Only from the comfort of your own 127.0.0.1

A quick blurb – one thing about setting up the networks from Georgia Weidman’s Penetration Testing book is that she has the networks as bridged.  Which is nice, until you start setting up your own static IPs.  I use an Apple Express which has Class A public IPs (10.0.1.1 – 10.0.1.254), so I set my static IPs for XP and Windows 7 in that range.  If you hop on a network that is in the Class C public IP space (192.168.1.1 – 192.168.1.254), it isn’t going to work.  I remembered this when I started using the VMs at the coffee shop rather than home.   The solution?  Either revert back to DHCP to get on the Internet or create another network, this one should be a NAT (Network Address Translation).  This way the VM creates its own NAT behind the LAN/WLAN router.  I am going to then disable it after I get what I need from the Internet.

dhclient and restarting smbd

When I installed Kali 2018.2, after bridging the network in VMWare, I wasn’t able to get to the network.  Through a Kali udemy course, I learned two commands that have been working for me in not only Kali, but other Linux machines to get an ip address and bridge the connection.  In Kali, you are root, so I didn’t need sudo.  If you are using a different user, you will need to sudo to run the commands (with the exception of ifconfig):

  • ifconfig

With ifconfig, look to see what your interface is (eth0, eth1).  Mine is eth0 in Kali, so I wil use that for the next command

  • dhclient eth0

DHCP Client, dhclient, provides a means for configuring one or more network interfaces using the Dynamic Host Configuration Protocol, BOOTP protocol, or if these protocols fail, by statically assigning an address.

  • service smbd restart

smbd is the server daemon that provides filesharing and printing services to Windows clients. The server provides filespace and printer services to clients using the SMB (or CIFS) protocol. This is compatible with the LanManager protocol, and can service LanManager clients. These include MSCLIENT 3.0 for DOS, Windows for Workgroups, Windows 95/98/ME, Windows NT, Windows 2000, OS/2, DAVE for Macintosh, and smbfs for Linux

Now try pinging google:

  • ping 8.8.8.8

You should be connected now.  Whoo!

XAMPP 1.7.2, Adobe Reader 8.1.2, & mona.py

In Georgia Weidman’s Book, Penetration Testing: A Hands-On Introduction to Hacking, it looks like the link to XAMPP 1.7.2, Adobe Reader 8.12, and mona.py is broken.

  • I used SourceForge to download XAMPP 1.7.2, direct link here.
  • I used Brothersoft to download Adobe Reader 8.1.2, direct link here. (Disclaimer: Brothersoft has an executable wrapper around the software, where it downloads a Brothersoft executable which downloads Adobe Reader.  Dumb.)
  • I used corelan’s GitHub repo to download mona.py, raw file here.

Zervit 0.4 on Windows XP sp1

I have decided to continue working through Georgia Weidman’s book, Penetration Testing: A Hands-On Introduction to Hacking.  I got stuck on page 40, chapter 1 when it Georgia asked me to install Zervit 0.4 on Windows XP sp1.  Windows XP sp1 comes with IE6 which is so old, most web servers don’t even support the connections to it.  So when I tried going to http://www.exploit-db.com/exploits/12582/ to download Zervit, I was getting a blank page.

So, I had two options, one, I thought about installing VMWare Tools and connecting a folder where I could download Zervit on my host machine, put Zervit in the folder, and then open it in XP.  I couldn’t seem to be able to install what was needed on the host machine (when I went to Player -> Manage -> Install VMWare it was greyed out), so plan two, I updated IE 6 to IE 8 through automatic updates but didn’t install any of the security updates (I think I might have don’t killbits along with updating IE 6 to IE 8, I hope this doesn’t come to bite me later).  Once I got IE 8 installed, I, of course, used it to install chrome.

Now I have access to many more sites, as chrome for XP is supported a bit better than IE 6.  Went to http://www.exploit-db.com/exploits/12582/ for Zervit 0.4 on my shiny new XP sp1 chrome browser and viola, I am able to access it.

Hello world. Long time coming.

I sometimes tease my wife for starting things, and then never really finishing through on them.  Like starting a project, and then it falls by the wayside.  It’s very hypocritical of me, as I myself start so many things, with a passion that later dwindles.  Not this time.

Case in point.  This isn’t my first blog.  I have little blogs stored in the crevices of the Internet that I am not sure where they all are.  I have been a Web Design Studio (fully equipped as an LLC), I have done DJing, I have been a radio broadcaster, and a podcaster all under the iMova “umbrella” of my online identity.  This part of the Internet, imova.com, has been patiently “under construction” for what feels like an eternity.

When I started as a “photographer” by creating a flickr account, it was in Bettles, Alaska at 2 am on my birthday when the sun was still in a haze above the arctic circle.  How fitting would it is then to start my “cybersecurity blog” on my birthday.   2 am today.

See, I want to be a Penetration Tester.   I want to be a good, confident (that’s half the battle), technical penetration tester.  So I have been picking up books and committing to someday, get a real technical certification under my belt, my Offensive Security Certified Penetration Tester (OSCP) certification.  I just picked up The Hacker Playbook 3, as working through Georgia’s Penetration Testing book has been good, I got stuck sometimes as the tech is getting old in that book.

Reading the introduction to The Hacker Playbook, Peter Kim harps on the criticality to have your own site, that your own public blog speaks volumes.  I always knew this.  Following up, I am inspired by the richest man on the planet, Jeff Bezos, who said that if he never tried this Internet thing, he would never know he could ever do it.

So here it is, my attempt to try to work into Penetration Testing.  I think this is what iMova.com should be used for.  I might chat about other things too, but I aim to tag my postings to filter relevancy.

begin.