Tech Nuske

Tech Nuske

Sunday, 3 June 2012

Basic vi editor commands

Here are some commands of vi editor that are really useful and which I personally use all the time

  • Cursor Movement
           0 - moves the cursor to beginning of the current line
           $ - moves the cursor to end of the current line
           w - moves the cursor to beginning of the next word
           b -  moves the cursor to beginning of the previous word
           e - moves the cursor to the end of the next word
           H -  moves the cursor to the top of the screen
           M -  moves the cursor to the middle of the screen
           L -  moves the cursor to the bottom of the screen
           :0 - moves the cursor to first line in file
           :n -  moves the cursor to  line number n
           :$ -  moves the cursor to  last line in the file
  • Manipulating Text
           dd - delete the current line
           Ndd - delete N number of lines, starting from the current line
           yy - copy the current line to be pasted
           Nyy - copy N number of lines to be pasted starting from the current line
           p - paste the content which was copied
  • Searching Text
          /<search text> - start searching forward for the search text starting from the current line
          ?<search text> - start searching backward for the search text starting from the current line
          n - move to next occurance of the search text
          N - move to previous occurance of the search text
          % - searches for the matching pair of paranthesis - ( ) / { } / [ ] 
  • Find/ Replace
            :%s/fff/rrrrr/- - For all lines in a file, find string "fff" and replace with string "rrrrr" for the first instance on a line
            :%s/fff/rrrrr/g - For all lines in a file, find string "fff" and replace with string "rrrrr" for each instance on a line
            :%s/fff/rrrrr/gc - For all lines in a file, find string "fff" and replace with string "rrrrr" for each instance on a line. Ask for conformation
             :%s/fff/rrrrr/gi - For all lines in a file, find string "fff" and replace with string "rrrrr" for each instance on a line. Case insensitive
     
 - By Joohi Sinha     


Stay tuned for more.....

Friday, 4 May 2012

Running Multiple Instances of Google Talk

Users of Google Talk (GTalk) can also let GTalk go to polygamy, that's running multiple instances of Google Talk and login to multiple Google accounts on Google Talk. The polygamy trick can be done without any crack, patch or hack, with just a simple command line parameter or switch /nomutex appended to the Google Talk shortcut.

Ability to polygamy running multiple Google Talk is useful if users have multiple Google Talk accounts (or Google or Gmail accounts that used to login to GTalk) or multiple profiles or personalities, and don't want to log on and off from one account to another account every time when want to switch, or want to log in to all accounts at the same time on the same computer.


You can add the /nomutex switch or parameter to existing Google Talk shortcut, or create a new shortcut with the /nomutex command line parameter.

To edit existing Google Talk shortcut:


1)
Right click on the Google Talk shortcut.
2)
On the right click contextual menu, click on Properties.
3)
Go to Shortcut tab on Google Talk Properties window.
4)
On the Target textbox, add in the /nomutex to the end of the line so that it looks like below (or you can simply copy and paste the below syntax and replace the original).

Target: "C:\Program Files\Google\Google Talk\googletalk.exe" /nomutex

5)
Click on OK.


To create a new shortcut for Google Talk:


1)
Right-click on the desktop or anywhere you want to place the GTalk shortcut.
2)
Select New on the right click context menu.
3)
Then select Shortcut.
4)
Copy and paste the following line to the text box when prompted to type the location of the item:

"C:\Program Files\Google\Google Talk\googletalk.exe\" /nomutex

5)
Click on Next.
6)
Give the shortcut a proper name such as Google Talk or Google Talk Multiple or Google Talk Polygamy.
7)
Click OK until you are done.

If you have hex editor, you can act like a hacker and modify the bits in Google Talk program so that it will always allow multiple instances of GTalk to be launched whether the /nomutex switch is specified or not.

