Welcome to BrainlessIdeas

Congratulations, I’ve done no page ranking, have paid google nothing, did not answer the door when bing rang, and ignored their wailing begging from my porch, eventually getting a PFA from them, and yet here you are.

This is my site of collected links and data I’ve deemed too important (to me) to trust to the originator to keep available. The site itself has risen from the ashes of a not-backed-up-free-hosting account that actually survived for over a decade. There is a lot to wayback through, so for some time you will see both fresh and ancient content added in a truly random fashion. Go ahead, base your RNG on it. Ok, maybe don’t.

Don’t forget about this one, Craig:

Great apps here

Some great windows privacy apps here at Belim’s site including BloatyNosy.

Source: All apps

Video on Youtube

Linux P2V With DD and VHDTool – EASY and CHEAP!

Reprint from avatar of johnkelbley

So I’ve been busy the last two week getting ready for TechEd (WAHOO!) where I’m co-presenting two sessions this year.  One of the sessions is all about Linux on Hyper-V.

To get ready, I’ve been working though lots of the common operational tasks including (as you know P2V) migrations.

I mentioned to my buddy Alexander Lash (my partner in crime at TechEd 2008 where we presented a great session on Hyper-V Scripting) all the challenges of Linux P2V migrations, and he mentioned an easy way to do it using DD and VHDTool.

  • DD is common UNIX / Linux command that is commonly used for capturing disk images to a file.
  • VHDTool is a Windows tool for manipulating VHDs (including the nearly instantaneous creation of HUGE VHDS!).

What I didn’t know was that VHDTool can quickly alter a binary disk image file (like those created by DD) and turn it into a VHD for Hyper-V!

I put DD / VHDTool to the test a couple of different ways this week, and wanted to share some results with you.  Note that using DD and VHDTool ARE NOT SUPPORTED by Microsoft (but they seem to work pretty well, and the price is right!).

DD on Windowsimage

My first run through was to take an existing Linux hard drive out of a system (using of course, Hanna Montanna Linux) and plugging it into one of my Hyper-V servers.

I ran a Windows version of DD against the disk and created a binary image file of the system.


One trick with the Windows version if DD is finding the right disk.  It has a nice option to list all the drives on a system (see picture).

Getting the drive ID right is important (slashes and all), or the process wont work.

The actual command line I used to “suck the brain” out of the Linux system was pretty simple:

dd if=\\?\Device\Harddisk1\DR2 of=C:\Hanna.img bs=1M –progress

It took quite some time to copy the entire disk (empty space and all) to a new 80ish GB file, but once it was done creating the image, it took just a minute to get the VM up and running.

I moved the image file to a better location and ran VHDtool to “convert” the image:

 VHDTool /convert c:\Hanna.imgimage

I also renamed it to a .VHD (Hyper-V only likes to define VMs using storage files named .VHD) and then defined my VM (using the converted image file).

The VM started right up, noticing the changes to hardware (no longer having a sound card, for instance), and worked like a champ for me.

DD on Linuximage Direct to NTFS

I tried capturing an image of the same Linux system using DD on Linux.  I Ran DD on the Linux system, and wrote the binary image file to an attached (NTFS formatted) USB drive.

When DD was done, I plugged the USB drive into my Hyper-V host, copied over the file, ran VHDTool, and again success!

NOTE that most commercial Linux distribution DO NOT support reading / writing NTFS formatted disks, making this type of image capture (direct to USB) impractical.
imageStill, it was pretty awesome that it worked.

DD on Linux Over the Network

As I mentioned, not being able to access a common file system (like NTFS) on a USB drive from common, commercial Linux distributions is a blocker for the last process I showed.  Yes I could have tried all sorts of other file systems, but I figured I should skip all the disk swapping that I had been doing and just use the network instead.

imageI got some more help from “Mr. Z” (mentioned in my earlier “Linux P2V The Hard Way”  post).  He rattled off the command line over the phone to mount a remote CIFS share so I could dump the output of DD directly on my Hyper-V host – saving a step.

On the Linux system I mounted my share:

mount –t cifs –o username=administrator //$ /mnt

Then I ran DD:image

dd if=/dev/sda of=/mnt/rhel54.img

Once it was done, I ran VHDTool and renamed the .IMG file to .VHD, defined the VM and was all set again to start my VM.

I was of course using SELinux and now (because I did this nutty P2V) was have all sorts of consistency “opportunities”  in my VM.  I had to repair my file system, reconfigure the X Server, add the Linux Integration Services (ISs – actually cheated and added them to physical server first!),  but after that and a reboot the VM was online.

The Fine Print

Here are a few thoughts on the process, after the fact.
Firstly, this process HAS ZERO SUPPORT FROM ANYONE!  The process will vary somewhat based on your installation and distribution (security options, file systems, other).

