Compiling/Installing Ettercap from Source Ubuntu 9.10

Ok, so my mission has thus been to compile all the tools I use from source. This is to guarantee that I have the most recent version, and for the experience. Now you can use the repositories to install most of these tools, but often times the versions are outdated. It wasn't until recently here that nmap was upgraded from 4.76 to 5.00. But this is just my personal task for all the tools I end up needing to use. So to start, download ettercap from ettercap.sourceforge.net. Download the latest tarball, in my case 0.7.3.

CD to the download location and issue the following command:
tar xzf ettercap-NG-0.7.3.tar.gz
cd ettercap-NG-0.7.3
Now we have to install some dependencies...and this I will use apt-get for. Kind of a work around, but one that I'm fine with at the moment.
sudo apt-get install libpcap0.8-dev libpcap-dev libnet1 libnet1-dev
Make sure you have libssl and the development libraries installed as well (libssl0.9.8 and libssl-dev).
Now you will want to make one change to a source file to avoid make errors.
nano src/ec_log.c
Change the following line from
fd->fd = open(filename, 0_CREAT | 0_TRUNC | 0_RDWR | 0_BINARY);
to
fd->fd = open(filename, 0_CREAT | 0_TRUNC | 0_RDWR | 0_BINARY, 0666);
Now issue the following commands, hopefully without error:
./configure
make
sudo make install
If all goes well, ettercap should be installed and you can access the GUI by issuing:
sudo ettercap -G
Hope this works for everyone, leave comments if you run into problems.Technorati Tags:

Manually Share and Mount a Samba Share in Ubuntu Server 9.04

For those of you who do not have/use a GUI, this is how to manually share and map a samba share:

On the server:

apt-get install samba
Nano the smb.conf in /etc/samba/smb.conf to include
[Share Name]
path = /home/share
available = yes
browseable = yes
public = yes
writable = yes
Modify that to meet your needs then restart the samba service:
/etc/init.d/samba restart

On the client:
apt-get install smbfs
mkdir /mnt/share
mount -t smbfs //serverIP/share /mnt/share
If the share is not public, then you might need to use the switch -o username=user.


Setting Up and Configuring Ubuntu Server 9.04 VMWARE with SSH, VSFTPD (TSL/SSL), OpenVPN, Fail2ban (PART 3)

Ok, now its time for OpenVPN. There is a really good write-up on how to install OpenVPN by niels on http://nielsvz.com. Follow his guide to install it on 9.04 and then you can play with some options below.

To authenticate via PAM, add this line in your server.conf file:
plugin /usr/lib/openvpn/openvpn-auth-pam.so system-auth

To route all traffic through your VPN connection (HTTP, DNS...), uncomment this line in your server.conf file:
push "redirect-gateway def1 bypass-dhcp"

Corresponding with this switch, you will need to enable NAT redirection. This will allow your VPN connected clients to see and access network resources on the subnet your server is on. Enable it with the following:
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE

To configure OpenVPN to only allow certain users to log in, follow the instructions here.

Here is a copy of my client config to reference:
persist-key
tls-client
remote techaccesstips.servehome.net 1194
proto udp
ca ca.crt
dev tun
persist-tun
cert client1.crt
comp-lzo
nobind
key client.key
pull
auth-user-pass

Here are a list of clients for Windows and Mac:
Tunnelblick - Free OpenVPN client for Mac
Viscosity - Shareware client for Mac
OpenVPN GUI - Free client for Windows

So ends the guide...If you have any questions, comments, or revisions/suggestions please leave a comment and I will get back with you.




Arrow Keys Not Working in Ubuntu VMWare / Backtrack

Found this post from projektd at http://bias9.blogspot.com/2008/10/keys-not-working-in-vmware.html.

Either modify or create the file in your Home directory:

cd ~/.vmware
nano config


Add this line to your config file:

xkeymap.nokeycodeMap = true


Then restart VMware with:

sudo /etc/init.d/vmware restart

Should work after that.

Setting Up and Configuring Ubuntu Server 9.04 VMWARE with SSH, VSFTPD (TSL/SSL), OpenVPN, Fail2ban (PART 2)

Continuing from Part 1...

With installing and configuring VSFTPD...here is what we want to accomplish:

   1. Setup a FTP server that only allows secure (TSL/SSL) connections so passwords and data aren't sent in the clear.
   2. Have virtual users who are linked to a local user account with no shell privledges.
   3. Be able to access it from outside of our private network.

