Accessing Raspberry Pi from your laptop

This is a small post on how to access the Pi with your laptop, in case you don’t have an external monitor and keyboard. One of my friend got this new Raspberry Pi 2 Model B and we tested it.


This model comes with 4 USB ports, 1 ethernet port, 1 HDMI port, audio port, SD card slot, GPIO Header. This models comes with the mini USB wifi adapter, micro SD card with pre-installed OS (NOOBS).

pi@raspberrypi ~ $ uname -a
Linux raspberrypi 3.18.11-v7+ #781 SMP PREEMPT Tue Apr 21 18:07:59 BST 2015 armv7l GNU/Linux

pi@raspberrypi ~ $ cat /proc/version
Linux version 3.18.11-v7+ (dc4@dc4-XPS13-9333) (gcc version 4.8.3 20140303 (prerelease) (crosstool-NG linaro-1.13.1+bzr2650 – Linaro GCC 2014.03) ) #781 SMP PREEMPT Tue Apr 21 18:07:59 BST 2015

pi@raspberrypi ~ $ uname -r

Either you would need an monitor supporting HDMI with a keyboard to see it boot and configure it accordingly. For us we did had any external monitor so we got it working by connecting it to our laptop and configuring dhcp server on my laptop.

We used tftpd32: , which also can be configured for dhcp and connected our Pi to my laptop.


The Pi got an ip and we were good to go.


Finally you can use putty to ssh to your Pi.
If you have a wireless network available you can also configure the Pi to connect to the wireless ssid. First of all make sure that the wireless adapter is getting detected.
pi@raspberrypi ~ $ lsusb
Bus 001 Device 002: ID 0424:9514 Standard Microsystems Corp.
Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 001 Device 003: ID 0424:ec00 Standard Microsystems Corp.
Bus 001 Device 007: ID 148f:5370 Ralink Technology, Corp. RT5370 Wireless Adapter


Do iwconfig to check if the wireless interface shows here. You can also do, sudo ifdown wlan0/sudo ifup wlan0 to bounce the interface.


Use the command : sudo iwlist wlan0 scan  to scan the wifi network available, to make sure the network you are about to configure is seen in this list.


Now open the wpa-supplicant.conf file using nano or vi and edit it to add you desirable network to the list. Goto the bottom of the file and add:




Save and exit and the Pi should connect to your wifi if configured correctly.


For me the Pi was getting an ip however was not able to go out to the internet for which I had to configure the default gateway as the gateway was not configured for my device:


pi@raspberrypi / $ route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface     *        U     0      0        0 wlan0


sudo route add default gw wlan0


pi@raspberrypi / $ route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         UG    0      0        0 wlan0     *        U     0      0        0 wlan0


Once the Pi has an ip address you can access the Pi GUI using couple of methods:


1. Using X11 Forwarding /Xming:


You can also use X11 forwarding and Xming to access the Graphic Interface of the Pi.
Open putty, specify the ip address of the Pi, use ssh/port 22. Goto X11 on putty window and enable X11 Forwarding and connect to your Pi.



On the Pi terminal type startlxde or lxsession and you should see the Pi desktop on Xming.


2.Using Xrdp :


You can install xrdp on Pi and rdp to it using the windows laptop.


pi@raspberrypi ~ $ sudo apt-get install xrdp
Reading package lists… Done
Building dependency tree
Reading state information… Done
The following NEW packages will be installed:
0 upgraded, 1 newly installed, 0 to remove and 1 not upgraded.
Need to get 252 kB of archives.
After this operation, 1,499 kB of additional disk space will be used.
Get:1 wheezy/main xrdp armhf 0.5.0-2 [252 kB]
Fetched 252 kB in 1s (135 kB/s)
Selecting previously unselected package xrdp.
(Reading database … 79469 files and directories currently installed.)
Unpacking xrdp (from …/xrdp_0.5.0-2_armhf.deb) …
Processing triggers for man-db …
Setting up xrdp (0.5.0-2) …
[….] Generating xrdp RSA keys……
Generating 512 bit rsa key…
ssl_gen_key_xrdp1 ok
saving to /etc/xrdp/rsakeys.ini
done (done).
[ ok ] Starting Remote Desktop Protocol server : xrdp sesman.