Launch hex editor and open googletalk.exe, then search for the following patterns in the hex editor:

004536FD . 3BC6 CMP EAX,ESI

004536FF . 75 05 JNZ SHORT googleta.00453706


Modify the string to look like the following:

004536FD . 8BC1 MOV EAX,ECX

004536FF . EB 05 JMP SHORT googleta.00453706



How this Works?

The mutex is short for mutual exclusion object.
A mutex is a program object that allows multiple program threads to share the same resource, but not simultaneously.

So, in the hack above, we used nomutex (no-mutex) to use the same resources simultaneously....!

Enjoy and keep smiling,
Smile is a language that everybody understands. (",)..!!!

Thursday, 3 May 2012

SYN flooding


Recently I unknowingly made a small configuration change in my PC at work, which caused the entire network of my office to go down for one whole day, all without my knowledge. This small mistake that led to such a huge disaster got me interested in how entire networks can become flooded and hence rendered useless, just because of a small packet. I came across one such type of network flooding attack, SYN flooding. 

SYN flooding is a method that the user of a hostile client program can use to conduct a denial-of-service (DoS) attack on a computer server. The hostile client repeatedly sends SYN (synchronization) packets to every port on the server, using fake IP addresses.
Normally when a client attempts to start a TCP connection to a server, the client and server exchange a series of messages which normally runs like this:
  1. The client requests a connection by sending a SYN (synchronize) message to the server.
  2. The server acknowledges this request by sending SYN-ACK back to the client.
  3. The client responds with an ACK, and the connection is established.

This is called the TCP three-way handshake, and is the foundation for every connection established using the TCP protocol.
But when an attacker starts a SYN flood attack, the following sequence takes place
1.      Attacker creates a random source address for each packet
2.      SYN flag set in each packet is a request to open a new connection to the server from the spoofed IP address
3.      Victim server responds to spoofed IP address, then waits for confirmation that never arrives (waits about 3 minutes)
4.      Victim's connection table fills up waiting for replies
5.      After table fills up, all new connections are ignored
6.      Legitimate users are ignored as well, and cannot access the server
7.      Once attacker stops flooding server, it usually goes back to normal state (SYN floods rarely crash servers)
8.      Newer operating systems manage resources better, making it more difficult to overflow tables, but still are vulnerable .



The hostile client makes the SYN requests all appear valid, but because the IP addresses are fake ones, it is impossible for the server to close down the connection by sending RST packets back to the hostile client. Instead, the connection stays open. Before time-out can occur, another SYN packet arrives from the hostile client. A connection of this type is called a half-open connection. Under these conditions, the server becomes completely or almost completely busy with the hostile client. Communications with legitimate clients is difficult or impossible.
A hostile client can exploit half-open connections and possibly get access to server files. The transmission by a hostile client of SYN packets for the purpose of finding open ports and hacking into one or more of them, is called SYN scanning. A hostile client always knows a port is open when the server responds with a SYN/ACK packet.

- Joohi Sinha
Stay tuned for more...


HackTricks := SQL Injection Continue...


Hello everyone,

I am back with SQL Inection, sorry for late...
 
Example of a SQLInjection Attack

Here is a sample basic HTML form with two inputs, login and password.

<form method="post" action="http://testasp.vulnweb.com/login.asp">
<input name="tfUName" type="text" id="tfUName">
<input name="tfUPass" type="password" id="tfUPass">
</form>
The easiest way for the login.asp to work is by building a database query that looks like this:

SELECT id
FROM logins
WHERE username = '$username'
AND password = '$password’

If the variables $username and $password are requested directly from the user's input, this can easily be compromised. Suppose that we gave "Joe" as a username and that the following string was provided as a password: anything' OR 'x'='x

SELECT id
FROM logins
WHERE username = 'Joe'
AND password = 'anything' OR 'x'='x'

As the inputs of the web application are not properly sanitised, the use of the single quotes has turned the WHERE SQL command into a two-component clause.

The 'x'='x' part guarantees to be true regardless of what the first part contains.

