There are two way to manipulate services in a Debian-based system.
No persistence: To start, stop, or restart a service without the change being permanent (i.e., a reboot will take you back to how it was before you jacked with the servivce), use service.
service [name] start service [name] stop service [name] restart ## Example: service apache2 start service apache2 stop
Persistence: To make the change to the service permanent…
systemctl enable [name] systemctl disable [name]
Problem: Shut down or restart the system and the power-down cycle hangs displaying this message:
A stop job is running for Make remote CUPS printers available locally...
Solution: Disable the CUPS cups-browsed service. As root…
systemctl stop cups-browsed.service systemctl disable cups-browsed.service # to verify systemctl status cups-browsed # or systemctl is-enabled cups-browsed
Ah… no more waiting for the pretty red asterisk to go away…
Links:
# Make it executable... chmod 755 VMware-Workstation-Full-15.5.5-16285975.x86_64.bundle # Execute it... ./VMware-Workstation-Full-15.5.5-16285975.x86_64.bundle # In order for it to run properly, you need the kernel modules... apt install build-essential linux-headers-$(uname -r)
If you want VMWare on Debian, you should install Debian 10 (Buster) and stay away from Debian 11 for now.
wget https://github.com/mkubecek/vmware-host-modules/archive/workstation-15.5.6.tar.gz tar -xzf workstation-15.5.6.tar.gz cd vmware-host-modules-workstation-15.5.6 make make install
Still didn't work. Had vmmon problems I couldn't solve.
How to Install VirtualBox on Debian 11 (Bullseye)
Several of these steps require you to be root or have root permissions. So, either su - to become root (and then exit when we're all finished) or preface all the required commands with sudo. I prefer su - so that's what follows (and, yes, that space and the hyphen are going to be necessary because we are going to want all of root, including his path, not just his superman powers to break things).
Make sure you have the required packages installed :
apt install build-essential linux-headers-amd64
Find a happy, safe place to put your new file:
cd ~/Downloads/
Open a browser and go to: virtualbox.org/wiki/Linux_Downloads
Right-click on “All distributions” at the bottom of the VirtualBox for Linux files. This is a script file (so it's just text; if you click on it, your browser will open it up for you to read). If you want to just download it, right-click and save to root's Download directory. Or, if you wanna be cool and use the command line, make sure you are in the Download directory and use wget (make sure you pull the filename from the “All distributions” link mentioned above):
wget -v https://download.virtualbox.org/virtualbox/6.1.14/VirtualBox-6.1.14-140239-Linux_amd64.run
You need to execute that file so change the perms (type a few of the beginning letters of the filename and hit the tab key):
chmod 755 VirtualBox-6.1.14-140239-Linux_amd64.run
Run that script file:
./VirtualBox[tab]
If all went well you should see a message saying, “Virtualbox has been installed successfully.” Now we want the extension pack… Go here and click into the version number you just downloaded (e.g., 6.1.14; it should be almost at the bottom since it should be the newest version):
That takes us to:
Find the Extension Pack file that bears the same version number of the .run file you downloaded above. NOTE: You may have a -##### number suffix after your version number (like above: 6.1.14-140239). If there is an Extention Pack file that matches that full version number, right click it and save it to your Downloads subdir. If not, just grab the one with the standard version number. The file to download for the above version number is linked here or you can use wget again (since we like command line stuff):
wget -v https://download.virtualbox.org/virtualbox/6.1.14/Oracle_VM_VirtualBox_Extension_Pack-6.1.14-140239.vbox-extpack
Install that Extension Pack (replace the filename below with the one you downloaded; remember tab completion is your friend):
VBoxManage extpack install --replace Oracle_VM_VirtualBox_Extension_Pack-6.1.14-140239.vbox-extpack
If all went well you should get a happy message saying, “Successfully installed…”
Now we just need to add users (regular users, not root) to the vboxusers group:
cat /etc/group | grep vbox ## this will show you the group name usermod -a -G vboxusers [username] ## plug in whatever username you want
Reboot and you should be good to go.