Open remote desktop (mstsc.exe) and connect to you Pi ip. You will be presented with the login screen, feed the Pi credentials and there you go.



Hope this would be helpful.

DHCP Fingerprinting

DHCP Fingerprinting is a method of detecting the end device OS based on the dhcp exchange packets. In today’s network where we are talking about IoE , BYOD it is required to identify the devices in your network and mark them accordingly.

Why do we need Fingerprinting:

With BYOD personal devices are making their way into the workplace, and it is a tough job for the network administrators to dynamically detect these devices and make sure these devices are compliant and to enforce required polices on these devices. Detecting the devices type/OS is also part of the play.

Due to the proliferation of BYOD (Bring Your Own Devices)/mobile devices connecting mostly over the Wireless Network, it becomes difficult to identify and control the types of devices that can connect to the network, and once connected, to determine what access privileges they might have.

With DHCP Fingerprinting, DHCP Servers or devices like IPAM Controllers or Wireless Controllers, can use DHCP Fingerprinting to identify the device type, manufacturer name and OS of the clients/devices connecting to the network, categorize them into ACLs, and control which device can connect to the network and what it can do.

How it works:

DHCP Fingerprinting is one of the methods that help us in identifying the OS on the devices bases on the dhcp option.

The complete DHCP process is like this:


The DHCP packets contain multiple options. One of the most important option which is used for dhcp fingerprinting is the option : 55 called Parameter request list, this option is present in the packets sent from the client end i.e the Discover and Request Packets.


The option 55: Parameter Request list in the above capture is :

1,6,15,44,3,33,150 and 43

A DHCP discover request asks for DHCP options in a specific sequence. This makes DHCP Fingerprinting possible – identifying a device or OS requesting an IP address based on the requested DHCP options.

Fingerbank has got a repository of such fingerprints:

Some of the captured fingerprints in hex:

Android_device    3C64686370636420342E302E3135
Android 2.X           3c6468637063642034
Android 2.2           3701792103061c333a3b
Android 2.3.X        0c616E64726F69645F
Android 4.0.X        37012103060f1c333a3b
Android 4.0.X(2)    37012103061c333a3b
Blackberry 2          3C426C61636B4265727279
Blackberry(2)         370103060F775ffc2c2e2f
iOS Device             370103060F77FC
iPad                        37011c02030f06770c2c2f1a792a
OS X 10.6               370103060f775ffc2c2e2f
OS X 10.7               370103060f775ffc2c2e
Win Mobile            3c4d6963726f736f66742057696e646f77732043450
Win Mobile6          370103060f2c2e2f

Aruba implementation of DHCP Fingerprinting:

Hope this was informative.


Understanding Browser’s user-agent

So basically the user-agent string is something which identifies your browser and provides certain system details to servers hosting the webpage you are visiting. When you visit a webpage, the browser sends the user-agent string to the server hosting the page that you are visiting. This string indicates which browser is being, its version number, and details about your system, such as operating system and version. The web server can use this information to provide content that is tailored for your specific browser.You can see the user-agent in the wireshark captures when you machine sends out the GET request or on the browser itself.

You can also check the user-agent on the browser itself. Lets see how:


Type chrome://version in the address bar.


Type about: in the address bar.

Internet Explorer:

Message from webpage
Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; rv:11.0) like Gecko

Type javascript:alert(navigator.userAgent) in the address bar, the user-agent string would show up in a dialog box. You can do CTRL+C to copy it.

While we might be considered user agent sniffing a horrible practice on the client side, however sniffing user agent is done quite a bit on the server side to serve up the appropriate page version of a site, or redirect to, for example, the mobile version of the site.  This can be a dangerous road but most large site with a separate mobile interface do it.


The following is the user agent for Firefox on a mobile device:
 Mozilla/5.0 (Mobile; rv:18.0) Gecko/18.0 Firefox/18.0


History of User Agent:
I came across this blog which talks about the history of User-Agent.



