Archive for the ‘Windows’ Category

How to Fix Windows Update Problems: A Complete Guide

Friday, July 11th, 2025

fix-windows-update-problems-howto-picture

Windows Update is essential for keeping your Windows system secure, stable, and up to date to be on track with latest security patches and (for those working in large corporations) for the PC to be compliant to Company / Corporation / Domain security defined policies and standards. However, users often encounter issues like updates failing to install, being stuck at a certain percentage, or causing error messages. Whether you're using Windows 10 or Windows 11, this guide walks you through proven steps to fix Windows Update problems.

Common Symptoms of Windows Update Issues

Before diving into the solutions, it helps to identify typical signs of update problems:

  • Updates stuck at 0%, 35%, or 100%
  • Update error codes like 0x800700020x800f081f, or 0x8024a105
  • "Windows Update Failed" or "There were problems installing updates"
  • PC crashes or slowdowns after an update
  • Restart loops or repeated update attempts

Step-by-Step Guide to Fix Windows Update Problems

 1. Restart Your PC and rerun updates

Sometimes (very rarely) a simple reboot clears temporary glitches in the update process.

Steps:

  • Click Start > Power > Restart
  • Try running Windows Update again

 2. Run the Windows Update Troubleshooter

Windows includes a built-in tool that can automatically detect and fix common update problems.

Steps:

  1. Open Settings > System > Troubleshoot > Other troubleshooters

  2. Find Windows Update and click Run

  3. Follow the prompts and apply any fixes it suggests

 3. Check Your Internet Connection

A slow or intermittent connection can prevent updates from downloading or installing.

Tips:

  • Ensure a stable connection
  • Avoid using mobile hotspots during large updates
  • Try a wired Ethernet connection if possible

4. Free Up Disk Space

Windows Update needs adequate space to download and install updates.

To free space:

  • Open Settings > System > Storage
  • Use Storage Sense or manually delete:

    • Temporary files
    • Old downloads
    • Unused programs

5. Manually Restart Windows Update Services

Windows Update relies on several background services. Restarting them can resolve stuck updates.

Steps:

  1. Press 

    Windows + R

    , type 

    services.msc

     and press Enter

  2. Find and restart the following:

    • Windows Update
    • Background Intelligent Transfer Service (BITS)
    • Cryptographic Services
  3. Right-click each > Restart

6. Clear the Windows Update Cache (SoftwareDistribution Folder)

Corrupted update files in the SoftwareDistribution folder can cause problems.

Steps:

  1. Press 

    Windows + R (key)

    type 

    Right-click > Run as Administrator

     

  2. Stop update services:

    net stop wuauserv
    net stop bits

     

  3. Delete the update cache:  

    Cmd line

    del /f /s /q %windir%\SoftwareDistribution\

  4. Restart services:  

    net start wuauserv net start bits

  5. Try updating again

7. Use the System File Checker (SFC) and DISM Tools

Corrupt system files can interfere with updates.

Steps:

  1. Open Command Prompt as Administrator

  2. Run SFC from cmd line:  

    sfc /scannow

  3. After it completes, run DISM:  

    DISM /Online /Cleanup-Image /RestoreHealth

These commands check for system corruption and repair it.

 8. Install Updates Manually via Microsoft Update Catalog

If a specific update keeps failing, download and install it manually.

Steps:

  1. Go to: https://www.catalog.update.microsoft.com/

  2. Search the KB number of the failed update

  3. Download the correct version for your system

  4. Run the installer

 9. Pause and Resume Updates

This can force Windows to reattempt updates cleanly.

Steps:

  1. Open Settings > Windows Update

  2. Click Pause updates for 1 week

  3. Restart your PC
  4. Go back and click Resume updates

10. Perform an In-Place Upgrade (Repair Install)

If nothing else works, a repair install reinstalls Windows while keeping your files and apps.

Steps:

  1. Download the Media Creation Tool from Microsoft

  2. Choose Upgrade this PC now

  3. Follow prompts and select Keep personal files and apps

This replaces system files and refreshes Windows Update components.

11. Use WuFix.bat script that refreshes services

wufix.bat

SC config trustedinstaller start=auto
net stop bits
net stop wuauserv
net stop msiserver
net stop cryptsvc
net stop appidsvc
Ren %Systemroot%\SoftwareDistribution SoftwareDistribution.old
Ren %Systemroot%\System32\catroot2 catroot2.old
regsvr32.exe /s atl.dll
regsvr32.exe /s urlmon.dll
regsvr32.exe /s mshtml.dll
netsh winsock reset
netsh winsock reset proxy
rundll32.exe pnpclean.dll,RunDLL_PnpClean /DRIVERS /MAXCLEAN
dism /Online /Cleanup-image /ScanHealth
dism /Online /Cleanup-image /CheckHealth
dism /Online /Cleanup-image /RestoreHealth
dism /Online /Cleanup-image /StartComponentCleanup
Sfc /ScanNow
net start bits
net start wuauserv
net start msiserver
net start cryptsvc
net start appidsvc

12. Contact Microsoft or other tech guru Help

If problems persist even after trying the above methods, consider:

  • Contacting Microsoft Support
  • Consulting with a local technician
  • Performing a clean install (as a last resort)

13. Few Final Tips for Smooth Windows Updates

  • Always back up important data before major updates
  • Keep drivers and antivirus software up to date
  • Avoid interrupting the PC during updates
  • Check for known issues on Microsoft’s support site before installing major feature updates

14. Advanced Commands and Additional Ways to Fix Windows Update Problems

These methods go deeper into system-level repairs and are ideal when the basic fixes fail.

14.1. Reset Windows Update Components Manually (Full Command Script)

Instead of just clearing the cache, reset all update-related services and components.

Steps:

Open Command Prompt as Administrator, and run these commands one at a time:

net stop wuauserv
net stop cryptSvc
net stop bits
net stop msiserver

Rename update-related folders:

ren C:/\Windows/\SoftwareDistribution SoftwareDistribution.old ren C:/\Windows/\System32/\catroot2 catroot2.old

Restart the services:

net start wuauserv
net start cryptSvc
net start bits
net start msiserver

This fully resets the update components.

 14.2. Use PowerShell to Re-register Update DLLs

Sometimes DLLs (Dynamic Link Libraries) related to updates become unregistered.

Run this in PowerShell (Admin):

regsvr32 wuaueng.dll regsvr32 wups.dll regsvr32 wups2.dll regsvr32 wuwebv.dll regsvr32 wucltui.dll

 14.3. Use PowerShell to Force Update Scan and Install

Open PowerShell as Administrator, and run:

Install-Module PSWindowsUpdate -Force Import-Module PSWindowsUpdate Get-WindowsUpdate Install-WindowsUpdate -AcceptAll -AutoReboot

 You may be prompted to install NuGet or trust the repository—accept these prompts.

 14.4. Enable Update Services via Registry Editor (Caution)

If your update services are being disabled by group policy or a third-party app, you can reset the registry settings.

Steps:

  1. Press 

    Win + R

     → type 

    regedit

     → Enter

  2. Navigate to:

    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU

  3. Delete values like NoAutoUpdateAUOptions, etc.

  4. Also check:

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv

    • Ensure Start is set to 2 (automatic)

 Always back up your registry before editing!


 14.5. Check Group Policy Settings (Windows Pro or Enterprise)

Group Policy can block updates.

