Can others see my files on my hard drive ?

Posted on by

Yesterday was a reportage on Belgian television that handled that just deleting files by moving them to the recycle bin is not enough. With special software can you still recovery those files from the hard drive. As follow up to this reportage I wanted to post here the links of software that were used:

http://www.recovermyfiles.com 

Program used to recover files after accidental deletes, computer crashes,…

http://eraser.heidi.ie/

Eraser was advised to safely remove everything to make sure nothing is gone

 

Link to the reportage

http://www.deredactie.be/cm/vrtnieuws/mediatheek/programmas/koppen/2.19424/2.19425/1.1194396

A .NET 4.0 implementation of the OAuth protocol in C#

Posted on by

Introduction

As a follow up to my earlier post, can you find in this post a sample implementation of the OAuth protocol consumer side in  c# .NET 4.0.

To keeps things simple is this a simple console application that interrogates Twitter to get a status list timeline of the people I follow on Twitter. However to access these statuses by making use of my application I need to authenticate my application by making use of the OAuth protocol

Step 0

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Diagnostics;
using System.Web;
using System.Collections.Specialized;
 
namespace vankeyenberg
{
    internal class Program
    {
        private const string AccessUrl = "http://twitter.com/oauth/access_token";
 
        private const string AuthorizeUrl = "http://twitter.com/oauth/authorize?oauth_token={0}";
        private const string RequestUrl = "http://twitter.com/oauth/request_token";

The first part of the program inserts the required .NET classes and defines the OAuth endpoint URL’s required for twitter

 private static void Main()
        {
           Console.WriteLine("Welcome to the OAuth Console Walkthrough");
            Console.WriteLine();
 
            // you can get these from app.config or another source
            string consumerKey = Settings.Default.ConsumerKey;
            string consumerSecret = Settings.Default.ConsumerSecret;

I stored the OAuth consumerKey and consumerSecret in a separate settings.setttings file

Step 1

//Step 1 get an unauthenticated request token from the service provider
            string requestToken = OAuth.GetRequestToken(RequestUrl,
                                                     consumerKey,
                                                     consumerSecret);
            //response of the service provider ( oauth_token, oauth_token_secret, oauth_callback_confirmed) is stored
            //in the NameValueCollection collection
            NameValueCollection collection = HttpUtility.ParseQueryString(requestToken);

I implemented a separate OAuth static class where the low level OAuth authentication protocol is implemented in and also several helper methods usefull in the OAuth protocol. You can download this static class from my website.

Step 1 of the OAuth authentication protocol is implemented by the OAuth.GetRequestToken(string Request URL, string consumer key, string consumer secret). Like you can see are only the request url, the consumer key and the consumer secret given as parameters of this method. The other parameters required by the oauth protocol request token call are created automatically by the GetRequestToken method.

The oauth request token, the corresponding secret and the oauth_callback parameter are stored in a NameValueCollection.

Step 2

 // Step 2 send the user to the authorization site out of band
            string authorizationUrl = String.Format(AuthorizeUrl, collection[0]);
            Process.Start(authorizationUrl);
 
            // wait for the user to return to the site
            Console.WriteLine(
                "Press any key to continue after " +
                "authorizing this application...");
            Console.ReadLine();

In step 2 the user is redirected to the authorization URL of the service provider with as a parameter the oauth request token. The program waits untill the user has confirmed authorization at the authorization site of the service provider

Step 3

// Step 3 exchange the request token for an access token
            string accessToken = OAuth.GetAccessToken(AccessUrl,
                                                   consumerKey,
                                                   consumerSecret,
                                                   collection[0],
                                                   collection[1]);
            collection = HttpUtility.ParseQueryString(accessToken);

Now the user has given authorization the application can exchange it’s request token for an access token. This exchange is implemented by the OAuth.GetAccessToken which resembles a lot at the OAUth.GetRequestToken method with the difference that in the OAuth.GetAccessToken to request token and request token secret are used as additional parameters. See also the implementation of these methods in the OAuth class for more information. The received access token and secret are again stored in a NameValueCollection

Step 4

 // access a protected API call on Twitter
            const string query = "http://twitter.com/statuses/user_timeline.xml";
 
            String userTimeline = OAuth.GetProtectedResource(query,
                                                          "GET",
                                                          consumerKey,
                                                          consumerSecret,
                                                          collection[0],
                                                          collection[1]);
 
            Console.WriteLine(userTimeline);
            Console.WriteLine();
 
            Console.WriteLine("Press any key to exit the walkthrough.");
            Console.ReadLine();

Now the application has received the access token, this token can be used to access protected resources from Twitter for example the statuses of the users you follow spread over a timeline.