In the beginning there was NCSA Mosaic, and Mosaic called itself NCSA_Mosaic/2.0 (Windows 3.1), and Mosaic displayed pictures along with text, and there was much rejoicing. And behold, then came a new web browser known as “Mozilla”, being short for “Mosaic Killer,” but Mosaic was not amused, so the public name was changed to Netscape, and Netscape called itself Mozilla/1.0 (Win3.1), and there was more rejoicing. And Netscape supported frames, and frames became popular among the people, but Mosaic did not support frames, and so came “user agent sniffing” and to “Mozilla” webmasters sent frames, but to other browsers they sent not frames.


And Netscape said, let us make fun of Microsoft and refer to Windows as “poorly debugged device drivers,” and Microsoft was angry. And so Microsoft made their own web browser, which they called Internet Explorer, hoping for it to be a “Netscape Killer”. And Internet Explorer supported frames, and yet was not Mozilla, and so was not given frames. And Microsoft grew impatient, and did not wish to wait for webmasters to learn of IE and begin to send it frames, and so Internet Explorer declared that it was “Mozilla compatible” and began to impersonate Netscape, and called itself Mozilla/1.22 (compatible; MSIE 2.0; Windows 95), and Internet Explorer received frames, and all of Microsoft was happy, but webmasters were confused.And Microsoft sold IE with Windows, and made it better than Netscape, and the first browser war raged upon the face of the land. And behold, Netscape was killed, and there was much rejoicing at Microsoft. But Netscape was reborn as Mozilla, and Mozilla built Gecko, and called itself Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.1) Gecko/20020826, and Gecko was the rendering engine, and Gecko was good. And Mozilla became Firefox, and called itself Mozilla/5.0 (Windows; U; Windows NT 5.1; sv-SE; rv:1.7.5) Gecko/20041108 Firefox/1.0, and Firefox was very good. And Gecko began to multiply, and other browsers were born that used its code, and they called themselves Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.7.2) Gecko/20040825 Camino/0.8.1 the one, and Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv: Gecko/20071008 SeaMonkey/1.0 another, each pretending to be Mozilla, and all of them powered by Gecko.


And Gecko was good, and IE was not, and sniffing was reborn, and Gecko was given good web code, and other browsers were not. And the followers of Linux were much sorrowed, because they had built Konqueror, whose engine was KHTML, which they thought was as good as Gecko, but it was not Gecko, and so was not given the good pages, and so Konquerer began to pretend to be “like Gecko” to get the good pages, and called itself Mozilla/5.0 (compatible; Konqueror/3.2; FreeBSD) (KHTML, like Gecko) and there was much confusion. Then cometh Opera and said, “surely we should allow our users to decide which browser we should impersonate,” and so Opera created a menu item, and Opera called itself Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; en) Opera 9.51, or Mozilla/5.0 (Windows NT 6.0; U; en; rv:1.8.1) Gecko/20061208 Firefox/2.0.0 Opera 9.51, or Opera/9.51 (Windows NT 5.1; U; en) depending on which option the user selected.


And Apple built Safari, and used KHTML, but added many features, and forked the project, and called it WebKit, but wanted pages written for KHTML, and so Safari called itself Mozilla/5.0 (Macintosh; U; PPC Mac OS X; de-de) AppleWebKit/85.7 (KHTML, like Gecko) Safari/85.5, and it got worse.


And Microsoft feared Firefox greatly, and Internet Explorer returned, and called itself Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0) and it rendered good code, but only if webmasters commanded it to do so. And then Google built Chrome, and Chrome used Webkit, and it was like Safari, and wanted pages built for Safari, and so pretended to be Safari. And thus Chrome used WebKit, and pretended to be Safari, and WebKit pretended to be KHTML, and KHTML pretended to be Gecko, and all browsers pretended to be Mozilla, and Chrome called itself Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/525.13 (KHTML, like Gecko) Chrome/ Safari/525.13, and the user agent string was a complete mess, and near useless, and everyone pretended to be everyone else, and confusion abounded.



Hope this was informative.

