Monday, November 29, 2010

HOWTO : Adaptec RAID 2405 on Ubuntu 10.10 Desktop

Adaptec RAID 2405 is a 0, 1, 10 Hardware RAID card.

The Adaptec Storage Manager is also working very well on Ubuntu 10.10. The current version of the Adaptec Storage Manager is v6.5-18579 which is dated August 25, 2010.

The User's Guide can be download at here

This tutorial shows you how to install Adaptec Storage Manager on Ubuntu 10.10 Desktop.

Step 1 :

Download the Adaptec Storage Manager, extract and install. Let's 64-bit for example.

tar -xzvf asm_linux_x64_v6_50_18579.tgz

cd manager

sudo apt-get install alien
alien --scripts StorMan-6.50.x86_64.rpm
sudo dpkg -i storman_6.50-18580_amd64.deb


Step 2 :

Run the Manager by issuing the following command :

sudo /usr/StorMan/StorMan.sh

The username and password is the username and password of your Ubuntu 10.10 Desktop (sudoer account).

Remarks : The installation for Adaptec RAID 5805 is similar.

That's all! See you.

Thursday, November 25, 2010

HOWTO : Information gathering with Dradis on Back|Track 4 R2

Dradis is an effective information sharing tool. It is pre-installed in Back|Track 4 R2.

Step 1 :

Setting up Dradis server.

cd /pentest/misc/dradis/server
ruby ./script/server


Open your browser and the address is "https://localhost:3004". Accepted the certificate. Enter your password twice. Then, login to the system with your desired username and the previous password.

Or, you can use the default username and password, they are "etd" and "dradis" respectively.

Step 2 :

Setting up Dradis client.

nano /pentest/misc/dradis/client/conf/dradis.xml

Locate the following lines.

<option name='restful_user' value='etd'/>
<option name='restful_password' value='dradis'/>


Change the default value of "etd" and "dradis" according to the Step 1 above when necessary.

cd /pentest/misc/dradis/client
ruby ./dradis.rb


A "dradis>" prompt will be displayed.

Step 3 :

Start MySQL. Open a new terminal and execute the following commands :

/etc/init.d/mysql start

msfconsole

At the "msf>" prompt, enter the following :

db_driver mysql

db_connect root:toor@127.0.0.1/msf3

load db_tracker

Then, scan the port of the target "192.168.56.101" with NMap.

nmap -v -sV 192.168.56.101 -oA subnet_1

db_import subnet_1.xml

Now, you can issue the following commands to inspect the result :

db_host
db_services


Step 4 :

Go back to the terminal where it has the "dradis>" prompt. Issue the following command :

import nmap /root/subnet_1.gnmap grepable

Then, go back to the browser and refresh. You will see the data has been imported.

Reference

How to use Dradis

That's all! See you.

HOWTO : RTL8191SE wireless card on Back|Track 4 R2

Lenovo ThinkPad X100e (Type 3508-65B) is equipped with AMD Athlon Neo MV-40 CPU and Realtek RTL8191SEvB wireless LAN Controller. It is working perfectly on Ubuntu 10.04 and 10.10. However, the wirelss card does not work on Back|Track 4 R2 (which is believed to be Ubuntu 8.04 with newer kernel). In additon, Back|Track 4 R2 is installed with Wicd as network manager.

This tutorial is going to show you how to install the r8191se_pci wireless driver on Back|Track 4 R2.

Step 1 :

Download the official Linux driver from Realtek. The current version is 0018 dated 2010-Oct-25 at the time of this writing.

Download Linux driver at RTL8191SE-VA2 section.

Step 2 :

Extract and compile the driver as well as copy the firmware the workable directory.

tar -xzvf rtl8192se_linux_2.6.0019.1207.2010.tar.gz

cd rtl8192se_linux_2.6.0019.1207.2010

make
make install


cp -Ra ~/rtl8192se_linux_2.6.0019.1207.2010/firmware/RTL8192SE/ /lib/firmware

Step 3 :

Load the driver.

depmod -a
modprobe r8192se_pci
ifconfig wlan0 up


or, reboot the system.

Step 4 :

Go to "Menu" -- "Internet" -- "Wicd Network Manager".

Select "Preference". Add "wlan0" to "Wireless interface".

Then click the "Refresh" button. Now, you should see the Access Points in the air. Select your desired Access Point, entered password and surf the internet.

Remarks :

RTL8191SE wireless card does not support aircrack-ng's injection mode. You may consider to buy USB wireless adapter, such as TP-Link TL-WN321G, TP-Link TL-WN821N and TL-WN822N. Or, changes the RTL8192SE to Intel 5100 as they all support monitor and injection modes.

That's all! See you.