This will allow the attacker to bypass the login form without actually knowing a valid username / password combination!


Preventing SQL injection

To protect against SQL injection, user input must not directly be embedded in SQL statements. Instead, parameterized statements must be used (preferred), or user input must be carefully escaped or filtered.

Parameterized statements

With most development platforms, parameterized statements can be used that work with parameters (sometimes called placeholders or bind variables) instead of embedding user input in the statement.

In many cases, the SQL statement is fixed. The user input is then assigned (bound) to a parameter.

This is an example using Java and the JDBC API:

PreparedStatement prep = conn.prepareStatement("SELECT * FROM
USERS WHERE USERNAME=? AND PASSWORD=?");
prep.setString(1, username);
prep.setString(2, password);
prep.executeQuery();

Similarly, in C#:

using (SqlCommand myCommand = new SqlCommand("SELECT * FROM
USERS WHERE USERNAME=@username AND
PASSWORD=HASHBYTES('SHA1',
@password)", myConnection))
{
myCommand.Parameters.AddWithValue("@username", user);
myCommand.Parameters.AddWithValue("@password", pass);
myConnection.Open();
SqlDataReader myReader = myCommand.ExecuteReader())
...................
}

In PHP :

$db = new PDO('pgsql:dbname=database');
$stmt = $db->prepare("SELECT priv FROM testUsers WHERE
username=:username AND password=:password");
$stmt->bindParam(':username', $user);
$stmt->bindParam(':password', $pass);
$stmt->execute();

There are also vendor-specific methods; for instance, using the mysqli[6] extension for MySQL 4.1 and above to create parameterized statements:

$db = new mysqli("localhost", "user", "pass", "database");
$stmt = $db -> prepare("SELECT priv FROM testUsers WHERE
username=? AND password=?");
$stmt -> bind_param("ss", $user, $pass);
$stmt -> execute();


Escaping

A straight-forward, though error-prone, way to prevent injections is to escape dangerous characters.

One of the reasons for it being error prone is that it is a type of blacklist which is less robust than a whitelist.

For instance, every occurrence of a single quote (') in a parameter must be replaced by two single quotes ('') to form a valid SQL string literal.

In PHP, for example, it is usual to escape parameters using the function mysql_real_escape_string before
sending the SQL query:

$query = sprintf("SELECT * FROM Users where UserName='%s' and
Password='%s'",
mysql_real_escape_string($Username),
mysql_real_escape_string($Password));
mysql_query($query);

By,
Shweta Jogi
Enjoy every moment of you life...

Friday, 27 April 2012

Memory Leack in Java? 'Static' cause it?

Does 'static' cause Memory Leak in Java?


What's memory leak? In simple terms, it's unused but referenced (somehow because the programmer probably unintentionally forgot to remove the references once the use of the object was over) part of the memory. Before we start discussing if 'static' can cause memory leak in Java, let me assure you that whatever you've read about Garbage Collectors in Java, is still valid and it certainly takes care of most (almost all) of the memory allocation of Java objects. But, that alone doesn't remove the possibility of the presence of memory leak in a Java program - just for example, you might not only be using only Java objects in your Java program. Putting it differently, what if you have used some native objects and forgot to reclaim the memory explicitly because that's anyway not going to be taken care by the GC (which takes care of heap memory management only)... right?

Now that we agree with the possibility of a Java program having potential memory leaks, let's see if using 'static' can also be one of the potential reasons for memory leaks in Java.
 

How to find if your Java Program contains Memory Leaks?

Well... the programmer should have kept their eyes open while development itself. Once the app is ready, one may like to use Profilers (available from many vendors) to analyze the object graphs.

If your Java app is usually crashing with 'OutOfMemoryError' after executing for a while then it should ring an alarm for the possibility of memory leaks in your app. Though, this doesn't necessarily mean your app is having memory leaks, it might be possible that the allocated heap space is not enough for the proper functioning of your app.

