Extend Linux ext4 disk with cfdisk

There are times when you need to extend a disk to accommodate more data or improve performance. While using UI tools to extend disks can make the process easier and more intuitive, there are situations where these tools aren’t available. In such cases, knowing how to extend a disk using command-line tools can be invaluable. This post will guide you through the process of extending a disk without the need for graphical interfaces like gparted.

TLDR;

swapoff /dev/sda5
cfdisk
resize2fs /dev/sda1
mkswap /dev/sda5

swapon /dev/sda5
blkid /dev/sda5
nano /etc/fstab

Full procedure

First check the current partition structure with lsblk

As you can see you have 65G total but only 15GB on /

Start cfdisk


As you can see I cannot extend the disk because of the swap partition. So disable the swap first:

sudo swapoff /dev/sda5

Then start cfdisk to remove the extended and the swap partitions and extend the /dev/sda1

In my case I reseverd 1GB for the new swap.

Then create a new extended /dev/sda2 (max size) partition and within the extended partition a new swap partition /dev/sda5

Change the type of the swap partition to 82 Linux Swap / Solaris

So the partition structure looks like:

Give a write and exit the cfdisk tool

Now you can extend the /dev/sda1 partition with: resize2fs /dev/sda1

As you can see the partition is extended. Now can can reactivate your swap partition

First check the current status

Enter the commands:

  • mkswap /dev/sda5
  • swapon /dev/sda5

And as you can see the swap is actived

last thing you need to do is change the fsab to when the system reboots everything still works πŸ˜‰

Get the UUID with blkid /dev/sda5

Edit the fstab file: nano /etc/fstab and change the UID to the new ID

That’s all. Happy resizing πŸ™‚

Optimizing RDP Performance on Linux: My Best Settings with xfreerdp

XfreeRDP3

If you’re like me and rely heavily on Remote Desktop Protocol (RDP) to connect to Windows servers from a Linux environment, you know how crucial performance can be. After experimenting with numerous settings, I’ve found a configuration that delivers the best performance using xfreerdp. Here’s a breakdown of the settings that worked wonders for me.

Why xfreerdp?

xfreerdp is an open-source RDP client that offers a plethora of customization options, making it a powerful tool for Linux users needing to connect to Windows servers. Its flexibility allows for fine-tuning, which is essential for optimizing performance.

My Go-To Command

Here is the xfreerdp command that gave me the best results:

xfreerdp3 /u:[email protected] /p:"P@ASSWRRRDDD" /v:10.10.10.10 /dynamic-resolution /compression /network:auto /gfx:AVC420:on +clipboard -themes

Let’s break down what each part of this command does:

  • /u:[email protected]: Specifies the username to use for the connection.
  • /p:”P@ASSWRRRDDD”: Specifies the password. Ensure this is securely stored and managed.
  • /v:10.10.10.10: The IP address of the Windows server.
  • /dynamic-resolution: Adjusts the screen resolution dynamically to match the size of the xfreerdp window.
  • /compression: Enables compression to reduce the amount of data transferred, improving performance over slower connections.
  • /network:auto: Automatically adjusts settings based on network conditions for optimal performance.
  • /gfx:AVC420:on: Uses the AVC420 codec for efficient video compression, providing a good balance between quality and performance.
  • +clipboard: Enables clipboard sharing between the local and remote systems.
  • -themes: Disables desktop themes on the remote server to reduce the amount of graphical processing required.

Additional Tips for Improved Performance

To enhance your Remote Desktop (RDP) experience from Linux, adjusting the performance settings on the Windows server can make a big difference. Here’s a quick guide:

  1. Open System Properties:
  • Right-click on “This PC” or “Computer” and select “Properties”.
  • Click on “Advanced system settings”.
  1. Adjust Performance Options:
  • In the System Properties window, under the “Advanced” tab, click “Settings” in the Performance section.
  • In the Performance Options window, select “Custom” and adjust the settings as shown in the screenshot below.
  1. Recommended Settings:
  • Uncheck unnecessary visual effects like animations, shadows, and Peek.
  • Check only essential items for a smoother experience.

