Remove iCloud from iPhone

We had a business user leave the company who had a company supplied iPhone.  Unfortunately the password was not provided to us, and the user deleted their iCloud account so we can reset their password to their work email and set a new password.

Information Gathering

Proof of purchase from Verizon
Phone Number associated with phone
iPhone serial number
IMEI number

Enterprise Support
8AM-8PM CST
1-866-752-7753
Press 2, then 3 for iOS

When connected to the support rep, explain that you have an iCloud-locked phone and that you would like to submit a request to have it unlocked.

Tell them that you have the IMEI for the iPhone in question and provide it when asked.

Apple may ask you for the invoice number, serial number and/or phone number of the iPhone to help them look it up on their end and verify ownership.

Once the Apple rep has provisionally established that your company, school or institution has ownership of the iPhone, they will send you an email with instructions on how to contact the group that handles unlocks of iCloud-locked phones.

Follow the instructions in the email and make sure to provide an electronic copy of the proof of purchase.

Updating Cisco ASA 5505 IOS and ASDM

I am by no means a network expert, I know enough to properly be a successful systems administrator.  I am however always wanting to learn new things.  I haven’t really touched Cisco since college, which was 10 years ago.  Figured I would get this Cisco ASA 5505 updated.

  1. Connect up to ASA with console cable
  2. Launch putty and connect via Serial
  3. Launching BootLoader…
    Default configuration file contains 1 entry.Searching / for images to boot.Loading /asa724-k8.bin… Booting…
    ##########################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################
    256MB RAM

    Total SSMs found: 0

    Total NICs found: 10
    88E6095 rev 2 Gigabit Ethernet @ index 09 MAC: 0000.0003.0002
    88E6095 rev 2 Ethernet @ index 08 MAC: 001d.7098.4419
    88E6095 rev 2 Ethernet @ index 07 MAC: 001d.7098.4418
    88E6095 rev 2 Ethernet @ index 06 MAC: 001d.7098.4417
    88E6095 rev 2 Ethernet @ index 05 MAC: 001d.7098.4416
    88E6095 rev 2 Ethernet @ index 04 MAC: 001d.7098.4415
    88E6095 rev 2 Ethernet @ index 03 MAC: 001d.7098.4414
    88E6095 rev 2 Ethernet @ index 02 MAC: 001d.7098.4413
    88E6095 rev 2 Ethernet @ index 01 MAC: 001d.7098.4412
    y88acs06 rev16 Gigabit Ethernet @ index 00 MAC: 001d.7098.441a

    Licensed features for this platform:
    Maximum Physical Interfaces : 8
    VLANs : 3, DMZ Restricted
    Inside Hosts : 50
    Failover : Disabled
    VPN-DES : Enabled
    VPN-3DES-AES : Enabled
    VPN Peers : 10
    WebVPN Peers : 2
    Dual ISPs : Disabled
    VLAN Trunk Ports : 0

    This platform has a Base license.

    Encryption hardware device : Cisco ASA-5505 on-board accelerator (revision 0x0)
    Boot microcode : CNlite-MC-Boot-Cisco-1.2
    SSL/IKE microcode: CNlite-MC-IPSEC-Admin-3.03
    IPSec microcode : CNlite-MC-IPSECm-MAIN-2.05

    Cisco Adaptive Security Appliance Software Version 7.2(4)

  4. ciscoasa# show flash:
    -#- –length– —–date/time—— path
    6 8515584    May 26 2008 13:48:04 asa724-k8.bin
    7 4181246    May 26 2008 13:49:04 securedesktop-asa-3.2.1.103-k9.pkg
    8 398305     May 26 2008 13:49:24 sslclient-win-1.1.0.154.pkg
    9 6514852    May 26 2008 13:51:16 asdm-524.bin
    12 0          May 26 2008 13:55:08 crypto_archive107462656 bytes available (19648512 bytes used)
  5. ciscoasa# copy tftp flashAddress or name of remote host [192.168.1.105]?Source filename [asa924-k8.bin]?

    Destination filename [asa924-k8.bin]?

    Accessing tftp://192.168.1.105/asa924-k8.bin…!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

  6. Writing file disk0:/asa924-k8.bin…
    !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
  7. !!!!!!!!!!!!!!!!!
    30597120 bytes copied in 439.120 secs (69697 bytes/sec)
    ciscoasa# copy tftp flashAddress or name of remote host [192.168.1.105]?Source filename [asa924-k8.bin]? asdm-751.bin

    Destination filename [asdm-751.bin]?

    Accessing tftp://192.168.1.105/asdm-751.bin…!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

  8. Both IOS and ASDM have now been copied over from a TFTP server i setup quick on my Windows 10 workstation using OpenTFTP
  9. ciscoasa# conf t
    ciscoasa(config)# boot system flash:/asa924-k8.bin
    INFO: Converting flash:/asa924-k8.bin to disk0:/asa924-k8.bin
    ciscoasa(config)# asdm image flash:/asdm-751.bin
    ciscoasa(config)# end
    ciscoasa# write mem
    Building configuration…
    Cryptochecksum: 3703eca0 c050e9c9 079cc28d acbd64c42089 bytes copied in 1.520 secs (2089 bytes/sec)
    [OK]
    ciscoasa# reload

Lost password security camera system

I started a new job about 6 months ago.  Most passwords were unknown when I arrived and had to be reset.  Our security camera system needs the date/time adjusted, but the default username and password is no longer valid and nobody has an admin user, only viewer access.

