi-fi network with the SSID ‘testNetwork’ and the password ‘Passw0rd’. To do this we need to put this text into the wpa_supplicant.conf file:

country=US
ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
update_config=1
network={
	ssid="testNetwork"
	psk="Passw0rd"
	key_mgmt=WPA-PSK
}

Save that file, and then drop both files into the root of the sdcard. That’s it, once booted your Pi should automatically connect to your wi-fi with ssh enabled.

You can set the wireless country with that first line in the wpa_supplicant.conf file. I include this because the project is based in the UK and I’m in the US. If you’re in a different country you can set this properly using the standard two letter abbreviation for your country.

All your Wi-Fi are pwned: Pwnagotchi project notes.

A while back I started playing with the Pwnagotchi which is basically an automated wi-fi handshake capture tool which can be configured to automatically upload captured handshakes to various online cracking tools. It’s powered by an AI that learns to capture wi-fi handshakes better over time, and can learn to cooperate with other pwnagotchi units to more efficiently capture wi-fi handshakes.

The good: for pentesting this thing is awesome. It’s an automated way to collect pcap files for possible decrypting that is about the size of a large pack of gum.

The bad: if you have a weak WPA password, it makes a usually technically complicated task into a trivial task for someone to own your wi-fi, and they can be built for as little as $10.

I did this project on hard mode, working from a Windows 10 computer and an iPhone, and I want to share some of my notes.

The Build

There are a number of different ways that the Pwnagotchi can be built. For this project I chose the Raspberry Pi Zero w (pi0w), Waveshare v2 eInk display, and PiSugar 1200mAh battery hat (the featured pic for this post is my actual components just prior to the build). This is a common configuration and I chose it primarily because I wanted to see how easy this was to set up following the documentation from the project (which needs work).

The four blue LEDs you see in this pic are the PiSugar’s battery indicator. In my testing I’m getting about 4.5 hours of run time on the 1200mAh PiSugar, so each one of those lights is roughly equivalent to an hour of runtime.

Because the PiSugar is connected via spring pins, this means that you can’t easily turn off the Pwnagotchi, unless you do some digging because the PiSugar has nothing with a capital nothing in the way of documentation. There is a physical button that allows you to reboot, power or, or power off the pi0w when the PiSugar is attached. It’s tiny, and you will probably miss it.

That is the button. Press it once to turn on the pi0w, again while running to hard reboot the pi0w, and double click it to hard power off the pi0w. Unfortunately the PiSugar1 does not support I2C communication so there is no way to monitor the battery life from the pi0w (unlike the USB-Lite battery hat). This means that when you use the button on the PiSugar it’s a hard reset or hard shutdown, which can lead to issues with file or even sdcard corruption. The best solution is to use the Pwnagotchi’s web interface to power down the unit (or do it via commandline) and then use the PiSugar’s button to start it back up.

Because the initial boot of the Pwnagotchi involves a one time generation of an RSA key, I turned the battery off before inserting the sdcard and powered the unit via the power port (the USB port on the right in the pic above) for initial boot. This process can take a half an hour or more once the boot process is complete, but with a good sdcard can be considerably faster.

Notes:

• As with all Pi projects, SDCards matter. Better is better. The sdcard is the heart of your project and its quality and speed will have major impact on your experience. The cheap noname 16GB card I had in my box of parts took more than 30 minutes to boot when I tested it with the pi0w.
• Make sure when connecting the pi0w to a computer that 1) your USB cable supports data, and 2) that you select the actual data port, not the power port (in the picture above that is the port above the button, you want the one on the left).
• eInk displays come in wide variety. The Waveshare was relatively inexpensive at $22 on Amazon, and there are many 3D printed case designs available for different configurations.
• The battery hat was probably my most contentious part selection. I went with the PiSugar only because it was readily available. The UPS-Lite battery hat has built in support for displaying the battery level on the display of the Pwnagotchi. If I were doing this again I’d probably go that route.
• The pi0w does not have a real time clock, so if I make changes to this in the future, it will likely be to add that. There are plenty of tutorials online, and it’ll fit between the display and the pi0w neatly.

Configuration

Setting up the config.toml file is fairly straightforward, the project docs are pretty easy to follow for that. If you’re doing this on a Windows machine just know that the config.toml file needs to go in the root of the sdcard, not the /root folder.

This is where the project docs start to fall down. To be fair, there are a lot of possible scenarios so it’s a hard thing to get right for everybody, and I’d be comfortable saying that it is likely that the majority of people attempting this project are doing so from a Linux background. I am fairly comfortable with Linux, but I generally work on Windows machines.

The first issue I ran into was on initial boot. My SSH attempt was being rejected. This is because the IP you assign is for the adapter of the RNDIS gadget in windows, not the actual pi0w. My network at home is 10.0.0.x/24, and it looks like the Pwnagotchi build is set up to expect this. Both a blessing and a curse, because if you have a device on your network that is using 10.0.0.2 you’re gonna have fun trying to SSH to the Pwnagotchi and have network connection at the same time.

