There are two way to manipulate services in a Debian-based system.

No persistence: To start, stop, or restart a service without the change being permanent (i.e., a reboot will take you back to how it was before you jacked with the servivce), use service.

service [name] start
service [name] stop
service [name] restart

## Example:
service apache2 start
service apache2 stop

Persistence: To make the change to the service permanent…

systemctl enable [name]
systemctl disable [name]

Problem: Shut down or restart the system and the power-down cycle hangs displaying this message:

A stop job is running for Make remote CUPS printers available locally...

Solution: Disable the CUPS cups-browsed service. As root…

systemctl stop cups-browsed.service
systemctl disable cups-browsed.service

# to verify
systemctl status cups-browsed
# or
systemctl is-enabled cups-browsed

Ah… no more waiting for the pretty red asterisk to go away…

Links:

• Download the bundle from VMWare
• Debian How-To
• Debian How-To for VMware Workstation Pro/Player 15/15.5

• Debian site says: VMware Workstation can be easily installed on Debian Buster (Debian 10) and Debian Stretch (Debian 9) by downloading the required bundle and executing the following commands.
• gMan says: I followed these same instructions for Debian Bullseye (Debian 11) and it doesn't work… See below.
• Instructions (from the Debian page): Execute as root or use that sappy crappy sudo junque…

# Make it executable...
chmod 755 VMware-Workstation-Full-15.5.5-16285975.x86_64.bundle

# Execute it...
./VMware-Workstation-Full-15.5.5-16285975.x86_64.bundle

# In order for it to run properly, you need the kernel modules...
apt install build-essential linux-headers-$(uname -r)

If you want VMWare on Debian, you should install Debian 10 (Buster) and stay away from Debian 11 for now.

• For Debian Bullseye (Debian 11), do the above (but it will give you module errors if you try to start).
• You need to build and install the correct modules.
• Execute the following as root:

wget https://github.com/mkubecek/vmware-host-modules/archive/workstation-15.5.6.tar.gz
tar -xzf workstation-15.5.6.tar.gz
cd vmware-host-modules-workstation-15.5.6
make
make install

Still didn't work. Had vmmon problems I couldn't solve.

How to Install VirtualBox on Debian 11 (Bullseye)

Several of these steps require you to be root or have root permissions. So, either su - to become root (and then exit when we're all finished) or preface all the required commands with sudo. I prefer su - so that's what follows (and, yes, that space and the hyphen are going to be necessary because we are going to want all of root, including his path, not just his superman powers to break things).

Make sure you have the required packages installed :

apt install build-essential linux-headers-amd64

Find a happy, safe place to put your new file:

cd ~/Downloads/

Open a browser and go to: virtualbox.org/wiki/Linux_Downloads

Right-click on “All distributions” at the bottom of the VirtualBox for Linux files. This is a script file (so it's just text; if you click on it, your browser will open it up for you to read). If you want to just download it, right-click and save to root's Download directory. Or, if you wanna be cool and use the command line, make sure you are in the Download directory and use wget (make sure you pull the filename from the “All distributions” link mentioned above):

wget -v https://download.virtualbox.org/virtualbox/6.1.14/VirtualBox-6.1.14-140239-Linux_amd64.run

You need to execute that file so change the perms (type a few of the beginning letters of the filename and hit the tab key):

chmod 755 VirtualBox-6.1.14-140239-Linux_amd64.run

Run that script file:

./VirtualBox[tab]

If all went well you should see a message saying, “Virtualbox has been installed successfully.” Now we want the extension pack… Go here and click into the version number you just downloaded (e.g., 6.1.14; it should be almost at the bottom since it should be the newest version):

• https://download.virtualbox.org/virtualbox/

That takes us to:

• https://download.virtualbox.org/virtualbox/6.1.14/

Find the Extension Pack file that bears the same version number of the .run file you downloaded above. NOTE: You may have a -##### number suffix after your version number (like above: 6.1.14-140239). If there is an Extention Pack file that matches that full version number, right click it and save it to your Downloads subdir. If not, just grab the one with the standard version number. The file to download for the above version number is linked here or you can use wget again (since we like command line stuff):

wget -v https://download.virtualbox.org/virtualbox/6.1.14/Oracle_VM_VirtualBox_Extension_Pack-6.1.14-140239.vbox-extpack

Install that Extension Pack (replace the filename below with the one you downloaded; remember tab completion is your friend):

VBoxManage extpack install --replace Oracle_VM_VirtualBox_Extension_Pack-6.1.14-140239.vbox-extpack

If all went well you should get a happy message saying, “Successfully installed…”

Now we just need to add users (regular users, not root) to the vboxusers group:

cat /etc/group | grep vbox          ## this will show you the group name
usermod -a -G vboxusers [username]  ## plug in whatever username you want

Reboot and you should be good to go.

I'm using XFCE and VirtualBox was found in my Application Menu… System… Oracle VM VirtualBox.

In your VM, install the Linux headers for your kernel:

apt-get install linux-headers-$(uname -r)

“Insert” (mount) the Guest Additions CD using the “Devices” menu and copy all the files from the CD to the Download folder. Change directory to Downloads, chmod the file to make it executable and execute it:

chmod 755 VBoxLinuxAdditions.run
./VBoxLinuxAdditions.run

Shut down.

Go into Settings for the machine: Make sure to set the “Shared Clipboard” and “Drag 'n' Drop' values in the “Advanced” tab of the Kali VM’s General Settings to the appropriate value (e.g. Bidirectional).

Start the system and it should work.

A place for Git crap…

Use Git to Store Configs

I installed Atom text editor… and might play around with it later when I have more time. Because it is “hackable” (highly customizable), Git seems like a viable solution for backing up and sharing my Atom config file.

I found the following advise here.

Use Git to version control your config file (~/.atom/config.cson), and any other config files (dotfiles) you may have.

You can then host your Git repository for free on somewhere like GitHub, and retrieve it on other computers simply by running git clone https://github.com/{username}/{repo}.

You can then keep it up to date using git push (to upload changes) and git pull (to download changes).

To track installed packages as well, you will need to run:

apm list --installed --bare > ~/.atom/package.list

And add that file to Git also. To restore, use:

apm install --packages-file ~/.atom/package.list

Here are the lines I add to my /etc/default/grub file immediately (first thing!) after a fresh install (descriptions below):

GRUB_DEFAULT=saved
GRUB_SAVEDEFAULT=true
GRUB_DISABLE_OS_PROBER=false

After you save the grub file, run: update-grub. Reboot.

I triple boot O/Ss… so once in a while one will update and over-write my MBR. To get the correct GRUB into the MBR, boot into the preferred O/S and run (as root):

# grub-install /dev/sda  ## Assuming sda contains the MBR

Then:

# update-grub

Done.

If you want GRUB to boot to the last o/s you were working in (which is really pretty handy), put the following in /etc/default/grub:

GRUB_DEFAULT=saved
GRUB_SAVEDEFAULT=true

Then run:

update-grub

If your fancy, shiny, new Linux install failed to recognize Windows and place a boot option for it in Grub… it's okay.

After grub v2.06 os-prober is disabled by default, therefore your fresh, shiny, new Kali install will not recognize other operating systems (like Windoze). If this happens, then add this to your /etc/default/grub file:

# file: /etc/default/grub

GRUB_DISABLE_OS_PROBER=false

Then run: update-grub. If that doesn't do the try, try: grub-mkconfig (or possibly grub-mkconfig -o /boot/grub/grub.cfg)

See here

apt install seclists - to install a standard collection of multiple types of security lists

seclists -h

> seclists ~ Collection of multiple types of security lists

/usr/share/seclists
├── Discovery
├── Fuzzing
├── IOCs
├── Miscellaneous
├── Passwords
├── Pattern-Matching
├── Payloads
├── Usernames
└── Web-Shells

The default terminal in Kali is zsh and out of the box it has auto-suggestion turned on. That means you get pop-up suggestions every time you type in the term window. Annoying.

