Author Archives: Jorge Enrique Barrera

About Jorge Enrique Barrera

I work as a Linux system consultant, happily married, 4 kids, and love reading books.

sysprep – a fatal error occurred

I’m currently testing out Windows Deployment Services, and while working with sysprep on a Windows 7 Pro client machine, I got the following error:

Nothing seemed to work, till I tried the following recipe:

Open the run-menu, type in regedit and go to HKEY_LOCAL_MACHINE\SYSTEM\Setup\Status\SysprepStatus. Find GeneralizationState and set the value to 7.

Run a command prompt with administrative privileges. Type:

msdtc -uninstall
msdtc -install

1 2	msdtc -uninstall msdtc -install

Open up regedit again and find HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SoftwareProtectionPlatform. Find SkipRearm and set the value to 1.

Finally, in your current command prompt type:

net stop WMPNetworkSvc

1	net stop WMPNetworkSvc

Try running sysprep again now. Hopefully it should work. That’ll save you some time of frustration and hopefully you won’t go bald sooner.

Should this not work, check the sysprep-log file at C:\Windows\System32\Sysprep\Panther\setuperr.txt.

VMware, i3 and multiple monitors

4 Replies

For a while now I’ve been trying to set up VMware to work with multiple monitors, in a Linux guest. With some windowmanagers it works out of the box without any issue, such as with Unity. I never figured out how to do it with xmonad, and recently I switched to i3 just to try something new. The damn “Cycle multiple monitors” button didn’t work here either. When I tried it, a message popped up saying:

The virtual machine must have up-to-date VMware Tools installed and running.

..which it had! At this point I had installed vmware-tools, which is described as:

“A suite of utilities that enhances the performance of the virtual machine’s guest operating system and improves management of the virtual machine”

However, I found a solution! Place the following line in your i3 configuration file, whether it be ~/.i3/config or ~/.config/i3/config:

exec --no-startup-id vmware-user

1	exec --no-startup-id vmware-user

..and that’s it! Reload your i3 configuration, and now you should be able to press the “Cycle multiple monitors” button and have dual monitors in your VMware guest!

Now, if you’re using open-vm-tools instead of the native vmware-tools, do what Fabian suggested – use the following line in your config-file instead:

exec -–no-startup-id vmware-user-suid-wrapper

1	exec -–no-startup-id vmware-user-suid-wrapper

It should work!

ncat, a modern implementation of netcat

Leave a reply

ncat is a utility that is like the UNIX cat command but for network connections. It’s based on the original netcat and comes with a couple of more modern features.

In this short post, we’ll go through a couple of examples to see exactly what uses this tool has. I’m currently using ncat version 7.01, in Ubuntu 16.04. ncat is a part of the nmap package in Ubuntu.

Shiny new things

A couple of the features of ncat, some of which are new, are:

IPv6 Support
Chain multiple ncat together
Support for SSL
Ability to specify specific hosts to allow or deny access to in listen mode

While the new features are great, it’s important to note that ncat is not 100% reverse compatible with the original netcat.

Examples

Let’s continue with a couple of examples to get you started.

IPv4 or IPv6?

To force ncat to only use either IPv4 og IPv6, use:

-4
-6

..as in:

ncat -6 <server> 10100

1	ncat -6 <server> 10100

..to connect to a server only through IPv6.

ncat -C scanme.nmap.org 80

1	ncat -C scanme.nmap.org 80

..and type in:

GET / HTTP/1.0

1	GET / HTTP/1.0

..and press enter twice. The result will be something along the lines of:

...
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2016 09:01:08 GMT
Server: Apache/2.4.7 (Ubuntu)
Accept-Ranges: bytes
Vary: Accept-Encoding
Connection: close
Content-Type: text/html
...

...

HTTP/1.1 200 OK

Date: Fri, 25 Nov 2016 09:01:08 GMT

Server: Apache/2.4.7 (Ubuntu)

Accept-Ranges: bytes

Vary: Accept-Encoding

Connection: close

Content-Type: text/html

...