Refer to the screenshot for detailed settings adjustments.

By tweaking these settings, you can significantly improve the responsiveness of your RDP sessions.

Performance Options

Conclusion

Finding the right settings for xfreerdp can be a game-changer for your remote desktop experience on Linux. The command and tips I’ve shared should help you achieve a smoother and more responsive connection to your Windows servers. Don’t hesitate to tweak these settings further based on your specific network conditions and requirements.

Happy remoting!


iptraf-ng: A Lightweight Yet Powerful Alternative to TCPDump and Wireshark

Iptraf-ng stands out as an excellent alternative to Wireshark and tcpdump, offering a robust set of features for comprehensive network traffic analysis. This versatile tool gathers a wide range of information, including TCP connection details, interface statistics, and TCP/UDP traffic breakdowns.

Its key features make it a compelling choice:

  1. IP Traffic Monitoring:
    • Provides real-time insights into IP traffic across your network.
  2. Detailed Interface Statistics:
    • Displays comprehensive statistics on IP, TCP, UDP, ICMP, non-IP packets, and more.
  3. TCP and UDP Service Monitoring:
    • Monitors incoming and outgoing packets for commonly used TCP and UDP application ports.
  4. LAN Statistics Module:
    • Identifies active hosts on the LAN, offering data activity statistics.
  5. Protocol Display Filters:
    • Enables users to customize displays for specific protocols like TCP, UDP, and others.
  6. Logging Capabilities:
    • Allows for the logging of network activity, facilitating detailed analysis.

As a user-friendly and efficient network monitoring tool, iptraf-ng presents itself as a valuable alternative to Wireshark and tcpdump. Its capabilities make it particularly well-suited for those seeking a reliable solution for network analysis and troubleshooting. The example screenshot of the IP traffic monitor underscores its user-friendly interface and robust functionality, positioning iptraf-ng as a commendable choice in the realm of network monitoring tools.

Old 2010 Macbook Nvidia Ubuntu black screen fix

All the credits are for Andreas @ https://askubuntu.com/questions/264247/proprietary-nvidia-drivers-with-efi-on-mac-to-prevent-overheating/613573#613573

Nvidia is always a pain in the ass on Linux. Especially with a old white 2010 macbook. I have black screen issues every time so I create this article so I can easy find it when I reinstall this laptop πŸ˜‰

First find the right identifiers.

We need both the IDs for the graphics card and the PCI-E bridge that it is connected to. Issue the following command in a shell:

~$ sudo lshw -businfo -class bridge -class display
pci@0000:00:00.0              bridge         MCP89 HOST Bridge
pci@0000:00:03.0              bridge         MCP89 LPC Bridge
pci@0000:00:0e.0              bridge         NVIDIA Corporation
pci@0000:00:15.0              bridge         NVIDIA Corporation
pci@0000:00:16.0              bridge         NVIDIA Corporation
pci@0000:00:17.0     >!!<     bridge         MCP89 PCI Express Bridge
pci@0000:04:00.0     >!!<     display        MCP89 GeForce 320M

Have a look at (1) the line saying display and (2) the line with bridge right before that display line. Write down the PCI-E bus ids (format XX:YY.Z) of the bridge device (here 00:17.0) and the display device (here 04:00.0) and remember which is which. Note: Those IDs may be different on your machine, depending on your Mac model and revision.

Create a GRUB script for setting the PCI-E registers during boot

Fire up a text editor with sudo nano /etc/grub.d/01_enable_vga.conf and copy/paste the content below. Make sure to paste all 4 lines into that file! Replace 00:17.0 with the PCI-E ID of your bridge device noted in step 1. Replace 04:00.0 with the PCI-E ID of your display device noted in step 1.

cat << EOF
setpci -s "00:17.0" 3e.b=8
setpci -s "04:00.0" 04.b=7
EOF

Finally, make the created file executable and update your grub config files using the following TWO commands.

