Wednesday, October 21, 2009

howto enable remote desktop on a remote windows machine that has it disabled

here's the scenario:
i'm working from home over a vpn to the office, i have administrative access to the computer i need to work on and the firewall is set with an exception to allow remote desktop/terminal services, but remote desktop is disabled

if i were on site i could simply right click my computer, hit properties, hit remote, then check the "enable remote desktop on this computer" checkbox which would do the trick


fortunately, the setting that the above checkbox activates is something we can change remotely

we need to fire up the registry edit, click start then run then enter regedit, press enter...you are now looking at the windows registry editor, and honestly, if this is your first time seeing the windows registry editor i would highly advise exercising EXTREME CAUTION!!

here is more detailed information about the windows registry:
http://technet.microsoft.com/en-us/library/cc751049.aspx

disclaimer: EDITING YOUR WINDOWS REGISTRY CAN BREAK THINGS! IF YOU MESS UP AN INSTALL AND IT NO LONGER BOOTS OR WORKS, DO NOT COME CRYING TO ME!



now that we have the windows registry editor open, we need to connect to the remote computer, hit file, then "connect network registry"


in the window that popped up, type in the name of the computer we are trying to get into and hit enter, the registry editor will then connect to the remote computer's registry...again, provided you have administrative level access on the remote computer and there is nothing blocking you (firewall, etc.)


here we are, all up in their registry


now we're going to navigate to this key in the registry of the remote computer:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server

find the key named fDenyTSConnections and change it's value from 1 to 0, then click ok


in most cases, that is it! you should now be able to connect to the remote computer's terminal server through remote desktop!

in some occasions, the computer may need to be restarted, the easiest way to do this, in my opinion, would be to open a command prompt and issue this command, replace "jane" with the ip address or computer name of the remote system you need to reboot:
shutdown -m \\jane -r -t 000 -f

give it a minute or 2, and the machine should be up again and allowing you to connect without issue











Tuesday, September 8, 2009

windows 7 and windows server 2008 bug in smb2 allows for remote BSOD!

just discovered this while reading some blogs and tech sites, this guy is the one whom found it first and made a proof of concept:
http://g-laurent.blogspot.com/

here's the post on seclists.org:
http://seclists.org/fulldisclosure/2009/Sep/0039.html

here is my barely modified version, all i did was add an ip address and some more comments, just playin' around here at work, good times:
http://natefrogg.com/tmp/win_7-smb2_bsod.py.zip

it's a python script, i'm using it on a  mac, all you do is unzip it, drop to the directory you unzipped to, open the the python script up and modify the ip host variable to something more appropriate to your testing environment, then run:
python win_7-smb2_bsod.py

if it doesn't work, you most likely do not have file sharing enabled on the windows 7 or windows server 2008 machine

again, i did not discover this, i am just spreading the info

Tuesday, August 25, 2009

simple backup system using batch files

batch files are text files, filled with commands, that windows can execute, like a program

so in essence, a batch file could be considered a program

batch files can bet triggered by the windows scheduler, so if you wanted to, you could schedule the backup script we're going to make, so that it backs up your files each night!

batch files are easy to make, simply create a new text file, then rename it to funtest.bat, instead of .txt, the extension will need to be changed to .bat, this tells the computer that it can run the file instead of just opening it up in notepad or ms word or what have you

one of the quickest ways to do this is to right-click in windows explorer, select "new", then select "text document"


now we need to right-click the file we just created, and select "rename"


you can name the file anything you'd like, the most important part is the extension though, the extension must be renamed from .txt to .bat, after you rename your file and change the extension, you will be warned by windows that changing an extension of a file may make the file open in the wrong program or just not open at all, since we are doing this on purpose it is completely okay to say yes here


now we have a fresh batch file! congratulations! unfortunately it will not be of much use until we add some commands, right-click the batch file and select "edit" to add some code and get our batch file working for us