Steps:

  1. Press 

    Win + R

     → type 

    gpedit.msc

     → Enter

  2. Navigate to:

    Computer Configuration > Administrative Templates > Windows Components > Windows Update

  3. Check and disable any restrictive settings like:

    • No auto-restart with logged on users
    • Configure Automatic Updates
    • Do not connect to any Windows Update Internet locations

 14.6. Use the Windows Update Assistant

Download the latest Windows Update Assistant from the Microsoft website or Windows 11 equivalent.

  • This tool bypasses built-in update problems
  • It can force the latest feature update or build version

 14.7. Delete Windows Update Pending.xml File

Sometimes updates fail due to a corrupted 

Pending.xml

 file.

Steps:

  1. Open Command Prompt as Administrator

  2. Run:

    del %windir%\winsxs\pending.xml

 This is advanced; use only if you're stuck with a failed update loop.

 14.8. Use Event Viewer to Identify Update Errors

Event Viewer can show exactly which update or process is failing.

Steps:

  1. Press 

    Win + X

     → Event Viewer

  2. Navigate to:

    Windows Logs > System

  3. Filter by Error and Warning

  4. Look for sources like:

    • WindowsUpdateClient
    • CBS (Component-Based Servicing)
    • WUSA

Note any error codes or update KB numbers.

 14.9. Use Deployment Image Servicing and Management (DISM) from ISO

DISM can be more powerful when pointed to a known good source like an ISO image.

Steps:

  1. Mount a Windows ISO (right-click > Mount)

  2. Note the drive letter (e.g., D:)

  3. Run in CMD (Admin):

    cmd.exe

    DISM /Online /Cleanup-Image /RestoreHealth /Source:D:\Sources\install.wim /LimitAccess

Replace 

D:\

 with the correct drive.

 14.10. Revert Problematic Updates Using Recovery or Uninstall

If an update caused system problems:

Option A: Uninstall via Settings

  • Go to Settings > Windows Update > Update History > Uninstall updates

Option B: From Advanced Startup

  • Hold 

     

     while clicking Restart

  • Go to Troubleshoot > Advanced Options > Uninstall Updates 

15.How to install Windows 11 without losing files (Re-install windows with keeping All stored files)

15.1. Download and Use the Media Creation Tool:

  • Download the Media Creation Tool from Microsoft's website.

    a) Go to this website:
    www.microsoft.com/en-us/software-download/windows11

    b) Click Download Now.

    c) Open the file you downloaded.
    Double-click it.

    d) Accept everything.
    Click Accept and Install.

    e) Important:
    When it asks about keeping files, select:

    f) Keep personal files and apps

    Wait until it finishes.

    Your PC will restart many times.

    g) After install:
    Your files and programs will still be there.

  • Run the tool and choose to create installation media for another PC.
  • Select your language, architecture, and edition of Windows.
  • Choose to create either a USB flash drive or an ISO file.
  • Follow the on-screen instructions to complete the process. 

15.2 Perform a Clean Install or In-place Upgrade:

  • Clean Install: This will erase all your personal files, apps, and settings, so be sure to back up your data if you choose this option.
  • In-place Upgrade: This will keep your files, apps, and settings while reinstalling Windows. This is a good option if you want to try and preserve your existing setup.
  • To perform an in-place upgrade, boot from the installation media and choose the "Upgrade" option, according to Microsoft Support

1️⃣ Go to this website:
https://www.microsoft.com/en-us/software-download/windows11

2️⃣ Download “Installation Assistant.
Click Download Now.

3️⃣ Open the file you downloaded.
Double-click it.

4️⃣ Accept everything.
Click Accept and Install.

5️⃣ Important:
When it asks about keeping files, select:
✅ Keep personal files and apps

6️⃣ Wait until it finishes.

Your PC will restart many times.

It can take 1–2 hours.

After install, Your files and programs will still be there. But anyways just in case don't forget to create a full backup of everything important before you started.

Summary of Useful Commands

Purpose Command or Tool
Stop Update Services net stop wuauserv etc.
Delete Update Cache del %windir%\SoftwareDistribution\*.* /s /q
Run SFC sfc /scannow
Run DISM DISM /Online /Cleanup-Image /RestoreHealth
PowerShell Update Module Install-Module PSWindowsUpdate
Force Install Updates Install-WindowsUpdate -AcceptAll
Reset Update Components (Full) See above command sequence
Manual Update via Catalog

Conclusion

Windows Update problems can be frustrating, but they’re usually fixable with a methodical approach. From restarting services to clearing cache and running built-in tools, this guide covers all essential fixes. Staying updated ensures your PC remains secure, efficient, and compatible with the latest software.

How to install BASH and use shell scripting on Windows ?

Thursday, June 26th, 2025

install-bash-on-windows-run-and-use-shellscripting-on-windows-howto

Bash (Bourne Again SHell) is definitely a technology that will stay for years to come its simplicity and multi-platoformness is a factor that will definitely continue for many years thus even though it is mostly used on Linux / BSD / Unix, its application on Windows OS-es nowadays is perhaps increasing. Hence since so many people use Winodws nowdays (for work) it is really useful to have Bash set-up on Windows host machine.
In this article, I'll shortly explain how this is done, the article will not have anything too much interesting for the advanced admin or dev ops guy, but I hope people who are entering the business of system administration and high level computing and still orienting might benefit from it.

To install and use Bash shell terminal in Windows there are at least 3 ways:

  • Use Git Bash (Download and install it directly precompiled on WIndows)
  • Use Windows WSL emulation (install some Linux distro)
  • Use Virtualbox / Vagrant / VMware / Hyper-V emulation and install VM from public ISO image.

As a Free Software Lover, I would recommend and  always prefer to use the Free Software alternative if that is possible and thanksfully usually I use and install Git Bash or completely install Cygwin (Full set of Linux tools to run like native on Windows together with  Mobaxterm) together.

 

1. Installing Git Bash on Windows (uses MinGW Minimalist GNU for Windows)

Some might prefer to not use Microsoft for managing their bash especially the more freedom in mind people who like GNU and Free software and people.

MinGW is well known among free and open source enthusiasts.
It includes a port of the GNU Compiler Collection (GCC), GNU Binutils for Windows (assembler, linker, archive manager), a set of freely distributable Windows specific header files and static import libraries which enable the use of the Windows API, a Windows native build of the GNU Project's GNU Debugger, and miscellaneous utilities.

MinGW does not rely on third-party C runtime dynamic-link library (DLL) files, and because the runtime libraries are not distributed using the GNU General Public License (GPL), it is not necessary to distribute the source code with the programs produced, unless a GPL library is used elsewhere in the program.

 

MinGW can be run either on the native Microsoft Windows platform, cross-hosted on Linux (or other Unix), or "cross-native" on Cygwin.


To install Bash via Git, you can use Git for Windows, which includes Git Bash — a lightweight Bash emulator.


Steps to Install Git Bash on Windows
 

a. Download Git for Windows

Go to the official Git website:

https://git-scm.com/download/win

The download should start automatically.

b. Run the Installer

  • Open the downloaded .exe file
  • Follow the installation prompts

Recommended Settings:

  • Select components: Keep default
  • Editor: Choose your preferred text editor (e.g., Notepad++ or Vim)
  • Adjust PATH environment: Choose “Git from the command line and also from 3rd-party software”
  • Choose SSH executable: Use Built-in OpenSSH
  • Choose HTTPS transport backend: Use the default (OpenSSL)
  • Configure line endings: Select “Checkout Windows-style, commit Unix-style line endings”
  • Terminal emulator: Choose “Use MinTTY (the default terminal)”

Click Next through the remaining steps and then Install.

c. Launch Git Bash

After installation:

  • Press Windows key, type "Git Bash"
  • Click to launch the terminal

Now you're using a Bash shell on Windows.

