Notes on Ransomware WannaCry

#see
http://unaaldia.hispasec.com/2017/05/un-ransomware-ataca-multiples-companias.html
https://technet.microsoft.com/en-us/library/security/ms17-010.aspx
- Block the ports 137/UDP y 138/UDP 139/TCP y 445/TCP.

#Catalog of patches
http://www.catalog.update.microsoft.com/Search.aspx?q=KB4012215

#How to disable the smbv1
http://kb.bodhost.com/steps-to-enable-and-disable-smbv1-smbv2-and-smbv3-in-windows-servers/
Disables the SMBv1 on the SMB client by running the below commands:
sc.exe config lanmanworkstation depend= bowser/mrxsmb20/nsi
sc.exe config mrxsmb10 start= disabled

Enables the SMBv1 on the SMB client by running the below commands:
sc.exe config lanmanworkstation depend= bowser/mrxsmb10/mrxsmb20/nsi
sc.exe config mrxsmb10 start= auto



Notes in Informix

#in squirrel you can disable the colon character of parameters inline request by unloading the plugin sqlparam

#enter in interactive mode only commands
#ctrl+d for closing the program
dbaccess - -

#command to connect a DB inside to dbaccess - -:
database your_db;


#import only the schemas of the database
dbschema -t all -d sicobf3 -nw -q -ns dboutput3.txt

#schema data model of sysmaster
#see http://www.informix.com.ua/articles/sysmast/sysmast.htm

#list databases
select * from sysmaster:sysdatabases;


#create database in informix with support of autocommit in jdbc
#see https://bugs.eclipse.org/bugs/show_bug.cgi?id=218190
#see https://www.ibm.com/support/knowledgecenter/en/SSGU8G_12.1.0/com.ibm.sqls.doc/ids_sqs_0368.htm
#see https://www.ibm.com/support/knowledgecenter/en/SSGU8G_12.1.0/com.ibm.sqls.doc/ids_sqs_0369.htm
create database sicobf3 with log;


#see http://stackoverflow.com/questions/36165976/invalid-default-value-for-column-variable-ed-fec-sol
#Below are to know how was set the variables from your client, especially the date format
SELECT      envses_name, envses_value
FROM        sysmaster:sysenvses
WHERE       envses_name IN (
                            'DBDATE', 
                            'GL_DATE', 
                            'CLIENT_LOCALE'
                            )
            AND envses_sid = DBINFO('sessionid')
ORDER BY    DECODE(envses_name,
                'DBDATE',           0,
                'GL_DATE',          1,
                'CLIENT_LOCALE',    2
            );
            
SELECT * FROM        sysmaster:sysenvses WHERE   envses_sid = DBINFO('sessionid');
SELECT  env_name, env_value FROM    sysmaster:sysenv WHERE   env_name = 'DBDATE';
SELECT  CURRENT::DATE FROM    sysmaster:sysdual;
SELECT  TODAY FROM    sysmaster:sysdual;

#set properties in the jdbc driver of informix, in this case GL_DATE since DBDATE is deprecated
#see https://groups.google.com/forum/#!msg/comp.databases.informix/iHH3LGuiP1o/AA5czvKNYSAJ
#see https://www.ibm.com/support/knowledgecenter/SSGU8G_12.1.0/com.ibm.jdbc_pg.doc/ids_jdbc_263.htm
#see https://www.ibm.com/support/knowledgecenter/en/SSGU8G_12.1.0/com.ibm.jdbc_pg.doc/ids_jdbc_266.htm
jdbc:informix-sqli://192.168.32.128:9088/sicobf3:informixserver=ol_informix1210;GL_DATE=%m/%d/%Y
#or with DBDATE=MDY4

#to know the current database used
select * from sysmaster:syssqlcurses

#to know the version of the DB
SELECT  DBINFO('version','full') FROM    sysmaster:sysdual;

#To know the schema of a table in informix:
dbschema -d DB_sicobf3 -t Table_t5641rstockestab

Docker

#see http://stackoverflow.com/questions/19585028/i-lose-my-data-when-the-container-exits
#see https://coderwall.com/p/2es5jw/docker-cheat-sheet-with-examples
#When you use docker run to start a container, it actually creates a new container 
#based on the image you have specified.
#you can restart an existing container after it exited and your changes are still there.
docker start f357e2faab77 # restart it in the background
docker attach f357e2faab77 # reattach the terminal & stdin

#Preparing a private registry
#see https://docs.jelastic.com/docker-private-registry
#see http://stackoverflow.com/questions/33392972/how-can-i-update-docker-opts-in-docker-machine-permanently
#For windows docker 1.13
#initiate session
docker-machine ssh default
vi /var/lib/boot2docker/profile
#and put this params
EXTRA_ARGS='
--label provider=virtualbox
--insecure-registry=10.0.0.1:5000
'
#restart docker-machine restart default

#for dockerD in windows
#in windows dockerd resides inside the virtual machine, you have to enter in session. Version 1 of docker-toolbox.
#if you want to tweak some configuration, you have to create the file: 
sudo touch /etc/docker/daemon.json
#locate the pid of the dockerd daemon process
ps -uxa|grep dockerd
#kill by reloading its new config
kill -SIGHUP pidOfDockerd
#more options in
#see https://github.com/docker/docker/blob/master/docs/reference/commandline/dockerd.md

Notes on Oracle DB XE

SELECT username, privilege FROM USER_SYS_PRIVS;
SELECT GRANTEE, PRIVILEGE FROM DBA_SYS_PRIVS;
select user from dual;
select sys_context( 'userenv', 'current_schema' ) from dual; 
select * from all_users;

-- drop user
drop user soademo_01 cascade;

-- Create user in XE
create user soademo_01 identified by "soademo_01"
  DEFAULT TABLESPACE users
  TEMPORARY TABLESPACE temp
  QUOTA UNLIMITED ON users;
grant dba, resource, connect to soademo_01;
ALTER USER soademo_01 DEFAULT ROLE "CONNECT",
                                  DBA,
                                  "RESOURCE";
								  
connect soademo_01/soademo_01; -- doesnt work in sql gui jdbc


-- northwind in oracle
-- http://blog.i-m-code.com/2013/03/28/northwind-for-oracle/
-- https://gist.github.com/segilbert/5095533

-- access to HR sample schema in XE
ALTER USER HR ACCOUNT UNLOCK;
ALTER USER HR IDENTIFIED BY HR; -- to pass the expired account
CONNECT HR/HR -- doesnt work in sql gui jdbc

#http://www.oracle.com/technetwork/database/enterprise-edition/jdbc-faq-090281.html#05_05
#How do I connect as SYSDBA or SYSOPER?
#Properties props = new Properties(); props.put("user", "scott"); props.put("password", "tiger"); props.put("internal_logon", "sysoper");

#see http://www.oracle.com/technetwork/products/globalization/nls-lang-099431.html
#see all the variables related to language in oracle client jdbc
SELECT * FROM V$NLS_PARAMETERS
SELECT * FROM NLS_SESSION_PARAMETERS;
SELECT USERENV ('language') FROM DUAL;

#modify params of session because to_date('08-DEC-48','DD-MON-RR') was giving me errors
ALTER SESSION SET NLS_DATE_LANGUAGE = 'American' -- <- here without semicolon!

#sqldeveloper change idiom of the gui
#http://stackoverflow.com/questions/7768313/how-can-i-change-the-language-to-english-in-oracle-sql-developer
#http://stackoverflow.com/questions/2333994/how-to-avoid-variable-substitution-in-oracle-sql-developer-with-trinidad-toba

#Shows the current schema
select sys_context( 'userenv', 'current_schema' ) from dual; 

#List all the tables accessibles for the user.
SELECT * FROM dba_tables where table_name like '%CATALOGO%';

#List all the synonyms accessible for the user.
select * from all_synonyms where table_name like 'T%'

Notes of Docker

VirtualBox-5.1.14-112924-Win.exe -msiparams NETWORKTYPE=NDIS5
docker-machine create --virtualbox-disk-size 40000 -d virtualbox mplescano

docker-machine create --vmwareworkstation-disk-size 40000 -d vmwareworkstation mplescano

docker run -it --name iif_innovator_c --privileged -p 9088:9088 -p 9089:9089 -p 27017:27017 -p 27018:27018 -p 27883:27883 -e LICENSE=accept ibmcom/informix-innovator-c:latest

#see https://github.com/docker/kitematic/wiki/Common-Proxy-Issues-&-Fixes
#see http://www.netinstructions.com/how-to-install-docker-on-windows-behind-a-proxy/ (incomplete)
#Here I prefer to put ENV http_proxy=http://example.com:8080 in the docker file
docker-machine create -d virtualbox \
    --engine-env HTTP_PROXY=http://example.com:8080 \
    --engine-env HTTPS_PROXY=https://example.com:8080 \
    --engine-env NO_PROXY=example2.com \
    default
	
	
#use SCP to copy certificates
#see https://github.com/docker/machine/issues/1799
#see https://github.com/boot2docker/boot2docker#installing-secure-registry-certificates
#see https://support.ssl.com/Knowledgebase/Article/View/19/0/der-vs-crt-vs-cer-vs-pem-certificates-and-how-to-convert-them
#see docker-machine scp --help
$ docker-machine scp localhost:/D/Users/njoaquin.programador/Downloads/SUNATCA_autosigned.X_509.base64.cer mplescano:sunatca.crt
$ docker-machine ssh mplescano
$ sudo mkdir /var/lib/boot2docker/certs
$ sudo mv sunatca.crt /var/lib/boot2docker/certs/
$ docker-machine restart mplescano

#################################################
#in order to push images, it's necessary to copy the CA cert in others folders..
#Log docker: /var/log/docker.log
#hostDir: /etc/docker/certs.d/index.docker.io, /etc/docker/certs.d/docker.io
#for root see http://stackoverflow.com/questions/32646952/docker-machine-boot2docker-root-password
sudo -i
mkdir /etc/docker/certs.d
mkdir /etc/docker/certs.d/index.docker.io
mkdir /etc/docker/certs.d/docker.io
mkdir /etc/docker/certs.d/registry-1.docker.io
sudo ln -s /var/lib/boot2docker/certs/sunatca.crt /etc/docker/certs.d/index.docker.io/sunatca.crt
sudo ln -s /var/lib/boot2docker/certs/sunatca.crt /etc/docker/certs.d/docker.io/sunatca.crt
sudo ln -s /var/lib/boot2docker/certs/sunatca.crt /etc/docker/certs.d/registry-1.docker.io/sunatca.crt



#this doesnt work and doesnt persist if it's restarted the docker-machine
#cat /usr/local/etc/ca-certificates.conf
#/usr/local/share/ca-certificates/mozilla/, /usr/local/share/ca-certificates/extra/
sudo mkdir /usr/local/share/ca-certificates/extra/
sudo cp /var/lib/boot2docker/certs/sunatca.crt /usr/local/share/ca-certificates/extra/
sudo ln -s /var/lib/boot2docker/certs/sunatca.crt /usr/local/share/ca-certificates/extra/sunatca.crt
sudo echo "extra/sunatca.crt" >> /usr/local/etc/ca-certificates.conf

#start a session login
docker -D -l debug --tlsverify=false login --username=mplescano
########################################################

#use bash of git in windows
#Delete all container in exited status
docker rm $(docker ps -a|grep ".*Exited.*"|awk "{print \$1}")
#Delete all container in created status
docker rm $(docker ps -a|grep ".*Created.*"|awk "{print \$1}")
#delete images
docker rmi $(docker images | grep "^" | awk "{print \$3}")


########################################################

Generate a patch file beetwen two different branches in a specific folder

#generate a patch file beetwen two different branch in a specific folder inside
#pases_a_qa and incidents are branches
D:\mplescano\repositories\lineabase>git diff -U3  pases_a_qa:controlbienes2-insqui-recep-batch.ear incidents:controlbienes2-insqui-recep-batch.ear > d:\patch.txt
#git diff -U3  pases_a_qa:controlbienes2-operaciones.ear incidents:controlbienes2-operaciones.ear > d:\patch2.txt

git diff -U3 --diff-algorithm=patience  pases_a_qa:informix incidents:informix > d:\patch_4gl.txt
git diff -U960 --diff-algorithm=patience pases_a_qa:informix incidents:informix > d:\patch_4gl.txt

#git diff produces a patch file with mixed ending of LF and CRLF

#you have to apply this command in order to uniform the endings. But it doesn't work.Uses the notepad++ to convert them.Search a command line better than unix2dos
unix2dos d:\patch.txt

#apply a patch file
D:\mplescano\repositories\lineabase>patch --verbose --dry-run -p1 -d controlbienes2-insqui-recep-batch.ear -i d:\patch.txt
#patch --verbose -p1 -d controlbienes2-operaciones.ear -i d:\patch2.txt

patch --verbose -p1 -d informix -i d:\patch_4gl.txt

#With binary, patch respects now the ending line format
patch --binary --verbose -p1 -d informix -i d:\patch_4gl.txt

#for the command diff from the folder git
diff -x 'file01.txt' -x 'file02.ext' -N -r -U 7 path_folder_origin path_folder_destiny > path_file_to_generate_destiny.patch

diff -v 2.7 and 3.5 sometimes produce files in encoding utf-8 or iso-8859-1
That can result in a failure when you apply the patch command when patching a file in utf-8 by a patch file in iso-8859-1.
In this case use the iconv command:
iconv -f iso-8859-1 -t utf-8 file_source_iso-8859-1.patch > file_source_iso-8859-1.patch_utf8.patch
you can verify the encoding file by the command "file"
file -i file_source.patch

#ideal command to patch :P
patch --merge --binary -p8 --dry-run --verbose -d path_to_my_dir -i path_to_my.patch

#when you want a diff file before to commit your changes..
git diff -U7 --diff-algorithm=patience > path_to_your.patch

#Generate a patch file beetwen two commits
#avoid to use hash_commit^ because it seems doesn't work
git diff -U7 --diff-algorithm=patience ini_commit_hash~1..end_commit_hash > path_to_patch_file.patch