I luckily didn’t, and once I realized the mistake I was making I was able to establish a connection to the pi0w at 10.0.0.2. I then realized that because my actual gateway is 10.0.0.1, and I had assigned something else to my RNDIS adapter, I could communicate with the Pwnagotchi, but it could not communicate with the outside world. Initially I thought “well, I’ll just set up the wi-fi on the pi0w and connect that way,” but because of the nature of the project, the wi-fi on the pi0w is not usable (bettercap is using it to sniff wi-fi handshakes, duh).

My solution was to connect the Pwnagotchi to my iPhone via bluetooth and share the internet from there. It’s not as easy as that sounds. Luckily with Pwnagotchi release 1.5 they’ve dropped the YAML config file for a TOML config file (which is a lot easier to get right), but there also isn’t much in the community forums about the config.toml file and how to set it up (almost everything I found was referencing config.yml). I was eventually able to get it working, here is the section I had to add to the config.toml file to get it working:

main.plugins.bt-tether.enabled = true
main.plugins.bt-tether.devices.ios-phone.enabled = true             
main.plugins.bt-tether.devices.ios-phone.search_order = 1
main.plugins.bt-tether.devices.ios-iphone.mac = "xx:xx:xx:xx:xx:xx"
main.plugins.bt-tether.devices.ios-iphone.ip = "172.20.10.6"
main.plugins.bt-tether.devices.ios-iphone.netmask = 14
main.plugins.bt-tether.devices.ios-iphone.interval = 1
main.plugins.bt-tether.devices.ios-iphone.scantime = 15
main.plugins.bt-tether.devices.ios-iphone.max_tries = 10
main.plugins.bt-tether.devices.ios-iphone.share_internet = true
main.plugins.bt-tether.devices.ios-iphone.priority = 1

The actual connection took a while. You have to enable your wi-fi hotspot in iOS, and then wait for a connection attempt in the bluetooth settings. It takes a few minutes, but it’ll eventually happen. Once you allow pairing, you just have to follow that process and attempt to connect the bluetooth device in iOS when the Pwnagotchi status is “Looking around” or at least that seems to work for me.

Once it’s connected, it’s time to update the OS with a standard

sudo apt-get update && sudo apt-get upgrade

command. Because we are using a battery, we’ll need to power that off before connecting the data port so that the pi0w is running off of the USB port power rather than the battery. The pi0w is a tiny single board computer and updates can take a long time. Losing power during an update is a good way to corrupt your disk.

Once the OS update is complete, reboot and then enable the webcfg plugin via the web interface so that you can finish configuration there. It’s a lot easier than trying to do it via commandline.

Notes:

• The Pwnagotchi will initially come up with the IP 10.0.0.2, when you assign an IP to the RNDIS adapter, your assigning that IP on the local computer. This is the gateway for the Pwnagotchi, so if you don’t assign 10.0.0.1 to the RNDIS adapter you will have no internet connection. In my case, I couldn’t because 10.0.0.1 is my actual gateway.
• main.plugins.bt-tether.devices.ios-iphone.mac = “xx:xx:xx:xx:xx:xx” is the bluetooth MAC of your iPhone, just replace the xx bit with your actual MAC.
• Make sure once you’re done with configuration and updating that you backup your sdcard using dd or Win32DiskImager so that if your sdcard dies you can make another that is ready to run as soon as it is powered up.

Conclusion

This was a really fun project that is a neat way to learn about AI and Deep Reinforced Learning while having fun and (for me at least) reliving some of the excitement of a good old fashioned wardriving session.

 

Admin’s Arsenal: iPhone Configuration Utility

I got an iPhone in 2009. I like it, it does what I need it to do. I’m not with the fanboi crowd that thinks that Steve Jobs was a saint, and the iPhone is the holy grail of cell phones. The thing has problems. The fact that I still cannot define a time that I do not want the phone to ring or vibrate, or only ring for specific callers (without jailbreaking) is pretty silly.

But it is still light years ahead of a Blackberry, and in my opinion far easier to use and maintain than an Android device.

All that aside, iOS is here, and our users want it. I’ve got about 10 users with iOS devices, and it’s spreading. I do not support enough mobile devices to justify a Mobile Device Management solution, but that doesn’t mean that I am forced to manage them all by hand either.

Some time ago Apple released the iPhone Configuration Utility (available here for both Mac and Windows computers), designed for exactly my use case.

You’ll notice that Apple has quite a bit of information available at that link, including an MDM solution specifically for iOS devices (which unfortunately is OSX only). Not bad, I’ll tip my hat to Cupertino on that, they aren’t ignoring the Windows people (for once).

The iPhone Configuration utility allows you to define profiles and configure settings for iOS devices (it works fine with iPads).