Saturday, November 20, 2010

HOWTO : Remove your IP address from the SPAM blacklist

If you are setting up a mail server at home, you will wonder why the recipient cannot receive your email which is sent by your mail server. The reason is that your IP is blacklisted.

How to overcome this problem? It is quiet easy and just send a request to the Spamhaus.org to cancel your IP from the blacklist. For example, your IP is 218.191.114.234.

http://spamhaus.org/query/bl?ip=218.191.114.234

If you find any item is in red colour (e.g. PBL), your IP is blacklisted. You just click on the link under the red coloured item. Then, select "Remove an IP from PBL" button. Usually, SBL and XBL are in green colour.

Accepted the agreement and click "Remove IP address" button. Finally, fill in the blanks and wait for the confirmation email for the confirmation code to fill into the screen provided after you sent the request.

Make sure your email address is not a web based free account, such as gmail, hotmail, or yahoo and etc.

That's all! See you.

HOWTO : Wireless Router connects to Wired Router

*** This tutorial is written on July 16, 2007 by me. I repost it here for reference. The origianl tutorial is here. ***

I have a wired and a wireless routers. I connect them together to make them looking as one router. Then, I can access all the computers within the same intranet.

Router A (connect to the internet)

Step 1 :

I assigned the wired router to be router A which is connected to the internet directly. I did nothing on the Router A. The LAN IP is 192.168.0.1.

Router B (connect to the Router A)

Step 2 :

I assigned the wireless router to be Router B and I should change the settings of it.

WAN -
Set the WAN IP to be static 192.168.111.2, subnet mask is 255.255.255.0 and gateway is 192.168.111.1, no matter your Router B is wired or wireless. For me, Router B is a wireless. (You can change the WAN IP and gateway to meet your requirement, here is only an example)

LAN :
Disabled DHCP and set the LAN IP to 192.168.0.200, subnet mask is 255.255.255.0, no matter your Router B is wired or wireless. (You can change the LAN IP to meet your requirement, here is only an example)

Step 3 :

Connect Router A and Router B via a cable on LAN ports only. WAN port will not be used at the Router B. Connect Router A to the internet as normal. Now, you can access Router A by 192.168.0.1 and Router B by 192.168.0.200 via your browser. Any computer or laptop will be assigned an IP of 192.168.0.XXX.

That’s all! See you.

HOWTO : Virtualization platform by Proxmox VE

Proxmox Virtual Environment (Proxmox VE) works with virtualization featured CPU (such as Intel VT and AMD-V CPU) and non-virtualization featured CPU. Virtualization featured CPU is working on full virtualization by KVM technology. Non-virtualization featured CPU is working on container virtualization by OpenVZ.

This tutorial is mainly on setting up the Proxmox VE with Virtualization featured CPU only.

Proxmox VE does not work on fake RAID or software RAID (RAID on motherboard may consider as fake or software RAID). Make sure you are using Hardware RAID when necessary.

Why virtualization?
The answer is here.

Remarks : Proxmox VE is working fine on Intel Xeon E5420 Quad Core X 2, 16GB ECC DDR2 RAM and 1TB X 6 Hard Drive on Adaptec RAID 6 with 2 Hot Spare (1.8TB for usage).



Step 1 :

Download the latest Proxmox VE at here. The current version is 1.6-5261-4 (with 2.6.32-4 kernel) at the time of this writing. The ISO image is 64-bit version. The ISO image has a hard drive space limitation to 2TB.

If you want to have larger than 2TB hard drive size, you should follow the procedure at here.

Step 2 :

You should have 3 network interfaces at least where eth0 (vmbr0) is for the Proxmox VE, eth1 (vmbr1) is for connecting to the internet and eth2 (vmbr2) is for the virtual machines. Where the vmbrX is the virtual network interface for the virtual machines that binded to the physical network interfaces.

Step 3 :

Install Proxmox VE and follow the instructions on the screen (a mouse is required). For example, the IP address is 192.68.100.2 and the hostname is proxmox.samiux.com. The primary DNS and gateway are 192.168.100.1.

Step 4 :

After the installation, the system will be rebooted. If you do not have a router connected to the Proxmox box, connect the Proxmox VE to a laptop which is set to the IP address 192.168.100.5 manually. You may require a switch to do so. (I used to install software based router/UTM, so this procedure is necessary, please see Step 9 for details).

On the browser, type http://192.168.100.2 and then you are directed to the Proxmox VE control panel. Username is "root" and password is the password that you created during the installation.

Step 5 :

Go to "Configuration" -- "System". Bind the phyiscal network interfaces to virtual interfaces. vmbr0 is binded to eth0 (IP : 192.168.100.2, subnet mask : 255.255.255.0, Gateway : 192.168.100.1). vmbr1 is binded to eth1 and vmbr2 is binded to eth2. You are required to reboot your system after the network interfaces binding.

