Printer Migration Script
Here is a VB script which is useful for migrating users from one print server to another. This needs to be run on each workstation (I usually call it from a login script). No credit taken for the script and I can’t remember where I got it from (Sorry)
' put in the server names here (keep the quotes!)
MovePrinters "OLD-SERVERNAME", "NEW-SERVERNAME"
' *********************************************
' Move printers to new server
' *********************************************
Sub MovePrinters(OldServer, NewServer)
' Loops through all network printers and moves all printers
' on "OldServer" to the same printername on "NewServer".
dim WshNetwork, oPrinters, i, PrinterPath, DefaultPrinter, PrinterList
' Check that WSH version is new enough:
If CDbl(Replace(wscript.version,".",",")) < CDbl(5.6) Then
MsgBox "Automatic printer migration is not available for" & _
" this computer." & vbCrLf & _
"Please migrate printers manually." & vbCrLf & _
"The new printer server name is """ & NewServer & """", _
vbOKOnly + vbCritical, "Windows Scripting Host is too old"
wscript.quit 1
End If
Set WshNetwork = WScript.CreateObject("WScript.Network")
Set PrinterList = CreateObject("Scripting.Dictionary")
' Get the default printer before we start deleting:
DefaultPrinter = GetDefaultPrinter
' Get a list of printers to work with:
' (We cannot modify the collection while looping through it)
Set oPrinters = WshNetwork.EnumPrinterConnections
For i = 1 to oPrinters.Count Step 2
PrinterList.Add oPrinters.Item(i), "x"
Next ' i
' Loop through the printer list and migrate mathching ones:
For Each PrinterPath In PrinterList.Keys
If StrComp(ServerName(PrinterPath), OldServer, 1) = 0 Then
WshNetwork.RemovePrinterConnection PrinterPath, True, True
On Error Resume next
WshNetwork.AddWindowsPrinterConnection "" & NewServer & "" & _
ShareName(PrinterPath)
'If Err.Number = -2147023095 Then
' MsgBox "The printer """ & ShareName(PrinterPath) & _
' """ does not exist on server """ & NewServer & """." & vbCrLf & _
' "The printer has been removed.", vbOKonly + vbExclamation, _
' "Missing printer"
'End If
On Error goto 0
End If
Next
'Set the default printer:
If ServerName(DefaultPrinter) = OldServer Then
On Error Resume Next
WshNetwork.SetDefaultPrinter "" & NewServer & "" & _
ShareName(DefaultPrinter)
'If Err.Number = -2147352567 Then
'MsgBox "Your default printer did not exist, and has been deleted.", _
' vbOKonly + vbInformation, "Invalid default printer"
'End If
On Error goto 0
End If
End Sub ' MovePrinters
Function GetDefaultPrinter()
' Returns the UNC path to the current default printer
Dim oShell, sRegVal, sDefault
Set oShell = CreateObject("WScript.Shell")
sRegVal = _
"HKCUSoftwareMicrosoftWindows NTCurrentVersionWindowsDevice"
sDefault = ""
On Error Resume Next
sDefault = oShell.RegRead(sRegVal)
sDefault = Left(sDefault ,InStr(sDefault, ",") - 1)
On Error Goto 0
GetDefaultPrinter = sDefault
End Function
Function ServerName(sPrinterPath)
Dim aPrinterPath
ServerName = ""
If Left(sPrinterPath, 2) = "" Then
aPrinterPath = Split(sPrinterPath, "")
ServerName = aPrinterPath(2)
End If
End Function
Function ShareName(sPrinterPath)
Dim aPrinterPath
ShareName = ""
If Left(sPrinterPath, 2) = "" Then
aPrinterPath = Split(sPrinterPath, "")
ShareName = aPrinterPath(3)
End If
End Function
VBScript based wget
I was using Windows based SSH box the other day and I needed to get some files, but the only options on a limited Windows (XP) box are ftp and the files I wanted were on HTTP so I hunted around and added to a vbscript which created a Wget type script which works via VBScript (which is avaliable on a limited XP Box)
Something else which is good about this script is that it uses Internet Explorer Proxy settings automatically, so if you are behind a corporate firewall and need to go through a proxy it does this automatically for you!
' VBScript based WGET - Changes by Cam McKenzie
' cam.mckenzie --at-- gmail --dot-- com
' USAGE: cscript wget.vbs http://somewhere.com/somefile.zip
' Credit to Chrissy at blog.netnerds.net for the hardwork
' URL to download from command line
strFileURL = Wscript.Arguments.Item(0)
' Find current directory
Dim sCurPath
sCurPath = CreateObject("Scripting.FileSystemObject").GetAbsolutePathName(".")