Perhaps most common way is to use Windows Subsystem for Linux (WSL), people follow. WSL is a technology which is native Windows but gives MS Windows the opportunity to act in a way similar to docker containers. WSL lets you run a full Linux environment (including Bash) directly on Windows without using a virtual machine and is really fast and easy on Machine system resources. 


 2. Installing WSL bash easy from Windows 10 / 11 using  Win GUI menus


Steps to install WSL on Windows 10 / 11

Microsoft has since only continued to improve its Windows Subsystem for Linux, and an update in a Windows 10 preview build back in mid-2020 made it easier to install Bash.

That method also works the same as on Win 10 as well as on Win 11.
To install Bash shell emulation, hence open Windows Terminal as an admin user. You can do this by right-clicking the Windows icon and selecting “Windows Terminal (Admin)” from the power user menu.

(If you’re on Windows 10, you should see it listed as “Windows Powershell (Admin)” in the menu.)

 

windows-run-powershell-from-start-menu-screenshot

 


To complete WSL install with Virtualized Ubuntu OS

In Windows Terminal, run this command:

PS C:\Users\MyUser> wsl –install

Once everything is downloaded needed to run WSL emulation and Ubuntu Linux distribution,  Restart the PC.

Once your PC rebooted, installation will continue automatically.

After Ubuntu installed successfully, you’ll next be prompted to create a username and password and Ubuntu will fire up, and you will have your bash in Windows

 

Install-WSL-linux-subsystem-for-windows-from-powershell-prompt-screenshot


a. Enabling and Intalling BASH via command line (if WSL Linux subsystem for Windows is not enabled on Windows


It might be your Windows has no configured Windows Subsystem for Linux, hence if that is the case you will need to enable it following below few steps.

b. Enable WSL via dism.exe cmd

Open PowerShell as Administrator and run:

Powershell

PS C:\Users\MyUser> wsl –install

This installs WSL 2 and a default Linux distribution (like Ubuntu).

If you're on Windows 10 or on a PC where whoever installed the OS has not installed the Win Subsystem for Linux, you may need to manually enable WSL:

Launch Powershell

PS C:\Users\MyUser> dism.exe /online /enable-feature /featurename:Microsoft-Windows-Subsystem-Linux /all /norestart

PS C:\Users\MyUser> dism.exe /online /enable-feature /featurename:VirtualMachinePlatform /all /norestart

Then restart your computer and run:

from the Windows Magnifier run Powershell and type in PS1 prompt:

PS C:\Users\MyUser> wsl –set-default-version 2

c. Installing other Linux Distribution (different from Ubuntu)

If not already installed during wsl –install, open the Microsoft Store and search for:

  • Ubuntu
  • Debian
  • Kali Linux
  • etc.

Click Install on the one you want.

d. Launching WSL / Bash terminal

Once installed:

  • Open Start Menu
  • Search for your Linux distro you just installed (e.g., “Ubuntu”)
  • Launch it

This opens a Bash shell where you can run Linux commands, like in regular Linux but on your Microsoft Windows OS.
 

Sum it up

What we learned is how to install bash via Bash Git and start using it to have more hybrid environment Windows / Linux. The article explained the two main methods using GIt Bash and using embedded Windows emulator WSL with an emulated Linux distro.

Enjoy ! 🙂

 

 


 

How to Рecover deleted files in windows with Free ( unpaid ) software

Thursday, June 5th, 2025

How to Restore Deleted Files on Windows 10/11 - TinyFrom

It happens sometimes on Windows that accidently you deleted some files or directory with pressing Shift + DELETE key (not sending it to Trashbin) or by deleting fies / dirs by sending them in Trashbin but you decided you want them back once you have cleared up the Trashbin.
If this is the case it is pretty easy  to recover deleted files in Windows using free (freeware) unpaid soft and tools, to do so chooose on of the many options described and follow the some of below methods by the well known and  reputable tools pointed next.

1. Use Recuva (Free Version)

Recuva is one of the most popular free file recovery tools from the makers of CCleaner.

Steps:

  1. Download from the official site: https://www.ccleaner.com/recuva

  2. Install and open Recuva.

  3. Select the type of files you want to recover (e.g., pictures, documents).

  4. Choose the drive where the file was deleted.

  5. Use the Deep Scan option if the regular scan fails.

  6. Select files to recover and save them to a different drive to avoid overwriting.

2. Use PhotoRec (Part of TestDisk)

Despite the name, PhotoRec can recover many types of files, not just photos.

Steps:

  1. Download TestDisk & PhotoRec: https://www.cgsecurity.org/

  2. Extract the archive and run photorec_win.exe.

  3. Select the drive, then the partition.

  4. Choose the file system type (typically "Other").

  5. Select a destination for recovered files on another drive.

  6. Let it scan and recover files.

  7.  

⚠️ PhotoRec runs in a command-line interface but is powerful and completely free.

 

Note that Photorec is also available and can be used on Linux to recover files and if you're used to do things from command line I strongly recommend to give it a try on Windows as well.

3. Windows File History / Previous Versions (If Enabled)

If File History or System Protection was enabled:

Steps:

  1. Right-click the folder where the file was.

  2. Choose Restore previous versions.

  3. Browse previous versions and restore as needed.


4. Windows File Recovery (Microsoft's Free CLI Tool)

A command-line tool from Microsoft for advanced users is avalable it is called winfr

Steps:

  1. Download from Microsoft Store: Windows File Recovery

  2. Open Command Prompt as Administrator.

  3. To recover just a single file use the command:

    C:\>

    winfr C: D: /regular /n \Users\YourName\Documents\file.txt

     

    Replace paths as needed.

  4. To recover a directory it is pretty much the same except you have to include the directory instead of file

C:\> 

winfr C: D: /regular /n \Users\YourName\Documents\YourDeletedFolder\

 

Replace

C:

and

D:

with the appropriate source and destination drives.

 

 

  • C:

    = source drive (where the folder was deleted)

  • D:

    = destination drive (where recovered files will be saved)

  • /n

    = path filter (target folder)

  • /regular

    = mode suitable for NTFS drives


Important Tips:

 

  • Stop using the drive where the file was deleted to avoid overwriting it.
  • Always recover to a different drive.
  • The sooner you act, the higher the recovery success rate.

Flush DNS on Mac OS X ,Windows and Linux from command line

Wednesday, January 8th, 2025

MAC OSX DNS Configuration | DNSFLEX

 

MAC OS X flush DNS cache


Open macOS /Mac OS X terminal application and type the following command under OS X version 10.5 and above:

# dscacheutil -flushcache

Mac OS X Tiger (v10.4) user, enter:

# lookupd -flushcache

macOS 11 Big Sur or 12 Monterey user, try:

# sudo dscacheutil -flushcache; sudo killall -HUP mDNSResponder

 

macOS 10.11 El Capitan, 10.12 Sierra, 10.13 High Sierra, 10.14 Mojave, or 10.15 Catalina user try:

# sudo killall -HUP mDNSResponder

 

On Mac OS X version 10.6 and onwards to dump DNS cached records
 

$ dscacheutil -cachedump -entries

Display your DNS cached records on Windows
 
Implement Windows Server DNS - Training | Microsoft Learn

  DNS cached records are stored to offload the DNS from querying it all the time in order to resolve the questionable site domain IP.