we're going to keep it simple with the commands, there are many websites out there to help you get acquainted with the command syntax, i recommend this one for a basic list of most available commands on the windows platform:
http://ss64.com/nt/

we're going to keep it simple, we are making a folder with our first batch file, here is the code to use:
mkdir awesome_folder


the mkdir command makes a directory, whatever follows the command will be what the new directory is named, so with this command we will make a new directory named "awesome_folder"

type the code into your batch file and then save it


now we are ready to DO SOMETHING here! double click the batch file you just added code to, you may see a black cmd prompt pop up for a split second (that is the batch file running!), a moment later we will be seeing a new directory named "awesome_folder"


bam! we just wrote a very basic program and had it do a bit of work for us.

now let's take it a step further, awesome folder has important information contained therein. we NEED to make a backup of this folder at times, wouldn't it be nice to double click a little batch file in order to make it do the work for us?

here is the code to use:
xcopy awesome_folder c:\temp\BACKUP_awesome_folder /y /e /i


the xcopy command lets us copy files and folders as well as subfolders and any files within the folder structure, we are telling it to copy everything from "awesome_folder" to "c:\temp\BACKUP_awesome_folder". you will notice 3 letters with a forward slash following the command, these are switches, most cmd prompt programs allow us to use switches to change the behavior one way or another, here is an explanation of the options i've used

/y - do not ask us if it is okay to copy files if the destination already contains the files, if we do not specify /y with the command then our batch file will ask us if it's okay to overwrite files and wait for us to type a y for yes or an n for no, we want this thing to be fully automatic so adding the /y option forces the xcopy program to say yes automagically for ever file that may be overwritten

/e - this means to copy all directories, subdirectories, and any files or other subdirectories contained within the directory tree, essentially the /e switch means to copy everything, e is for everything

/i - this switch causes xcopy to assume that the destination is a folder and not a single file, you will need to specify this switch in most cases if you are copying directory trees

most programs you will use in a batch script will allow you to see what switches are available, you can usually see this by using the /h, /?, or /help switch after the command, let's see what switches xcopy has available! open a command prompt and type the command:
xcopy /?


as you can see, xcopy has a lot of switches! hittin' mad switches up in here! ;)

let's double click our batch file and give it a whirl, if all goes well, you should be seeing something like this:


that's it! you've just made a 1 click backup solution for your important files, just adjust the batch file to pull from the location you'd like to backup on your computer, then adjust the destination. you can have the backup sent anywhere, a usb key drive, a mounted network drive, a gigantic fiber attached storage area network, etc...

taking it a step further!

i like to compress my backups, it helps me save space, it is amazing how much microsoft office documents can compress for example, a nice command prompt friendly tool to help with this is winrar, you can use the 30 day trial version in your batch programs without any limitations, here's the winrar website if you haven't google'd it already:
http://rarlab.com/download.htm

winrar has a lot of commandline switches, by default the rar.exe program that you will need to use is located at:
C:\Program Files\WinRAR\

open a cmd prompt and go to this location, next type this command so we can see all the switches:
rar /?

woooah! that is a lot of switches!! this can get confusing really quick! i suggest playing with the switches in a test environment, make some dummy directory structures with some subfolders and files strewn about and mess about with rar there

to help you get going, here is a basic one line command that i use to help with some of my own backup jobs:
"c:\Program Files\WinRAR\Rar.exe" a -r D:\backups\my_stuff.rar C:\test\BACKUP_awesome_folder\

let's start with the first part, we are calling the rar program, rar.exe. i am using the full path, most third party windows programs will require this, unless you copy the program to c:\windows\system32\, we'd prefer not to do that, you could add an environment variable for set path's if you wanted instead but i prefer to just call the program with it's complete full path...so forget all of that system32 and environment variable stuff, let's keep it simple and just use full paths in cases like this ;)