How to open image files from Terminal in Ubuntu

This is a quick way of opening a image file from the Terminal window in Ubuntu. Unlike the executable files you cannot open the image file just by typing the file name on the Terminal window, instead you have to initiate the appropriate program to open the image file.The default image viewer application in Ubuntu is the Gnome Image viewer also known as Eye of Gnome of eog.

Open the Terminal window in Ubuntu (Alt + Cntrl + T) and type eog to open the image viewer program.

To open the image use the image name followed  by the eog command.

eog <name of the image file> // You can use tab to auto-complete the filename.

The Terminal will hold the access as long as the application is open and you would not be able to do much on the terminal. Thus you can have the control of the terminal you can run the application in the background using ” & ” at the end of the command i.e

eog test123.jpg & // This will open the test123 image file while you still have control of the Terminal.

Hope this quick tip was helpful.

Mapping a Network/Share Drive

Having a share drive/folder on a central server and allowing access to it generally used for easy access to the shared content and to increase storage for the users. Once the shared folder is created on the Server the users and easily map it on their machines so that they need not to remember its name/ip each time they need to access this drive/folder.

Mapping is sometimes also referred to a “Mounting” i.e Mounting a network drive/Folder.

Lets see how we can map the shared folder on the Windows 7 machine.

Click on Start > Goto Computer.

It will bring up the window which will show the drives on your machine. Click on Map Network Drive on the top




This will bring up a new window, which will show you the drive name, which you can choose from the drop down from A-Z.
Also it will ask you to put in the folder name in the format : ServerShare  i.e you need to specify the Servername or ip which is hosting the shared folder followed by the share folder name.

In my case, my server admin has hosted this folder on the Server with ip address : and the name of the folder being shared is : TFTPRoot so I’ll use the folder name as :\\\TFTPRoot.











This will ask you to login with your credentials, contact your server admin and check in case your local credentials do not work.

Once authentication is successful, it will add in the drive name that you selected in your drive list.


Lets see how we can mount a drive on a Mac OS.

Open the finder which should be located on your Dock. Click on the Go menu and click on Connect to Server.


This will open up the Connect to Server window. In the Server address type in the Servername/ip followed by the folder name as we did for the Windows machine in the format: smb://

Click on the Plus sign to add this folder in your favorite folder list so that next time you want to connect to it you can directly choose from this list. And then click on Connect.


You’ll be asked to authentication, please put in your credentials and click OK. It will create an icon of a Server on your desktop click on it to connect to your Share drive/folder.

Hope this was helpful 🙂

Creating chained certificate from an unchained certificate.

Many a times we see that the CA (Third Party Certificate Authority) does not provide a chained cert rather they provide  a signed Server Cert and might provide us the Intermediate CA cert and the Root CA cert separately.


In couple of cases they just provide you a signed Server Cert and might expect you to download the Intermediate cert and the Root cert and chain the final cert if required and use it. Many vendor devices do not support an unchained Server cert and they expect you to get a chained Server cert  before it could uploaded to the device.


Lets see how we can generate a chained cert from an unchained certificate. I’ll use the following server cert as an example.




The above cert is a Server cert issue by “Go Daddy” well known CA. However the certificate is not  chained, if you open the certificate in notepad you’ll find that it is just a Server cert.
















For generating a chained cert you need to append the Server cert with the Intermediate CA cert and the Root CA cert. In our case “Go Daddy Secure Certificate Authority” is the Intermediate CA and “Go Daddy Class 2 Certificate Authority” is the Root CA.


The way you need to append the file is, you need to keep the Server cert on top, followed by Intermediate CA cert and then the Root CA cert i.e it is just the opposite as it is show in the Certificate Path on the server Cert. Open all the certificates in notepad, also open a blank notepad and copy paste the Server cert, followed by Intermediate cert and then the Root cert and save this as a final cert which should be ready to be uploaded to the device.
Server Cert
Intermediate CA Cert
Root CA Cert