To view most recent cached DNS records on Windows use cmd:
 

c:\Windows\> ipconfig /displaydns

 

Windows IP Configuration

    array805.prod.do.dsp.mp.microsoft.com
    —————————————-
    Record Name . . . . . : array805.prod.do.dsp.mp.microsoft.com
    Record Type . . . . . : 1
    Time To Live  . . . . : 1894
    Data Length . . . . . : 4
    Section . . . . . . . : Answer
    A (Host) Record . . . : 52.143.124.236


    telemetry-incoming.r53-2.services.mozilla.com
    —————————————-
    Record Name . . . . . : telemetry-incoming.r53-2.services.mozilla.com
    Record Type . . . . . : 1
    Time To Live  . . . . : 444
    Data Length . . . . . : 4
    Section . . . . . . . : Answer
    A (Host) Record . . . : 34.120.208.123


    tunnel.googlezip.net
    —————————————-
    Record Name . . . . . : tunnel.googlezip.net
    Record Type . . . . . : 1
    Time To Live  . . . . : 36756
    Data Length . . . . . : 4

Use up/down scroll array to see the cached record you need to view in the DNS cache.
 

Flush DNS Cache on Windows OS

 


Open the terminal (Start > Run > type cmd and press the [Enter] key) and type the following command to flush DNS on Win XP/2000/7/10 etc:

# ipconfig /flushdns

 

How to Flush DNS local cache queries on Linux

How to Flush DNS Cache on Linux | Linux How to Flush DNS Guide

 

If you’re using a Linux distro such as Ubuntu, here’s how to flush the DNS cache:

Open the terminal by pressing Ctrl + Alt + T or searching for “Terminal” in the Activities menu.
Run the following command:
If you are running Ubuntu 20.04 LTS Linux or older Linux distro using systemd-resolve, use: sudo systemd-resolve –flush-caches.
If you are running Ubuntu 22.04 LTS or newer, use: sudo resolvectl flush-caches.
Enter your administrator password when prompted, and the DNS cache will be flushed.

To check the change in the DNS record is real, you can check the DNS cache statistics:

# resolvectl statistics

On older Linux distributions where /etc/resolv.conf nameserver directives are used to set the DNS for the server, to flush the cache
only options is to either flush the server used cache or change the nameserver inside the file.

 

Check the DNS cache records on older Linux distros (requires NSCD daemon)

Assuming the nscd daemon is UP and running (if not you have to install it) to check the cached local DNS records on Linux do

# service nscd status 


Reviewing Your DNS Cache on modern Linux distros

The systemd-resolved daemon reacts to USR1 by writing its cache to the system logs. We can then use the journalctl command to filter out the DNS entries.

We'll use the killall command with USR1 To send the signal to the systemd-resolved daemon. Note that although we're using the killall command, the systemd-resolved daemon continues to run. This isn't a termination signal that we're sending.

$ sudo killall -USR1 systemd-resolved

Now we'll use the journalctl command with the -u (filter by systemd unit) option to extract the log entries that have been generated by systemd-resolved . We'll redirect that output into a text files called "dns.txt."

$ sudo journalctl -u systemd-resolved > dns.txt

Then check the DNS records

$ less dns.txt

 

Then find the cached mappings between domain names and IP addresses in.

How to Flush the dnsmasq Cache on Linux

The dnsmasq application provides a DNS cache and a DHCP server.

dnsmasq is popular among with users who want to run their own DNS server, especially on non-systemd installations.

Flushing the dnsmasq DNS cache is easy. We need to send the SIGHUP signal, which tells the dnsmasq daemon to effectively reinitialize. Doing so clears its DNS cache. To send the signal we use the killall command with the -HUP flag, and the name of the application.

$ sudo killall -HUP dnsmasq

Zabbix Power Shell PS1 script to write zero or one if string is matched inside log file

Monday, December 2nd, 2024

How to Install and Configure Zabbix Server and Client on Rocky Linux 9 - Cộng Đồng Linux

At work we had setup zabbix log file processing for few servers for a service that is doing a Monitoring Health Checks for a a special application via an encrypted strong encrypted tunnel. The app based on the check reports whether the remote side has processed data or not.
As me and my team are not maintainers of the zabbix-server where the zabbix-agents are sending the data, there is a multiple content of data being sent in simply "" empty strings via a zabbix Item setup. Those empty strings however gets stored in the zabbix-server database and since this check is made frequently about 500 hundred records of empty string lines are being written to the zabbix server, we got complaint by the zabbix adminsitrators, that we have to correct our Monitoring setup to not flood the zabbix-server.

Since zabbix cannot catch up the "" empty string and we cannot supress the string from being written in the Item, we needed a way to change the monitoring so that the configured Application check returns 1 (on error) and 0 (on success).

Zabbix even though advanced has a strange when zabbix log[] function, e.g. 

log[/path/to/log,,,,skip]

log function, used to analyze a log file and cut out last or first lines of a file simmilar to UNIX's  head and tail over log files this is described in the zabbix log file monitoring here . If a string is matched it can return string 1, but if nothing gets matched the result is empty string "" and this empty string cannot be used in a way to analyze the data with Item is used.

There is plenty of discussions online for this weird behavior and many people do offer different approaches to solve the strange situation, but as we have tried with our colleagues sys admins  none of those really worked out.

Thus we decided to use the classical way to work around, e.g. to simply use a powershell script that would check a number of lines inside a provided log file analyze if a string gets found and print out value of "1" if the string is matched or "0" "if not and this PS1 script to be set to run via a standard zabbix userparameter script.

This worked well, as all of us are mainly managing Linux systems, and we don't have enough knowledge on powershell we have used our internal Aartificial Intelligence (AI) clone tool to LibreChat – A free and open source ChatGPT clone.

LibreChat includes OpenAI's models, but also others — both open-source and closed-source — and its website promises "seamless integration" with AI services from OpenAI, Azure, Anthropic, and Google — as well as GPT-4, Gemini Vision, and many others. ("Every AI in one place," explains LibreChat's home page.) Plugins even let you make requests to DALL-E or Stable Diffusion for image generations. (LibreChat also offers a database that tracks "conversation state" — making it possible to switch to a different AI model in mid-conversation…)

$logfile = "C:\path\to\your\logfile.log"
$searchString = "-1"
 
# Get the last 140 lines
$lines = Get-Content $logfile -Tail 140
 
# Filter lines containing the search string
$found = $lines | Where-Object { $_ -match [regex]::Escape($searchString) }
 
# Output found lines or 0 if none were found
if ($found) {
    $found | ForEach-Object { $_ }
} else {
    Write-Host 0
}

You can download and the return_zero_or_one-if-string-matches-in-log-powershell.ps1 script here

How to install and use WSL 2 Windows native Linux emulation Debian and Ubuntu Linux on Windows 10 / Windows 11

Thursday, October 31st, 2024

start-with-wsl-windows-emulation-linux-install-and-use-easily-linux-and-windows-together-with-no-external-software-tux-penguin-logo

WSL (Windows Subsystem for Linux) is perhaps relatively rarely known to the old school sys admins rats who usually use stuff like QEMU / KVM for Windows or Virtualbox / VMWare for Host machine.
However most people most lileky heard but never used or heard about the native (container like) virtualization WSL which was introduced in Windows 10 and Windows 11  as an attempt from Microsoft to improve the interoperability between Windows and Linux.
WSL version 1 and ver 2 allows Microsoft Windows for using a Linux environment without the need for a separate virtual machine.