The option -C is used because it requires CRLF line endings.

Chaining

An example from nmap’s website; sending a log file from host1 to host3, by way of host2:

host3

ncat -l > log.txt

1	ncat -l > log.txt

host2

ncat -l --sh-exec "ncat host3"

1	ncat -l --sh-exec "ncat host3"

host1

ncat --send-only host2 < log.txt

1	ncat --send-only host2 < log.txt

Cloning partitions over the network

One of the more useful tricks is the ability to clone partitions over the network.

On the system you’d like to clone the partition from, do:

dd if=/dev/sda | ncat -l 10100

1	dd if=/dev/sda \| ncat -l 10100

..and on the receiving machine:

ncat <server> 10100 | dd of=/dev/sda

1	ncat <server> 10100 \| dd of=/dev/sda

To speed up the process of transfer you can always throw in gzip for compression:

dd if=/dev/sda | gzip -9 | ncat -l 10100

1	dd if=/dev/sda \| gzip -9 \| ncat -l 10100

..and:

ncat <server> 10100 | gzip -d | dd of=/dev/sda

1	ncat <server> 10100 \| gzip -d \| dd of=/dev/sda

Web server

Setting up a simple webserver is also easy:

ncat -l 8080 -k --sh-exec "echo -e 'HTTP/1.1 200 OK\r\n'; cat index.html"

1	ncat -l 8080 -k --sh-exec "echo -e 'HTTP/1.1 200 OK\r\n'; cat index.html"

The option -k makes ncat keep listening and accepting more connections after the first one is finished.

File transfer with SSL

On the machine you want to send the file from:

ncat -l 10100 --ssl --send-only < secret.tar.gz

1	ncat -l 10100 --ssl --send-only < secret.tar.gz

..and on the receiving end:

ncat <server> 10100 --ssl > secret.tar.gz

1	ncat <server> 10100 --ssl > secret.tar.gz

The option –send-only does what it says – it only sends data and ignores received.

Ports

Need to check if a port is open? Try:

nc -z -v -w5 <host> <port>

				1

						nc -z -v -w5 <host> <port>

This example checks if port 53 is open, with a timeout of 5 seconds. When a port is open:

$ nc -z -v -w5 dns.example.com 53
Connection to dns.example.com 53 port [tcp/domain] succeeded!

				1
2

						$ nc -z -v -w5 dns.example.com 53
Connection to dns.example.com 53 port [tcp/domain] succeeded!

..and when it’s closed:

$ nc -z -v -w5 dns.example.com 52
nc: connect to dns.example.com port 52 (tcp) timed out: Operation now in progress

				1
2

						$ nc -z -v -w5 dns.example.com 52
nc: connect to dns.example.com port 52 (tcp) timed out: Operation now in progress

Chat server

As far I know, the are two main ways to do this.

First way

Start listening on a port of your choice:

ncat -l 10100

1	ncat -l 10100

..and connect to it from another machine:

ncat <server> 10100

1	ncat <server> 10100

Type in some text and the line will appear on the other machine when you press enter. You won’t be able to see who wrote what, but hey, it’s good enough if you want to communicate with someone.

Second way

The new fancier way of starting a chat-server is by using –chat:

ncat --chat -l 10100

1	ncat --chat -l 10100

Users who then want to connect to the chat:

ncat <server> 10100

1	ncat <server> 10100

The output will be something along the lines of:

<user0> Hello?
<user5> Is it me you're looking for?

1 2	<user0> Hello? <user5> Is it me you're looking for?

The user IDs generated by ncat are based on the file descriptor for each connection and must be considered arbitrary. Also, you won’t see <userX> in front of the text you type, but others will see it. The main difference when using –chat is that you and every user connected to the server will get a <userX> tag, making it easier to see who wrote what.