Here's how you turn that off: Find the following lines in your ~/.zshrc file (toward the bottom, around line 248: vim +248 .zshrc) and comment them out.

# enable auto-suggestions based on the history
if [ -f /usr/share/zsh-autosuggestions/zsh-autosuggestions.zsh ]; then
    . /usr/share/zsh-autosuggestions/zsh-autosuggestions.zsh
    # change suggestion color
    ZSH_AUTOSUGGEST_HIGHLIGHT_STYLE='fg=#999'
fi

Restart the terminal for changes to take effect.

Pick one, they basically do the same thing:

 ifconfig -a        # Debian net-tools pkg
 ls /sys/class/net  # ls interface names
 ip a
 ip a show
 ip a show eth0

Manually bringing your network up and down (nixCraft has a good explanation):

• Assuming eth0 (change for whichever interface you want to manipulate).

Generic Method:

ifdown eth0   # Turn off eth0
ifup eth0     # Turn on eth0

Use a specific configuration file:

ifdown wlan0  # bring interface down
ifup --interfaces /path/to/file/interface_config_file wlan0

Debian Method (as root):

/etc/init.d/networking restart  # Restarts network interfaces, or stop/start...
/etc/init.d/networking stop     # Stops network interfaces
/etc/init.d/networking start    # Starts network interfaces

systemctl restart networking    # For those with lovely systemd
systemctl status network        # See status of network systemd

Debian, overview:

• ifup and ifdown control interfaces that are listed in /etc/network/interfaces.
• ifconfig directly controls network interfaces (much like the newer ip command)

The ifupdown package: high-level network configuration

• The ifup and ifdown commands may be used to configure or deconfigure network interfaces based on interface definitions in the file /etc/network/interfaces.
• Example: bring up the network with ifup eth0 based on eth0 configuration in /etc/network/interfaces.
• ifupdown will wrap ifconfig with the network configuration files (i.e., ifdown or ifup will execute ifconfig down or ifconfig up inside it). That means:
  • ifup eth0 will fetch the interface config file and bring up the interface with the correct IP address, mask, routes etc.
  • ifconfig eth0 up would just start the interface with no IP, etc. (important for sniffing in monitor mode because you don't want an IP address, etc.; you want an open broadcase).

The ifconfig command: a low-level network command (and deprecated, sadly)

• An ifconfig up eth0 activates eth0 but does not setup IP addresses, etc.
• An ifup eth0 sets up IP addresses and other options based on the interface's configuration in /etc/network/interfaces.

Usage of the ip command:

• If your distro did not install ifconfig, you can install it in Debian with apt install net-tools.
• Or you can use the horridly ugly syntax for ip (complex and hard-to-understand help can be found here or an easier-to-understand explanation here).
• From the following example you will need to replace the IP and the interface with your own.

[1] Assign an IP address to a specific interface:

ip addr add 192.168.0.100/24 dev eth0

[2] Bring up the interface link (do NOT skip this step or you will get a “Network is unreachable” error!):

ip link set eth0 up

[3] Bring up the interface link:

ip route add default via 192.168.0.1

[1-3] All in one place… looks like this:

ip addr add 192.168.0.100/24 dev eth0
ip link set eth0 up
ip route add default via 192.168.0.1

Note on Persistence: This will only set up your network for your current work session. You'll lose it on reboot.