Let’s take a look at the interface (click the image to see the full size versions):

iPhone Configuration Utility interface

 

Note at the bottom there the setting to control when the profile can be removed from the phone. I would suggest that you choose the “With Authentication” setting, as you never know when you might need to remove the profile, and you don’t want users screwing around in there and accidentally removing the security policy requiring a passcode for compliance reasons (or just general security). Speaking of Passcodes:

Passcode Policy settings

 

You can see here that you’ve got pretty granular passcode settings available, which is great because if Apple is known for doing one thing right, it sure isn’t security. If you happen to be in an environment where you need to disable certain settings, the Restrictions policy settings have you pretty well covered:

Restriction Policy Settings

 

Which is great if you need to control things like disabling Siri when the device is locked. The utility also gives you the ability to define Wi-Fi networks that the iOS device is allowed to connect to:

Wi-Fi Policy Settings

 

This is actually pretty handy, you don’t need to give out wi-fi passwords, and you can isolate mobile devices as needed. If for some strange reason you want to allow users to connect their phones to your VPN, there is provision for that as well:

VPN Policy Settings

 

This is great for me personally, as I can use this to allow secure connection to our Spiceworks install, as well as remote desktop for emergencies. And of course we need email:

Exchange ActiveSync Policy Settings

 

Pretty standard stuff from here out.

Here’s how I use this:

I have one company wide device security policy that gets installed on all devices. This is basically a passcode and screen lock policy that also disables Siri when the phone is locked. These are company devices, with confidential company information on them. I know it’s inconvenient for you to have to enter a 4 digit passcode when you want to use your phone, but tough. Don’t like it? I’ll remove it when there is no longer any company data on the phone, and that includes email and contacts that have employee’s home contact information in them.

I have one email profile that is basically a shared contacts box that get’s installed on every device.

Each user has an email policy that configures access to their work email.

I have a VPN profile that allows me to VPN into our network from my phone, but no one else has this capability.

This is great because in the 3+ years I’ve had an iPhone, I’ve had to replace or wipe the device at least 10 times. They’re not the most hearty of devices (that crown is still held by the mighty BlackBerry, which I know from experience can survive being thrown from the second floor of a building into parking lot during a torrential downpour), and water is like antimatter to them.

Now when I need to change hardware, or reload the device I simply email the four profiles to myself, and bingo all of my email settings are squared away in seconds (iCloud makes this super easy anyway, but it can take a while to get it working).

 

 

 

PowerShell Function: Find-Hotfix

Every now and then you’ll need to verify whether or not a given hotfix is installed on a particulat computer (or group of computers). This function takes all the work out of that task.

    ##--------------------------------------------------------------------------
    ##  FUNCTION.......:  Find-Hotfix
    ##  PURPOSE........:  Finds computers with a specified Microsoft Hotfix
    ##                    installed.
    ##  REQUIREMENTS...:  PowerShell v2.0
    ##  NOTES..........:  
    ##--------------------------------------------------------------------------
    Function Find-Hotfix {
        <#
        .SYNOPSIS
         Finds computers with a specified Microsoft Hotfix installed.

        .DESCRIPTION
         This function reads a list of computernames (one per line), checks each
         to determine if the specified hotfix is installed, and displays a list
         of all computers and the status of the hotfix for that computer.
        .PARAMETER FileName
         Full path and filename of the file containing a list of computers to
         check (one computer name per line). THis is a mandatory parameter. If
         you omit it, you will be prompted to enter a value before the function
         continues.
        .PARAMETER KB
         The KB number of the hotfix to check for (just the number). This is a
         mandatory parameter. If you omit it, you will be prompted to enter a
         value before the function continues.

        .EXAMPLE
         C:\PS>Find-Hotfix c:\list.txt 2564958

         This example will check all computers listed in the file "c:\list.txt"
         for hotfix KB2564958.

         Sample output:
         Wkstn01    HOTFIX NOT FOUND
         Wkstn02    Security Update
         Wkstn03    HOTFIX NOT FOUND
         Svr01      Security Update
         Svr02      Security Update

        .EXAMPLE
         C:\PS>'c:\list.txt' | Find-Hotfix -KB:2564958

         This example does the same thing as Example 1, but the list of
         computers to check is being passed to the Function using pipelining.

        .NOTES
         NAME......:  Find-Hotfix
         AUTHOR....:  Joe Glessner
         LAST EDIT.:  21MAR12
         CREATED...:  10APR11
        .LINK
         https://joeit.wordpress.com/
        #>

        [CmdletBinding()]             
                Param (                        
                    [Parameter(Mandatory=$True,
                        ValueFromPipeline=$True,
                        Position=0)]  
                    [Alias('file,f')]
                    [String]$FileName,
                    [Parameter(Mandatory=$True,
                        ValueFromPipeline=$False,
                        Position=1)]
                    [String]$KB
                )#End Param
        $ErrorActionPreference = "SilentlyContinue"
        $ComputerNames = Get-Content $FileName
        $KBN = "kb" + $KB