As well the OAuth static class as the complete program.cs file can be downloaded from the download section of this website

The OAuth 1.0a protocol explained

Posted on by

I am working on the development of an application that interrogates several social media providers. However the resources made available by these service providers ( such as Twitter, Facebook,…) are protected by the OAuth protocol. The OAuth protocol enables websites or applications (Consumers) to use Protected Resources from a web service (Service Provider) via an API, without requiring Users to disclose their Service Provider credentials to the Consumers. More generally, OAuth creates a freely-implementable and generic method for API authentication.

An example use case is allowing a picture sharing service (share.example.com), to use photos stored on another service ( hosted.pictures.net) provider without requiring Users to provide their hosted.pictures.net credentials to share.example.com

In a next post I will give you an overview of my implementation of the OAuth protocol in .NET. However before this has any sense you need to understand the OAuth authentication protocol

The OAuth protocol works as follows

Step 0

The consumer needs to register it’s application by the service provider. The service provider will provide you in reply to your request with the consumer key ( unique identifier of your application for the service provider )  and the consumer secret. The service provider also gives you a list of it’s end point URL’s. This information is exchanged between the consumer application’s owner and the service provider. For example for Twitter can you request this information at https://dev.twitter.com/apps

Step 1

In the first step of the authentication protocol, the consumer asks the service provider to issue a request token. The request token’s sole purpose is to receive User approval and can only be used to obtain an Access Token.To obtain a request token, the consumer sends an HTTP request to the service provider’s request token URL ( for example at twitter https://api.twitter.com/oauth/request_token ) with the following parameters

  • oauth_consumer_key: the consumer key obtained in step 0 from the service provider
  • oauth_signature_method: The signature method of the Consumer used to sign the request
  • oauth_signature: The request is signed with the oauth_signature. This signature exists out of the signature base string which is encrypted by the consumer_secret. The base string is a normalized string that consists out of the concatenation of

HTTP method
service provider request URL
oauth_consumer_key
oauth_nonce
oauth_signature_method
oauth_timestamp
oauth_token
oauth_version

for example  GET&http%3A%2F%2Fhosted.pictures.net%2Fphotos&%26oauth_consumer_key%3Ddpf43f3p2l4k3l03%26oauth_nonce%3Dkllo9940pd9333jh%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1191242096%26oauth_token%3Dnnch734d00sl2jdk%26oauth_version%3D1.0

  • oauth_timestamp: number of seconds since January 1, 1970 00:00:00 GMT. Timestamp value MUST be a positive integer and MUST be equal or greater than the timestamp used in previous requests
  • oauth_nonce: unique value created by the consumer for all requests with the same timestamp. A nonce is a random string, uniquely generated for each request. The nonce allows the service provider to verify that a request has never been made before and heps prevent replay attacks
  • oauth_version: most cases oauth_version 1.0
  • oauth_callback: An absolute URL to which the Service provider will redirect the User back when the Obtaining user authorization step is completed

The service provider responds to this request with a request token and a request token secret

Step 2

In order for the consumer to be able to exchange the request token for an access token, the consumer must obtain approval from the user by directing the User to the Service Provider. The consumer constructs an HTTP GET request to the Service Provider’s User Authorization URL ( for twitter for example https://api.twitter.com/oauth/authorize ) with the following parameter:
oauth_token: the reques token obtained from the previous step

Once the user authenticates with the service provider and grants permission for consumer acces, the service provides directs the User back to the consumer by using the oauth_callback parameter given in step 1 to the service provider.

Step 3

In step 3 the consumer exchanges its request token by an access token and token secret. To request an access token the consumer makes an HTTP request to the service provider’s access token URL ( for example for Twitter https://api.twitter.com/oauth/access_token) The request contains the same parameters as the request in Step 1 except the request token is added as a parameter

If this request is succesful, the service provider generates an Access Token and Token Secret and returns them in the HTTP response body

Step 4

After succesfully receiving the Access Token and Token Secret, the consumer is able to access the protected resources on behalf of the User. The request MUST be signed per Signing requests, and contains the following parameters

See for more information:

The Oauth 1.0a protocol specification http://oauth.net/core/1.0a/#auth_step1
Beginning guide to OAuth http://hueniverse.com/oauth/guide/intro/ 

 

 

Create Site Server Signing Certificate Template on a Certification Authority for System Center Configuration Manager

Posted on by

To create and issue the site server signing certificate template you need to follow these next steps:

  1. On your certification authority click Start – Programs – Administrative Tools – Certification Authority
  2. Expand the name of your CA and then click Certificate templates
  3. Right-click certificate templates and click Manage
  4. In the results pane, right-click the entry that displays computer in the template display name column and then click Duplicate template
  5. In the Properties of New template dialog box, on the general tab, enter a template name for the site server signing certificate template, such as SCCM site server signing certificate, and then select Publish certificate in Active Directory
  6. Click the Subject name tab, and then click supplied in the request
  7. Click the extensions tab, make sure application policies is selected, and then click Edit
  8. In the Edit Application Policies Extension dialog box, select Client Authentication, press Shift and select Server Authentication, and then click Remove
  9. In the Edit Application Policies Extension dialog box, click Add.
  10. In the Add Application Policy dialog box, select Document Signing as the only application policy and then click OK.
  11. In the Properties of New Template dialog box, you should now see listed as the description of Application Policies: Document Signing
  12. Click the Issuance Requirement tab, and select CA certificate manager approval
  13. Click OK and close the Certificate Templates administrator console, certtmpl – [Certificate Templates].
  14. In Certification Authority, right-click Certificate Templates, click New, and then click Certificate Template to Issue.
  15. In the Enable Certificate Templates dialog box, select the new template you have just created, SCCM Site Server Signing Certificate, and then click OK.

Default password HP Gbe2 interconnect p-class Blade Enclosure

Posted on by

In case you would have forgotten the password of the HP Gbe2 interconnect module of your p-class Blade Enclosure you can reset this password by using the following recovery password in a hyperterminal context:

2wGDEp|B

This is an undocumented feature, but could save you lots of time not needing to find the old password

Single sign-on Microsoft terminal services

Posted on by

It is quite annoying when each time you open a terminal connection that your credentials are asked by the system, certainly when you need to connect to multiple terminal servers to access different applications.

A new feature in terminal services under Windows 2008 is single sign-on. This means that you don’t need any longer to supply the required credentials when you create your terminal connection. However if you wish to profit from this feature the terminal connection needs to be initiated by a Windows Vista or Windows server 2008 client to a Windows server 2008 terminal server. Also is password based authentication required. Smart cards are not supported.

Single sign-on is not configured just out of the box on a Windows 2008 terminal server. To configure this follow the next steps:

  1. Open terminal services configuration using tsconfig.msc and then click OK
  2. Under connection, right-click RDP-tcp and then choose properties
  3. Under the general tab verify that the security layer value is Negotiate or SSL(TLS 1.0)

To configure TS single sign on for the Windows Vista based computers use group policy or the local group policy

  1. Expand the following Computer configuration, Administrative templates, system and then click Credentials Delegation
  2. Double-click allow delegating default credentials
  3. In the properties dialog box, on the settings tab, click enabled and then click show
  4. In the show contents dialog box, click add to add servers to the list
  5. In the add item dialog box, in the enter the item to be added box, type the prefix termsrv/ followed by the name of the terminal server and then click OK

Robocopy

Posted on by

When you need to synchronize files between 2 storage locations robocopy is an easy and free tool from Microsoft that you can use for this purpose.

Originally robocopy was published in the Windows resource kit which you can download here.

Robocopy is now standard included in Windows Vista and Windows 2008

Robocopy is a command-line tool. To perform a file synchronization between storage location A and B the following command can be used:

"C:\Program Files\Windows Resource Kits\Tools\robocopy.exe" \\storagelocationA \\storagelocationB /SEC /B /E /R:3 /v /LOG+:c:\robocopylog.txt

In this example the following options are used:

  • /SEC copy files with their security settings
  • /B copy files in backup mode
  • /E copy subdirectories, including empty ones
  • /R:n Sometimes the file copy may not work since a file is in use. This option means retry the copy n times otherwise skip this file
  • LOG+:logfile output status to specified log file (append to existing log)

Microsoft Active directory topology diagrammer

Posted on by

The Microsoft Active Directory topology diagrammer helps you with inventorying an Active Directory configuration. The Active Directory Topology Diagrammer tool automates Microft Office Visio to draw a diagram of the Active Directory Domain topology, your Active Directory Site topology, your OU structure or your current Exchange 200X Server Organization. With the Active Directory Topology Diagrammer tool, you can also draw partial Information from your Active Directory, like only one Domain or one site. The objects are linked together, and arranged in a reasonable layout that you can later interactively work with the objects in Microsoft Office Visio.

