Linux Archive

0

How to install Steam OS

20131215-012447.jpg

There are two different install methods for SteamOS. ”’WARNING: BOTH METHODS WILL ERASE EVERYTHING ON THE MACHINE”’

1- The easiest method is an image-based install using CloneZilla.
You will need to create a SteamOS System Restore USB stick to perform this install. The image provided here requires at least a 1TB disk.

-Format a 4GB or larger USB stick with the FAT32 filesystem. Use “SYSRESTORE” as the partition name
-Unzip the contents of SYSRESTORE.zip to this USB stick to create the System Restore USB stick
-Put the System Restore USB stick in your target machine. Boot your machine and tell the BIOS to boot off the stick. (usually something like F8, F11 or F12 will bring up the BIOS boot menu).
-Make sure you select the UEFI entry, it may look something like “UEFI: Patriot Memory PMAP”
-Select “Restore Entire Disk” from the GRUB menu.
-System Restore will proceed automatically. When it is complete it will reboot into your freshly re-imaged SteamOS

2 – The second method is based on the Debian Installer.
It requires multiple configuration steps:

-Unzip the SteamOSInstaller.zip file to a blank, FAT32-formatted USB stick.
-Put the USB stick in your target machine. Boot your machine and tell the BIOS to boot off the stick. (usually something like F8, F11, or F12 will bring up the BIOS boot menu).
-Make sure you select the UEFI entry, it may look something like “UEFI: Patriot Memory PMAP”
-Pick “Automated Install” from the next menu.
-The rest of the installation is unattended and will repartition the drive and install SteamOS.
-After installation is complete, log onto the resulting system (using the Gnome session) with the predefined “steam” account. The password is “steam”. Run steam, accept the EULA, and let it bootstrap. Logoff the steam account
-Log on with the “desktop” account. The password is “desktop”
-From a terminal window, run ~/post_logon.sh. This will prompt for a password – enter “desktop”. This script will perform the post-install customizations, delete itself, then reboot into the recovery partition capture utility.
-Confirm “y” to continue and the recovery partition will be created. When it is finished, reboot into your freshly installed SteamOS.

Source: Steam FAQs

2

Review: BackTrack 5 Wireless Penetration Testing Beginner’s Guide

 

Backtrack 5 Wireless Penetration Testing Beginner’s Guide

An amazing book. This one wastes no time with a long pre-amble or justifying why you’d need to know how to pen-test; it just tells you what you need to know. You’re sniffing wireless traffic right from the start, injecting packets by page 40 or so, and then you’re off spoofing MAC addreses, cracking WPA (even shared authentication), and doing man-in-the-middle attacks.

This is not a book that explains a lot of theory and then expects you to figure out how to apply it. It’s a finely-tuned set of clear, intentional tutorials that explains how to use the tools, how to get results, and then explains what happened and why. It covers some of the basics (like ifconfig, iwconfig, ping, and a little bit about packet specifications), and then moves on to the heavy-lifters like airmon, aireplay, airodump, wireshark, and others.

Read the rest of this entry »

0

Review: Metasploit: The Penetration Tester’s Guide

 

Metasploit: The Penetration Tester’s Guide

Metasploit is an open source framework for penetration testing. The Metasploit 4.0 framework is currently available for free download for Windows, Linux and Unix.

“Metasploit The Penetration Tester’s Guide” is authored by Kennedy, O’Gorman, Kearns and Aharoni and is published by No Starch Press just this year 2011.The book opens with a short and sweet introduction to penetration testing and security. But worry not, this introduction won’t keep the anxious beginner waiting too long, and won’t bore the experienced. In the next few chapters the authors provide a copious amount of screenshots, ensuring that the reader can always follow along.
The authors then run us through some Metasploit basics and it’s not long before we’re already looking the source for a basic port scanner program.

Read the rest of this entry »

0

Speed up Ubuntu software installations with apt-fast

apt-get is an often used Ubuntu Linux command for installing and updating new software in terminal, but it downloads the files with a single connection. Here’s a replacement for apt-get named apt-fast. apt-fast is a fully open-source script by Matt Parnell, it does almost the same thing as apt-get does, except the downloading part.

The download part of apt-fast is handled by axel download accelerator, which is a simple,short process, but everything else is extremely straight forward. It’s roughly 26x faster than apt-get, according to Matt Parnell.