Lets start by creating a user with no shell privledges:
nano /etc/shells
(Add the following entry at the bottom: /usr/sbin/nologin)
mkdir /home/luigi
groupadd ftpaccess
useradd -d /home/luigi -G ftpaccess -s /usr/sbin/nologin luigi
chown luigi /home/luigi
chgrp ftpaccess /home/luigi
Then we will install VSFTPD:
apt-get install vsftpd libdb4.7 db4.7-util
cd /etc
mkdir vsftpd
mv vsftpd.conf vsftpd.bak
nano vsftpd.conf
(Make your vsftpd.conf look like the following) *UPDATE: the config file cannot have spaces between the entries and the values (i.e. 'listen = yes' is bad, it should be 'listen=yes').
listen=YES
listen_port=21
anonymous_enable=NO
local_enable=YES
write_enable=YES
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=NO
xferlog_file=/var/log/vsftpd.log
ftpd_banner=ITSA ME...MARIO
chroot_local_user=YES
secure_chroot_dir=/var/run/vsftpd
pam_service_name=ftp
rsa_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
rsa_private_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
ssl_enable=YES
allow_anon_ssl=NO
force_local_data_ssl=YES
force_local_logins_ssl=YES
ssl_tlsv1=YES
ssl_sslv2=YES
ssl_sslv3=YES
pasv_min_port=13000
pasv_max_port=12300
hide_ids=YES
guest_enable=YES
guest_username=luigi
user_config_dir=/etc/vsftpd

nano users.txt (with alternating lines of username and passwords; exclude the markings when making the file)
bill #username
verysecure #password
sue
filetransfer
bob
protocol
db4.7_load -T -t hash -f users.txt /etc/vsftpd_users.db
nano /etc/pam.d/ftpservice
auth required /lib/sercurity/pam_userdb.so db=/etc/vsftpd_users
account required /lib/security/pam_userdb.so db=/etc/vsftpd_users
Now we must specify a user config file for each virtual user.
nano /etc/vsftp_userconfig

Now add the following:
write_enable=YES
anon_mkdir_write_enable=YES
anon_other_write_enable=YES
anon_upload_enable=YES
local_root=/home/luigi
chroot_local_user=YES
dirlist_enable=YES
download_enable=YES
guest_username=luigi

Save and exit. Now lets make a link to this file for each user:
ln -s /etc/vsftp_userconfig /etc/vsftpd/bill
ln -s /etc/vsftp_userconfig /etc/vsftpd/sue
ln -s /etc/vsftp_userconfig /etc/vsftpd/bob

Now open up your router and set it to forward the port range specified in pasv_min_port and pasv_max_port...in this case port forward 12300-12400. Then use IPTABLES to set an outbound exception with the following commands:
iptables -A OUTPUT -p tcp --dport 12300:12400 -j ACCEPT
iptables -L (to verify the exception was added)
Then finally restart the vsftpd service:
/etc/init.d/vsftpd restart

Now for fail2ban...the configs are pretty self-explanitory, but read up on it if you have questions:
apt-get install fail2ban
cd /etc/fail2ban
mv jail.conf jail.bak
nano jail.conf
[DEFAULT]
ignoreip = 127.0.0.1
bantime  = 600
maxretry = 3
backend = polling
destemail = root@localhost
action = iptables[name=%(__name__)s, port=%(port)s]

[ssh]

enabled = true
port    = 12345
filter  = sshd
logpath  = /var/log/auth.log
maxretry = 3

[vsftp]

enabled = tue
port = 21
filter = vsftpd
logpath = /var/log/vsftpd.log
maxretry = 3
/etc/init.d/fail2ban restart
Try to SSH into your machine from another virtual or another computer and enter the wrong credentials...check /var/log/fail2ban.log to see if it worked. You can also look at the IPTABLES again.

Please give me feedback on if this worked for you or any problems you encounter by dropping a comment.

Part 3 with OpenVPN coming soon...

Setting Up and Configuring Ubuntu Server 9.04 VMWare with SSH, VSFTPD (TSL/SSL), OpenVPN, Fail2ban (PART 1)

Finally, after much tinkering and reading many guides...

My goal was to make a server with these components installed so I could practice breaking into it. Like any logical "practice" server, I made it a VM. Here's a guide on how to set up one of your own...