Supported Operating systems:

  • Windows server 2008
  • Windows Server 2003
  • Windows 2000
  • Windows XP
  • Windows XP X64
  • Windows Vista

Software that already needs to be installed before you can run this tool:

  • Microsoft .NET framework version 2.0
  • Microsoft Office Visio 2003 or 2007

The Microsoft Active Directory topology diagrammer can be downloaded from:

http://www.microsoft.com/downloads/details.aspx?familyid=cb42fc06-50c7-47ed-a65c-862661742764&displaylang=en

VMFS partition corrupted

Posted on by

On a very bad day your VMFS volume can become corrupt. In most cases this is due to the partition table that contains errors, but the data is still on the disk but not accessible. I had this issue for a large hospital where all VMFS volumes where corrupt. In this article I explain you how I recovered the VMFS partition tables.

You can list all your volumes with the command in which way you also retrieve the devnames:
[root@myesxserver vmhba2]# esxcfg-vmhbadevs
vmhba0:0:0 /dev/cciss/c0d0
vmhba1:0:1 /dev/sda
vmhba1:0:2 /dev/sdb
vmhba1:4:2 /dev/sdc

If you now perform a list fdisk of the desired volume you get:
[root@myesxserver vmhba2]# fdsik -lu /dev/sdb
Disk /dev/sdb: 400.0 GB 401234249287 bytes
255 heads, 63 sectors/track, 39162 cylinders, total 629145600 sectors
Units = sectors of 1*512=512 bytes
Disk /dev/sdb doesn’t contain a valid partition table

This output means that your partition table is corrupt or that your partition table isn’t present.

The normal output should be
[root@myesxserver vmhba2]# fdsik -lu /dev/sdb
Disk /dev/sdb: 400.0 GB 401234249287 bytes
255 heads, 63 sectors/track, 39162 cylinders, total 629145600 sectors
Units = sectors of 1*512=512 bytes
Device boot Start End Blocks Id System
/dev/sdb1 128 629145591 fb Unknown

When you perform an hexdump of this device you can check if the device was a VMFS volume or not:
[root@myesxserver vmhba2]# hexdump -C /dev/sdb | more

To recover this partition table of /dev/sdb perform the following steps:

Open fdisk on the volume
[root@myesxserver vmhba2]# fdsik -u /dev/sdb

Create a new partition
Command (m for help): n

Command action
e extended
p primary partition (1-4)
p
Partition number (1-4):1
First cylinder(1-39162,default 1): Take default
Using default value 1
Last cylinder or +size or +sizeM or +sizeK (1-39162, default 39162):  Take default
Using default value 39162

Change partition system id to fb for VMFS partition type
Command(m for help):t
Select partition 1
Hex code (type L to list codes):fb
Changed system type of partition 1 to fb (Unknown)

Move beginning of partition to cylinder 128 which is default beginning for VMFS volumes
Command (m for help): x

Expert command (m for help): b
Partition number (1-4): 1
New beginning of data (63-629137529, default 63):128

Write this table to disk and exit
Expert command(m for help):w

The partition table has been altered

You can’t know the ending sector of this partition from beforehand. To know the correct ending sector you need perform the following command:
[root@myesxserver vmhba2]# vmkfstools -V

This is an undocumented command of VMware. When you used this command you will get the ending block of the previous partition also check the /var/log/vmkernel log. After the performed command will this log will warn you that the new partition isn’t the same size as the previous partition and the log will mention the previous actual size and stored blocks of the previous partition. The ending sector that you require for your partition table is
actual blocks – stored blocks – ending block= – calculated last cylinder. This is a negative number. This number without the negative sign is your last cylinder.

Delete the partition you just created:

[root@myesxserver vmhba2]# fdsik -u /dev/sdb
Command (m for help): d
Command (m for help):w
Create a new partition
[root@myesxserver vmhba2]# fdsik -u /dev/sdb
Command (m for help): n

Command action
e extended
p primary partition (1-4)
p
Partition number (1-4):1

First cylinder(1-39162,default 1):Take default
Using default value 1
Last cylinder or +size or +sizeM or +sizeK (1-39162, default 39162):  calculated last cylinder
Using calculated last cylinder

Change partition system id to fb for VMFS partition type
Command(m for help):t
Select partition 1
Hex code (type L to list codes):fb
Changed system type of partition 1 to fb (Unknown)

Move beginning of partition to cylinder 128 which is default beginning for VMFS volumes
Command (m for help): x
Expert command (m for help): b
Partition number (1-4): 1
New beginning of data (63-629137529, default 63):128

Write this table to disk and exit
Expert command(m for help):w

The partition table has been altered

Perform a vmkfstools -V  again and check the vmkernel log if the log is still complaining about ending sector sizes that don’t match. Normally you shouldn’t get this error now.

Go to the VI client choose:
Configuration->Storage and hit refresh

The lost volume should reappear and the data should be accessable

Congratulations you just recreated the partition table again manually and prevented a long restore operation.