we are giving rar.exe a command and a switch, we won't get into this in too much detail, "a -r" basically means create a new archive and add the specified files along with folders and subfolders, ie. the entire directory tree, into the archive

following that we are giving the destination, the location where we would like the compressed backup file to be located and named (xcopy does this the opposite direction! source first THEN destination, don't worry if you get confused, it is confusing, and as you get into more batch file fun you will run across more and more confusing contradictions like this)

the last portion of the command is the source, or what we would like to actually compress

let's double click our latest batch file, if all goes well we should see a my_stuff.rar file sitting in d:\backups\, open the rar file up and we should see a directory structure containing our files and folders


we can combine both of these batch files into 1, this way we can make a copy of our files, then get a compressed backup of the copy, in effect double backups, 1 live uncompressed copy and 1 uncompressed copy for archiving purposes, this is easy, we're just going to make a new batch file and add the code from the previous 2 batch files, so you should have code like this for our combined batch file:
xcopy awesome_folder c:\temp\BACKUP_awesome_folder /y /e /i
"c:\Program Files\WinRAR\Rar.exe" a -r D:\backups\my_stuff.rar C:\temp\BACKUP_awesome_folder\

one last word of advice, sometimes the batch file will fail. the cmd prompt window goes away so quickly that you can't see what the error is, to get around this you can open a cmd prompt, navigate to the folder that you are keeping your batch files in, if you then type the file name of one of the batch files and hit enter, you will see the batch file getting executed line by line, any errors that may occur should be visible now

here is a screenshot of our latest version of the backup batch script when run from within the cmd prompt








Monday, August 24, 2009

using windows scheduler for program scheduling

microsoft windows comes with a built in scheduler that can be used for a myriad of purposes

you can set your computer to reboot every night at 11:35pm for instance, or maybe you would like to schedule outlook and firefox to open every weekday morning at 7:55am so that they are both ready for your use when you sit down in the office at 8am

i like to use the windows scheduler to start batch files, the most common use of this for me is to fire off a simple script which will backup data on the computer at a given interval

the windows scheduler lives in the windows control panel, it is labeled as "scheduled tasks"


clicking "Add Scheduled Task" will walk you through a wizard to set the schedule you'd like, as well as what program or script to run at the scheduled date and time


you start off by selecting the program, there is a list of programs that the system already is aware of, you can also click "Browse" and browse to a script or program of your own choosing. in the example below i have browsed to a directory full of scripts, and i am choosing the "clear_pas_spool.bat" batch script file, if you are curious, this script simply empties out the print spooling directory for the pacific apparel systems application, sometimes pacific doesn't do the best job of handling this task and will leave crap behind, so we need to help it out a little bit by emptying the spool directory regularly


we then get a dialogue box where we can name the scheduled task, i usually just go with the default name. we are also given the choice of scheduling, in this case we are going to choose weekly, as i would like to schedule this event to take place each weekday of the week at 9:00pm


on the next screen we get to select the time of day, as well as which days of the week to run the scheduled task


next we must choose what user this task will run as, here we are using the user "superman", whom is part of the domain "myraddomain", if you are not doing this within a windows active directory domain, then it is safe to omit the domain, so instead of "myraddomain\superman", we would just use "superman"


almost done! clicking next will bring you to a screen to either complete the scheduled task with the settings we've defined, or you can go to an advanced menu which gives you more fine grained control over the scheduling, in most cases the screens we have covered will handle all of your scheduling needs

we should test the task, navigate back to the scheduled tasks directory, you will see your new task listed, along with a summary of the scheduler settings for the task


we can test the scheduled task by right clicking it, and selecting "run"


hopefully everything goes well with the test run of your first scheduled task! if there is a problem you can always delete the task and try again, or try right clicking the task, selecting "properties", then trying your hand at adjusting the settings

next time, we'll cover a very basic batch script to help you back up data to a compressed file, this script will work quite happily along with windows scheduled tasks, with the two of these working together you can make your own automated backup solution