        ForEach ($Computer In $ComputerNames) {
            $StrQuery = "select * from win32_pingstatus where address = '" +
            $Computer + "'"
            $WMI = Get-WMIObject -query $StrQuery
            If ($wmi.statuscode -eq 0) {
                $CheckKB = GWMI Win32_QuickFixEngineering -computer $Computer |
                Where-Object {$_.hotfixid -eq $KBN} |
                Select-Object hotfixid, description
                    If ($CheckKB.hotfixid -eq $KBN) {
                        Write-Host -f green $Computer `
                        "`t" $CheckKB.Description "`r"
                    }#END: If ($CheckKB.hotfixid -eq $KBN)
                    Else {
                        Write-Host -f red $Computer `
                        "`t" "HOTFIX NOT FOUND" "`r"
                    }#END: Else
            }#END: If ($wmi.statuscode -eq 0)
            Else {
                Write-Host -f yellow $Computer "`t" "Ping failed!" "`r"
                }#END: Else
        }#END: ForEach ($Computer In $ComputerNames)
    }#END: Function Find-HotFix

PowerShell Function: Invoke-Sound

    ##--------------------------------------------------------------------------
    ##  FUNCTION.......:  Invoke-Sound
    ##  PURPOSE........:  Beep the system speaker.
    ##  REQUIREMENTS...:  PowerShell v2
    ##  NOTES..........:  
    ##--------------------------------------------------------------------------
    Function Invoke-Sound {
        <#
        .SYNOPSIS
         Beep the system speaker.
        .DESCRIPTION
         This function gives the user a wide variety of control over the system
         speaker (and can optionally be used to play a few Windows sounds
         through the regular speakers).
        .PARAMETER Frequency
         The pitch of the beep (larger numbers is a higher pitch). Defaults to
         1000.

         ALIAS: -f
        .PARAMETER Time
         The length of the beep in miliseconds (1000 = 1 second). Defaults to
         300ms.

         ALIAS: -t
        .PARAMETER Beeps
         The number of beeps to execute (defaults to one).

         ALIAS: -b
        .PARAMETER Sub
         This optional Switch will set the Frequency to 100.

         ALIAS: -s
        .PARAMETER Low
         This optional Switch will set the Frequency to 500.

         ALIAS: -l
        .PARAMETER Medium
         This optional Switch will set the Frequency to 2000.

         ALIAS: -m
        .PARAMETER High
         This optional Switch will set the Frequency to 5000.

         ALIAS: -h
        .PARAMETER Exclamation
         This optional switch will play the "exclamation" system sound using the
         PC speakers (not the system speaker).

         ALIAS: -ex
        .PARAMETER Asterisk
         This optional switch will play the "asterisk" system sound using the
         PC speakers (not the system speaker).

         ALIAS: -as
        .PARAMETER Hand
         This optional switch will play the "hand" system sound using the PC
         speakers (not the system speaker).

         ALIAS: -ha
        .PARAMETER Vader
         Plays part of the Imperial March using the System Speaker.
        .EXAMPLE
         C:\PS>Invoke-Sound

         This Example will play a 300ms beep from the system speaker with the
         frequency set to 1000.

        .EXAMPLE
         C:\PS>Invoke-Sound 2000 5000

         This Example will play a 5 second beep from the system speaker with the
         frequency set to 2000.

        .EXAMPLE
         C:\PS>Invoke-Sound -asterisk

         This Example will play the "asterisk" system sound through the PC
         speakers (not the system speaker).

        .EXAMPLE
         C:\PS>Invoke-Sound -beeps:5

         This will play 5 beeps from the system speaker using the default
         frequency of 1000 and time of 300ms.

        .EXAMPLE
         C:\PS>Invoke-Sound -vader

         Plays a section of the Imperial March from Star Wars :)

        .NOTES
         NAME......:  Invoke-Sound
         AUTHOR....:  Joe Glessner
         LAST EDIT.:  27MAR12
         CREATED...:  12FEB10
        .LINK
         https://joeit.wordpress.com/
        #>

        Param([Parameter(Mandatory = $False,
            Position = 0)]
            [Alias('f')]
            [Int]$Frequency = 1000,
            [Parameter(Mandatory = $False,
            Position = 1)]
            [Alias('t')]
            [Int]$Time = 300,
            [Alias('b')]
            [Int]$Beeps = 1,
            [Alias('s')]
            [Switch]$Sub,
            [Alias('l')]
            [Switch]$Low,
            [Alias('m')]
            [Switch]$Medium,
            [Alias('h')]
            [Switch]$High,
            [Alias('ex')]
            [Switch]$Exclamation,
            [Alias('as')]
            [Switch]$Asterisk,
            [Alias('ha')]
            [Switch]$Hand,
            [Switch]$Vader
        )#END: Param
        If($Sub) {
            $Frequency = 100
        }#END: If($Sub)
        If($Low) {
            $Frequency = 500
        }#END: If($Low)
        IF($Medium) {
            $Frequency = 2000
        }#END: IF($Meduim)
        If($High) {
            $Frequency = 5000
        }#END: If($High)
        If($Exclamation) {
            [system.media.systemsounds]::Exclamation.play()
            Break;
        }#END: If($Exclamation)
        If($Asterisk) {
            [system.media.systemsounds]::Asterisk.play()
            Break;
        }#END: If($Asterisk)
        If($Hand) {
            [system.media.systemsounds]::Hand.play()
            Break;
        }#END: If($Hand)
        If($Vader) {
            [console]::beep(340,500)
            [console]::beep(340,500)
            [console]::beep(340,500)
            [console]::beep(249,350)
            [console]::beep(423,150)
            [console]::beep(340,500)
            [console]::beep(249,350)
            [console]::beep(423,150)
            [console]::beep(340,1000)
            [console]::beep(559,500)
            [console]::beep(559,500)
            [console]::beep(559,500)
            [console]::beep(598,350)
            [console]::beep(423,150)
            [console]::beep(315,500)
            [console]::beep(249,350)
            [console]::beep(423,150)
            [console]::beep(340,1000)
        }#END: If($Vader)
        ELSE {
            1..$Beeps | %{[System.Console]::Beep($Frequency,$Time)}
        }#END: Else
    }#END: Function Invoke-Sound