I can view the 5 or so usernames by physically hooking up to the console of the system, and the password is most likely all numeric based on that you have to use a remote control to put in your password, and numbers are default.

The default username and password is ADMIN/1234 so i will be trying to crack the numeric password for ADMIN user.  Fortunately there is a web interface, and it does not lock out after so many failed attempts, or throttle at all.

Downloaded Kali Linux and booted up into Live.  Extracted the builtin wordlist in /usr/share/wordlists/rockyou.txt.gz

gzip -d /usr/share/wordlists/rockyou.txt.gz

hydra -l ADMIN -P rockyou.txt http://192.168.1.1:8080

Took less than 2 minutes and I had my password, 7 numeric digits

hydra

WSUS not downloading approved updates

I recently moved our WSUS off HyperV over to VMware using VMware convertor.  I approved some new updates and noticed the download was stuck at 0.00MB of 120MB.  Event ID 10032 “The server is failing to download some updates.”

Turns out, the D:\ drive containing WSUS items lost its NETWORK SERVICE permissions so I had to add that user, with ReadOnly permissions back to the root of D:\ and after i rebooted WSUS started downloading the new updates as normal.

OAB/GAL not updating with new users

-Create new OAB on generating server
-Navigate to C:\Program Files\Microsoft\Exchange Server\ExchangeOAB and ensure there is a folder there -You may have to restart the Microsoft Exchange System Attendant service
-Go to Organization Configuration/Mailbox and Offline Address Book tab, make sure you are doing Web-Based distribution
-Navigate to your distribution servers to C:\Program Files\Microsoft\Exchange Server\ClientAccess\OAB and make sure the folder is there as well.  If it is not, restart the Microsoft Exchange File Distribution service and wait a bit.
-Go into IIS on the distribution servers, Application Pools, Recycle MSExchangeAutodiscoverAppPool
-In Outlook do an Test E-mail AutoConfiguration and ensure the OAB UID matches the folder name in the above directories

Unable to create storage group to many log files

As part of disaster recovery, I was trying to restore a database and 45,000 associated transaction logs.  I was getting the following error when trying to create a new storage group pointing to the restored data.
Error:
Failed to connect to the target server “MBX-05”. The exception message is “WMI exception occured on server ‘MBX-05’: Call cancelled “.

Exchange Management Shell command attempted:
new-StorageGroup -Server ‘MBX-05’ -Name ‘ Storage Group’ -LogFolderPath ‘F:\ExchangeGroups\StorageGroup\Logs’ -SystemFolderPath ‘F:\ExchangeGroups\StorageGroup\MailboxDatabase’

OST sync with mailbox after restore

If we restore Exchange 2007 data from 2 weeks ago and bring it back online, will Outlook clients sync the previous 2 weeks of email from the OST back to the Exchange mailbox after its restored from backup?

I seem to see split opinions on this, and no documentation to support either claim if it will or will not.

We just tested.  Outlook did not sync the previous 2 weeks of emails as I had thought back with Exchange.  However those 2 weeks of emails did stay put in the users Outlook so far…

relocating iSCSI volume with db/logs to a new server

We have an Exchange 2007 Mailbox server running on Server 2003. We want to build a Server 2008 box, and attach the Exchange iSCSI volume to the new server.

https://technet.microsoft.com/nl-nl/library/bb123954(v=exchg.80).aspx

As with previous versions of Microsoft Exchange, an upgrade of the operating system for an Exchange server results in the updating of the value for OS Version in the database header. This update triggers the rebuilding of internal database indexes. When using database portability to move a database from a Mailbox server running Windows Server 2003 to a Mailbox server running Windows Server 2008, the Extensible Storage Engine (ESE) detects the operating system upgrade and takes the following actions:

  • During the first database mount operation, all secondary indexes are discarded. A secondary index is used to provide a specific view of the mailbox data (for example, when messages in a mail folder are sorted using Outlook in Online mode). The database will not be mounted and available to clients until this initial operation is complete. The amount of time to complete the operation is largely dependent on the size of the database. The larger the database is, the longer the mount operation will take.
  • Secondary indexes will be rebuilt on-demand as Outlook users sort their views in Online mode. In environments with large or extremely large databases, the on-demand rebuilding of indexes will initially result in high processor and disk utilization.

Unmount databases on old Exchange MBX server
Stop Exchange Services on old MBX server
Disconnect iSCSI volume from old MBX server
Connect iSCSI volume to new MBX server
Mount iSCSI drive in Windows on new MBX server
Create Storage Groups and point to existing DB/Logs on iSCSI volume
Mount databases
Wait for indexing to take place before database remounts
Run PowerShell command to point mailboxes from old MBX to new MBX

Get-Mailbox -database “EXMBX1\CORP Storage Group\Mailbox Database” | Move-Mailbox -TargetDatabase “EXMBX3\CORP Storage Group\Mailbox Database”| -ConfigurationOnly

Stollfus Tech Blog

WordPress Appliance - Powered by TurnKey Linux