apples, penguins and a window to another world

linux

Patching Portbunny for Backtrack 4

Posted Wed, 10/14/2009 - 21:41 by flo

About PortBunny

PortBunny is a Linux-kernel-based port-scanner created by Recurity Labs.
Its aim is to provide a reliable and fast TCP-SYN-port-scanner which performs
sophisticated timing based on the use of so called "trigger"-packets.

Why this Mini-howto?

In recent kernels (2.6.28), device_create_drvdata() has been renamed to
device_create(), with the same parameters. A small patch is needed to get
PortBunny built and running for Backtrack4.

Step by Step

* download portbunny here
* apt-get install linux-image-2.6.30.5 linux-source-2.6.30.5
* cd /usr/src/
* tar jxvf /usr/src/linux-source-2.6.30.5.tar.bz2
* rm -f /usr/src/linux
* ln -s /usr/src/linux-source-2.6.30.5 /usr/src/linux
* ln -s /usr/src/linux /lib/modules/2.6.30.5/build
* apply the following, trivial patch for kernel 2.6.30.5 (bt4 current).

have fun with the bunny!

root@victim:/# portbunny 192.168.9.100
Starting PortBunny 1.1.1
+++ Will scan 1697 ports on 1 hosts. +++
+++ Trigger-Phase done. The following hosts are up: +++
192.168.9.100 TCP_SYN 80
1 hosts total.
press h for help.
Results for 192.168.9.100
====================================================
192.168.9.100     53      OPEN            domain
192.168.9.100     443     OPEN            https
all other ports are CLOSED.
1697 ports scanned.
====================================================
All done





the almighty bunny is around

LiMux at Kieler Linux und Open Source Days

Posted Sun, 10/04/2009 - 21:52 by flo

This is a short summary of my first visit to the Kieler Linux und Open Source Days in Kiel, the capital of Schleswig-Holstein in Germany's north.

Kieler Linux und Open Source Days is a regional exhibition and conference aiming at new users of Free Software and GNU/Linux in particular. The conference takes place in the "KITZ" (Kiel Center of Innovation and Technology) which is currently home to more than sixty companies (closed- and open source).

While Floschi attended the OpenWorldForum , i happily accepted to give the keynote in Kiel, talk about LiMux, Linux in general and last but not least: Do some networking.

The keynote went pretty well, not to mention the fact that OO Impress ate some of the pics in my presentation. Some extra laughs for the audience ;-)

Many pepole were interested in the details of our project, what the main problems are and how we solved them. I got some nice input and hours of chat and discussion flew by so fast it was a blur! The Wollmux was interesting to some attendees, also. One might think the Wollmux userbase will grow soon.

Reminder to all:
If you have any questions regarding the Wollmux, we have an official Mailinglist for all WollMux-related issues, including end-user and developer questions: http://www.wollmux.org/index.php/Mailing_Lists

Thank you for the warm (not as in weather, but nevertheless) welcome!

Finally, i hope the event will be taking place next year again and get some more attention of the local university (Christian-Albrechts-Universität zu Kiel).

As usual, my slides will be available from planetlimux.org.

kieler_linuxtage.gif

Installing GoolagScan using wine for Backtrack4

Posted Fri, 08/28/2009 - 23:17 by flo

While researching some googledorks, i spent some time to get cDc's Goolag running with Wine.

Goolag Scanner is an automated "Google hacking" application.  Google hacking is a form of Web site auditing that takes advantage of "dorks," or extended search queries, that look for very specific kinds of data. The home of all dorks is http://johnny.ihackstuff.com/ghdb/.

I used Backtrack 4 for my tests, but any Debian or Ubuntu Release running >= Wine 1.1.28 (devel snapshot) should be fine. Start with the Wine installation first. I wrote some installation instructions how to install newer Wine versions for Backtrack 4.

Installation

1.) Download Dan Kegels winetricks

# wget http://www.kegel.com/wine/winetricks

The latest winetricks can also be found at http://winezeug.googlecode.com/svn/trunk/winetricks should Dan's link lag behind a few versions.

2.) Run the winetricks script

* set windows version to Windows 2000
* install at least Version 2.0 of the .net Framwork

3.) Download Goolag (tested with version 1.0.0.41)

http://www.goolag.org/download.html

4.) run the Installer with wine

# wine GoolagScanner_1.0.41.exe

The setup tools will look a little weird and will probably crash after installation. Don't bother, Goolag will run just fine. Either from the shell, or called from the newly created desktop shortcut.

Sometimes a picture says more than 1000 words.

Have fun with !

Goolag running with wine

bleeding edge wine for backtrack4

Posted Fri, 08/28/2009 - 22:25 by flo

While testing some crappy windows software with Wine, i realized the version included in Backtrack 4 (Wine 1.0.1) is not working for me. Thanks to the new Backtrack 4 Debian core (Ubuntu 8.10 / intrepid), this can be fixed easily. In case you've been living under a rock - Wine lets you run Windows software on other operating systems. With Wine, you can install and run these applications just like you would in Windows.

What i wanted was a more recent Wine version for my Backtrack installation. Winehq lists Wine 1.1.28 as latest development release. For some reason, the official winehq repositories are offline. But luckily, the Wine Ubuntu Team provides a separate repository for intrepid.

Warning:The packages here are beta packages. This means they will periodically suffer from regressions, and as a result an update may break functionality in Wine. If the latest stable release of Wine (currently Wine 1.0.1) works for you, then you may not want to use these beta packages.

Installation

1.) Add the following line to your /etc/apt/sources.list:
deb http://ppa.launchpad.net/ubuntu-wine/ppa/ubuntu intrepid main

2.) Add the following key to your keyring (verify!):
# sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys F9CB8DB0

3.) Update your package cache
# sudo apt-get update

4.) Install Wine packages
# sudo apt-get install wine

Have fun!

Installing Virtualbox 3 for Backtrack 4

Posted Thu, 08/27/2009 - 22:27 by flo
Just some quick installation notes for those looking wanting to install the recent Virtualbox release (3.0.4) for Backtrack 4. In case you don't know yet - BT4 is the most top rated linux live distribution focused on penetration testing. The new Debian core (Ubuntu 8.10) makes Backtrack 4 easily extendable.

I'm a huge fan of Backtrack and use it as primary Operating System (HD Installation) on one of my laptops, currently studying for the Offensive Security course "Penetration Testing with BackTrack".

If you are looking for some pointers to get BT4 persistent changes without HD installation, @kriggins "Backtrack 4 USB persistent changes Nessus HowTo" is highly recommended.

Installation

Add the following line to your /etc/apt/sources.list:

deb http://download.virtualbox.org/virtualbox/debian intrepid non-free

Add the following key to your keyring (verify!):

# wget -q http://download.virtualbox.org/virtualbox/debian/sun_vbox.asc -O- | sudo apt-key add -

Update your package cache

# apt-get update

Install Virtualbox packages

# apt-get install virtualbox-3.0

answer the prompt "Should the vboxdrv kernel module be compiled now?" with "Yes"

If it fails, have a look at /var/log/vbox-install.log and re-run /etc/init.d/vboxdrv setup after fixing the problem (usually missing header files, compiler, etc.)

start via "/usr/bin/VirtualBox" (case-sensitive!)
Virtualbox is now ready, have fun!

Note: 
Thanks to dkms, the VirtualBox host kernel modules (vboxdrv,
vboxnetflt and vboxnetadp) will be updated automatically if the linux kernel
version changes during the next apt-get upgrade.