Admin’s Arsenal: Launch a script with an email, from your cell phone.



“With great power comes great responsibility.” Call me a bit of a geek, but when Uncle Ben said that to Peter Parker in Spiderman (2002), it sent a chill down my spine. Not because this was the first Spiderman movie that was actually good, but because I immediately thought that there was no possible way to better sum up the best piece of advice that you can give someone who has chosen the IT profession as a career. Thank you Stan Lee.

I mention this simply because what I am about to show you can be a great tool, but can also be used for unconscionable evil. In fact, I learned how to do this from an incident at a former job where a disgruntled SysAdmin had used this technique to set up a “deadman switch” of sorts, and when he was fired, used it to totally wipe out a critical database. I was tasked with figuring out what had happened.

Now for those of you that will fall to the darkside, and decide to use this technique for nefarious purposes, listen up: you will get caught. Not only will you get caught, you will get prosecuted (as did the guy I learned this from). Also keep in mind that with the now infamous Terry Childs case being highly publicized, you will probably end up going to jail too (as you should).

This post is for the rest of you who will use this very powerful technique to make your jobs easier (and likely your personal lives less interrupted as well).

Requirements for this to work:

1. Outlook 2003 or newer (may work in previous versions, I have not tested it).
2. A script that does something you want to happen (test it thoroughly and make sure it does only what you intend it to do before putting it into production).

You may also be able to do this with other email clients, but at work I use Outlook so I’ve only ever tried it in Outlook.

For demonstration purposes, I used a VBScript named “testScript.vbs” (I know, original right?) which only contains one line of code:

wscript.echo “WORKING!”

I use this script frequently for testing purposes, so it is what I had on hand, and is totally safe (it’s not going to burn your network down if you accidentally fire it off while setting this up).

Once you have that script (or your own test script) in place, we can get to the actual setup.

Setting up the rule in Outlook:

1. Launch Outlook, and go to Tools>Rules and Alerts…
2. In the E-mail Rules tab, select the New Rule… button.
3. In the Rules Wizard, under the Start from a blank rule heading, select Check messages when they arrive, and click the Next > button.
4. In the Select Condition(s) screen, place a check in the following boxes: from people or distribution list, with specific words in the subject, sent only to me, with specific words in the body.
5. In the Edit the rule description box below, set people or distribution list to the email address you will be sending the activation email from (in my case I use my work email address when sending from my BlackBerry, and my gmail address when doing this from another computer). It is possible to add more than one email address here.
6. In the Edit the rule description box below, set specific words in the subject to something that you know you will never use as a subject line unless sending an Activation Email for this script (I use something like this: SCRIPT-scriptname).
7. In the Edit the rule description box below, set specific words in the body to an activation code (I use something like this: 1RS114523$%%#234). This is the “password” for launching the script, so make it something that is really hard to guess, and then store it in KeePass!.
8. Click the Next > button at the bottom of the window.
9. In the Select action(s) box, select start application. I also check assign it to the category category box (that’s not a typo), and then assign it to the Remote Script Activation category which I created so that all Activation Email that I send are easily identified.
10. In the Edit the rule description box below, set start application to the script you want to run. By default the Select an Application to Execute window has the Files of type box set to .exe files only, to find a script, change this to All Files (*.*) using the drop down menu.
11. Click the Next > button at the bottom of the window.
12. Click the Next > button at the bottom of the window again (unless you want to set any exemptions to this rule).
13. Name your new rule, and make sure that the Turn on this rule box is checked.
14. A summary of this rule is displayed at the bottom of the window. If this is not correct, you can click the < Back button to make any changes. If everything looks good, click the Finish Button at the bottom of the window.

NOTE: This is a client side only rule, which means that Outlook must be running for the rule to work (leave Outlook open and just lock your workstation).

WARNING: There are many tools that make it possible to send email that looks like it came from an account that is not yours. This is why it is very important to use a really strong “password” when setting things like this up. The last thing you want is for someone to figure out what you are doing and then be able to execute scripts in the context of your user account.