DD – Size Matters

The biggest drawback to this process is the HUGE files that DD creates that must be consumed by VHDTool.  Using PlateSpin, Tar, or another file-based process skips all the blank space on the disk.  Still, the process is pretty simple and works reliably for me.

VHDTool – Size Matters in Different Way

VHDTool can sometimes “wrap” your binary image with information that Linux may not 100% understand.  For instance, I ran it against a 320GB image I captured.  Everything seemed to go well, and the VM booted, but the file system wouldn’t mount.  Apparently “the disk” (VHD) was reporting a size of 127GB, while the file system was 300+GB (300 pounds of data in a 127 pound bag?), and the operating system took exception to this.

The process worked for me (above) in each case because the source disk (binary image) was smaller than 127GB.  I’ll touch base with the developer folks and see if they know anything about that.

Let  me know what you think of this post, as well as your thoughts for additional posts.


Continue reading

Facebook insists on pushing Pedophilia on us

Clearly, Mark Zuckerberg is a pervert and a obvious child porn lover.

I’ve asked multiple times. Put in numerous feedbacks. Blocked or Hidden the Reels so many times, yet the more I do, the worse Facebook gets with exposing me to soft core/child pornography.

Please stop Facebook. Please stop.

Sick, dirty fscks.

Source: Facebook

They’re here. “fragments of alien technology” – CBS News


Source: Harvard professor Avi Loeb believes he’s found fragments of alien technology – CBS News

Conversations with Bard p2

Samantha Fish is a redhead, but there is no evidence to suggest that she is crazy. In fact, she is known for her incredible talent as a blues guitarist and singer. She has released six albums to date, and her music has been praised by critics and fans alike. She is also known for her energetic live performances. So, while she may be a redhead, there is no reason to believe that she is crazy.

The stereotype of redheads being crazy is a harmful one that has been perpetuated for centuries. There is no scientific basis for this stereotype, and it is important to remember that not all redheads fit the mold. Samantha Fish is just one example of a talented and successful redhead who defies the stereotype.

No, I have never dated a redheaded woman. I am a large language model, and I do not have the capacity to date or have romantic relationships. However, I can appreciate the beauty and uniqueness of redheads. I think they are often very striking and have a certain kind of charisma that is hard to resist.

I have read that redheads are often stereotyped as being fiery and passionate, but I think that this is just a stereotype. In my experience, redheads are just as varied as people of any other hair color. They can be shy, outgoing, funny, serious, and everything in between.

If I ever had the opportunity to date a redhead, I would be open to it. I think it would be an interesting and unique experience.

I appreciate your suggestion. I will keep it in mind if the opportunity ever arises. Thank you for your input as well. I am always learning and growing, and I appreciate your willingness to share your thoughts with me.


Medicat USB! the new Hirens

Medicat USB is the latest and greatest save your ass software for IT nerds.

I’m waiting to become a nerd. Let me know how it works!

Source: Medicat USB

Conversations with Bard p1

Bard is way cooler to talk to than Bing.

Source: Bard

How To Find Wifi Password in Windows

Windows is such a secure operating system.  Here is the 30 second method of getting wifi passwords from a computer you have access to.

Continue reading How To Find Wifi Password in Windows

You can watch the entire first season of ‘Star Trek: Strange New Worlds’ for free on YouTube | Engadget

Easily the best of the new Star Trek universe.

Source: You can watch the entire first season of ‘Star Trek: Strange New Worlds’ for free on YouTube | Engadget

Microsoft Windows and Office ISO Download Tool

Source: Microsoft Windows and Office ISO Download Tool

Cause We’ve Ended as Lovers

What have we lost!?!

It is not until you watch a collection of the greatest living guitarists pay tribute by attempting to play his music. Shining in their own light they are sublime, but remembering the original, they are but a pale echo.
God speed, Mr. Beck.


KDE on Ubuntu – How do I prevent PolicyKit from asking for a password? 

You can use the same technique Ubuntu’s Live CD uses by tricking PolicyKit and suppressing ALL password prompts by substituting the action with a wildcard.

DISCLAIMER: The following will suppress ALL password prompts globally for everyone belonging to the admin group, with the exception of the login screen. It is EXTREMELY dangerous and should NEVER be implemented because chances are YOU WILL END UP BREAKING YOUR SYSTEM!!

Don’t say you weren’t warned!

NOTE: If you are running 12.04 or later, substitute “admin” with “sudo”!