Does 'static cause memory leak in Java?


'static' can't straightway be blamed for causing memory leaks. But, if the programmer has not well thought the usage and has not taken care of the setting the references to 'null' explicitly after using the static objects then they can definitely cause memory leaks. Let's see how.

As you know 'static' members will by default live for the entire life of an app unless they are explicitly set to 'null'. So, always make it a point to nullify the references as soon as you reach at a point in your code where the use of the static member is over. For example: suppose you have created a 'Statement' object from a DB Connection and the connection is a pooled one. Now as you know calling close() method on a pooled connection will not actually close the connection instead it will return the Connection object to the pool to be re-used. So, in such a case unless you explicitly close the 'Statement' object, it would keep consuming precious memory space for no real use. Just think the scenario where you have declared the 'Statement' object as a static member, it'll be maintained in the memory for the entire life time of the app even when the control is out of the scope. It's just a sample scenario and many of you might never have used 'Statement' object in such an irresponsible manner. It's just an attempt to show how the 'static' can be misused to cause memory leaks in Java.

Not that if your Statement object is non-static you should reply on the out-of-scope nullification (i.e., as soon as control is out of scope the local objects would be marked for re-claimation) as in case you still have a significant amount of code (in terms of time/space) after using the Statement last and before reaching the end of the local scope, it would be a sheer wastage of memory if you don't explicitly nullify the 'Statement' after its use is over. Such a scenario should also be thought of as memory leaks only and one should always make sure the nullification of resources is as close to their last usage as possible.

Therefore, in summary we can say that one should/must :-
  • always think if you really need to make this variable/member a 'static' one?
  • always try to confine the scope of an object to restrict its usage only to the section it's actually needed
  • always make a conscious effort to explicitly nullify objects once you finish using them (especially the large objects)
 

Enjoy and keep smiling,
Smile is a language that everybody understands. (",)..!!!

REST in PHP(cont.)



Hi every one. In previous post i had describe how to call the REST web services. Now a days we need to have our web services to be platform independent. To share the data between two different platforms, we will use the XML to communicate. Many web service send XML tagged data in response.  So we need to parse that data in our page.

To do this we will use the built in PHP functions. Now Remember last post about PHP in this blog.
we have $response variable to store the response of web service. now suppose the response is in XML format as bellow.

//XML response format.
<?xml version="1.0" encoding="ISO-8859-1"?>
<temperature>
<date>27</date>
<month>04</month>
<year>2012</year>
<min>10</min>
<max>25.5</max>
<current>24</current>
</temperature>

It returns temperature of city that you pass as a parameter in web service in XML format.

Now if we want to parse this XML response we can add some code in previous post code.

<?php
//extracting data
$city=$_POST['city'];

//set URL
$url = "www.myservice.com";


//data
$data = "city=".$city;


//Initialize and Set option for cURL object
$pst = curl_init();
$pst = curl_setopt($pst,CURLOPT_URL,$url);
$pst = curl_setopt($pst,CURLOPT_POST,true);
$pst = curl_setopt($pst,CURLOPT_RETURNTRANSFER,true);
$pst = curl_setopt($pst,CURLOPT_POSTFIELDS,$data);


//execute cURL objext
$result = curl_exec();


//close cURL object
curl_close($pst);

//Initialize the XML parser
$parser=xml_parser_create();


//Function to use at the start of an element
function start($parser,$element_name,$element_attrs)
{
  switch($element_name)
    {
    case "temperature":
    echo "<h1>Temperature is :</h1><br />";
    break;
    case "date":
    echo "Date: ";
    break;
    case "month":
    echo "Month: ";
    break;
    case "year":
    echo "Year: ";
    break;
    case "min":
    echo "<br/>Lowest: ";
    break;
    case "max":
    echo "<br/>Maximum: ";
    break;
    case "current":
    echo "<br/>Current: ";
    break;
    }
  }