Testing it out:

1. Create a new email from the email address(s) that you entered in step 5 above.
2. Make the subject line the text that you entered in step 6 above.
3. In the body of the email you are sending enter the text that you specified in step 7 above.
4. Send the email.

When Outlook receives this email, the script that you specified in step 10 above will launch. Go ahead and test it out, I’ll wait…

Holy shit!!! What can I use this awesome technique for?!?!?

Well the answer to that is pretty much only limited to your imagination (and what you can do with a script or executable file). I have about 200 of these rules set up (I use different “passwords” for each of them so I keep a list of them in my BlackBerry and on my desk at home) and here are some of the things I can do with them:

• Reboot all servers.
• Reboot an individual server (I have a rule for each one).
• Reboot all workstations.
• Reboot individual workstations (there are only a couple that give me issues).
• Lock all workstations (all are Win XP), this one was really tricky to set up but it was necessary for a particular application).
• Clear out the print queue on our print server (all printers).
• Clear out the print queue on our print server for an individual printer (I have individual rules for each one).
• Send an emergency message to all users’ desktops (in case I have to reboot servers, workstations, or lock workstations to fix something critical).
• Change user password and lock workstation, for each user on the network (individual rules for each, in case of employee termination).
• Change the Domain Admin accounts’ passwords (in case it is compromised while I am not in the office, this is just a safety thing).
• Send email to users letting them know I am starting scheduled maintenance.
• Stop (and start) services, or specific groups of services (like those used by our Infernal Accounting software grrrrr).

The possibilities are really fairly limitless if you can figure out how to do what you want with a combination of scripting and automation software (like AutoIt is pretty useful for doing things that you can’t do with VBScript or batch scripts).

While it is possible to extend the usefulness of this technique to home application, it is primarily going to be of use to IT Professionals, managing large(r) networks. To take full advantage of this you’ll need to invest some time in learning to automate things with scripts.

Kung Fu for SysAdmins: Windows 7 made easy

Back when I was in IT trade school I was taught a really valuable lesson in how to make your life a bit easier as an administrator; one of my instructors walked up to my computer, unplugged my mouse, and said “now do what you were supposed to, just without the mouse.”

At the time I was like “what a dick”, but since then, I’ve really come to appreciate the lesson he was getting at: shit happens, and sometimes it is just faster to do it without a mouse.

So I keep hearing about how people making the transition directly from Windows XP to Windows 7 are going to have trouble (granted, the issues mentioned are minor) adjusting to some of the changes Microsoft has made to where settings are located. I would argue that only people who haven’t put in the effort to learn the correct way to access these settings are going to have issues.

Let me elaborate. One of the common complaints I hear from fellow administrators about Windows 7 is that the setting to change folder options is now more difficult to find. It’s been changed from Windows Explorer>Tools>Folder Options>View Tab, to Windows Explorer>Organize>Folder and Search Options. Sure you could pop open google and find instructions in relatively little time, or you could do it the correct way from the start (which works on all versions of Windows since XP): Run>Control Folders>View Tab (in XP).

This is not the only thing that can be accessed using Windows Control Commands either. See if like me, you have been using this method since Windows 2000 (or there abouts), this was never an issue (this particular setting actually changed in Vista, but many people have opted to skip Vista and go directly to Windows 7).

Here is a list of some of the things you can access in Windows without the mouse (type these at a Run Prompt):

