54.8 F
High Point
Home Blog

Parrot OS Configuration

0
Parrot OS

Parrot OS Configuration

This is how I set up my Parrot OS after installation. There’s a few things I believe are missing that should be installed or done. I like to keep things as real as possible so this will be a hackers set up.

UFW VPN Kill Switch

This script will disallow traffic through the ethernet and WiFi port and allow traffic through the tunneling adapter only.

ParrotOS Setup Gist

https://gist.github.com/mrjamiebowman/20a75ae1ba26170d2fd098e93dcf229d

Secure Delete

Secure Mem

Shodan

OUI Vendor Lookup Script

Running Terraform in Docker Locally

Running Terraform in Docker Locally

Here are some quick tips on how to run Terraform locally in Docker.

To get started pull the Docker image of Terraform. This image is built on the golang/alpine image.

Running a Script

There’s a couple things here worth noting. I’m mapping in my scripts using the volume command in Docker. The entrypoint script is Terraform so everything will run against Terraform.

Copying SSH Keys to Docker Container

You may need to use SSH Keys and here’s an easy way to copy them.

Start by copying your local ssh keys into a directory you will map into the container.

Once in the container here’s what you will need to do to set them up under the root user.

Note: If you experience issues with files ending with a “?” (id_rsa?) it’s because your script isn’t running with line endings of LF. This happens because of Window’s line endings are CRLF.

Running Terraform in Detached State

If you want shell access to the Terraform container here’s how. Docker containers are designed to shut down immediately after running, if the entrypoint command is complete. To keep the container running use the command “sh tail -f /dev/null”.

Useful Terraform Commands

Terraform init

Will initialize a working directory to install plugins and configuration files.

Terraform validate

Will validate your Terraform script for any syntax errors.

Terraform Turn on Error Logging

Choose one of the export TF_LOG options below to set your logging level.

BlackArch Default Login / Password

0

BlackArch Default Login / Password

BlackArch Linux is a distro that is focused on pen-testing and hacking. This distro includes over 2,300 tools for pen-testing.

User: root

Password: blackarch

Changing Your Password

To bring up a terminal you will need to right-click the desktop and select terminals -> term

Once Terminal is open type

(BlackArch – Opening a Terminal)

UFW VPN KillSwitch

0

UFW VPN KillSwitch

This script will force all traffic through the tunneling adapter and deny traffic through Wi-Fi or ethernet.

https://gist.github.com/mrjamiebowman/b139da2092409054452c4b1249c0f787

CTF: PwnLab Init Walkthrough

0

CTF: PwnLab Init Walkthrough

https://www.vulnhub.com/entry/pwnlab-init,158/

In this walkthrough, I’ll be using Parrot OS. I’ll break each vulnerability down and explain it. The video won’t demonstrate all of the techniques that could have been applied. I will also list the techniques I’ve learned from others.

Exploits / Techniques

  • Local File Inclusions (LFI)
  • Password Reuse
  • Privilege Elevation through compiled code.
  • Remote Code Execution
  • Reverse Shell
  • Spawning Interactive Shells

Pre-Attack

NetDiscover

First Identify the Virtual Machine (VM) server by using NetDiscover.

Discovering the PwnLab Init VM

Nikto

Use Nikto to scan the website for general information and exploits.

In the below results you can see the Nikto found the config.php file. We’ll get the database credentials out of that file.

(nikto scan results)

Local File Inclusion

The actual code we will be exploiting will be an include that looks as if it’s supposed to load a language file through a cookie. There are comments that this code is unfinished.

PHP Base Filter

This exploit uses the php://filter/convert.base64-encode conversion filter. This filter runs before the file is included. Since this filter encodes everything to base64 we are able to view files on the server before they are processed.

Then we can get the configuration file which contains the MySQL database connection information.

Uploading and Exploiting Using an Image

Create an image using vim and insert this into the .gif file.

Then upload the image and retrieve the image path by right clicking and inspecting the image.

Using the Console in FireFox I was able to set the Cookie which loads the image on the website. This will allow us remote code execution.

/etc/passwd

Using the file inclusion we are able to enumerate the users on the host machine by returning the /etc/passwd.

Gaining Access to the MySQL Database

Reverse Shell

The reverse shell is accomplished through the local file inclusion vulnerability.

After Netcat is set up to listen on port 4444 you can paste the below code into the browser and it should pop a reverse shell.

Note: 192.168.0.15 is the virtual machine we are attacking. 192.168.0.14 is the host machine that I’m running Parrot OS on.

Spawn Interactive Shell

Privilege Elevation

This part is rather tricky. I had to have some help and followed Abatchy’s (Mohamed Shahat) technique on this one. His post is worth reading, he tries several other techniques and lists more information than this post.

https://www.abatchy.com/2016/11/pwnlab-init-walkthrough-vulnhub

Login as Kane

In Kane’s home folder there is a msgmike file.