In Windows 10, it is existing in Windows 10 Professional version can be installed either by joining the Windows Insider program or manually via Microsoft Store or Winget.
Hence perhaps you don't know that WSL virtualization can be used by those who want to mix Linux and Windows or for example get an advantages against dual-boot (installing Linux and Windows on the same computer).
Even better most significant WSL pros is you can literally running both systems at the same time without the need to run or stop every software that’s running and reboot to another system.

Procedure to set up a WSL is simple and similar to setting up a real Linux OS, therefore this guide can also be used as a reference to Linux setup.The specifications of WSL setup procedure are mainly in Install WSL and then setup any packages you would like to use for example if you want to be able to access remotely the WSL emulated Debian / Ubuntu or other of the installable distros via OpenSSH server.

1. Requirements to install and use WSL Linux emulation

To have the wsl subsystem used on Windows 10 or Windows 11 requirements:

You must be running Windows 10 version 2004 and higher (Build 19041 and higher) or Windows 11 to use the commands below. If you are on earlier versions please see the manual install page.

2. List available installable Linux distributions
 

WSL subsystem has ported only a certain set of Linux distributions, so if you need a very specific and unique Linux distribution, you would perhaps need to use Hyper-V virtualization or Virtualbox / VMWare.
However for people like me who are mainly using Debian GNU / Linux on daily basis as well as some OracleLinux admins / SUSE it is a perfect solution.

PS C:\Windows\System32\WindowsPowerShell\v1.0> wsl –list –online
The following is a list of valid distributions that can be installed.
Install using 'wsl.exe –install <Distro>'.

NAME                            FRIENDLY NAME
Ubuntu                          Ubuntu
Debian                          Debian GNU/Linux
kali-linux                      Kali Linux Rolling
Ubuntu-18.04                    Ubuntu 18.04 LTS
Ubuntu-20.04                    Ubuntu 20.04 LTS
Ubuntu-22.04                    Ubuntu 22.04 LTS
Ubuntu-24.04                    Ubuntu 24.04 LTS
OracleLinux_7_9                 Oracle Linux 7.9
OracleLinux_8_7                 Oracle Linux 8.7
OracleLinux_9_1                 Oracle Linux 9.1
openSUSE-Leap-15.6              openSUSE Leap 15.6
SUSE-Linux-Enterprise-15-SP5    SUSE Linux Enterprise 15 SP5
SUSE-Linux-Enterprise-15-SP6    SUSE Linux Enterprise 15 SP6
openSUSE-Tumbleweed             openSUSE Tumbleweed


 

3. Install Linux distribution for a first time

PS C:\Windows\System32\WindowsPowerShell\v1.0> wsl –install

wsl2-windows-virtualization-install-virtual-machine-debian1

The default Linux distribution that will get installed inside WLS Virtlualization is Ubuntu.

4. Install Debian GNU / Linux distribution as a second distro

 

PS C:\Windows\System32\WindowsPowerShell\v1.0> wsl –install Debian

windows-wsl-linux-emulation/wsl2-windows-virtualization-install-virtual-machine-debian3

That second installed distro would make Debian now the default one to boot by WSL.

To run the fresh installed Debian GNU / Linux distribution, run only wsl command with no arguments.

# wsl

 

PS C:\Windows\System32\WindowsPowerShell\v1.0> wsl –set-version Debian 2
For information on key differences with WSL 2 please visit https://aka.ms/wsl2
Conversion in progress, this may take a few minutes.
The distribution is already the requested version.
Error code: Wsl/Service/WSL_E_VM_MODE_INVALID_STATE
PS C:\Windows\System32\WindowsPowerShell\v1.0> wsl –set-version 2
There is no distribution with the supplied name.
Error code: Wsl/Service/WSL_E_DISTRO_NOT_FOUND
PS C:\Windows\System32\WindowsPowerShell\v1.0>

Simply pressting CTRL + D from the actively running WSL emulated Linux (that is pretty much like a native Windows docker container if we have to compare to Linux) would stop the VM.
 

5. List runnable / installed VM Linux distributions
 

To list the available runnable Linux VMs on your Windows  status on Windows Subsystem for Linux:

PS C:\Windows\System32\WindowsPowerShell\v1.0> wsl –list –verbose
  NAME      STATE           VERSION
* Debian    Stopped         2
  Ubuntu    Stopped         2

PS C:\Windows\System32\WindowsPowerShell\v1.0>


6. Run and check recent installed Linux distribution version

wsl2-windows-virtualization-install-virtual-machine-debian4

To run the newly install Debian Virtualized Linux (which as you can see is the default set distribution to run by WSL virtualization) simply type 

PS C:\Windows\System32\WindowsPowerShell\v1.0> wsl

hipo@PC2LP3:/mnt/c/Windows/System32/WindowsPowerShell/v1.0$hipo@WL-2SLPWL3:/mnt/c/Windows/System32/WindowsPowerShell/v1.0$ cd ~
hipo@PC2LP3:~$

 

hipo@PC2LP3:~$ cat /etc/os-release
PRETTY_NAME="Debian GNU/Linux 12 (bookworm)"
NAME="Debian GNU/Linux"
VERSION_ID="12"
VERSION="12 (bookworm)"
VERSION_CODENAME=bookworm
ID=debian
HOME_URL="https://www.debian.org/"
SUPPORT_URL="https://www.debian.org/support"
BUG_REPORT_URL="https://bugs.debian.org/"
hipo@WL-2SLPWL3:~$

 

7. Update the Debian distribuion packages to latest available

hipo@PC2LP3:~$ sudo su – root
hipo@PC2LP3:~# apt update –fix-missing


8. Install openssh server to be able to connect to the WSL hosted Virtual Machine

hipo@PC2LP3:/home/hipo# apt install openssh-server –yes


windows-wsl-linux-emulation

 

root@PC2LP3:/home/hipo# systemctl start openssh-server telnet
System has not been booted with systemd as init system (PID 1). Can't operate.
Failed to connect to bus: Host is down
root@WL-2SLPWL3:/home/hipo# /etc/init.d/ssh start
Starting OpenBSD Secure Shell server: sshd.
root@WL-2SLPWL3:/home/hipo# ps -ef|grep -i ssh
root        30     9  0 18:19 ?        00:00:00 sshd: /usr/sbin/sshd [listener] 0 of 10-100 startups
root        32    15  0 18:20 pts/1    00:00:00 grep -i ssh

 

windows-wsl-linux-emulation

By default a fresh new installed VM would have a process list like below:

root@PC2LP3:/home/hipo# ps axuwef


wsl2-windows-virtualization-install-virtual-machine-debian7

To be able to have ifconfig and a number of other network tools it is useful to install net-tools package

root@PC2LP3:/home/hipo# apt install net-tools –yes

root@PC2LP3:/home/hipo# /sbin/ifconfig

Once the WSL VM and OpenSSHD is run you can try to telnet or ssh to the VM locally or remotely.

root@PC2LP3:/home/hipo# telnet localhost 22
Trying 127.0.0.1…
Connected to localhost.
Escape character is '^]'.
SSH-2.0-OpenSSH_9.2p1 Debian-2+deb12u3

9. Run commands directly from Windows command line or Powershell
 

You can also use the powershell to run commands via the virtualized Linux environment using simple syntax