I'm using XFCE and VirtualBox was found in my Application Menu… System… Oracle VM VirtualBox.
In your VM, install the Linux headers for your kernel:
apt-get install linux-headers-$(uname -r)
“Insert” (mount) the Guest Additions CD using the “Devices” menu and copy all the files from the CD to the Download folder. Change directory to Downloads, chmod the file to make it executable and execute it:
chmod 755 VBoxLinuxAdditions.run ./VBoxLinuxAdditions.run
Shut down.
Go into Settings for the machine: Make sure to set the “Shared Clipboard” and “Drag 'n' Drop' values in the “Advanced” tab of the Kali VM’s General Settings to the appropriate value (e.g. Bidirectional).
Start the system and it should work.
A place for Git crap…
Use Git to Store Configs
I installed Atom text editor… and might play around with it later when I have more time. Because it is “hackable” (highly customizable), Git seems like a viable solution for backing up and sharing my Atom config file.
I found the following advise here.
Use Git to version control your config file (~/.atom/config.cson), and any other config files (dotfiles) you may have.
You can then host your Git repository for free on somewhere like GitHub, and retrieve it on other computers simply by running git clone https://github.com/{username}/{repo}.
You can then keep it up to date using git push (to upload changes) and git pull (to download changes).
To track installed packages as well, you will need to run:
apm list --installed --bare > ~/.atom/package.list
And add that file to Git also. To restore, use:
apm install --packages-file ~/.atom/package.list
Here are the lines I add to my /etc/default/grub file immediately (first thing!) after a fresh install (descriptions below):
GRUB_DEFAULT=saved GRUB_SAVEDEFAULT=true GRUB_DISABLE_OS_PROBER=false
After you save the grub file, run: update-grub. Reboot.
I triple boot O/Ss… so once in a while one will update and over-write my MBR. To get the correct GRUB into the MBR, boot into the preferred O/S and run (as root):
# grub-install /dev/sda ## Assuming sda contains the MBR
Then:
# update-grub
Done.
If you want GRUB to boot to the last o/s you were working in (which is really pretty handy), put the following in /etc/default/grub:
GRUB_DEFAULT=saved GRUB_SAVEDEFAULT=true
Then run:
update-grub
If your fancy, shiny, new Linux install failed to recognize Windows and place a boot option for it in Grub… it's okay.
After grub v2.06 os-prober is disabled by default, therefore your fresh, shiny, new Kali install will not recognize other operating systems (like Windoze). If this happens, then add this to your /etc/default/grub file:
# file: /etc/default/grub GRUB_DISABLE_OS_PROBER=false
Then run: update-grub. If that doesn't do the try, try: grub-mkconfig (or possibly grub-mkconfig -o /boot/grub/grub.cfg)
See here
apt install seclists - to install a standard collection of multiple types of security lists
seclists -h > seclists ~ Collection of multiple types of security lists /usr/share/seclists ├── Discovery ├── Fuzzing ├── IOCs ├── Miscellaneous ├── Passwords ├── Pattern-Matching ├── Payloads ├── Usernames └── Web-Shells
The default terminal in Kali is zsh and out of the box it has auto-suggestion turned on. That means you get pop-up suggestions every time you type in the term window. Annoying.
Here's how you turn that off: Find the following lines in your ~/.zshrc file (toward the bottom, around line 248: vim +248 .zshrc) and comment them out.
# enable auto-suggestions based on the history
if [ -f /usr/share/zsh-autosuggestions/zsh-autosuggestions.zsh ]; then
. /usr/share/zsh-autosuggestions/zsh-autosuggestions.zsh
# change suggestion color
ZSH_AUTOSUGGEST_HIGHLIGHT_STYLE='fg=#999'
fi
Restart the terminal for changes to take effect.