Upon inspecting the file you can see that something in the file runs something similar to “cat /home/mike/msg.txt”.

The actual exploit here is to create a shell script called cat and export it in the environmental variables that way it runs instead of the system’s cat program. This needs to be done in Kane’s folder.

Will return something funny like “bash: dircolors: command not found”.

Then you need to reset your export PATH variable.

Capture The Flag

(flag.txt)

Extending WordPress with Custom Post Type, Taxonomy and WP Bakery

Extending WordPress with Custom Post Type, Taxonomy and WP Bakery

Punycode? What-in-the-á?

Punycode? What-in-the-á?

I recently learned about Punycode when I was trying to forward an English character domain name to a Spanish character domain name and it failed in GoDaddy.

Problem

I wanted to forward SanchezHandyman.com to SánchezHandyman.com

” á “

But… every time I tried to forward to SánchezHandyman.com it would say “Invalid Characters”.

After a call to tech support, I learned how Punycode works. I haven’t had the honor to make websites for many foreign individuals so I haven’t come across this issue before. It turns out that foreign characters don’t make good domain names and must be converted to Punycode for the domain registrar to work.

Solution

https://www.punycoder.com/

(GoDaddy domain forwarder using Punycode)

A Cat Explains Subnetting

This is one of the best videos I’ve seen explaining what subnetting is and how it works.

About the Author of the Video

Nill is an incredibly intelligent and knowledgeable software developer who makes a lot of vulgar straight to the point videos. I highly recommend watching them with your headphones on. HA!

.NET Core: Dynamically Return Style Sheets with Web API

.NET Core: Dynamically Return Style Sheets with Web API

If you have a need to dynamically return a stylesheet to the UI here’s a quick tutorial on how to do it.

Header Template

C# Web API

How to start your first website

Starting a website for the first time can be time-consuming and a tedious process for someone who is new to the process. It’s important to make the right decisions when starting than get further down the process and realize you’ve made a mistake. This guide will point out what you need to do and why you need to do it. Make no mistake, I’ve seen people lose their websites to bad decisions they’ve made.

A Permanent E-Mail Address

Before you start purchasing domain names that will be used for your website(s) you need to make sure you have permanent access to your domain registrar (GoDaddy) by getting a reliable e-mail address. If you are to register a domain name on an email address that is associated with a domain name you own you are at risk of losing your domain name if you lose access to that domain name.

Step #1 – Get a Free E-mail Address

I personally recommend Gmail because it integrates well with a lot of things (2 Factor Authentication (2FA)) and provides services that you will later use such as Google Drive, Google Calendar. You will also need a Google Account to create a Google Analytics and Google AdWords account.

Step #2 – Domain Registrar

The domain registrar is where you will purchase your domain name (i.e, mrjamiebowman.com). I think GoDaddy is the best domain registrar but I do not recommend them for hosting. However, they excel at selling domain names.

Use your free e-mail address from (Gmail) to register your account at GoDaddy.com

TIP: Once you have an account you should purchase your domain name after you’ve had a web professional review your decision.

TIP: Once you own your domain name, NEVER transfer it to anyone unless you are selling your domain name or website. With GoDaddy, you can delegate access to other people to modify the settings of the domain name or even renew the billing of a domain name. I often ask my customers to delegate access to myself so I can help manage their website and make changes when necessary. A domain name is the most important thing to maintain when owning a website. Some web design agencies will take possession of your domain name to hold you hostage as a customer.

Step #3 – WordPress or Weebly?

WordPress is the way to go if you can afford design services and management services. This is a more robust solution that offers a lot of customization. If you are not willing to spend $100/month for management and $2-$5,0000 dollars then you should use Weebly.

Weebly is a great place for anyone who is looking to get started with a website. It is much more cost-effective to start here especially if you are new to owning a website or may lack content. The cost to start a Weebly website is $5/month. This includes a FREE SSL security certificate.

Just like WordPress Weebly has themes that you can choose from.

https://www.weebly.com

Step #4 – Google Analytics

It’s important to track your traffic and watch it grow over the years. WordPress and Weebly both have plugins for tracking Google Analytics.

Step #5 – Google Places

If you have a brick and mortar store you will want to register your business or update your existing Google Place page with your new website URL.

Step #6 – Social Media

If you are already using social media to promote your brand or business you should also update your social media account to include your new website URL.

Software Developer, Designer, WordPress, XRM, InfoSec, DevOps, Hapkidoist and Explorer

WEATHER

High Point
broken clouds
54.8 ° F
57.2 °
51.8 °
66 %
1.6mph
75 %
Tue
54 °
Wed
37 °
Thu
40 °
Fri
51 °
Sat
43 °

POPULAR ARTICLES