//Function to use at the end of an element
function stop($parser,$element_name)
  {
  echo "/";
  }


//Function to use when finding character data
function data1($parser,$data)
  {
  echo $data;
  }


//Specify element handler
xml_set_element_handler($parser,"start","stop");


//Specify data handler
xml_set_character_data_handler($parser,"data1");


xml_parse($parser,$response);


//Free the XML parser
xml_parser_free($parser);
?> 


Steps.
To do this follow this steps.
1. Initialize XML parser variable with xml_parser_create() funtion.
2. Create function to handle start and end of XML tag.
3. Create function for handling data in XML tag.
4. Specify element handler functions using xml_set_element_handler() function.
5. Specify data handler function using xml_set_character_handler() function.
6. Specify the $parser variable with XML source.
7. Free $parser with xml_parse_free() function.

Change as per your requirements, and enjoy.

by. Nanji Parmar

Thursday, 26 April 2012

IFCONFIG - changing interface configuration


Ifconfig is used to configure the kernel-resident network interfaces. It is used at boot time to set up interfaces as necessary. After that, it is usually only needed when debugging or when system tuning is needed.
If no arguments are given, ifconfig displays the status of the currently active interfaces. Just type ifconfig on your linux terminal and check the interface on your system. The output is a list of details about the interface itself, like its IP address, MAC and its status, whether it is up or not. If a single interface argument is given, it displays the status of the given interface only.
Eg. You can write ifconfig eth0 to display information of that interface only.
 If a single -a argument is given, it displays the status of all interfaces, even those that are down. Otherwise, it configures an interface.
Now comes the fun part, you can change the status of your interfaces using this command
Ifconfig eth0 up  -  puts eth0 interface up.
Ifconfig eth0 down – puts it down back.
Suppose you have two network interface cards, and you want that all the data be routed through only one of those interfaces, you can put one of them down, and direct all packets via the other one.
Now suppose you want to set the IP address of any interface, all you need to do is:
Ifconfig eth0 10.102.1.3 netmask 255.255.255.0 up
And its done.
Now to change the MAC, you need the option ‘hw class’
Ifconfig eth0 hw class aa:08:ff:ee:12:50
This command also allows you to change the broadcast address, IP for a point to point link, multicast address, mtu, IPv6 address etc.

- Joohi Sinha
Stay tuned for more...


Wednesday, 25 April 2012

HackTricks := SQL Injection


Hello Everyone,
Today I am going explain SQL Injection…

( I am sorry because it is totally theoretical… But it is necessary to start from A,B,C,D… )

SQL Injection

SQL Injection is one of the many web attack mechanisms used by hackers to steal data from organizations. It is perhaps one of the most common application layer attack techniques used today. It is the type of attack that takes advantage of improper coding of your web applications that allows hacker to inject SQL commands into say a login form to allow them to gain access to the data held within your database. 

SQL Injection is the hacking technique which attempts to pass SQL commands (statements) through a web application for execution by the backend database. If not sanitized properly, web applications may result in SQL Injection attacks that allow hackers to view information from the database and/or even wipe it out.

Such features as login pages, support and product request forms, feedback forms, search pages, shopping carts and the general delivery of dynamic content, shape modern websites and provide businesses with the means necessary to communicate with prospects and customers. These website features are all examples of web applications which may be either purchased off-the-shelf or developed as bespoke programs.

These website features are all susceptible to SQL Injection attacks which arise because the fields available for user input allow SQL statements to pass through and query the database directly.

SQL Injection: A Simple Example

Take a simple login page where a legitimate user would enter his username and password combination to enter a secure area to view his personal details or upload his comments in a forum.

When the legitimate user submits his details, an SQL query is generated from these details and submitted to the database for verification. If valid, the user is allowed access. In other words, the web application that controls the login page will communicate with the database through a series of planned commands so as to verify the username and password combination. On verification, the legitimate user is granted appropriate access.