Things assumed and required:
  1. You have VMWare Server Installed
  2. You have Ubuntu Server 9.04 installed in a VM with no services preinstalled (i.e. LAMP)
  3. You have mounted the VMWare tools installer
  4. I am using the username mario for my default username and have set the server IP to 192.168.3.100
  5. You have a free domain name setup and registered with DynDNS.org.
Let's get started:

The first thing to do is to login, via VMWare console, and change some fundamental settings. What we are going to do is change the root password, update the server with any patches available, and install some needed dependencies:
sudo su
passwd root
apt-get update
apt-get upgrade
uname -r
apt-get install g++ gcc gawk make unzip zip linux-headers-'uname -r' build-essential

Now to install VMWare tools...its not necessary, but might be helpful in some instances:
mkdir /mnt/cdrom
mount /dev/cdrom /mnt/cdrom
cp /mnt/cdrom/VMWare*.tar.gz /home/mario
tar xzf VMWare*.tar.gz
cd vmware*
vmware-install.pl
(Use all the defaults and when finished)
reboot
Once the system has rebooted, log back in and set a static IP on the interface eth0 and remove apparmor:
su
nano /etc/network/interfaces
(Modify your config to look like this)
inet eth0 iface static
      address 192.68.3.100
      netmask 255.255.255.0
      network 192.168.3.0
      broadcast 192.168.3.255
      gateway 192.168.3.1
/etc/init.d/networking restart
echo techaccesstips.servehome.net > /etc/hostname

/etc/init.d/hostname.sh start
nano /etc/hosts (Make the top portion look like the following)
127.0.0.1            localhost.localdomain                  localhost
192.168.3.100     techaccesstips.servehome.net     servername
/etc/init.d/apparmor stop
update-rc.d -f apparmor remove
apt-get purge apparmor apparmor-utils
Now install the SSH server and configure it:
apt-get install ssh openssh-server
nano /etc/ssh/sshd_config
(Change "PermitRootLogin" to "no" and change the port number if you wish)
/etc/init.d/ssh restart
Ok, now SSH into your server to test it out with the following command:
ssh -l mario -p 12345 192.168.3.100
(Leave the -p switch out if you didn't change the port number)

Continue with Part 2...





Install BT3 with Compiz and Conky to Hard Drive

Ok...yes...there are a lot of guides out there for this...but this is what worked for me.

This guide assumes your HDD is clean (no partitions) and is /dev/hda...use fdisk -l if you're not sure.

Partition your hard drive with the following format:
hda1=/boot (ext2)
hda2=swap
hda3=/ (ext2)

I used one of the partitioners found on Hirens BootCD to partition my drives...but you can use whatever you want just as long as it's in that format.

Next make a USB BT3 drive and boot from it selecting BT3 with compiz.

Now follow these steps:

mkdir /mnt/backtrack
mount /dev/hda3 /mnt/backtrack/
mkdir /mnt/backtrack/boot/
mount /dev/hda1 /mnt/backtrack/boot/
cp --preserve -R /{bin,dev,home,pentest,root,usr,etc,lib,opt,sbin,var} /mnt/backtrack/
mkdir /mnt/backtrack/{mnt,proc,sys,tmp}
mount --bind /dev/ /mnt/backtrack/dev/
mount -t proc proc /mnt/backtrack/proc/
cp /boot/vmlinuz /mnt/backtrack/boot/
chroot /mnt/backtrack /bin/bash
nano /etc/lilo.conf (make changes to the boot section to /dev/hda root section to point to /dev/hda3)
lilo
exit
reboot


Now remove your USB drive and hope you boot.
If successful, you should boot and compiz should be working...
Now for conky...
Download the latest release from the website then:
tar xzf conky*
cd conky*
./configure --with-rss
make
make install
I'm using a configuration found here.
Download it and extract it. I took the weather section out of mine and added an rss feed...to do that just:
nano conkyrc
Then delete the weather section at the bottom and add:
${color white}RSS ${hr 1}${color}
${rss http://www.feedurl.com/feed.xml 0 item_titles 10}
Save as whatever you want...I saved mine as conky.conf
Now to get conky to have a transparent background and still have compiz running...you need to follow these steps:
Download giblib and feh.
tar xzf giblib*
cd giblib*
./configure
make
make install
cd ..
tar xzf feh*
cd feh*
./configure
make
make install
/sbin/ldconfig -v | greb gib
feh --bg-scale 'dcop kdesktop KBackgroundIface currentWallpaper 1'
Now run conky with your conf location with
conky -c /root/conky.conf
Now conky's looking good with compiz. Let me know if this doesn't work for you or theres an easier way to do things...

References:
Based the BT3 install on one found on Remote-Exploit Forums (http://forums.remote-exploit.org/showthread.php?t=14751)
Conky Transparency (http://briancarper.net/blog/transparent-conky-in-kde-part-2)
ldconfig Fix (http://www.netadmintools.com/art410.html)