Step 6 :

Go to "VM Manger" -- "ISO Images". Upload the Ubuntu 10.10 Server ISO file (for example) to the Proxmox. Assumed that we are using KVM for the virtualization.

Step 7 :

Go to "VM Manager" -- "Virtual Machines". Create a virtual machine by selecting "Create" tab.

Type : Fully virtualized (KVM)
Disk space (GB) : enter your desired size, e.g. 80
Name : any name, e.g. Ubuntu_server
Memory (MB) : at least 512MB

Start at boot : enabled
Disk type : IDE or SCSI (I perfer to SCSI)
Guest type : Linux 2.6
CPU Sockets : 1 (sockets but not cores)

Bridge : vmbr2
Network Card : e1000

Then, press "Create" button.

Step 8 :

The "VMD 101" is created. Select it and you will direct to the details of "KVM 101". Change the value of CPU Sockets and Cores/Socket when necessary.

Go to "Hardware" tab and add the Ubuntu server ISO image to the "CD-ROM drives".

Press "Start" button. Then click on the red coloured "Open VNC console". Java is required for this operation.

Then, install the Ubuntu 10.10 server accordingly.

Step 9 (Optional) :

You can also create a software based router and/or Unified Threat Management (UTM), such as Untangle. You need to blind vmbr1 to eth0 (internet connection) and vmbr2 to eth1 (for connecting to other virtual machines). Where eth0 and eth1 are the interface name of Untangle.

If you are going to install Untangle inside Proxmox VE, you should install Untangle first and then the Ubuntu server and etc.

Step 10 :

Go the the Proxmox box. Login and execute the following commands in order to update the Proxmox as well as the kernel. The most updated kernel is 2.6.35-1 at the time of this writing.

aptitude update
aptitude upgrade
aptitude install proxmox-ve-2.6.35


cd /boot
rm *-2.6.32-4*
update-grub


After that, reboot the Proxmox box.

That's all! See you.

Wednesday, November 17, 2010

HOWTO : Setting up a Penetration environment with VirtualBox

*** CAUTION : This tutorial is written for Penetration Test only. Otherwise, you may be arrested if you attack/intrude any other network/computer without authorization. ***

Software :
Back|Track 4 R1
Ubuntu 10.10 Desktop
VirtualBox 3.2.10 r66523

Hardware :
Lenovo ThinkPad X200 with 4GB RAM and 80GB SSD

Lenovo ThinkPad X200 is installed Ubuntu 10.10 Desktop edition. On which, installs VirtualBox.

Go to the Oracle VM VirtualBox site to download the VirtualBox :
http://dlc.sun.com/virtualbox/vboxdownload.html#linux

(A) Create Back|Track virtual machine :

Select at least 8GB virtual hard drive place and 512MB RAM for the Back|Track. The first network adapter is set to "NAT" while the second is set to "Host-Only".

Boot up Back|Track from the VirtualBox and click on "install.sh" to install Back|Track.

Login for further setting. The username is "root" and the password is "toor".

Step 1 :

After the installation, you may execute the following command to fix the screen size to 800x600.

fix-splash800

Then, change the password of the root when necessary. Otherwise, the username is "root" while the password is "toor".

Execute the following command to make Back|Track to start network interface and X.org when bootup each time.

kate /root/.bash_profile

Append the following lines :

start-network
startx


Step 2 :

To install VirtualBox Additions when necessary via "Konqueror" -- "Storage Media" -- "media:/hdc".

bash VBoxLinuxAdditions-x86.run

Step 3 :

apt-get -y update
apt-get -y upgrade


Step 4 :

Go to "Menu" -- "BackTrack" -- "Penetration" -- "Fast Track". Select "Fast-Track Interactive" and choose "1".

Step 4a :

Go to "Menu" -- "BackTrack" -- "Penetration" -- "ExploitDB". Select "Update Exploitdb".

Step 4b :

Go to "Menu" -- "BackTrack" -- "Penetration" -- "Social Engineering Toolkit". Select "S.E.T-Update".

Step 5 :

At the terminal, execute the following command :

airodump-ng-oui-update

Step 6 :

Go to "Menu" -- "BackTrack" -- "Vulnerability Identification" -- "OpenVAS" -- "OpenVAS NVT Sync".

Step 7 :

Update the Add-ons of Firefox.

Step 8 :

apt-get -y install crark
apt-get -y install wbox
apt-get -y install vlc


Step 9 :

Update the Framework. However, it will take several hours.

cd /pentest/exploits/framework3/
svn up


Step 10 :

Reboot the system.