' Get filename from URL
Dim UrlArray
UrlArray = Split(strFileURL, "/", -1,1)
TopOfArray = UBound(UrlArray)
' Where to save the file
strHDLocation = sCurPath & "" & UrlArray(TopOfArray)
' Fetch the file
Set objXMLHTTP = CreateObject("MSXML2.XMLHTTP")
objXMLHTTP.open "GET", strFileURL, false
objXMLHTTP.send()
If objXMLHTTP.Status = 200 Then
Set objADOStream = CreateObject("ADODB.Stream")
objADOStream.Open
objADOStream.Type = 1 'adTypeBinary
objADOStream.Write objXMLHTTP.ResponseBody
objADOStream.Position = 0 'Set the stream position to the start
Set objFSO = Createobject("Scripting.FileSystemObject")
If objFSO.Fileexists(strHDLocation) Then objFSO.DeleteFile strHDLocation
Set objFSO = Nothing
objADOStream.SaveToFile strHDLocation
objADOStream.Close
Set objADOStream = Nothing
End if
Set objXMLHTTP = Nothing
Fast Hash Cracking Software
It seems that John the Ripper (JtR) has been out done with some of the latest hashing cracking software in the business! Hashcat and oclHashcat (hashcat.net) is forging ahead with over 33 and 13 hash types respectivley which are able to be cracked. Did I mention oclHashcat uses the GPU of CUDA based video cards for seriously parallel processing? Well it does.
Howto Setup Multi threaded John the Ripper
This article has an updated version -> Here
Today at work a client he needed to access a cisco router but no-one new the password but we had the config files saved which included the MD5 hashes of the enable and enable secret passwords. So I set about cracking the hashes, which was done successfully btw, following on from that I then remembered a John the Ripper MPI patch which I had seen some time ago I ended getting it going at home and the results are good!
Directions for installation are as follows (on Fedora 11)
yum install mpich2 mpich2-devel wget http://www.bindshell.net/tools/johntheripper/john-1.7.2-bp17-mpi8.tar.gz tar -zxvf john-1.7.2-bp17-mpi8.tar.gz cd john-1.7.2-bp17/src make linux-x86-64 (for 64bit version duh!) cd ../run touch ~/.mpd.conf && echo "MPD_SECRETWORD=secret" > ~/.mpd.conf && chmod 600 ~/.mpd.conf mpd & mpiexec.py -n 4 -path ./ -wdir ./ ./john --test
Initial Benchmarking looks good. Below is 1 core vs 4 cores
Traditional DES [128/128 BS SSE2-16] 1591K c/s real, 1594K c/s virtual / 6131K c/s real, 6380K c/s virtual BSDI DES (x725) [128/128 BS SSE2-16] Many salts: 53222 c/s real, 53329 c/s virtual / Many salts: 207665 c/s real, 215407 c/s virtual FreeBSD MD5 [32/64 X2] Raw: 9718 c/s real, 9816 c/s virtual / Raw: 37720 c/s real, 39581 c/s virtual mysql [mysql] Raw: 2571K c/s real, 2571K c/s virtual / Raw: 9397K c/s real, 10254K c/s virtual
About a 100% increase per core! Life is good!
RSDF Files – How to Decrypt / Crack
Recently I came across a new file format called RSDF, these appear to be txt files which have a bunch of links in them, so called link containers. I wanted to access the URLS in these files, but I didnt really want to entrust my computer to just “any” application. So after a bit of searching I came across this crafty german website from there I got the python script to decrypt the RSDF files, this Python script requires:
Python (doh!!)
Python-crypto
Probably something else also…..
from their its as simple as: drsdf.py rsdfcontainer.rsdf
and it outputs to your screen! So without further ado here it is:
#!/usr/bin/env python
# drsdf.py
import binascii
import base64
from Crypto.Cipher import AES
import sys
# 8C 35 19 2D 96 4D C3 18 2C 6F 84 F3 25 22 39 EB 4A 32 0D 25
file = sys.argv[1]
file = file.replace(".ccf", ".rsdf")
f = open(file, "r")
data = f.read()
f.close()
f = open(file, "w")
f.write(data.split("x00")[0])
f.close()
infile = sys.argv[1]
Key = binascii.unhexlify('8C35192D964DC3182C6F84F3252239EB4A320D2500000000')
IV = binascii.unhexlify('FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF')
IV_Cipher = AES.new(Key,AES.MODE_ECB)
IV = IV_Cipher.encrypt(IV)
obj = AES.new(Key,AES.MODE_CFB,IV)
rsdf = open(infile,'r')
data = rsdf.read()
data = binascii.unhexlify(''.join(data.split()))
data = data.splitlines()
for link in data:
link = base64.b64decode(link)
link = obj.decrypt(link)
print link.replace('CCF: ','')
rsdf.close()
Happy Downloading!