Through SQL Injection, the hacker may input specifically crafted SQL commands with the intent of bypassing the login form barrier and seeing what lies behind it. This is only possible if the inputs are not properly sanitised (i.e., made invulnerable) and sent directly with the SQL query to the database. SQL Injection vulnerabilities provide the means for a hacker to communicate directly to the database.

The technologies vulnerable to this attack are dynamic script languages including ASP, ASP.NET, PHP, JSP, and CGI. All an attacker needs to perform an SQL Injection hacking attack is a web browser, knowledge of SQL queries and creative guess work to important table and field names. The sheer simplicity of SQL Injection has fuelled its popularity.

Why is it possible to pass SQL queries directly to a database that is hidden behind a firewall and any other security mechanism?

In SQL Injection, the hacker uses SQL queries and creativity to get to the database of sensitive corporate data through the web application.

SQL or Structured Query Language is the computer language that allows you to store, manipulate, and retrieve data stored in a relational database (or a collection of tables which organise and structure data). SQL is, in fact, the only way that a web application (and users) can interact with the database. Examples of relational databases include Oracle, Microsoft Access, MS SQL Server, MySQL, and Filemaker Pro, all of which use SQL as their basic building blocks.

SQL commands include SELECT, INSERT, DELETE and DROP TABLE. DROP TABLE is as ominous as it sounds and in fact will eliminate the table with a particular name.


In my next post I will explain real example of SQL injection.  I want to explain that in my this post but then I realize that some basic knowledge of SQL injection is required first.

Don’t worry if you are a web developer I will also explain how to develop website which cannot be hacked using SQL injection. 

By,
Shweta Jogi
Enjoy Every Moment of Your Life...

Sunday, 22 April 2012

"ipconfig" not working in cmd????

Dear Reader,

As I promised you last Sunday, I am back with something new.
But this time, I am not going to write an article, but, going to give the answer of a problem that I faced recently.

Few days before I and my friend were working on a project and he needed to check the IP address of his computer so that he can ping from other PC.

So, like everyone does, he opened cmd and typed "ipconfig", you all know what should be the output:

Something like :


isn't it......


but the output was:

'ipconfig' is not recognized as an internal or external command, operable program, or batch file

Now, what to do?????????

This thing was new for both of us, as we never came across such thing.

We started finding the answer and finally we got one, which I would like to share with all of you.

For those who have XP, do the following thing:

-> Right click on My Computer

-> Properties

-> Advaned System Settings.

-> Go to Advanced tab

-> click Environment Variables.

-> In text list under system variables, double click variable named "Path".

-> Add text "C:\Windows;C:\Windows\system32" in variable value.

-> Restart your computer after all done


Now, try ipconfig and see, whether it works or not.



If you still get error its time to try slightly different method:

From the C: drive in DOS, type :

cd Windows\System32 

Now try, "ipconfig" command from this location again.

Also make sure that "ipconfig.exe" is located in your c:\windows\system32



For those who have windows 7:

Go to the System Tray (Notification Area, the bottom pane where your start button is there)

Click the Network icon

Click 'Open Network and Sharing Center'

Click the 'Change adapter settings'

Select the connnection for which you'd like to use a static IP.

Right click it and click 'Properties'.

Select 'Internet Protocol Version 4 (TCP/IPv4)'

Select 'Use the following IP address':

In the 'IP Address' field, insert the IP you'd like to use.

Note: The IP you use must be within the router's list of acceptable IP addresses. It's usually a list between 192.168.1.100 to 192.168.1.255


 I hope by this your "ipconfig" should start working in cmd. If due to any reason your "ipconfig" is still not working in cmd, please do let me know, i will try to find out the problem and will let you know as soon as possible.

But, I wont let your work stop, there is an alternate method by which you can get all the information that you get from "ifconfig" command in cmd.


Go to the System Tray (Notification Area, the bottom pane where your start button is there)

Click the Network icon

Click 'Open Network and Sharing Center'

Click on the Connection whose detail you want.