• control = Opens the Control Panel Window
• control admintools = Opens the Administrative Tools
• control keyboard = Opens the Keyboard Properties Window
• control color = Opens the Display Properties (at the Appearance Tab in Windows 7)
• control folders = Opens the Folder Options Window
• control fonts = Opens the Font Policy Management Window
• control international (or intl.cpl) = Opens Regional and Language Options
• control mouse (or main.cpl) Opens mouse properties
• control userpasswords = Opens the User Accounts Editor
• control userpasswords2 (or netplwiz) = Opens User Account Access Restrictions
• control printers = Opens the Printers and Faxes Window
• control desktop (Windows Vista/7 only) = Opens Control Panel>Personalization
• appwiz.cpl = Opens the Add or Remove Programs Utility
• optionalfeatures = opens the Add or Remove Windows Component utility
• desk.cpl = Opens the Display Properties (Themes Tab)
• hdwwiz.cpl = Opens the Add Hardware Wizard
• irprops.cpl = Opens the Infrared utility (does nothing if no IR devices are installed)
• joy.cpl = Opens  Game Controller Settings
• mmsys.cpl = Opens the Sound and Audio device properties window (Volume Tab)
• sysdm.cpl = Opens the System Properties window
• telephon.cpl = Opens the Phone and Modem options window
• timedate.cpl = Opens the Date and Time Properties window
• wscui.cpl = Opens the Windows Security Center in XP (opens the Action Center in Windows Vista/7)
• access.cpl = Opens the Accessibility Options Window (does not work in Windows 7)
• wuaucpl.cpl = Opens Automatic Updates
• powercfg.cpl = Opens the Power Options Properties window
• ncpa.cpl = Opens the Network Connections window
• bthprops.cpl = Opens the Bluetooth Control window (does nothing if no bluetooth devices are installed)
• certmgr.msc = Opens the Certificate Management MMC
• compmgmt.msc = Opens the Computer Management
• comexp.msc (or dcomcnfg) = Opens the Computer Services MMC
• devmgmt.msc = Opens Device Manager
• diskmgmt.msc = Opens Disk Management
• eventvwr.msc (or eventvwr) = Opens the Event Viewer
• fsmgmt.msc = Opens Shared Folders
• napclcfg.msc = Opens the NAP client configuration tool
• services.msc = Opens Service Manager
• taskschd.msc (or control schedtasks) = Opens the Task Scheduler
• gpedit.msc = Opens the Group Policy MMC
• lusrmgr.msc = Opens Local Users and Groups
• secpol.msc = Opens the Local Security Settings window
• ciadv.msc = Opens the Indexing Service Window
• ntmsmgr.msc = Opens the Removable Storage Manager
• ntmsoprq.msc = Opens the Removable Storage Operator Requests
• wmimgmt.msc = Opens the WMI (Windows Management Instrumentation) window
• perfmon.msc (or perfmon) = Opens the Performance Monitor
• mmc = Opens a blank Microsoft Management Console
• mdsched = Opens the Memory Diagnostics tools
• dxdiag = Opens DirectX diagnostics tools
• odbcad32 = Opens the ODBC Data Source Administration window
• regedit (or regedt32) = Opens the Registry Editor (these commands actually open different Registry editors, google for the differences)
• drwtsn32 = Opens Dr. Watson
• verifier = Opens the Driver Verification Manager
• cliconfg = Opens the SQL Server Client Network Utility
• utilman = Opens the Utility Manager (in Windows 7 this opens the Ease Of Access Center)
• msconfig = Opens the System Configuration Utility
• sysedit = Opens the System Configuration Editor
• syskey = Opens the Windows Account Database Security Manager
• explorer = Opens Windows Explorer
• iexplorer = Opens Internet Explorer
• wab = Opens the Windows Address Book
• charmap = Opens the Character Map
• write = Opens Wordpad

Now these are not the only things you can type at a run command to get results, but I find that those more than cover most activities you will likely need to do on a day to day basis.

I would say that I find myself using only 10-15 of those commands on any kind of a regular basis. You may only need 4-5 regularly, or none at all. Everyone does things differently, however I have found these commands to be the only thing that stays constant over several versions of the Windows OS. So for me, it takes the Least Amount Of Administrative Effort to simply use these commands.

Digital Locksmith: Change the root password on OSX; several methods

I’m not a big fan of Macs. If I wanted to run BSD I would. If I want the easy GUI I’ll run Windows. If I want the elitist snob crowd, I’ll run Gentoo Linux (kidding, step away from the door and please put the axe down now).

I am also not a big fan of Apple’s marketing (hey Steve, here’s a hint; those adds were funny for like the first 10, now they make you look like a snobby braggart, and somewhat of a jerk), especially now that Apple is saying that no reasonable person would believe their marketing (wait, what?).

That being said, I do know a thing or two about them, for instance, how to reset the root password without having the root password.

NOTE: Do not do this if you have FileVault Enabled!!! If you reset the root password and have FileVault enabled this will not reset the FileVault master password, and any files protected with FileVault will not be accessible. There is a discussion in the Apple Forums that discusses a way to possibly reset the FileVault password, but I have not tried this, so I cannot verify that this method works. The discussion is available here, if you try this I strongly urge you to backup all files (including system files) before you try it.

Method 1:

1. Restart your computer,
2. Dold down Command-S during boot, and type the following at the terminal prompt:
3. /sbin/fsck -y {ENTER}
4. /sbin/mount -uaw {ENTER}
5. mv /var/db/.applesetupdone /var/db/.applesetupdone.orig {ENTER}
6. reboot {ENTER}

Once you’ve done that the computer reboots and ask you to set up an admin password. From there you just change all other account passwords in the account preferences.

NOTE: Step 5 in this process renames the /var/db/.applesetupdone file so that if you encounter issues you can change it back and be back to square one.

Method 2:

1. Click Restart at the log in window.
2. While the computer is restarting, hold down “Command-S” until you see text scrolling through the window. This boots the computer into single user mode.
3. At the Localhost% prompt type:

   /sbin/mount -uw / {ENTER}
   /sbin/SystemStarter {ENTER}

   You will then see various services starting up.

4. When the Localhost% prompt reappears, type:

   passwd root {ENTER}

   It will then ask you to type the new root password twice, so do so.

5. After entering the new password, type:

   reboot {ENTER}

At the log in window, enter user name root with the new password. Once you are connected, you can use the Multiple Users application (/Applications/Utilities) to change your normal user’s password, or create a new user account.

If you cannot get that to work, and you just want to get the files off, you can use Target Disk Mode to do so, assuming that an Open Firmware Password has not been set, and that the files you want are not protected by FileVault.