# wsl [cmd-to-run]

PS C:\Windows\System32\WindowsPowerShell\v1.0> wsl ls /
bin   dev  home  lib    lost+found  mnt  proc  run   srv  tmp  var
boot  etc  init  lib64  media       opt  root  sbin  sys  usr
PS C:\Windows\System32\WindowsPowerShell\v1.0> wsl ps -ef
UID        PID  PPID  C STIME TTY          TIME CMD
root         1     0  0 18:07 hvc0     00:00:00 /init
root         5     1  0 18:07 hvc0     00:00:00 plan9 –control-socket 5 –log-level 4 –server-fd 6 –pipe-fd 8 –log-t
root         8     1  0 18:07 ?        00:00:00 /init
root         9     8  0 18:07 ?        00:00:00 /init
hipo        10     9  0 18:07 pts/0    00:00:00 ps -ef

PS C:\Windows\System32\WindowsPowerShell\v1.0>

10. Enable systemd on Linux distribution in WSL 2

Once you boot into the WSL installed distro shell edit /etc/wsl.conf:

$ vim /etc/wsl.conf

[boot]
systemd=true

11. Setting extra useful variables to boot the WSL emulated Linux VM 
 

root@debian-wsl:/home/hipo# cat /etc/wsl.conf
[boot]
systemd=true

# Automatically mount Windows drive when the distribution is launched
[automount]

# Set to true will automount fixed drives (C:/ or D:/) with DrvFs under the root directory set above. Set to false means drives won't be mounted automatically, but need to be mounted manually or with fstab.
enabled = true

# Sets the directory where fixed drives will be automatically mounted. This example changes the mount location, so your C-drive would be /c, rather than the default /mnt/c.
root = /

# DrvFs-specific options can be specified.
options = "metadata,uid=1003,gid=1003,umask=077,fmask=11,case=off"

# Sets the `/etc/fstab` file to be processed when a WSL distribution is launched.
mountFsTab = true

# Network host settings that enable the DNS server used by WSL 2. This example changes the hostname, sets generateHosts to false, preventing WSL from the default behavior of auto-generating /etc/hosts, and sets generateResolvConf to false, preventing WSL from auto-generating /etc/resolv.conf, so that you can create your own (ie. nameserver 1.1.1.1).
[network]
hostname = debian-wsl
generateHosts = true
generateResolvConf = true

# Set whether WSL supports interop processes like launching Windows apps and adding path variables. Setting these to false will block the launch of Windows processes and block adding $PATH environment variables.
[interop]
enabled = false
appendWindowsPath = false

# Set the user when launching a distribution with WSL.
[user]
default = hipo

# Set a command to run when a new WSL instance launches. This example starts the Docker container service.
#[boot]
#command = service docker start

root@debian-wsl:/home/hipo#

To learn about on Advanced settings configuration in WSL check out official Microsoft documentation here

12. Shutting down a running emulated Linux VM

If you have run a WSL VM and you want to shut it down do:

# wsl shutdown


If you at a point want to delete / uninstall the installed distribution you can do

# wsl –terminate Distro_Name
# wsl –uninstall Distro_Name


Or you if you want to do a cleanup of the stored files inside the installed distribution (if you have stored files), do:

# wsl –unregister Distro_Name


For more in depth details check out the manual
 

PS C:\Windows\System32\WindowsPowerShell\v1.0> wsl –help
Copyright (c) Microsoft Corporation. All rights reserved.
For privacy information about this product please visit https://aka.ms/privacy.

Usage: wsl.exe [Argument] [Options…] [CommandLine]

Arguments for running Linux binaries:

    If no command line is provided, wsl.exe launches the default shell.

    –exec, -e <CommandLine>
        Execute the specified command without using the default Linux shell.

    –shell-type <standard|login|none>
        Execute the specified command with the provided shell type.

    —
        Pass the remaining command line as-is.

Options:
    –cd <Directory>
        Sets the specified directory as the current working directory.
        If ~ is used the Linux user's home path will be used. If the path begins
        with a / character, it will be interpreted as an absolute Linux path.
        Otherwise, the value must be an absolute Windows path.

    –distribution, -d <Distro>
        Run the specified distribution.

    –user, -u <UserName>
        Run as the specified user.

    –system
        Launches a shell for the system distribution.

Arguments for managing Windows Subsystem for Linux:

    –help
        Display usage information.

    –debug-shell
        Open a WSL2 debug shell for diagnostics purposes.

    –install [Distro] [Options…]
        Install a Windows Subsystem for Linux distribution.
        For a list of valid distributions, use 'wsl.exe –list –online'.

        Options:
            –no-launch, -n
                Do not launch the distribution after install.

            –web-download
                Download the distribution from the internet instead of the Microsoft Store.

            –no-distribution
                Only install the required optional components, does not install a distribution.

            –enable-wsl1
                Enable WSL1 support.

    –manage <Distro> <Options…>
        Changes distro specific options.

        Options:
            –move <Location>
                Move the distribution to a new location.

            –set-sparse, -s <true|false>
                Set the vhdx of distro to be sparse, allowing disk space to be automatically reclaimed.

    –mount <Disk>
        Attaches and mounts a physical or virtual disk in all WSL 2 distributions.

        Options:
            –vhd
                Specifies that <Disk> refers to a virtual hard disk.

            –bare
                Attach the disk to WSL2, but don't mount it.

            –name <Name>
                Mount the disk using a custom name for the mountpoint.

            –type <Type>
                Filesystem to use when mounting a disk, if not specified defaults to ext4.

            –options <Options>
                Additional mount options.

            –partition <Index>
                Index of the partition to mount, if not specified defaults to the whole disk.

    –set-default-version <Version>
        Changes the default install version for new distributions.

    –shutdown
        Immediately terminates all running distributions and the WSL 2
        lightweight utility virtual machine.

    –status
        Show the status of Windows Subsystem for Linux.

    –unmount [Disk]
        Unmounts and detaches a disk from all WSL2 distributions.
        Unmounts and detaches all disks if called without argument.

    –uninstall
        Uninstalls the Windows Subsystem for Linux package from this machine.

    –update
        Update the Windows Subsystem for Linux package.

        Options:
            –pre-release
                Download a pre-release version if available.

    –version, -v
        Display version information.

Arguments for managing distributions in Windows Subsystem for Linux:

    –export <Distro> <FileName> [Options]
        Exports the distribution to a tar file.
        The filename can be – for stdout.

        Options:
            –vhd
                Specifies that the distribution should be exported as a .vhdx file.

    –import <Distro> <InstallLocation> <FileName> [Options]
        Imports the specified tar file as a new distribution.
        The filename can be – for stdin.

        Options:
            –version <Version>
                Specifies the version to use for the new distribution.

            –vhd
                Specifies that the provided file is a .vhdx file, not a tar file.
                This operation makes a copy of the .vhdx file at the specified install location.

    –import-in-place <Distro> <FileName>
        Imports the specified .vhdx file as a new distribution.
        This virtual hard disk must be formatted with the ext4 filesystem type.

    –list, -l [Options]
        Lists distributions.

        Options:
            –all
                List all distributions, including distributions that are
                currently being installed or uninstalled.

            –running
                List only distributions that are currently running.

            –quiet, -q
                Only show distribution names.

            –verbose, -v
                Show detailed information about all distributions.

            –online, -o
                Displays a list of available distributions for install with 'wsl.exe –install'.

    –set-default, -s <Distro>
        Sets the distribution as the default.

    –set-version <Distro> <Version>
        Changes the version of the specified distribution.

    –terminate, -t <Distro>
        Terminates the specified distribution.