(B) Create Metasploitable virtual machine (Optional)

Go to the following link to download the "Metasploitable" which is an Ubuntu 8.04 server with some flaws.

http://blog.metasploit.com/2010/05/introducing-metasploitable.html

Set the downloaded Metasploitable as virtual hard drive at VirtualBox. The network adapter is set to "Host-Only". The virtual hard disk space is at least 8GB and 512MB RAM for the Metasploitable.

(C) The final

Now, the IP address of eth0 of Metasploitable is similar to 192.168.56.101. The IP address of eth0 and eth1 of Back|Track are similar to 10.0.2.15 and 192.168.56.102 respectively.

You may require to execute the following command at Back|Track in order to see the two network interfaces and their IPs.

/etc/init.d/networking restart

Back|Track can access (or ping) Metasploitable via IP address. Back|Track can surf the internet but Metasploitable cannot.

At last, your penetration environment is set up.

(D) Free Tutorials

(1) Metaploit Unleashed
(2) Fast-Track
(3) Social-Engineer Tootkit
(4) Got Milk?
(5) How to Metasploit Beginner to Advanced (Video)

(E) Non-free Training

Offensive Security

(F) Resources

(1) Exploits Database
(2) Metaploit Blog
(3) Offensive security Blog
(4) Yet another Back|Track in Gnome
(5) Metasploit

That's all! See you.

Thursday, November 04, 2010

HOWTO : Compress PDF on Ubuntu

Ricardo Ferreira maintain/develop a very nice Nautilus script to compress and optimize PDF files. We are going to show you how to install and use it.

Step 1 :

Make sure zenity and ghostscript are installed. If not, please install them.

sudo apt-get install zenity ghostscript

Step 2 :

cd ~/.gnome2/nautilus-scripts
wget http://launchpad.net/compress-pdf/1.x/1.1/+download/Compress-PDF-1.1.tar.gz
tar zxvf Compress-PDF-1.1.tar.gz


Step 3 :

Locate a PDF file, right click on it. Select "script" and "Compress PDF" on the menu.

A window will popup and just select "Default" and click "OK".

Wait for a while and the compressed PDF will be created accordingly.

That's all! See you!

HOWTO : Ubuntu 10.10 on Gigabyte TouchNote T1028X

Gigabyte TouchNote T1028X equipped with Intel Atom N280 and eGalax touch screen. It runs Ubuntu 10.10 flawlessly except touchpad and touchscreen. This tutorial is telling you how to overcome these problems.

"lsusb" shows the following :

Bus 005 Device 002: ID 0eef:0001 D-WAV Scientific Co., Ltd eGalax TouchScreen

Step 1 :

Boot up the system and press "Ctrl+Alt+F2" to go to command prompt.

sudo nano /etc/default/grub

Append "i8042.noloop=1 usbhid.quirks=0xeef:0x1:0x40" to "GRUB_CMDLINE_LINUX_DEFAULT".

*where i8042.noloop=1 solves the touchpad probem.

It will look like this :

GRUB_CMDLINE_LINUX_DEFAULT="quiet splash i8042.noloop=1 usbhid.quirks=0xeef:0x1:0x40"

Save and exit.

sudo update-grub

Step 2 :

sudo nano /etc/modprobe.d/blacklist.conf

Append the following to the file.

blacklist usbtouchscreen

Step 3 :

sudo mkdir /usr/lib/X11/xorg.conf.d

sudo nano /usr/lib/X11/xorg.conf.d/05-evdev.conf

Append the following to the file.

Section "InputClass"
   Identifier "eGalax"
   MatchProduct "eGalax"
   MatchDevicePath "/dev/input/event*"
   Driver "evdev"
   Option "SwapAxes" "off"
   Option "Calibration" "2 4100 11 4099"
EndSection


The value of calibration is "2 4100 11 4099" is perfect on my Gigabyte TouchNote T1028X (resolution 1366 x 768). However, you can change the value after doing Step 6 when necessary.

Step 4 :

The current version of xinput-calibrator is 0.7.5 at the time of this writing.

wget https://github.com/downloads/tias/xinput_calibrator/xinput-calibrator_0.7.5-1ubuntu1_i386.deb --no-check-certificate

sudo dpkg -i xinput-calibrator_0.7.5-1ubuntu1_i386.deb

Step 5 :

Reboot your system.

Step 6 (Optional) :

To calibration your system and edit the value to Step 3 when necessary.

xinput_calibrator

Step 7 (Optional) :

Get uTouch (Multi-touch). However, this netbook does not support multi-touch. The following procedure does not causing harm to your system anyway.

sudo add-apt-repository ppa:utouch-team/utouch
sudo apt-get update
sudo apt-get install utouch


Testing program.

sudo apt-get install python-pymt
python /usr/share/pymt-examples/launcher-multi.py
python /usr/share/pymt-examples/games/bubblebattles/bubblebatte.py

That's all! See you.