Install axel and setup apt-fast

First, install axel with this command:

sudo apt-get install axel

Then, download apt-fast script from : http://www.mattparnell.com/linux/apt-fast/

Finally, move just downloaded file apt-fast.sh to /usr/bin, and give it executable privilege:

sudo mv ~/Downloads/apt-fast.sh /usr/bin/apt-fast
sudo chmod +x /usr/bin/apt-fast

Now,just use it like apt-get. Such as apt-fast update,apt-fast install packagename,apt-fast dist-upgrade. Should your download stall for any number of reasons, you’ll need to do an apt-fast clean.

0

Ubuntu 10.10 Maverick Meerkat is now available

There aren’t any glaring changes that stand out on first install from the RC, and all the stuff we love is still there: easy installation, the incredibly user-friendly Software Center, Ubuntu One’s streaming music (which is on its way to getting even better), the new Ubuntu font, and the Unity interface for netbooks, to name a few. If you’ve been biding your time until the official release, your wait is over, so head over to Ubuntu.com to download a disk image (or just hit up Update Manager if you’re already running Ubuntu). And, while you’re waiting for it to install, be sure to brush up on all the new features with lifehacker’s screenshot tour.

Ubuntu, as always, is a free download.



0

How to upgrade to Ubuntu 10.10 Release Candidate


If you ask me about how safe it is to use a release candidate, well,  I have been using Ubuntu 10.10 from its third Alpha and so far not even a single crash. But it’s heavily depended on your hardware and more importantly, Ubuntu 10.10 final will be released in another 7 days. May be you should wait till then instead.

So if you are using Ubuntu 10.04(or early releases) and want to upgrade to new Ubuntu 10.10 RC, hit ALT + F2 and type the following,

update-manager -d

Alternatively, you could download the latest Ubuntu 10.10 RC from http://ubuntu-releases.cs.umn.edu/10.10/.

0

Amarok 2.3.2 “Moonshine” released, many improvements

Amarok 2.3.2 “Moonshine” is slowly but surely becoming a great media player.  The latest release is a big leap forward in that.

From amarok.kde.org:

The Amarok Team is happy to announce the release of Amarok 2.3.2.

This release brings with it much requested bugfixes for some long-standing bugs. Specifically, Dynamic Collection has received fixes and should now work better with external hard drives and USB mass storage devices (Collection directories on these media will need to be rescanned for the changes to take effect). The Collection Browser now refreshes properly after a full rescan, fixing a bug where it would show incorrectly cached entries until Amarok was restarted.

Read the rest of this entry »

6

Dump hashes from SAM files remotely with NMAP and pwdump

While on a penetration test it is sometimes necessary to pull hash files from windows systems to crack weak passwords.  You could easily do this with a Metasploit meterpreter session, but sometimes I like to do it without exploiting the box.  Also doing it remotely over the network without a user’s knowledge is always a big plus.  This method isn’t always usable and available, but in the right situation we can use an NMAP script called pw-dump.nse to do this.  The downside is that it requires an account on the box, and right now it needs to be a Windows Server 2000 or Server 2003 OS to be able to pull the local accounts.

First, we obviously need NMAP installed.  For this tutorial I’ll be using Backtrack4-R1, which currently has NMAP 5.35DC1 installed.  If you look in the directory /usr/share/nmap/scripts you’ll see all sorts of scripts that do some really helpful things on a test.

What we’re going to use is the one called smb-pwdump.nse.  If you don’t have that script you’ll need to download it and put it into the scripts directory.  The only place I could find the script was in a slightly older version of NMAP, version 5.00.

Read the rest of this entry »

0

Xmarks service ends January 2011

Sadly it looks like Xmarks is pulling the plug on their bookmarks and password sync software.  I’ve really enjoyed their service over the past few years, and I’m sure it will be difficult to find something to replace it.  Here was the email that they sent out:

Dear Xmarks User,

We’ve always said we won’t email you unless it’s important; this is one of those occasions:

Xmarks will be shutting down our free browser synchronization services on January 10, 2011. For details on how to transition to recommended alternatives, consult this page.

For the full story behind the Xmarks shutdown, please read our blog post.

Thank you for being a part of the Xmarks community; we apologize for any inconvenience this step may cause you. We believe we have the best users in the world, and we hope your bookmarks find a new and happy home soon.

Asynchronously,

— The Xmarks Team

0

How to install the Metasploit Framework 3.4.1 on Ubuntu 10.04

First, download the framework from http://www.metasploit.com/framework/download/.  I chose framework-3.4.1-linux-i686.run for a 32 bit install of Ubuntu 10.04.