    –unregister <Distro>
        Unregisters the distribution and deletes the root filesystem.
PS C:\Windows\System32\WindowsPowerShell\v1.0>

Once wsl is installed you can run it directly from Windows start menu, by searching for the name of the distribution you would like to run for example to run my Debian WSL running emulator::

Sum it up

What was shown up is how to run in parallel virtualized Linux distribution on Windows 10 and Windows 11 and how to install update to latest and run opensshd server to be able to ssh into the WSL Linux virtual machine remotely.
.Also i've shown you, How to test ssh is reachable and how to stop / start or destroy and cleanup any stored files for  VM if necessery, as well as how to apply some extra advanced configurations to boot VM for.

Using WSL is not the best virtualization ever but anyways it is an alternative for people employed in Domain attached Windows PCs part of Big Corporations, where VirtualBox use is blocked / prohibited and you still need to experiment or develop Shell scripts or software on Python / Perl / Ruby on Linux before you  do stuff on the PreProd or Production Linux host.

That's all folks, Enjoy ! 🙂
 

How to split large files in Windows via split command line and File Archive GUI tool easily

Tuesday, October 22nd, 2024

Moving around a very large files especially Virtualbox Virtual Machines or other VM formats between Windows host and OneDrive might be a problem due to either Azure Cloud configured limitations, or other reasons that your company Domain Administrator has configured, thus if you have to migrate your old Hardware Laptop PC Windows 10 to a newer faster better Harware / Better Performance Notebook Computer with Windows 11 and you still want to keep and move your old large files in this short and trivial article, will explain how.

The topic is easily and most of novice sysadmins should have already be faced to bump into something like this but anyways i found useful to mention about Git for Windows, as it is really useful too thus wrote this small article.

The moved huge files, in my case an experimental Virtual Machines Images which I needed to somehow migrate on the new Freshly installed Windows laptop, the Large files were 40 / 80 etc. Gigabytes or whatever large amount of files from your PC to the Cloud Onedrive and of course the most straight forward thing i tried was to simply add the file for inclusion into the Onedrive storage (via OneDrive tool setup interface), however this file, failed due to OneDrive Cloud file format security limitations or Antivirus solutions configured to filter out the large file copying or even a prohibition to be able to include any kind of Virtual Machines ISOs straight into the cloud.

With this big files comes the question:

How to copy the Virtual Machines from your Old Hardware Laptop to the Cloud (without being able to use an external SSD Hard Drive or a USB SSD Flash drive, due to Domain policy configured for your windows to be unable to copy to externally connected Drive but only to read from such.) ?
 

Here are few sample approaches to do it both from command line (useful if you have to repeat the process or script it and deploy to multiple hosts) or for single hosts via an Archiver tool:

 

1. Using split command Git for Windows (Bash) MINGW64 shell 

Download Git for Windows – https://git-scm.com/download install it and you will get the MINGW64 bash for Windows executable.

Run it either invoke bash command from command line or trigger Windows Run command prompt (Windows button + R) and type full path to executable
 

C:\Program Files\Git\git-bash.exe


Git-for-Windows-bash-for-windows-MINGW64-windows-11-screenshot

Use the integrated program split and to cut it into pieces use:

 

# split MyVeryLargeFileVM.vdi -b 800m


To split the .VDI virtualbox file to lets say 5 Gigabite pieces:

# split MyVeryLargeFile.vdi -b 5g

The output files will be named pieces will be named as in a normal UNIX / GNU split command in the format and each piece of 5GB will be named like:

xaa
xab
xac
xad

If you want to get a more meaningful name for the spilitted files you can set a generated split file prefix with suffixes to be 5 digits long:

# split MyVeryLargeFile.vdi MyVeryLargeFileVM-parts_ -b 5g -d -a 5

  • the -d flag for using numerical suffixes (instead of default aa, ab, ac, etc…),
  • and the option -a 5 to tell it I want the suffixes to be 5 digits long:

2. Split large files by Archiving them with Winrar (ShareWare) tool

If you have already Winrar installed and you don't want to bother with too much typing from the command line, You can use good old WinRAR as a file splitter/joiner as well.

To split a file into smaller files, select "Store" as the compression method and enter the desired value (bytes) into "Split to volumes" box.
This way you can have split files named as filename.part1.rar, filename.part2.rar, etc.

WinRAR_cut-split-large-files-into-pieces-screenshot-Windows

3. Split files with 7-Zip (FreeWare)

Assuming you have the 7-Zip installed on the PC, you can do the archiving of the Big file to a smaller pieces one, you can create the splitted file from 7Zip interfaces menus:

7zip-file-split-files-into-multiple-pieces-windows-screenshot

Or directly cut the single file into multiple volumes, directly from Windows Explorer by Selecting the file and using fall down menus :
7zip-creation-of-multiple-parts-file-from-single-one-screenshot-Windows

7-zip-split-huge-files-to-lower-parts-set-volume-size

Sum it up what learned ? 

What we learned is how to cut large files into multiple single consequential ones for easy copy between Network sides, via both Git 4 Windows and manual copy paste of parted multiple files to OneDrive / DropBox / pCloud or Google Drive.
There is a plenty of other approaches to take as there is also file GUI tools, besides using GNU Win / Gnu Tools for Windows or Cygwin / Gsplit GUI tool  or some kind of the many Archiver toolsavailable for Windows, another option to split the large files is to use a bunch of PowerShell and Batch scripts written that can help you do the file split for both binaries files or Text files. but i'll stop here as I believe that is pretty much enough for most basic needs.

 

How to Copy / Backup Windows USB drive from one USB to a second

Friday, October 18th, 2024

Did you know that when you copy all the files from a USB Drive you don’t copy all the data?

Did you know that there may be files that are not even visible?

In this tutorial you will discover how to copy all of your USB Drive sector by sector, that is to say, that you will see how to create a copy identical to your USB drive without missing anything!

This can be useful if you have formatted your USB stick in error and want to use it, you can create an image for the USB Drive on your computer and then you can recover the formatted data in the image afterward!

The software used in this tutorial is called ImageUSB, it is free, portable, and easy to use.

Don’t use this method if you want only to copy some files, use this to clone/backup your USB Drive with all its master boot record, partition tables, and data.

Let’s go!

Clone Your USB Drive with ImageUSB on Windows 10

Start by downloading and extracting ImageUSB from this official URL: https://www.osforensics.com/tools/write-usb-images.html

Double-click on  imageUSB.exe .

Select your USB Drive from the list, select “Create image from USB drive“. Choose the location for the binary image file (.bin) that will be created from the USB drive.

Click on “Create“.Click “Yes” to confirm your choices.

imageusb clone usb flash drive backup restore 3 create image

Click “Yes” to overwrite the bin file in case it’s already there.

Wait for a couple of minutes…

After the image is created you should see this message. Click “OK“.

Now if you want to restore an image to your USB Drive, just select your USB Drive and choose “Write image to USB drive“. Choose your bin image and click on “Write“.

imageusb clone usb flash drive backup restore 7 write

This program is not recommended on different sizes USB Drives…
Use it mostly for backup/restore on the same USB Drive for your bootable software.

There you have it, the copy of USB to second USB completed !

Enjoy ! 