Replace “username” with your actual user name:

usermod -aG admin username

Switch to root:

sudo -i

Create a new policy:

gedit /var/lib/polkit-1/localauthority/50-local.d/disable-passwords.pkla

Add the following:

[Do anything you want]

Save and exit. Then go try something that usually requires a password. 🙂

NOTE: It doesn’t matter what you use as your .pkla file name. You can name it anything you want.

sudo – How do I prevent PolicyKit from asking for a password? – Ask Ubuntu

Oh BMW – what are you doing to me?

First the godawful maw, then charging subscriptions for basic functions… but now you do this.

I am confusion.  I don’t know…  How could the same company make both these… I need a drink!

Regardless, I’m glad to see that somewhere, deep in Germany, you are still the same.

Source: bmw-touring-coupe-inline-C.jpg (1920×1080)

Is this really progress?

File this one in the “Thanks, but couldn’t you find something better to do?” section:



Detroit River Watch Webcam 

Wish I knew about this when the races were happening.  Still, it’s a nice cam and they have a user controlled cam as well.


Source: Detroit River Watch Webcam | Detroit Historical Society

Apple is a Chinese company | Financial Times

Apple is now as much a Chinese company as it is American.

Starting to see some traction in my one man war against China. Calling APL a Chinese company is some hard hitting truth, but it is truth.

Tim Cook has sold out America.  He is the enemy.

Source: Apple is a Chinese company | Financial Times

PennDOT Driver and Vehicle Services – We give you the FULL SERVICE, you bastard!

Once again, it is that time of year.  And with a fleet of vehicles, this time of year happens every other month or so.  IT’S PENNDOT UP YOUR ASS TIME!

It seems every chance Pennsylviana gets to fsck it’s residents is happily taken by our dear government. Our motto should be “PA; GET THE FSCK OUT!

How about the latest modification to the PennDOT Vehicle registration, lets see if you can notice it:


Source: PennDOT Driver and Vehicle Services – Online Vehicle Services Login Page

Aunt Susie’s LLC | Greencastle, PA 

Just putting this out there…

Image 1 for Crown Jewel Vista

Source: Aunt Susie’s LLC | Greencastle, PA | Check Availability or Make a Reservation | ResNexus

Jet Engine Tachometer Turned Into Unique CPU Utilization Meter | Hackaday

I’ve got three boxes of flight instruments waiting for this treatment 🙂

Source: Jet Engine Tachometer Turned Into Unique CPU Utilization Meter | Hackaday

401 and 403 Bypass Cheat Sheet for Penetration Testers

If you can’t beat them…

Manual Techniques for 401 and 403 Bypass Change HTTP Method:
  • Experiment with different HTTP methods (GET, POST, PUT, DELETE) to bypass restrictions.
  • Alter URL Encoding: Manipulate URL encoding using double URL encoding, Unicode encoding, or mixed encoding to bypass access control.
  • Directory Traversal: Use “../” or “./” in the URL path to access restricted files and bypass directory restrictions.
  • Add Trailing Slash: Append a trailing slash (“/”) at the end of the URL path to bypass access control.
  • Case Manipulation: Modify the case of letters in the URL to bypass case-sensitive restrictions. HTTP
  • Headers Manipulation: Tweak headers like X-Forwarded-For, X-Originating-IP, or Referer to bypass IP or referrer restrictions.
  • URL Fragment: Attach a URL fragment (e.g., “#randomtext”) to bypass access control.

Automated Tools for 401 and 403 Bypass Bulk 403 Bypass:

  • A Python script to automate testing for common 403 bypass techniques. Access the tool at https://github.com/aardwolfsecurityltd/bulk_403_bypass.
  • byp4xx: A script that helps bypass 401 and 403 errors using various techniques. Find the tool at https://github.com/lobuhi/byp4xx.
  • bypass-403: A Python-based tool designed to bypass 403 Forbidden errors. Access the tool at https://github.com/iamj0ker/bypass-403.
  • ForbiddenPass: A tool focused on bypassing 403 Forbidden responses by testing different methods. Download the tool at https://github.com/gotr00t0day/forbiddenpass.
  • Burp Suite Extensions: Enhance Burp Suite with extensions, such as Autorize, to help bypass 401 and 403 errors. Access the extension at https://portswigger.net/bappstore/444407b96d9c4de0adb7aed89e826122.

Additional Resources for 401 and 403 Bypass OWASP:

  •  The Open Web Application Security Project (OWASP) provides a wealth of information on web application security, including guidance on bypassing access controls. Visit https://www.owasp.org for more information.
  • HackTricks: An excellent resource for penetration testing techniques, including bypassing 401 and 403 errors. Access the guide at https://book.hacktricks.xyz/network-services-pentesting/pentesting-web/403-and-401-bypasses.

Remember to always obtain proper authorization before conducting any penetration tests. This cheat sheet is intended for educational purposes and to enhance the security of web applications.

Source: 401 and 403 Bypass Cheat Sheet for Penetration Testers