Pick one, they basically do the same thing:
ifconfig -a # Debian net-tools pkg ls /sys/class/net # ls interface names ip a ip a show ip a show eth0
Manually bringing your network up and down (nixCraft has a good explanation):
Generic Method:
ifdown eth0 # Turn off eth0 ifup eth0 # Turn on eth0
Use a specific configuration file:
ifdown wlan0 # bring interface down ifup --interfaces /path/to/file/interface_config_file wlan0
Debian Method (as root):
/etc/init.d/networking restart # Restarts network interfaces, or stop/start... /etc/init.d/networking stop # Stops network interfaces /etc/init.d/networking start # Starts network interfaces systemctl restart networking # For those with lovely systemd systemctl status network # See status of network systemd
Debian, overview:
ifup and ifdown control interfaces that are listed in /etc/network/interfaces.ifconfig directly controls network interfaces (much like the newer ip command)
The ifupdown package: high-level network configuration
ifup and ifdown commands may be used to configure or deconfigure network interfaces based on interface definitions in the file /etc/network/interfaces.ifup eth0 based on eth0 configuration in /etc/network/interfaces.ifupdown will wrap ifconfig with the network configuration files (i.e., ifdown or ifup will execute ifconfig down or ifconfig up inside it). That means:ifup eth0 will fetch the interface config file and bring up the interface with the correct IP address, mask, routes etc.ifconfig eth0 up would just start the interface with no IP, etc. (important for sniffing in monitor mode because you don't want an IP address, etc.; you want an open broadcase).
The ifconfig command: a low-level network command (and deprecated, sadly)
ifconfig up eth0 activates eth0 but does not setup IP addresses, etc.ifup eth0 sets up IP addresses and other options based on the interface's configuration in /etc/network/interfaces.
Usage of the ip command:
apt install net-tools.[1] Assign an IP address to a specific interface:
ip addr add 192.168.0.100/24 dev eth0
[2] Bring up the interface link (do NOT skip this step or you will get a “Network is unreachable” error!):
ip link set eth0 up
[3] Bring up the interface link:
ip route add default via 192.168.0.1
[1-3] All in one place… looks like this:
ip addr add 192.168.0.100/24 dev eth0 ip link set eth0 up ip route add default via 192.168.0.1
Note on Persistence: This will only set up your network for your current work session. You'll lose it on reboot.
ip (like the old net-tools ifconfig stuff) interacts with /etc/network/interfaces, so put all your network configuration information there and just up/down your network with these commands:/etc/init.d/networking restart # Restarts network interfaces, or stop/start... /etc/init.d/networking stop # Stops network interfaces /etc/init.d/networking start # Starts network interfaces
Source: https://devconnected.com/network-manager-on-linux-with-examples/
Three Options
There are 3 services that might be managing your network (in order to avoid configuration conflicts related to networks, only one networking service should be enabled at one time)…
If you are used to managing your networks using the “interfaces” file, you might want to keep doing that, otherwise it is recommended to switch to the Network Manager.
If you cannot do an ifconfig the install the net-tools package
This is the traditional (old school, deprecated) way to manager network interfaces. it is done through a configuration files located:
/etc/network/interfaces
If your distro installed Network Manager and you want to use ifupdown, do the following…
ifupdown as the first option of plugins in your [main] section of the NetworkManager.conf file (see below).managed=false to managed=true in the [ifupdown] section of the NetworkManager.conf file (see below)./etc/network/interfaces./etc/network/interfaces, network-manager ignores that interface automatically. No need to disable or purge network-manager.service network-manager restartOn newer systems, the Network Manager (Debian package: network-manager) is used instead of ifupdown (and its /etc/network/interfaces config file).