• ip (like the old net-tools ifconfig stuff) interacts with /etc/network/interfaces, so put all your network configuration information there and just up/down your network with these commands:

/etc/init.d/networking restart  # Restarts network interfaces, or stop/start...
/etc/init.d/networking stop     # Stops network interfaces
/etc/init.d/networking start    # Starts network interfaces

Source: https://devconnected.com/network-manager-on-linux-with-examples/

Three Options

There are 3 services that might be managing your network (in order to avoid configuration conflicts related to networks, only one networking service should be enabled at one time)…

1. ifupdown
2. systemd-networkd
3. Network Manager

If you are used to managing your networks using the “interfaces” file, you might want to keep doing that, otherwise it is recommended to switch to the Network Manager.

If you cannot do an ifconfig the install the net-tools package

This is the traditional (old school, deprecated) way to manager network interfaces. it is done through a configuration files located:

/etc/network/interfaces

If your distro installed Network Manager and you want to use ifupdown, do the following…

1. Include ifupdown as the first option of plugins in your [main] section of the NetworkManager.conf file (see below).
2. You can also change managed=false to managed=true in the [ifupdown] section of the NetworkManager.conf file (see below).
3. Manually configure your interfaces in /etc/network/interfaces.
   • This should be all you need to do (i.e., you probably don't even need to worry about steps 1 & 2).
   • The moment you configure an interface in /etc/network/interfaces, network-manager ignores that interface automatically. No need to disable or purge network-manager.
4. Restart your networking service: service network-manager restart

On newer systems, the Network Manager (Debian package: network-manager) is used instead of ifupdown (and its /etc/network/interfaces config file).

You can find the network configs in a keyfile (.ini format):

# /etc/NetworkManager/NetworkManager.conf

[main]
plugins=ifupdown,keyfile

[ifupdown]
managed=false  # false = ifupdown does not manage networks (Network Manager does)
               # true =  if you want Network Manager to handle interfaces enabled in /etc/network/interfaces

Multiple plugins: specify in a preference order using ',' as a separator. This will cause connections to be read from all listed plugins.

• Example: plugins=ifupdown,keyfile uses both the traditional ifupdown configs from /etc/network/interfaces and keyfile connections from /etc/NetworkManager/system-connections.
  • When creating new connections, or making a user-settings connection into a system-settings connection, the plugins will be asked to save the connection in the order listed here.
  • If the first plugin cannot write out that connection type, or can't write out any connections, the next plugin is tried. If none of the plugins can save the connection, the error is returned to the user.
• The keyfile plugin is the generic plugin that supports all the connection types and capabilities that NM has. It writes files out in a .ini-style format in /etc/NetworkManager/system-connections.

Configuration File: The Network Manager configuration file can be found here (but you should use nmcli or, preferred, nmtui to configure a connection)

/etc/NetworkManager/system-connections/

Network Manager Tools (included with install):

• nmcli: the dedicated command line tool used in order to configure, add, edit and remove connections using the Network Manager;
• nmtui: (tab-complete to see shortcuts) a graphical user interface that provides just a subset of features compated to nmcli. Using nmtui, you can edit a connection, activate a connection or change the hostname of your computer;
• nm-applet: available in GNOME desktop environments, this applet is used as an interface overlay which can be used in order to connect or disconnect from networks.

Loaded but inactive on a standard Debian install.

Reference: https://wiki.debian.org/SystemdNetworkd

You can set up as many network configs for as many interfaces as you want. Just set them up, comment them out, and when you want to use one remove the # and bring it up.

• As root, edit: /etc/network/interfaces.
• Note: Keep the loopback and everything else your *nix install put in there… you have been warned.
• The following example assumes eth0 for wired network and wlan0 for wireless.

Alternative: Put each of your separate configs in its own file and use ifup –interfaces FILE and ifdown –interfaces FILE to use whichever you want.

