Fix or Repair Debian GRUB when it’ not working. Blank screen with blinking underscore cursor.

Playing around with GRUB is a nightmare for the first few times, and often GRUB reinstallations will actually be mandatory when installing multiple operating systems on the same drive, or multiple drives, or after reinstalling windows or vice versa.

If you can’t boot into your OS, you’ll need a linux live CD of any kind (Debian or Ubuntu) or a rescue disc. The most natural way to reinstall GRUB is to boot into your main OS via a live CD and run the grub-install command. I prefer not to do this as my live CD is around 4GB and can take 5-20 minutes to create the USB. And if you don’t have your OS live CD laying around, you’ll need another PC to either download it and create the bootable USB (60 minute exercise at least), or you can use a smaller, lighter, recovery OS on a bootable USB.

The best rescue method is by ‘burning’ Super Grub2 Disk to a USB or CD/DVD. You’ll need to download the Super Grub2 Disk ISO from here: https://www.supergrubdisk.org/super-grub2-disk/

It’s a tiny 20MB ISO that you can use Etcher to create a Super Grub2 Disk bootable USB in about 30 seconds. Any version will work. This will get you back into your PC. Once you’re inside you can run the grub-install command. On Debian this is the only command that worked for me completely:

Open gparted or gnome-disks and find the /dev/sdX of the drive you want to install grub to. Your main partition will be either /dev/sda or /dev/sdb or /dev/sdc or /dev/sd0. It should show that it’s mounted at / which is your root directory of the OS you’re in, you’re main OS.

1
grub-install --force --debug --boot-directory=/boot /dev/sdabc0

Replace sdabc0 above with whatever your drive is.

Now reboot without the Super Grub2 Disk USB and see if your distro goes into GRUB. This is a good time to keep the Super Grub2 Disk in a safe place as it is a very powerful tool for booting into all sorts of drives or places, even ISOs with loopback setup.

How to use gparted live when your GRUB isn’t working with Super Grub2 Disk and when you only have one USB.

Now, here’s a challenge: rescue your linux computer with one USB.

Get Super Grub2 Disk as described above and boot into your normal OS via the above method. After you’re in your normal OS, download Rescatux but don’t burn it to a USB.

Instead, as root, open your boot folder and make a folder called boot-isos and put Rescatux in that folder.

1
2
3
sudo su
cd /boot
mkdir boot-isos

Download the latest Rescatux ISO from here and put it in that folder.

Rescatux bootable from hard disk loopback
Rescatux bootable from hard disk loopback

Now when you boot using Super Grub2 Disk, you’ll see a bootable ISO entry with the Rescatux ISO which you can boot into! This is because Rescatux is setup for loopback mount meaning you can boot into it on a hard disk instead of a USB. Booting a live distro from live USB. Rescatux has gparted and you can make changes to your partitions without being mounted but Rescatux does not have grub-install. This helped me when I had one single USB but I wanted to use both “gparted live” and Super Grub2 Disk at the same time without losing my Super Grub2 Disk USB.

John the Ripper VPS/Dedicated Server Cracking – Multiple Core & Thread Research Tutorial

John the Ripper, also know as john in yum & apt package managers, is an open source password cracker and hash decipher program.

Here is a “How To” tutorial for using John the Ripper on VPS or Dedicated instances so that you can leave it running overnight, for example.

John the Ripper CentOS & Fedora installation & usage:

1
2
# john requires openssl-devel package
yum install openssl openssl-devel -y
1
2
# get the latest JUMBO version of John
wget http://www.openwall.com/john/j/john-1.8.0-jumbo-1.tar.gz
1
2
3
4
# extract and enter the src folder
tar -xzvf john*
cd john*
cd src
1
2
# configure and make john
./configure && make
1
2
3
# navigate and run the test and benchmark script
cd ../run
./john --test

 

 

 

 

 

Paste Clipboard on Linux with xdotool (Ctrl + V into terminal or type)

Ctrl + V (paste shortcut) doesn’t work everywhere that you expect it to work.

For example, using noVNC, I really need to paste certain strings that I’ve already copied to clipboard with Ctrl + C.

The program for the job is xdotool.

1
sudo apt-get install xdotool

Open your keyboard shortcuts tool, on Xfce it’s in Keyboard settings and Application Shortcuts.

1
sh -c 'sleep 0.5; xdotool type "$(xclip -o -selection clipboard)"'

Fix Copy/Paste Issue with Facebook Messenger & Posts on Linux (Ubuntu/Debian/Mint)

If you can’t copy and paste properly on Facebook without the comment or message becoming jumbled up, you may have to allow a certain Firefox setting in the about:config that allows clipboard events to function properly on Linux distros.

Open a new tab and type:

1
about:config

Search for:

1
dom.event.clipboardevents.enabled

Double click on this entry to set it to true and copying and pasting correctly from the clipboard should function as expected now.

This fixed the issue for me when I could not copy and paste on Facebook messenger or comments on Firefox.