~$ sudo chmod 755 /etc/grub.d/01_enable_vga.conf
~$ sudo update-grub

Install Nvidia drivers and enjoy!

Use TOR proxy with any linux command

There is an easy way to use the The Onion Router for any command under linux

First install TOR and proxychains4

$ sudo apt install tor proxychains4

You can configure proxychains.conf but the default config is good πŸ™‚

$ sudo nano /etc/proxychains.conf

Then start the tor service

$ sudo systemctl start tor

And check your ip:

$ proxychains4 curl ifconfig.me

You can use any command you want. So if you want your firefox browser over tor:

$ proxychains4 firefox

To refresh your TOR IP simply restart the TOR service

Happy proxying πŸ™‚

Powershell better tab autocomplete

With Powershell ISE you can use CTRL + SPACE for auto completion.

Powershell ISE Completion

But when you work in a native Powershell window you don’t have this option. And many often you cycle with tab completion trough the powershell and because you press the TAB button too soon you have to remove characters and cycle again trough all the commands.

Unit now πŸ˜‰

There is an easy fix you can implement so the Powershell have the same auto completion like bash.

  • Type notepad $profile for Windows or gedit $profile for Linux
  • Add the line Set-PSReadlineKeyHandler -Key Tab -Function MenuComplete
Add line in $profile
  • Save the file and restart Powershell
  • And now you have a much better working tab completion
Linux Example
Windows Example

Happy coding πŸ™‚

Repair Debian boot after Windows update

Today I update my dual boot system and unfortunately my Debian OS wasn’t booting anymore. The root cause was that Windows decide to reclaim the EFI boot.

The fix is quite easy.

Type mountvol P: /S

Check the EFI boot partition data

And fix your boot the this command:

bcdedit.exe /set {bootmgr} path \EFI\Debian\grubx64.efi

As you can see in the screenshot, this also work for EndeavourOS and Ubuntu and probably for a lot other Linux EFI boot systems.

Happy booting!

Corrupt SD Card Recovery

A friend of mine came back from vacation where he had taken a lot of pictures. When he got back home a large part of his Micro SD card (exFAT partition) was no longer accessible so he missed a couple of weeks of his photos and videos. His Windows Operating System froze completely when it hit a rotten cluster during a file copy action. So we had to find another solution to get his files back.

The first step I tried was to get the data from the SD card via Linux with ddrescue. With ddrecue, you create and complete dump of the SD card (or the sdb1 partition only). So you can do the data recovery on the image file (backup1.img) and not on the already corrupted SD Card.

The command you can use is:

ddrescue -d /dev/sdb1 /media/thomas/backup1.img /media/thomas/backup1.mapfile

But Linux also had also trouble reading when I hit a bad cluster. The only thing I could do during the read issues was a physical disconnect of the USB adapter, reconnect the adapter and restart the ddrescue process. The reason of was that a dual SD card adapter was used:

Micro SD > SD > SD > USB

(spoiler ALERT!: Never use multiple adapters for data recovery!!!)

Because ddrescue has a mapfile it goes further where he was stopped the last time.

While debugging I wrote a simple loop that forced a “physical” disconnection of the USB adapter wait one sec and reconnect the devices without touching anything.

Source of the USBReset (fork)

This works but is a very very slow process. This will takes months to recover so I had to find another way.

#!/bin/bash
## Steps to Prepare:
# lsusb check card reader and change the /dev/bus
# Start script in usbreset folder 
# Run as sudo
# mount disk (media / thomas)
while true
do
	echo "Let's try Again!"
	ddrescue -d /dev/sdb1 /media/thomas/4905eb31-1df4-49bb-bb75-ec4889641d20/backup1.img /media/thomas/4905eb31-1df4-49bb-bb75-ec4889641d20/backup1.mapfile
	sleep 1
	./usbreset /dev/bus/usb/001/004
	sleep 1
done

The funny thing is that it was Sinterklaas time and that my daughter had just received a vtech kiddy photo camera with a Micro SD to USB adapter included πŸ˜€

So I try new new adapter: Micro SD > USB and with success.