• Put a DHCP for home in one file and static in another.
• Put multiple hackLab configs for WEP, WPA, etc. each in its own file and bring them up/down with ifupdown using -i FILE or –interfaces FILE option

# +-------------------------+ #
# | Wired Network Interface | #
# +-------------------------+ #

# Comment out these lines if you want to manually bring up your network
    allow-hotplug eth0  # bring up the interface on a hotplug event
                        #  like plugging in a usb cable
    auto eth0           # bring up the interface on boot

## The following w/o auto or allow-hotplug requires manual up.

## [1] STATIC (replace subnet with your own):
#iface eth0 inet static
#    address   192.168.0.100
#    netmask   255.255.255.0
#    network   192.168.0.0
#    gateway   192.168.0.1
#    broadcast 192.168.0.255

## [2] DHCP (one or the other):
#iface eth0 inet dhcp  # IPv4
#iface eth0 inet6 auto # IPv6

# +----------------------------+ #
# | Wireless Network Interface | #
# +----------------------------+ #

# Comment out these lines if you want to manually bring up your network
    allow-hotplug wlan0
    auto wlan0

## The following w/o auto or allow-hotplug requires manual up.

## [1] STATIC (replace subnet with your own; either WEP or WPA/WPA2):

# WEP static
#iface wlan0 inet static
#    address        10.0.0.10
#    netmask        255.255.255.0
#    network        10.0.0.0
#    gateway        10.0.0.1
#    broadcast      10.0.0.255
#    wireless-essid SSID_of_Router
#    wireless-key   Not_the_Passphrase_TheKEY

## WPA/WPA2 static
#iface wlan0 inet static
#    address   10.0.0.10
#    netmask   255.255.255.0
#    network   10.0.0.0
#    gateway   10.0.0.1
#    broadcast 10.0.0.255
#    wpa-ssid  SSID_of_Router
#    wpa-psk   PassPhrase

## [2] DHCP (open, WEP or WPA/WPA2):

## Open Access Point (no encryption)
#iface wlan0 inet dhcp
#    wireless-essid SSID_of_Router

## WEP dhcp
#iface wlan0 inet dhcp
#    wireless-essid SSID_of_Router
#    wireless-key   Not_the_Passphrase_TheKEY

## WPA/WPA2 dhcp
#iface wlan0 inet dhcp
#    wpa-ssid SSID_of_Router
#    wpa-psk  PassPhrase

http://coderazzi.net/linux/dual_nic_linux.htm

Quick how-to on setting up a NFS mount on Debian (Linux-to-Linux, share a folder).

XFCE in Kali does not come out of the box with the NumLock key on the keyboard number pad enabled by default. It's annoying.

To check your settings:

xfconf-query -c keyboards -lv

It should come back with both of these:

/Default/Numlock true
/Default/RestoreNumlock true

If it doesn't then do this:

# If /Default/Numlock is false, do: 
xfconf-query -c keyboards -p /Default/Numlock -n -t bool -s true

# If /Default/RestoreNumlock is false, do: 
xfconf-query -c keyboards -p /Default/RestoreNumlock -n -t bool -s true

1. Download:

• Your file that you want to install
• The PGP Public Key (*.asc) of the file creator
• The PGP Signature (*.sig) of the file you downloaded.

2. Check the fingerprint of the Public Key:

gpg --import --import-options show-only <public-key-file>
# For older gpg versions:
gpg --with-fingerprint <public-key-file>

3. If the fingerprint is the expected one, import the public key:

gpg --import <public-key-file>
# Verify:
gpg --list-keys

4. Then verify the signature of the filed you downloaded to install:

gpg --verify filenmae.sig filename.tar.bz2  # or whatever extention it is

Enumerating SSH, ERROR: No matching key

If you get an error like this:

Unable to negotiate with 192.168.0.229 port 22: no matching key exchange method found. Their offer: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1

You need to first give it a key exchange method like this (we used the last method in the list provided, and it will give you a cipher error):

ssh 192.168.0.229 -oKexAlgorithms=+diffie-hellman-group1-sha1

Unable to negotiate with 192.168.0.229 port 22: no matching cipher found. Their offer: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,rijndael256-cbc,rijndael-cbc@lysator.liu.se

You can then give it the cipher with this commando (we used the first offer):

ssh 192.168.0.229 -oKexAlgorithms=+diffie-hellman-group1-sha1 -c aes128-cbc

And that got us in.