A small Window will open, now click on the "Details.." and there you are with all the information.

I hope this post helped you to increase your technical knowledge on computer.

You know when to catch me.
So see you next Sunday,  i.e. 29nd April, 2012
Till then take care and make it a nice day.....see you soon.
Regards,
Parth Anil Varma
(Tech Nuske)

Thursday, 19 April 2012

CRON – A daemon to execute scheduled commands


cron is a time-based job scheduler in Linux operating systems. cron enables users to schedule jobs (commands or shell scripts) to run periodically at certain times or dates. It is commonly used to automate system maintenance or administration, though its general-purpose nature means that it can be used for other purposes, such as connecting to the Internet and downloading email.

To start the cron service all you need to do is:
# /etc/init.d/cron start
OR
#start service cron

cron searches its spool area (/var/spool/cron/crontabs) for crontab files. A crontab file contains instructions to the cron daemon of the general form: "run this command at this time on this date". Each user has their own crontab, and commands in any given crontab will be executed as the user who owns the crontab. crontabs found are loaded into memory.
cron then wakes up every minute, examining all stored crontabs, checking each command to see if it should be run in the current minute. When executing commands, any output is mailed to the owner of the crontab (or to the user named in the MAILTO environment variable in the crontab, if such exists).
Along with the crontab files, there is also a command of the same name – crontab. crontab is the program used to install, remove or list the tables used to drive the cron. Check out the crontab(1) man page to refer the list of options that the crontab command provides (click here).

Crontab Format
Commands are executed by cron when the minute, hour, and month of year fields match the current time, and when at least one of the two day fields (day of month, or day of week) match the current time.
A field may be an asterisk (*), which always stands for "first-last".
Ranges of numbers are allowed. Ranges are two numbers separated with a hyphen. The specified range is inclusive. For example, 8-11 for an "hours" entry specifies execution at hours 8, 9, 10 and 11.
Lists are allowed. A list is a set of numbers (or ranges) separated by commas. Examples: "1,2,5,9", "0-4,8-12".
Step values can be used in conjunction with ranges. Following a range with "/" specifies skips of the number's value through the range. For example, "0-23/2" can be used in the hours field to specify command execution every other hour. Steps are also permitted after an asterisk, so if you want to say "every two hours", just use "*/2".
Names can also be used for the "month" and "day of week" fields. Use the first three letters of the particular day or month (case doesn't matter). Ranges or lists of names are not allowed.
The "sixth" field (the rest of the line) specifies the command to be run. The entire command portion of the line, up to a newline or % character, will be executed by /bin/sh or by the shell specified in the SHELL variable of the crontab file. Percent-signs (%) in the command, unless escaped with backslash (\), will be changed into newline characters, and all data after the first % will be sent to the command as standard input.

Here are some examples of crontab lines. Use the command "crontab -e" to edit your crontab file.

           This line executes the "ping" command every minute of every hour of every day of every month. The standard output is redirected to dev null so we will get no e-mail but will allow the standard error to be sent as an e-mail
 *    *    *    *    *       /sbin/ping -c 1 192.168.0.1 > /dev/null
   

     This line executes the "ping" and the "ls" command every 12am and 12pm on the 1st day of every 2nd month. It also puts the output of the commands into the log file /var/log/cronrun.
   0,12 1 */2 * /sbin/ping -c 192.168.0.1; ls -la >>/var/log/cronrun 
                  

           This line executes the disk usage command to get the directory sizes every 2am on the 1st through the 10th of each month. E-mail is sent to the email addresses specified with the MAILTO line. The PATH is also set to something different.

PATH=/usr/local/sbin:/usr/local/bin:/home/user1/bin
MAILTO=user1@nowhere.org,user2@somewhere.org
0 2 1-10 * * du -h --max-depth=1 /




Joohi Sinha
Stay tuned for more.