VestaCP: Error Establishing a database connection (Digital Ocean/VPS Fix)

If you have WordPress sites on a VPS with less than 700mb-1gb of RAM, you may experience intermittent MySQL downtime as the service turns itself off when it exceeds your server or allocated resource usage.

The following commands will append to your crontab. This will check if mariadb/mysqld is running, if it’s not running, it will restart it.

If you have MySQL:

1
echo   "  *  *  *  *  * root /sbin/service mysqld status || service mysqld restart" >> /etc/crontab

If you have MariaDB:

1
echo   "  *  *  *  *  * root /sbin/service mariadb status || service mariadb restart" >> /etc/crontab

Verify it’s been added with:

1
cat /etc/crontab

Download a WeVideo video with cURL

Click play on the video. Then right click on the video and inspect element.

Find <video class=”fp-engine”…. and copy the Akamai URL.

Download WeVideo video with cURL

Alternatively click download on the video and once the download starts, cancel it, open your download queue and then right click on the download and copy the download URL.

Copy WeVideo mp4 file name url to download

With either of the above methods to get the URL (which lacks a .mp4 extension), you can use that in your cURL command as follows:

1
curl -o video.mp4 "paste long download URL here"

Remember to use double quotes “” around the URL.

The reason we use curl -o, instead of curl -O, is that the file name of the download will be something like 1200 characters long which gives us a File name too long error.

It will start downloading like this:

1
2
3
4
[[email protected]]# curl -o video "http://wevideo-a.akamaihd.net/7hSWWXP2%Fcbhg1zZayqjvbARb73ozXljnFZxHPS2%9cLxLHznbxXZjSx9qbXyA3v1g7qan33FzqRno7vjljWbch1bygzqvz%zqqa%2LAjzLHXH9ASRXoPljgR1lZX9P2jWFXhacbyoq"
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 212M 100 212M 0 0 442k 0 0:08:11 0:08:11 --:--:-- 541k

Create a Hidden Tor Service with VestaCP in 10 MINUTES! ULTIMATE ONION SITE GUIDE! Ubuntu/Debian/CentOS!

Disclaimer: this guide was written for research purposes only because the Author wanted an .onion version of a normal website.
The Author does not host any hidden services, only .onion addresses for already existing .com websites so that they can be accesses by .onion addresses too.
This guide requires almost NO technical knowledge to start a tor hidden service.

UPDATE 2019: This guide was written in late 2016. It may be updated eventually! We don’t touch TOR so it would be cool to see if anything has changed since this guide was first written.

If you do what this guide says, but don’t harden your service, then any hidden services without doing more than what is mentioned in this guide is pretty much guaranteed to be un-hidden..

You have been sternly warned. I am not a TOR expert and this is not rocket science but if you are familiar with all of the software below already, you will have an even better idea than the Author on hosting through tor.

This website was offline for 7 months earlier this year and in that time another cool post was added for Debian version of this guide. I may write another Debian guide soon as it is always interesting to see what changes version-to-version.

Law Enforcement: this guide is for research purposes only. If you would like this post taken down, please leave an anonymous comment stating so and the post will be promptly removed.

Comes already out-of-the box with:

  • nginx
  • iptables & fail2ban
  • MySQL

This setup does NOT use apache (uses php-fpm instead!).

We recommend NOT using a mail server or allowing ftp access with your VestaCP installation.

Get a VPS on ANY of the following:
# RHEL / CentOS 5,6,7
# Debian 6,7,8
# Ubuntu 12.04-15.10

We highly recommend CentOS and the commands in this guide are based on CentOS only.

Disclaimer: this guide was written because I wanted an .onion version of a normal website.

VestaCP is a free server & hosting control panel. See more at vestacp.com.

Log into your server via SSH.

Download installation script

1
curl -O http://vestacp.com/pub/vst-install.sh

Next, visit vestacp.com and scroll down to generate some Advanced Install Settings.
Choose the following options, which are, nginx + php+fpm, NO ftp, NO mail, NO DNS.

VestaCP advanced install settings

Our generated install command is below, paste this into your terminal.

1
bash vst-install.sh --nginx yes --phpfpm yes --apache no --vsftpd no --proftpd no --exim no --dovecot no --spamassassin no --clamav no --named no --iptables yes --fail2ban yes --mysql yes --postgresql no --remi yes --quota no

Press y and enter to install VestaCP.

VestaCP installation generic

Press enter when it asks for an email (no email).

For hostname, you can change it to anything, I suggest something very generic, so just type hostname and hit enter.

When it’s finished installing, note down the password.

Open a browser (TOR browser) and visit the URL supplied, it will be your server IP with https:// at the start and :8083 at the end.

Tor browser will give you an insecure certificate warning. Click advaned, allow exception, and confirm security exception.

Click on the IP tab at the very top and then click on the green (+) symbol to add an additional IP.

Vestacp ip settings tab

The IP address we want to add is 127.0.0.1. This is the localhost machine IP, but tor will listen on this address on port 80.
This means that your website will only be accessible by the TOR browsers and never by clear-net browsers.

Set Netmask as 255.255.255.255 and change the Interface to venet0.