You can find the network configs in a keyfile (.ini format):
# /etc/NetworkManager/NetworkManager.conf
[main]
plugins=ifupdown,keyfile
[ifupdown]
managed=false # false = ifupdown does not manage networks (Network Manager does)
# true = if you want Network Manager to handle interfaces enabled in /etc/network/interfaces
Multiple plugins: specify in a preference order using ',' as a separator. This will cause connections to be read from all listed plugins.
plugins=ifupdown,keyfile uses both the traditional ifupdown configs from /etc/network/interfaces and keyfile connections from /etc/NetworkManager/system-connections.Configuration File: The Network Manager configuration file can be found here (but you should use nmcli or, preferred, nmtui to configure a connection)
/etc/NetworkManager/system-connections/
Network Manager Tools (included with install):
Loaded but inactive on a standard Debian install.
Reference: https://wiki.debian.org/SystemdNetworkd
You can set up as many network configs for as many interfaces as you want. Just set them up, comment them out, and when you want to use one remove the # and bring it up.
/etc/network/interfaces.
Alternative: Put each of your separate configs in its own file and use ifup –interfaces FILE and ifdown –interfaces FILE to use whichever you want.
-i FILE or –interfaces FILE option# +-------------------------+ #
# | Wired Network Interface | #
# +-------------------------+ #
# Comment out these lines if you want to manually bring up your network
allow-hotplug eth0 # bring up the interface on a hotplug event
# like plugging in a usb cable
auto eth0 # bring up the interface on boot
## The following w/o auto or allow-hotplug requires manual up.
## [1] STATIC (replace subnet with your own):
#iface eth0 inet static
# address 192.168.0.100
# netmask 255.255.255.0
# network 192.168.0.0
# gateway 192.168.0.1
# broadcast 192.168.0.255
## [2] DHCP (one or the other):
#iface eth0 inet dhcp # IPv4
#iface eth0 inet6 auto # IPv6
# +----------------------------+ #
# | Wireless Network Interface | #
# +----------------------------+ #
# Comment out these lines if you want to manually bring up your network
allow-hotplug wlan0
auto wlan0
## The following w/o auto or allow-hotplug requires manual up.
## [1] STATIC (replace subnet with your own; either WEP or WPA/WPA2):
# WEP static
#iface wlan0 inet static
# address 10.0.0.10
# netmask 255.255.255.0
# network 10.0.0.0
# gateway 10.0.0.1
# broadcast 10.0.0.255
# wireless-essid SSID_of_Router
# wireless-key Not_the_Passphrase_TheKEY
## WPA/WPA2 static
#iface wlan0 inet static
# address 10.0.0.10
# netmask 255.255.255.0
# network 10.0.0.0
# gateway 10.0.0.1
# broadcast 10.0.0.255
# wpa-ssid SSID_of_Router
# wpa-psk PassPhrase
## [2] DHCP (open, WEP or WPA/WPA2):
## Open Access Point (no encryption)
#iface wlan0 inet dhcp
# wireless-essid SSID_of_Router
## WEP dhcp
#iface wlan0 inet dhcp
# wireless-essid SSID_of_Router
# wireless-key Not_the_Passphrase_TheKEY
## WPA/WPA2 dhcp
#iface wlan0 inet dhcp
# wpa-ssid SSID_of_Router
# wpa-psk PassPhrase
Quick how-to on setting up a NFS mount on Debian (Linux-to-Linux, share a folder).
XFCE in Kali does not come out of the box with the NumLock key on the keyboard number pad enabled by default. It's annoying.