From a command shell, cd to the location of the downloaded file and run the following command.

sudo sh ./framework-3.4.1-linux-i686.run

It will ask you where to install metasploit, the default being in /opt/metasploit3.  Just accept the default unless you want it somewhere else.

It will then ask you if you want to automatically update, which I highly recommend answering yes to this.

Then you can choose to update it now.

After it’s installed you can manually update it by running

sudo msfupdate

To start metasploit

sudo msfconsole

5

Set a static IP address in Backtrack 4

First you’ll need to make sure the networking service is started:

/etc/init.d/networking start

Then you can set the static IP address:

ifconfig eth0 10.1.1.97 netmask 255.255.255.0 up

Set the default gateway:
BackTrack 5 Wireless Penetration Testing Beginner’s Guide

route add default gw 10.1.1.1

Set your dns servers and search suffixes:

nano /etc/resolv.conf

Add the following lines for your environment:

domain internaldomain.local
search internaldomain.local
nameserver 10.1.1.15
nameserver 10.1.1.10

That’s it.  You should have network connectivity.

 

0

Permanently keep the location bar in nautilus on Ubuntu Lucid 10.04

Gnome seems to have taken away the option to keep the location bar permanently in nautilus.  So here’s how to get it back and keep it…

gconf-editor

Browse to /apps/nautilus/preferences.  Check the option always_use_location_entry.  Done.

0

Installing BackTrack 4 Pre-Final to a usb drive with changes

To install BT4 Pre Final on a pen drive you can use the hard disk installer.
It’s pretty basic.
1. Take an empty pen drive (this tutorial requires an 8 GB min. USB drive, for smaller look under the alternative methods)
2. Get bt4-pre-final.iso
3. Burn it with nero or whatever (use low writing speed)
4. Boot the live CD, startx and run install.sh – you may get the “Language failed with exit code 10” – don’t worry just continue
5. Follow the instructions and when you get to the partitioner use ‘Guided – use entire disk’ and select sdb (you should have inserted your USB after the live CD booted – please do check the partitioner for your USB – it might be marked sdc, sdd …) thnx Snakerdlk
6. Finish the rest of the steps and at step 7 choose advanced and select /dev/sdb1 for the boot loader
7. It will then perform all the necessary steps to create the USB. (Be patient – it will take some time to copy all the files from a CD to a USB)

Grub will be updated with any eventual systems you have installed but they will not be bootable (which is normal because you are booting from a USB stick), so you can simply edit the menu list (nano /boot/grub/menu.lst) and remove the fake loaders. BT will be listed as Ubuntu 8.10 (this should be obvious but I did say noob-proof).

Some tips

– you should use the login and pass that you entered during the installation
– if you switch to root before you start kde (sudo -i) you will use KDE as root (also should be obvious but again I did say N-P)
– you can use gparted if you don’t like how the installer arranged your partitions

source here: http://forums.remote-exploit.org/backtrack-4-howto/23652-bt4-usb-installation-noob-proof-tutorial.html

0

SSH Logins without passwords on Ubuntu Linux

From the steps that I’m outlining you can ssh from a client to a server without using a password.  The computer that you execute the ssh command from is the client, and the computer you are connecting to is the server.  We’ll be creating a set of signed keys that will eliminate the need to log in with a password with ssh protocol 2.

On the client, run the following command to create the protocol 2 key.  This will create the files id_dsa and id_dsa.pub inside $HOME/.ssh.

ssh-keygen -t dsa

You should be able to just press enter through all the questions.

Then we’ll use ssh-copy-id to copy the key to the remote server.

ssh-copy-id -i .ssh/id_dsa.pub boreditguy@server

That’s it, you should be able to ssh to your server without having to use a password.

3

*Updated* Manage Windows machines with remote Windows shell on Ubuntu Linux with winexe

In a previous post I showed how to manage windows machines remotely with winexe. http://boreditguy.com/blog/?p=160

Well a comment on the post informed me that wmi-client and winexe were removed from the Ubuntu Jaunty repositories.  This would definitely keep me from upgrading to Jaunty without it.

Well don’t fear, I’ve made a workaround.

Download winexe from here http://boreditguy.com/blog/data/winexe-static-081123.bz2

Extract the bz2 to your desktop.