All the certificates on windows 7 are stored in the windows register and not in any specific folder. You can view the certificates using the cert manager (Type certmgr.msc and it will bring up the following window).
For Mac users the certificates are stored in Keychain Access (In the Finder, open Utilities and then open Keychain Access.)
These are the repositories where all the certificates are stored and referenced to check if any certificate is valid or not i.e the Certificate Authority is a Trusted Root CA or not.
There are chances that the Intermediate CA certificate may have expired which will cause the entire certificate to go invalid (untrusted).
In a recent incident DigiCert’s Intermediate Certificate expired, which caused multiple users to get the untrusted certificate error.
The expired certificate in question was the “DigiCert High Assurance EV Root CA” [Expiration July 26, 2014] certificate. This temporary intermediate certificate was used in years past as part of a compatibility chain for older devices.The problem was related to the locally installed legacy intermediate certificate that was no longer used and no longer required for the certificate installation. This certificate was not been used for over three years and was unnecessary for installations, however the device having issues were not updated. The users affected appear to have the expired intermediate in the ‘login’ keychain or stored locally on their server or in have the expired intermediate installed on a backend server or application.
DigiCert fixed the issue for the customer’s by getting the old cert removed from their machines and new valid Intermediate cert updated on these devices.
How to create the chained cert when the Root CA cert and Intermediate CA cert is not provided the CA.
Usually your CA will provide you the Intermediate CA cert and the Root CA cert or the steps to get them from their Website. However if this is not the case for you and if these are some well known CA’s we should already have their Intermediate and Root cert on your laptop in the registry or the Keychain Access. Lets see how we can get the Intermediate and the Root CA certificate.
Click on the Server cert to open it. Goto the “Certificate path” click on the Intermediate Certificate for your test certificate it is “Go Daddy Secure Certificate Authority”
Click on View Certificate on the lower right corner, which will open up the Intermediate CA cert. Now we want to export this cert so that we can use the cert for chaining. Goto the Details tab for the certificate.
Click on Copy to File, which should open up the export Wizard.


Click Next > Choose the format : ” Base-64 encoded x.59″
Click on Next > Browse and give a name to the file. (Remember this is the Intermediate CA cert so save it some where on your laptop and give it a name like intermediatecert). Click Next and Finish. This will successfully export the Intermediate CA cert on you desktop, now repeat the same process to get the Root CA cert exported on your desktop you click on the Root CA cert in the server or the Intermediate CA cert.
Once you have successfully exported both the Intermediate and the Root CA cert you can open them in notepad and append the Server cert as we already discussed initially.
Hope this was helpful 🙂


Added information:

The certificates are stored in the registry at HKLM/Software/Microsoft/SystemCertificates

Personal certificates, or other certificates specific to the logged in user are at HKCU/Software/Microsoft/SystemCertificates

They are stored as binary blobs, so they need to be decoded, and the MMC plugin is a good way to do this.

Using VPCS in Gns3 to replicate host devices in the network topology

The latest version on Gns3 comes with the Virtual PC Simulator that can be used to simulate end host in the network topology in Gns3 and to do simple reachability tests like ping and traceroute. Thought there are other alternatives available as well like, Qemu and Virtual box guest however these are cpu intensive. VPCS is integrated with windows and linux machine and are very light on CPUThe latest version of the GNS3 can be downloaded from here:

In this post we’ll see how we can configured and use VPCS in our small network topology we’ll be using. We’ll be using as simple L2 (Ethernet Switch) and connecting two PCs in the same vlan and we’ll do a simple ping test from one PC to the other.

Lets start building up the topology:










If you don’t like Cloud representing the PC you can change the symbol by right clicking on the Cloud.












Let me change the symbols in my topology.










Lets see what configuration is needed to use VPCS. Right click the PC-1 and click on configured. In the node configurator click on the C node and goto NOI UDP.













Use local port as 30000 and remote port as 20000 > click on Add and Apply. Similarly configure the other PC-2 accordingly with local port as 30001 and remote port as 20001.















Once both the PCs are configured, connect them to the Switch using the NOI UDP ports.









In this situation, both the switchport 1 and 2 are configured in the Vlan 1. Lets start the VPCS configure and assign ip address to the two PCs accordingly.

I would be assigning both the devices ip address in the same subnet (

Lets start up the VPCS. Goto Tools on the Gns3 window and click on VPCS.











This should automatically bring up the windows command prompt, with the VPCS prompt.