Attach Machine: Kali 2020.3

Attempting to run smbclient against a target machine and got the following error:

smbclient -L 192.168.0.229                        # command
protocol negotiation failed: NT_STATUS_IO_TIMEOUT # error message

Found a fix here (thank you, Arc-ansas): Edit /etc/samba/smb.conf and add the following under global:

   client min protocol = CORE
   client max protocol = SMB3

Ran smbclient -L 192.168.0.229 again and got a connection.

Result: Didn't like it. Ended up using Zim… looking at Cherrytree.

Joplin is available for Linux. Use their install script available on their website (run it as the user who wants to use the application, not as root).

Where is the AppImage?

• After you install Joplin with their install script…
• Your shiny new Joplin.AppImage is installed in ~/.joplin/
• To start it, you can either use your DE menu system or on the CLI: ~/.joplin/Joplin.AppImage.

Joplin on Debian 10 (Buster) or 11 (Bullseye) has a known issue:

[5021:0907/081821.686953:FATAL:setuid_sandbox_host.cc(157)] The SUID sandbox helper binary was found, but is not configured correctly. Rather than run without sandboxing I'm aborting now. You need to make sure that /tmp/.mount_JoplinGGzQHQ/chrome-sandbox is owned by root and has mode 4755.

Debian 10 & 11 Workarounds:

1. You can start the app with the flag –no-sandbox.

~/.joplin/Joplin.AppImage --no-sandbox

2. You can change the kernel parameter that's causing the problem (this is what I did). As root you will need to execute the following command. NOTE: This is not persistent; you will need to do it every time you restart your computer. If you want this to be persistent across reboots, then just add the kernel option change to your boot process (this is what I did). As root:

## This is the non-persistent work-around:
sysctl kernel.unprivileged_userns_clone=1

## This is the persistent work-around (adds the above to your boot process):
echo 'kernel.unprivileged_userns_clone=1' > /etc/sysctl.d/joplin_workaround.conf

Easy peasy. Joplin works like a charm!

If you want to uninstall Joplin:

rm -rf ~/.joplin &&
rm -rf ~/.config/Joplin/ &&
rm -rf ~/.config/joplin-desktop &&
rm -rf ~/.local/share/applications/appimagekit-joplin.desktop

In Linux X Windows System you can highlight text you want to copy and the single-click the middle mouse button to paste it wherever you want. Windows does not have this function, but this third-party software provides it. It's old, but appears to be very well written because it works flawlessly in Windows 10.

True X-Mouse Gizmo for Windows

http://fy.chalmers.se/~appro/nt/TXMouse/

Recommended usage.

• Download, make a shortcut to TXMouse.exe and move the shortcut to your start-up folder.
• To uninstall, remove the shortcut from the start-up folder and remove TXMouse.exe.

To get to your startup folder, either:

• Press Win + R shortcut keys together and type the following into the Run box: shell:Startup
• Go to the folder:

C:\Users\[username]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

NOTE: This will override any other middle-mouse (wheel) button function you have set. I usually set my middle mouse button to open links in my browser in a separate tab. This program killed that functionality. So… whatever.

https://www.microsoft.com/en-us/evalcenter/evaluate-windows-10-enterprise

Microsoft offers two different versions of Windows 10 Enterprise for evaluation—Enterprise and LTSC.

• Enterprise is the standard enterprise edition of Windows 10.
• LTSC (Long-term Servicing Channel) is a special edition that omits more consumer-oriented features and doesn't get updated as frequently.
• LTSC is less intrusive…

Bazzell Podcast:

• Refers to LTSC at 45:35 minutes on Q&A episode 178
• https://inteltechniques.com/blog/2020/07/10/the-privacy-security-osint-show-episode-178/