VestaCP add 127.0.0.1 new ip address

In a new tab on the Tor Browser, type the IP of your server to see the demo page and make sure the web server is working.

So instead of: https://xx.xx.xx.xx:8083/

Visit http://xx.xx.xx.xx/

You should see a demo page:

VesatCP Demo Page

Next, go to the WEB tab and delete the example website. To delete the site, you may need to turn javascript on temporarily. Hover over the site, click delete and confirm delete.

VestaCP Tor delete example website

Refresh the other tab with the demo website. It should now give an error.

VestaCP Tor Error

Go back to your terminal and install tor.

1
yum install tor -y

Add tor to startup too.

1
chkconfig tor on

Remove the default tor settings file and replace it with your own as follows.

1
2
3
rm -f /etc/tor/torrc
echo "HiddenServiceDir /var/lib/tor/hidden_service/" &gt;&gt; /etc/tor/torrc
echo "HiddenServicePort 80 127.0.0.1:80" &gt;&gt; /etc/tor/torrc

Start tor.

1
service tor start

This will generate a new onion address for you.

1
cat /var/lib/tor/hidden_service/hostname

This is your .onion address.
Now we need to add it to the VestaCP WEB panel and make sure the IP is set to 127.0.0.1.
Make sure DNS and Mail are turned OFF.NOT

Add onion website to VestaCP

Done!

Now visit your URL is a tor browser.

It may take 5 minutes to show up.

Your service will ONLY be accessible by TOR!

TOR SITE UNAVAILABLE TURNING OFF AFTER REBOOT?

1
2
service tor start
service nginx reload

ADDITIONAL SECURITY MEASURES

Go to UPDATES tab and disable autoupdates for vestacp.

Head to the FIREWALL tab and suspend everything except for 22 and 8083.

You can open 25 again later if you need to send emails.

HARDEN YOUR WEB SERVER

This guide is currently for research purposes and does NOT include any hardening tips and is provided as is.

Please see more information here: https://www.reddit.com/r/onions/wiki/hidden_services

You may want to disable phpmyadmin.

HOST MULTIPLE HIDDEN SERVICES ON ONE SERVER

You’ll want to
Open /etc/tor/torrc for editing and add as many services as you want!

Make a new /hidden_service/ directory for each new service:

1
2
HiddenServiceDir /var/lib/tor/hidden_service2/
HiddenServicePort 80 127.0.0.1:80
1
2
HiddenServiceDir /var/lib/tor/hidden_service3/
HiddenServicePort 80 127.0.0.1:80

Restart tor to generate these new service .onion addresses.

1
2
service tor stop
service tor start

Find out the new .onion addresses

1
2
cat /var/lib/tor/hidden_service2/hostname
cat /var/lib/tor/hidden_service3/hostname

Add each new .onion address into the WEB tab in the VestaCP admin area!
These are example .onions generated and are not live addresses:

Host Multiple Tor Websites on One Server CentOS 7

HOSTING A .ONION VERSION OF A CLEARNET WEBSITE

I have no idea if this secure or not.
Instead of putting 127.0.0.1 in the torrc file as the HiddenServicePort, change it to the server IP.
Add a new website to your WEB area in the VestaCP admin panel.
This will make your service accessible at both the IP address of your server and at the .onion address.

1
2
echo "HiddenServiceDir /var/lib/tor/hidden_service/" &gt;&gt; /etc/tor/torrc
echo "HiddenServicePort 80 xx.xx.xx.xx:80" &gt;&gt; /etc/tor/torrc

Depending on the URL and linking structure of your clearnet website and if there are any htaccess redirects, you may find your .onion service just works for only the homepage and then uses the normal URL because of how your website works.

This guide is, again, for research purposes only, and therefore does not offer any advice on that.

Linux HotKey to Type a Pre-defined String (xdotool)

Depending on your distro, you should have a keyboard shortcut program already installed.

Use xdotool and bash to paste strings via pre-defined hot keys.

I wanted to be able to paste the following very oftenly typed command when pressing a certain key combination:

1
cd /home/admin/web/*/public_html/

First, you’ll need xdotool

1
sudo apt-get install xdotool

I was having trouble putting the commands directly into the keyboard shortcut entry, so I put the commands in a mini bash script.
Open a text editor and paste the following:

1
2
3
cdp=$(echo 'cd /home/admin/web/*/public_html/')
sleep 0.3
xdotool type --clearmodifiers "$cdp"

Save the file, I saved mine as /home/user/scripts/xdotool-cdp.sh

Next, add a keyboard shortcut for the following (I used Alt+P):

1
sh /home/user/scripts/xdotool-cdp.sh

Now when you press Alt + P keys, it executes the script.
The script sets a variable cdp to echo cd /home/admin/web/*/public_html/
Then it sleeps for 0.3 seconds.
Then it types cd /home/admin/web/*/public_html/
Make sure to include –clearmodifiers if you’re using keys such as ctrl, alt or shift as the shortcut as it will affect the way xdotool types.

Check it out:

Use xdotool and bash to paste strings via pre-defined hot keys.