Following are the options available:











The VPCS prompt is the terminal for the PCs. You can type 1 to get to the VPCS 1 or 2 to get to the VPCS 2.

Lets assign ip address to both the virtual PCs. Following is the ip address assignment format for the VPCS:

VPCS[1]> ip ?

ip [arguments]
  Configure the current VPC’s IP settings
    <address> [/<mask>] [<gateway>]
    <address> [<gateway>] [/<mask>]
                   Set the VPC’s ip, default gateway ip and network mask
                   Default IPv4 mask is /24, IPv6 is /64. In the ether mode,
                   the ip of the tapx is the maximum host ID of the subnet.
                   ip /26 set the VPC’s ip to,
                   the gateway to, the netmask to,
                   the tapx ip to in the ether mode.
                   </mask> may be written as /26, 26 or
    auto           Attempt to obtain IPv6 address, mask and gateway using SLAAC
    dhcp -[d|r|x]  Attempt to obtain IPv4 address, mask, gateway, DNS via DHCP
          -d         Show DHCP packet decode
          -r         Renew DHCP lease
          -x         Release DHCP lease
    dns <ip>       Set DNS server <ip>, delete if <ip> is ‘0’
    domain <name>  set local domain name
    mtu <value>    Set IPv4 MTU to <value>, at least 576.





Assigning ip address to the second PC.







Now lets test a Ping from one PC to the other.






As you can see we can use this tool for simple reachability/connectivity test.


Using windows loopback adapter for the connectivity test:

We can also use the windows loopback adapter for the similar purpose. Please find my other post on how to create a loopback adapter on windows machine:

You can create multiple loopback adapters on the windows machine and use it likewise. In the below snapshot you would see that I have created two loopback adapters Local Area Connection 3 and 5.




You can use the NOI Ethernet Tab on the Cloud to map the loopback adapter to the PCs. In our setup I have used the loopback adapter 3 and loopback adapter 5 to the two PCs accordingly.









Make the ethernet connectivity accordingly from these PCs to the ethernet switch.








You can assign ip addresses to the loopback adapter accordingly and do a ping test.









Hope this would be helpful. 🙂

Creating loopback adapter on windows machine.

Why would I need a loopback adapter on my laptop/desktop:


We can compare a loopback adapter to a loopback interface on any router. Like the loopback interface on a router is not associated to any physical interface and is always up irrespective of the physical connectivity to the Router, similar a a loopback adapter.

This is what the internet says on loopback interface:

A loopback interface is a virtual interface that resides on a router. It is not connected to any other device. Loopback interfaces are very useful because they will never go down, unless the entire router goes down.

There might be a situation where in you would need to assign an ip address to your laptop and use it for any testing/application. You would not be able to use the ip address assigned to your physical interface useless the physical interface itself is connected to a lan cable. May be a situation wherein the ip address assigned to your physical interface is via dhcp from your Service Provider router and changing the ip on the physical interface is not possible.

Above were the couple of scenario’s where you might need to create a loopback adapter on you windows machine and use it.

How to create a loopback adapter on windows machine :

Click Start > On the search Program and Files type : hdwwiz











or Open cmd and type:hdwwiz it should bring up the Hardware Wizard.















Once you get the add Hardware Wizard window click Next > Click on Install the hardware that I manually select from the list.














Click Next > In the Common Hardware type list scroll down and choose Network Adapter.














Click on Next. Choose Microsoft under the Manufacturer list and Choose Microsoft Loopback Adapter under the Network Adapter list.














Click Next and Click Next for the Install Process.














Once Installed Click on Finish.













You are ready to go.

Goto your network connections ( shortcut type ncpa.cpl in the cmd window), you should see a Local Area Connection 1 or 2 depending on the number of existing connections.





You can disable/enable this adpater as required and right click on properties to assign ip address and use it .


I have use loopback adapter for connectivity reachability test in GNS3 and for simulating host machines.


Hope this would be helpful.

Exploring Mysql on XAMPP

It is a good practice to create admin user instead of using the root account for managing the DB. Lets see how can we create users using Sql and assign them privileges.