Mail client

ncat also works as a mail client. Expect to type a lot:

ncat -C mail.example.com 25

1	ncat -C mail.example.com 25

..followed up by typing:

220 mail.example.com ESMTP
HELO client.example.com
250 mail.example.com Hello client.example.com
MAIL FROM:a@example.com
250 OK
RCPT TO:b@example.com
250 Accepted
DATA
354 Enter message, ending with "." on a line by itself
From: a@example.com
To: b@example.com
Subject: Greetings from ncat

This short message is brought to you by ncat.
.
250 OK
QUIT
221 mail.example.com closing connection

220 mail.example.com ESMTP

HELO client.example.com

250 mail.example.com Hello client.example.com

MAIL FROM:a@example.com

250 OK

RCPT TO:b@example.com

250 Accepted

DATA

354 Enter message, ending with "." on a line by itself

From: a@example.com

To: b@example.com

Subject: Greetings from ncat

This short message is brought to you by ncat.

250 OK

QUIT

221 mail.example.com closing connection

TCP/UDP daytime server

The daytime service, defined in RFC 867, sends a human-readable date and time string over TCP or UDP port 13. It ignores any input. So, we can use:

ncat -l 13 --keep-open --send-only --exec "/bin/date"

1	ncat -l 13 --keep-open --send-only --exec "/bin/date"

Add –udp to create an UDP daytime server instead.

Access control

Allow one host, deny others

ncat -l --allow 10.0.0.2

1	ncat -l --allow 10.0.0.2

Deny one host, allow others

ncat -l --deny 10.0.0.2

1	ncat -l --deny 10.0.0.2

Allow or deny hosts from file

ncat -l --allowfile trusted-hosts.txt

1	ncat -l --allowfile trusted-hosts.txt

Replace –allowfile with –denyfile to deny and trusted-hosts.txt with a file that contains the hosts to be denied.

These are just a few of the things that you can do with ncat. Have fun exploring the rest!

Split a file into a number of equal parts

Leave a reply

As an example, we have a file named primary_data_file.txt that contains 616 lines of data. We want to split this into 4 files, with the equal amount of lines in each.

$ wc -l primary_data_file.txt 
616 primary_data_file.txt

1 2	$ wc -l primary_data_file.txt 616 primary_data_file.txt

The following command should do the trick:

split -da 1 -l $((`wc -l < primary_data_file.txt`/4)) primary_data_file.txt split_file --additional-suffix=".txt"

1	split -da 1 -l $((`wc -l < primary_data_file.txt`/4)) primary_data_file.txt split_file --additional-suffix=".txt"

The option -da generates the suffixes of length 1, as well as using numeric suffixes instead of alphabetical.

The results after running the command are the following files:

$ wc -l split_file*
  154 split_file0.txt
  154 split_file1.txt
  154 split_file2.txt
  154 split_file3.txt
  616 total

$ wc -l split_file*

154 split_file0.txt

154 split_file1.txt

154 split_file2.txt

154 split_file3.txt

616 total

Test if a port on a remote system is reachable

Leave a reply

With telnet:

telnet webserver.example.com 80

1	telnet webserver.example.com 80

With bash:

cat < /dev/tcp/webserver.example.com/80

1	cat < /dev/tcp/webserver.example.com/80

Replace tcp with udp, depending on what you want.

With netcat:

nc webserver.example.com 80 &> /dev/null; echo $?

1	nc webserver.example.com 80 &> /dev/null; echo $?

If the port is open, you will get an output of 0. If it’s closed, it’s a 1.

The Road to Elysium

The thoughts of an introvert nut

Author Archives: Jorge Enrique Barrera

About Jorge Enrique Barrera

sysprep – a fatal error occurred

VMware, i3 and multiple monitors

ncat, a modern implementation of netcat

Shiny new things

Examples

IPv4 or IPv6?

Banner grabbing

Chaining

host3

host2

host1

Cloning partitions over the network

Web server

File transfer with SSL

Ports

Chat server

First way

Second way

Mail client

TCP/UDP daytime server

Access control

Allow one host, deny others

Deny one host, allow others

Allow or deny hosts from file

Split a file into a number of equal parts

Test if a port on a remote system is reachable