And after almost 15 hours the result 99.98% rescued rate πŸ™‚

During my search for a solution I found some interesting articles:

Happy recovering!

OWASP ZAP Proxy with Android on Genymotion

It can be fun to reverse engineer some android applications. I think it’s better to do this on your workstation instead of your phone because it’s way more flexible and you don’t ruin your phone when you break things πŸ˜‰

In my case, I use Debian 11. But of course, you can do this with any OS.

Requirements

  • An app you want to debug
  • OWASP ZAP Proxy
  • Genymotion
  • NPM
  • APK Export (Android App)

OWASP ZAP Proxy

I use the snap package for ZAP because it’s easy to install and you’ve always the latest version.

$ sudo snap install zaproxy --classic

Start ZAP and export the dynamic certificate (tools > options)

Dynamic SSL Certificate
  • Click on the save button an place the file somewhere on your disk.

You can check if the OWASP ZAP is running with:

$ netstat -tulpen | grep 8080
tcp6       0      0 127.0.0.1:8080          :::*                    LISTEN      1000       89190      14016/java    

Genymotion

Now the proxy is in place it’s time to install genymotion for the android emulation. First install virtualbox.

Install virtualbox APT keys

$ wget -q https://www.virtualbox.org/download/oracle_vbox_2016.asc -O- | sudo apt-key add -
$ wget -q https://www.virtualbox.org/download/oracle_vbox.asc -O- | sudo apt-key add -

Edit the /etc/apt/sources file and add this line:

deb [arch=amd64] https://download.virtualbox.org/virtualbox/debian bullseye contrib

Update the repo and install virtualbox

$ sudo apt-get update
$ sudo apt-get install virtualbox-6.1
  • Now go the the genymotion website and download the latest bin file
Download Genymotion
  • Make the file executable and run the installer
$ chmod +x genymotion-3.2.1-linux_x64.bin 
$ ./genymotion-3.2.1-linux_x64.bin
  • Follow the wizards, create an genymotion account and create a new virtual device. In my example I used a google Pixel 3 with Android 10.
Overview virtual devices

Now it’s time to configure the proxy within the android device!

Configure proxy in Android

Start the created virtual genymotion android device and copy the certificate file we create earlier with a simple drag and drop.

drag & drop the certificate file
Succesfull copy
  • Now we can can configure the proxy in the wifi settings.
  • Go to settings > search for certificate and install the certificate.
settings > find >certificates
Import the certificate

Edit the wifi connection, add the proxy and restart the wifi.

  • Edit the Wifi
  • Go to the advance options
  • Set the proxy to Manual
  • The IP is always: 10.0.3.2 This is the “localhost” setting for the genymotion host server
  • Port 8080
Genymotion Proxy Settings

When you (re)connect the the wifi you have the accept the proxy error (but this is a good thing).

Sign in the the wifi
Accept the warning

Now you will see all the traffic. But only the traffic for the apps who respect the android HTTP_PROXY settings. So this is what you can do when an app don’t respect this setting:

Rebuild the APK with APK-MITM

Now everything is in place. So the last thing we need to do is rebuild the APK file so we can proxing all the network traffic. So:

  • First export the APK file trough the APK Export
  • Place the APK somewhere on your disk
  • Install npm (at least version 14)
$ curl -sL https://deb.nodesource.com/setup_14.x | sudo bash -
$ sudo apt-get install nodejs npm
  • Install java
$ sudo apt install openjdk-17-jre openjdk-17-jdk 
  • And rebuild the APK
$ npx apk-mitm SomeAppName.apk 
Some nice MITM patching

And here we go!

Everything is in place now. So the only thing you have to do is drag & drop the *-patched.apk file to genymotion, install this file and you are fully in control πŸ™‚

ZAP Proxy with MITM Apk

Happy hacking!