Make winexe executable:

sudo chmod a+x Desktop/winexe-static-081123

Rename it to winexe

mv Desktop/winexe-static-081123 Desktop/winexe

Copy it to /usr/local/bin

sudo cp Desktop/winexe /usr/local/bin

That’s it, you can run winexe to connect to windows machines now.

0

Cairo-Dock 2 beta on Ubuntu

Deb packages have been released for the first cairo-dock 2 beta for Ubuntu.

http://developer.berlios.de/project/showfiles.php?group_id=8724

short demos can be seen here :
http://fr.youtube.com/watch?v=8UCjEoT7b8c
http://fr.youtube.com/watch?v=Imm_sKMC5zM
http://fr.youtube.com/watch?v=yWwXaQMdhiQ
http://fr.youtube.com/watch?v=kITz0OhhcJM
http://fr.youtube.com/watch?v=doSwDETrrAE

Here are some of the features of the new 2.0.0 version:

* Cairo-Dock is now a full OpenGL dock ! (the cairo backend is still available for old graphic cards or ATI)
* New plug-ins provide many animations & visual effects : Animated icons, icon effects, illusion, drop indicator, motion blur, dialog rendering
* New applets : keyboard indicator, mail, quick browser, Toons, weblets.
* The config panel has been widely rewritten.
* Great improvment of the Taskbar ergonomics.
* Desklets can be rotated in 3D.
* Dialogs have many different window decorators.
* A lot of new themes, old ones have been reviewed.
* The Theme Manager can now download new themes on the server for many applets : clock, dustbin, Cairo-Penguin, Toons, etc and can build theme packages to easily exchange themes between users.
* XGamma : added the ability to setup a custom luminosity on startup.
* Shortcuts : added display of disk space.
* Clock : smooth seconds’ needle movment.
* Slider : 3D transitions betweens slides and Exif data.
* Rhythmbox : 3D themes.
* Gmenu : added a quick launcher in an “ALT+F2” fashion
* Direct scroll on many applets : XGamma, Slider, AlsaMixer, etc, and also on applications’ icons.

0

Install Google Chromium (Google Chrome) on Ubuntu

Chromium is an open source web browser. The project was founded by Google, which built Google Chrome on top of the code of Chromium.
While I knew that Linux and Mac versions were in the works, I found out that a PPA repository for daily builds of Linux’s Chromium does exist ! (we’re talking about a native non-using Wine version)

Before explaing how to install it, let me just specify we’re talking about alpha builds, and pretty incomplete ones. Just basic web surfing works.  Chromium may not work, make you lose data or make your lose your cat. Remember if that anything breaks, you’re on your own – install it only if you’re comfortable with restoring your system/data.  Also keep in mind this disclaimer on the PPA’s launchpad page:

Ubuntu daily builds of the Chromium browser.
The PPA is maintained by a bot, so it contains completely untested builds, mostly useful to track regressions or if you are curious, or just brave.

The package is still a work-in-progress, so is Chromium, please be patient.

FAQ: no native 64bit debs planed for now. The amd64 package is using ia32-libs.

Project page for Chromium in Ubuntu: https://launchpad.net/chromium-project

How to install Chromium on Ubuntu

Edit your /etc/apt/sources.list file

sudo nano /etc/apt/sources.list

or

sudo gedit /etc/apt/sources.list

Add these two lines to the bottom of the file:

deb http://ppa.launchpad.net/chromium-daily/ppa/ubuntu intrepid main
deb
src http://ppa.launchpad.net/chromium-daily/ppa/ubuntu intrepid main

Install msttcorefonts, as they are required.

sudo apt-get install msttcorefonts

Then update and install:

sudo aptget update
sudo apt
get install chromiumbrowser

Chromium will now be on your internet menu.

screenshot_0011




0

How to install VMWare Tools in SUSE

Installing vmtools in openSUSE is not as simple as installing it in a Windows or Ubuntu VM, but once you know what to do it’s not too bad.

To install VMWare Tools for openSUSE guest OS

Once your OS is installed, you’ll now need to install the prerequisite software on the openSUSE virtual machine.

~> yast2 –install gcc gcc-c++ kernel-source make

This installs the GNU C & C++ compilers, kernel Source packages and the make utility.

In VMWare, click the VM menu and select Install VMWare Tools.

In SUSE, open your cd drive, right click the rpm package and select Open with “Package Installer”.

vmware-tools-rpm

Once installed you’ll need to run the vmtools config perl script.

~> /usr/bin/vmware-config-tools.pl

Reboot your VM and you will have VMWare Tools running.