To check your settings:
xfconf-query -c keyboards -lv
It should come back with both of these:
/Default/Numlock true /Default/RestoreNumlock true
If it doesn't then do this:
# If /Default/Numlock is false, do: xfconf-query -c keyboards -p /Default/Numlock -n -t bool -s true # If /Default/RestoreNumlock is false, do: xfconf-query -c keyboards -p /Default/RestoreNumlock -n -t bool -s true
1. Download:
2. Check the fingerprint of the Public Key:
gpg --import --import-options show-only <public-key-file> # For older gpg versions: gpg --with-fingerprint <public-key-file>
3. If the fingerprint is the expected one, import the public key:
gpg --import <public-key-file> # Verify: gpg --list-keys
4. Then verify the signature of the filed you downloaded to install:
gpg --verify filenmae.sig filename.tar.bz2 # or whatever extention it is
Enumerating SSH, ERROR: No matching key
If you get an error like this:
Unable to negotiate with 192.168.0.229 port 22: no matching key exchange method found. Their offer: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
You need to first give it a key exchange method like this (we used the last method in the list provided, and it will give you a cipher error):
ssh 192.168.0.229 -oKexAlgorithms=+diffie-hellman-group1-sha1 Unable to negotiate with 192.168.0.229 port 22: no matching cipher found. Their offer: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,rijndael256-cbc,rijndael-cbc@lysator.liu.se
You can then give it the cipher with this commando (we used the first offer):
ssh 192.168.0.229 -oKexAlgorithms=+diffie-hellman-group1-sha1 -c aes128-cbc
And that got us in.
Attach Machine: Kali 2020.3
Attempting to run smbclient against a target machine and got the following error:
smbclient -L 192.168.0.229 # command protocol negotiation failed: NT_STATUS_IO_TIMEOUT # error message
Found a fix here (thank you, Arc-ansas): Edit /etc/samba/smb.conf and add the following under global:
client min protocol = CORE client max protocol = SMB3
Ran smbclient -L 192.168.0.229 again and got a connection.
Result: Didn't like it. Ended up using Zim… looking at Cherrytree.
Joplin is available for Linux. Use their install script available on their website (run it as the user who wants to use the application, not as root).
Where is the AppImage?
~/.joplin/~/.joplin/Joplin.AppImage.Joplin on Debian 10 (Buster) or 11 (Bullseye) has a known issue:
[5021:0907/081821.686953:FATAL:setuid_sandbox_host.cc(157)] The SUID sandbox helper binary was found, but is not configured correctly. Rather than run without sandboxing I'm aborting now. You need to make sure that /tmp/.mount_JoplinGGzQHQ/chrome-sandbox is owned by root and has mode 4755.
Debian 10 & 11 Workarounds:
1. You can start the app with the flag –no-sandbox.
~/.joplin/Joplin.AppImage --no-sandbox
2. You can change the kernel parameter that's causing the problem (this is what I did). As root you will need to execute the following command. NOTE: This is not persistent; you will need to do it every time you restart your computer. If you want this to be persistent across reboots, then just add the kernel option change to your boot process (this is what I did). As root:
## This is the non-persistent work-around: sysctl kernel.unprivileged_userns_clone=1 ## This is the persistent work-around (adds the above to your boot process): echo 'kernel.unprivileged_userns_clone=1' > /etc/sysctl.d/joplin_workaround.conf
Easy peasy. Joplin works like a charm!
If you want to uninstall Joplin:
rm -rf ~/.joplin && rm -rf ~/.config/Joplin/ && rm -rf ~/.config/joplin-desktop && rm -rf ~/.local/share/applications/appimagekit-joplin.desktop
In Linux X Windows System you can highlight text you want to copy and the single-click the middle mouse button to paste it wherever you want. Windows does not have this function, but this third-party software provides it. It's old, but appears to be very well written because it works flawlessly in Windows 10.
True X-Mouse Gizmo for Windows
http://fy.chalmers.se/~appro/nt/TXMouse/
Recommended usage.
To get to your startup folder, either:
Win + R shortcut keys together and type the following into the Run box: shell:StartupC:\Users\[username]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
NOTE: This will override any other middle-mouse (wheel) button function you have set. I usually set my middle mouse button to open links in my browser in a separate tab. This program killed that functionality. So… whatever.
https://www.microsoft.com/en-us/evalcenter/evaluate-windows-10-enterprise
Microsoft offers two different versions of Windows 10 Enterprise for evaluation—Enterprise and LTSC.
Bazzell Podcast: