IT Dribble

Recently had the task of finding out how a users Exchange mailbox quota was nearly full.
The command I used was:

Get-MailboxFolderStatistics -Identity "User A" | fl Name, ItemsInFolder, FolderSize
Get-Mailbox | Get-MailboxStatistics | fl DisplayName, ItemCount, TotalItemSize

Turns out it was the sent items folder…. :-)

Save the following as a batch script. I’ll let you work out the rest.

Eventcreate /L Application /T information /ID 69 /SO Remove-java.bat /D "Running J2SE Uninstall"
wmic product where "name like 'J2SE Runtime%%'" call uninstall /nointeractive
Eventcreate /L Application /T information /ID 69 /SO Remove-java.bat /D "Running Java(TM) Uninstall"
wmic product where "name like 'Java(TM)%%'" call uninstall /nointeractive
Eventcreate /L Application /T information /ID 70 /SO Remove-java.bat /D "Remove-Java.bat Completed"

Get it here: http://epinna.github.com/Weevely/
Similar to C99 perhaps equally as useful, I’m sure you can think of some uses!!!

A great tool for all system administrators!

@echo off

:: BatchGotAdmin
:-------------------------------------
REM  --> Check for permissions
>nul 2>&1 "%SYSTEMROOT%system32cacls.exe" "%SYSTEMROOT%system32configsystem"

REM --> If error flag set, we do not have admin.
if '%errorlevel%' NEQ '0' (
    echo Requesting administrative privileges...
    goto UACPrompt
) else ( goto gotAdmin )

:UACPrompt
    echo Set UAC = CreateObject^("Shell.Application"^) > "%temp%getadmin.vbs"
    echo UAC.ShellExecute "%~s0", "", "", "runas", 1 >> "%temp%getadmin.vbs"

    "%temp%getadmin.vbs"
    exit /B

:gotAdmin
    if exist "%temp%getadmin.vbs" ( del "%temp%getadmin.vbs" )
    pushd "%CD%"
    CD /D "%~dp0"
:--------------------------------------

<YOUR BATCH SCRIPT HERE>

Save the whole thing as install.bat
Now with WinRAR (yes go and install it), Right click install.bat and select “Add to archive…”
Under Archiving Options select: Create SFX archive
Click on the Comment tab (across the top)
Enter the following:

Path=%tmp%
SavePath
Setup=%tmp%install.bat
Silent=1
Overwrite=1

If you want to add a pretty icon etc, thats done under the Advanced tab.
Click OK and your Done!

Now your practically unstoppable, Admin Rights and an executable file - Your life just got so much easier!

Link back for the WinRAR exe
Regards to this guy for BatchGotAdmin!

I have finished setting up a new tool for in browser AES256 encryption via the javaScrypt library. Included within the page is a tool to produce SHA1 / SHA224 / SHA256 / SHA384 / SHA512 hashes.

The idea was that I has a central place to encrypt and decrypt data any time, any place with no reliance on anything except a web browser. I wanted to use java script so that both mine and your data doesn’t leave the browser and stays confidential.
(Perhaps David Petraeus could have used something like this, the trail might have been even harder to follow had he left the ‘draft’ message encrypted)

I implemented the SHA hashing as a tool to strengthen poor passphrases. The idea being that you use your lame password as input, create the hash and encrypt your data with the 128 character key (SHA512). When you need to decode your data you just do the reverse. Now some valid points to think about are:

• If you were being targeted and an attacker knew that your password was a SHAx hash then, you would be susceptible to bruteforce attacks against the hash.
• Using a hash (lower case letters and numbers) will provide less entropy against a fully random password of equal length.
• I believe (my opinion) that if you can afford to trade the security of someone knowing your password is a hash vs a shorter more complicated password your better off hashing your actual password with SHA512 (128 characters a-z 0-9)
• Of course your better off with 128 character fully random key but how are you suppose to remember that?

Check it out here: http://www.cammckenzie.com/encrypt/