But what if that fails? Well you have one final option if the computer is not protected by an Open Firmware Password: reinstall the System files by booting to an Install disk and selecting “Archive and Install”. This will only restore the System files, and all the users and their files should be accessible. Again this should be the method of last resort.

Banish Windows Notepad: Replacing Notepad with Notepad++

It’s no secret around these parts that I hate Windows Notepad. It hasn’t been updated (in any useful way) since Windows 95, and is just plain inadequate for most tasks I need a text editor for. Up to this point I have been content to simply never use it, however as I am finding myself working with text files more and more these days, I would like to completely replace it.

Now obviously I am a big proponent of Notepad++, and this would be my ideal replacement for notepad.exe and luckily for me, there is a launcher made specifically for this. Before we begin, we will need to download the following files:

1. The current Notepad++ install package from here.
2. The current Notepad++ launcher from here.

Once we have these files, we can begin the process:

1. Install Notepad++.
2. Unzip the Notepad++ launcher, and have it ready to be copied (we will need to put this in a couple different directories.
3. Turn off hide invisible files in Tools->Folder Options->View.

Now at this point it is pertinent to mention that there are several methods that may work for preplacing Notepad, you may need to try each one until you find the one that works for your OS version (Method 1 worked for me on one XP sp2 install, but I had to use Method 2 on another.

Method 1

1. Go to %windir%\system32\Restore
2. Select filelist.xml and right click->Properties and uncheck Read-only
3. Edit the file, adding:

<REC>%windir%\notepad.exe</REC>

to:

<Exclude>
<REC>%windir%\system.ini</REC>
<REC>%windir%\tasks\desktop.ini</REC>
<REC>%windir%\win.ini</REC>
<REC>*:\AUTOEXEC.BAT</REC>
<REC>*:\CONFIG.MSI</REC>
<REC>*:\CONFIG.SYS</REC>
</Exclude>


4. Copy the Notepad++ launcher to %windir%\system32, replacing notepad.exe there with the Notepad++ launcher.
5. If this worked, you should now be able to open a Run dialog, and type: notepad {ENTER}, which will launch Notepad++.

Method 2

1. Copy the Notepad ++ launcher to %windir%\system32\dllcache
2. Copy the Notepad ++ launcher to %windir%\system32
3. A dialog will pop up hit cancel.
4. If this worked, you should now be able to open a Run dialog, and type: notepad {ENTER}, which will launch Notepad++.

Method 3

1. Copy the Notepad ++ launcher to %windir%\servicepackfiles\i386
2. Copy the Notepad ++ launcher to %windir%\system32\dllcache
3. Copy the Notepad ++ launcher to %windir%\system32
4. Copy the Notepad ++ launcher to %windir%
5. When you replace notepad.exe in %windir% and %windir%\system32, a “Windows File Protection” message box appears, click Cancel. Then another message box appears, click OK.
6. If this worked, you should now be able to open a Run dialog, and type: notepad {ENTER}, which will launch Notepad++.

Now, enjoy the goodness that comes from having a real text editor as your default text editor.

Admin’s Arsenal (personal edition): Songbird

I wasn’t exactly sure how to categorize this post, but I feel that it rightly belongs in the Admin’s Arsenal. Even the most nose to the grindstone SysAdmin needs some tunes. I have something playing in the background in my office pretty much all day.

Until recently I was a die hard Winamp fan (mostly because of its Llama whipping ways). As of late though Winamp has been getting more and more bloated. My copy now lags horribly when I first start it up, and it eats a ton of system resources.

Allow me to introduce you to Songbird, an open source media player based on the Firefox and VLC code. Songbird is currently in Beta, however I have been using Beta 1.0rc1 for a week or so and it is very close to being final.

Seeing the default interface, it is pretty obvious they are aimed squarely at dethroning iTunes (thank you for that, iTunes is just bloated crapware).

Now here is the really cool part; from it’s Firefox roots it has inherited what I believe is Firefox’s best feature: Add-ons. Even though this is beta software, I am really excited about this software. The potential here is epic, this could actually turn out to be the best media player on the market.

Even though it is in beta (and hence there are quite few Add-ons available for it), here is a screenshot of what Songbird now looks like on my computer:

Notice that I have a second tab open… yeah, it’s got a browser integrated right into it, and it’s FireFox code! Here is a list of some of the features this baby offers:

• Add media to Songbird by importing from your file system or iTunes.
• Songbird supports MP3, FLAC, and Vorbis on all platforms; WMA and WMA DRM on Windows; and AAC and Fairplay on Windows and Mac.
• Browse, organize, sort and search your media.
• Songbird includes an integrated web browser with features like bookmarking, tabbed browsing, and more.
• Songbird runs on Windows, Linux and Mac.
• Always stay up to date using Songbird’s built-in automatic updates.

The beta version that I am showing here adds several more features, including multiple additions to mp3 player support, and metadata management.

If you find that there are features that are missing that you want, the developers are maintaining a roadmap wiki showing the planned additions to the software, so that killer feature you want may be just around the corner!