 

 

How to view WIFI Passwords for Profile from command line with netsh on Windows 10

Wednesday, May 29th, 2024

how-to-find-out-your-wifi-password-on-windows-10

The common way, if you have connected to a Wireless Network Access Point and saved the password in Windows is to view the password via Windows GUI interface, via menus following few easy steps:

1. Settings -> Network and Internet -> Network and Sharing Center

network-and-sharing-center
2. Click on (Wifi Network name) for which you need password and 
3. In View your active networks section

select-wifi
4. When the Wi-Fi network status window opens, click Wireless Properties

wireless-properties
5. Move to the Security Tab and check the checkbox, next to "Show Characters" to view the network password.

show-wifi-password-windows-10
 

Nevertheless as a system administrator you might have wondered, how you can easily review in plain text Saved Wireless Networks Wi-FI passwords, without using the Graphical Interface via a direct command line cmd.exe?
Such thing is helpful on maintaining multiple Windows 10 hosts, especially if you have a telnet or SSH remote administration enabled or you have a domain of PCs.
To do so open cmd.exe command prompt and run:

C:\Users> netsh

netsh>wlan show profile

Profiles on interface Wi-Fi:

Group policy profiles (read only)
———————————

User profiles
————-
All User Profile : WIFI_Pofile-name
All User Profile: Hotel stage 2
All User Profile: Home Wifi
All User Profile: HP_Custom

Now lets review the clear text password of the profile from netsh console:

netsh>wlan show profile "WIFI_Pofile-name" key=clear

Profile WIFI_Pofile-name on interface Wi-Fi:
===================================================

Applied: All User Profile

Profile information
——————-
Version : 1
Type : Wireless LAN
Name : WIFI_Pofile-name
Control options :
Connection mode : Connect automatically
Network broadcast : Connect only if this network is broadcasting
AutoSwitch : Do not switch to other networks
MAC Randomization : Disabled

Connectivity settings
———————
Number of SSIDs : 1
SSID name : "WIFI_Pofile-name"
Network type : Infrastructure
Radio type : [ Any Radio Type ]
Vendor extension : Not present

Security settings
—————–
Authentication : WPA2-Personal
Cipher : CCMP
Authentication : WPA2-Personal
Cipher : GCMP
Security key : Present
Key Content : Very-secret-password-for-WIFI-plain-text

TADADAM !

We see the password key text Saved WIFI Passwords plain text !

Note that sometimes, if you have a Hidden Wifi Network the command to use to reveal the plain text password with netsh would be:

C:\Users> netsh wlan show profile "name=SSID hidden WiFi Net" key=clear


This trick is very much used today by "hackers" e.g. script kiddies, who break up into others windows.
It is also useful if you want to have a quick way to review plain text passwords for WIFI accounts with organization, lets say if you're a security expert and doing some kind of periodic Security audits within a corporation on multiple Domain attached computers.

Thanks to Martin Petrov (Amridikon) for his trick as I've learned first time from his blog https://mpetrov.net, which is full of many computer geek goodies stuff.

Of course this approach can be easily scripted with a short PowerShell script:
 

netsh wlan show profile |
    Select-String '(?<=All User Profile\s+:\s).+' |
    ForEach-Object {
        $wlan = $_.Matches.Value
        $passw = netsh wlan show profile $wlan key=clear |
            Select-String '(?<=Key Content\s+:\s).+'

        [pscustomobject]@{
            Name     = $wlan
            Password = $passw.Matches.Value
        }
    }

 

If you need the script View-all-wifi-passwords-plaintext-windows10.ps1 to reuse it download it from here.
 

Windows-WiFi-PasswordRevealer-ScreenShot
There is also some freeware tools online which can help you reveal passwords, saving you any typing, that might be useful if you want to delegate the task to a non-sysadmin user, you can simply point him and ask him to install a GUI Win tool like Wifi Password revealer (that makes showing plain text passwords piece of cake) and let user reveal his passwords for himself, if needs the password to share it to a colleague 🙂
That's all folks, Happy hacking !

How to count number of ESTABLISHED state TCP connections to a Windows server

Wednesday, March 13th, 2024

count-netstat-established-connections-on-windows-server-howto-windows-logo-debug-network-issues-windows

Even if you have the background of a Linux system administrator, sooner or later you will have have to deal with some Windows hosts, thus i'll blog in this article shortly on how the established TCP if it happens you will have to administarte a Windows hosts or help a windows sysadmin noobie 🙂

In Linux it is pretty easy to check the number of established conenctions, because of the wonderful command wc (word count). with a simple command like:
 

$ netstat -etna |wc -l


Then you will get the number of active TCP connections to the machine and based on that you can get an idea on how busy the server is.

But what if you have to deal with lets say a Microsoft Windows 2012 /2019 / 2020 or 2022 Server, assuming you logged in as Administrator and you see the machine is quite loaded and runs multiple Native Windows Administrator common services such as IIS / Active directory Failover Clustering, Proxy server etc.
How can you identify the established number of connections via a simple command in cmd.exe?

1.Count ESTABLISHED TCP connections from Windows Command Line

Here is the answer, simply use netstat native windows command and combine it with find, like that and use the /i (ignores the case of characters when searching the string) /c (count lines containing the string) options

C:\Windows\system32>netstat -p TCP -n|  find /i "ESTABLISHED" /c
1268

Voila, here are number of established connections, only 1268 that is relatively low.
However if you manage Windows servers, and you get some kind of hang ups as part of the monitoring, it is a good idea to setup a script based on this simple command for at least Windows Task Scheduler (the equivallent of Linux's crond service) to log for Peaks in Established connections to see whether Server crashes are not related to High Rise in established connections.
Even better if company uses Zabbix / Nagios, OpenNMS or other  old legacy monitoring stuff like Joschyd even as of today 2024 used in some big of the TOP IT companies such as SAP (they were still using it about 4 years ago for their SAP HANA Cloud), you can set the script to run and do a Monitoring template or Alerting rules to draw you graphs and Trigger Alerts if your connections hits a peak, then you at least might know your Windows server is under a "Hackers" Denial of Service attack or there is something happening on the network, like Cisco Network Infrastructure Switch flappings or whatever.

Perhaps an example script you can use if you decide to implement the little nestat established connection checks Monitoring in Zabbix is the one i've writen about in the previous article "Calculate established connection from IP address with shell script and log to zabbix graphic".

2. Few Useful netstat options for the Windows system admin
 

C:\Windows\System32> netstat -bona


netstat-useful-arguments-for-the-windows-system-administrator

Cmd.exe will lists executable files, local and external IP addresses and ports, and the state in list form. You immediately see which programs have created connections or are listening so that you can find offenders quickly.

b – displays the executable involved in  creating the connection.
o – displays the owning process ID.
n – displays address and port numbers.
a – displays all connections and listening ports.

As you can see in the screenshot, by using netstat -bona you get which process has binded to which local address and the Process ID PID of it, that is pretty useful in debugging stuff.

3. Use a Third Party GUI tool to debug more interactively connection issues

If you need to keep an eye in interactive mode, sometimes if there are issues CurrPorts tool can be of a great help

currports-windows-network-connections-diagnosis-cports

CurrPorts Tool own Description

CurrPorts is network monitoring software that displays the list of all currently opened TCP/IP and UDP ports on your local computer. For each port in the list, information about the process that opened the port is also displayed, including the process name, full path of the process, version information of the process (product name, file description, and so on), the time that the process was created, and the user that created it.
In addition, CurrPorts allows you to close unwanted TCP connections, kill the process that opened the ports, and save the TCP/UDP ports information to HTML file , XML file, or to tab-delimited text file.
CurrPorts also automatically mark with pink color suspicious TCP/UDP ports owned by unidentified applications (Applications without version information and icons).

Sum it up

What we learned is how to calculate number of established TCP connections from command line, useful for scripting, how you can use netstat to display the process ID and Process name that relates to a used Local / Remote TCP connections, and how eventually you can use this to connect it to some monitoring tool to periodically report High Peaks with TCP established connections (usually an indicator of servere system issues).