Creating a user on MySql :

As discussed in my previous post XAMPP provide a useful GUI interface for MySql. You can log into the GUI and create users and assign them specific privileges. Please refer to the post : if you want to know how you can get into the WebUI.

Once you are into the sever goto the Privileges tab.

Click on the option “Add a new User” it will take you to the next screen where you can create a user and assign specific privileges to the user.

Click “go” to create the user with the assigned privileges.

Lets now see how we can create a new user using the CLI, we have already discussed in the previous post how to get the CLI and the GUI of the SQL server .

We can either use the command : Create to create a user or Grant command directly to create a user and assign some privileges to the user.

mysql> create user Sandy@localhost identified by ‘Sandy123’;

Query OK, 0 rows affected (0.00 sec)

Here Sandy is the username and Sandy123 is the password.

We used @localhost  to add the user to give it access to the local server, without this the user would be created however the host field would be blank. The result of this command on the WebUI will appear as:

You can user the command: Drop user to delete the user like:

mysql> drop user Sandy@localhost ;
Query OK, 0 rows affected (0.00 sec)

Now lets see how we can assign privileges to this user using the Grant command:

mysql> grant all
    -> on *.*
    -> to Sandy@localhost identified by ‘Sandy123’
    -> with grant option;
Query OK, 0 rows affected (0.00 sec)

This will create Sandy username automatically and assign all privileges (Grant all) also with grant option i.e this user will able able to grant privileges to other users.

Similarly you can assign specific privileges instead of all.

mysql> grant select, insert, update, delete, index, alter, create, drop
-> on books.*
-> to sally;

We are assigning specific privileges to sally to the books DB.

You can refer to the following link for account management:


Hope it was helpful…..

Working with MySql on XAMPP

Getting my hands dirty into some programming stuff. I have some networking background with zero programming knowledge. Was reading some article on hacking and Sql injection and was interesting in how these stuffs work.

Thought of trying my hands in programming… Installed PHP and XAMPP in my laptop and trying to get started with Web development programming.

Was working on getting some html pages created with forms getting user inputs using GET/POST and get it saved somewhere. The book I was following suggested to go through the basic SQL command that will help in understanding how things works.

So here I am trying to work with the MySql installed as a service by XAMPP.

The first question comes to my mind how to connect to the MySql server ?

When you install the XAMPP installer it creates a XAMPP control panel as a shortcut on the desktop when you start this, it looks like following with control of starting and stopping the services.

You see that I have the Apache and the MySql services are running. When you click on the Admin tab it takes you to the WebUI of the MySql server, or you can also access it using the following url on the web-browser :


Following is the page you will get.. next it is to explore the various options. I am using an older version of XAMPP so the newer version might have a different look of the page.

You might be presented with a login page before this , the default user created is : root without any password. Use the username : root and hit login.

Also lets try to login to the server using the cmd prompt.

The XAMPP is by default installed in the c:\xampp directory. Goto the following directory : c:\xampp\mysql\bin>

Now login using the command: mysql –user==root.  // This will log you in as a root user.


In case you have created any username and password using the GUI and want to login using those credential use the command:

mysql –user=<username> –password=<password> <DB you want to connect to>

c:\xampp\mysql\bin>mysql –user=root

Welcome to the MySQL monitor.  Commands end with ; or g.
Your MySQL connection id is 297
Server version: 5.5.8 MySQL Community Server (GPL)
Copyright (c) 2000, 2010, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective

Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the current input statement.


In my case I had created a username Ramesh password Ramesh and DB ramesh from the WebUI, now I would login using the command line:

c:\xampp\mysql\bin>mysql –user=Ramesh –password=Ramesh ramesh

Welcome to the MySQL monitor.  Commands end with ; or \g.

Your MySQL connection id is 193
Server version: 5.5.8 MySQL Community Server (GPL)
Copyright (c) 2000, 2010, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective

I can view my DB now :

mysql> select * from shopping
-> ;


| Name   | Customer ID | Address              | Address1 | Work Phone   | Home P

hone | Status | Job              | Age | Note                  |



Now its time to get started with some Sql queries.

You can download XAMPP from the following link:



Hope this was helpful….