Kush, Nishchal

9/02/2011

Metasploit presentation for CTF

We had a CTF training at the labs today, where I tried to present a brief introduction to metasploit. I seriously doubt I did the tool any justice, but a colleage has requested a copy of the sides as a PDF document. I have uploaded the slides to http://www.kush.com.fj/resources/metasploit-presentation.pdf. The presentation was mostly a demo using metasploitable. ~~Perhaps in future there may be an opportunity to do a complete walk through of the metasploitable image posted here. I started~~ I started work on a metasploit walkthrough, its still incomplete but its a star. You can find the walk through here http://nkush.blogspot.com/2011/09/metasploitable-walkthrough.html

Installing Metasploit 4.0.0 on Apple Mac OS X 10.6.8

The installation instructions are quite well documented on the Rapid7 documentation site[1]; But in my usual style of duplicating data on the Internet, I have documented my efforts below. The key requirements of Xcode and macports was already addressed on this particular machine :)

Note: It's important to ensure that any anti-virus (AV) software is temporarily disabled and appropriate scanning exceptions added, this is to prevent the AV from quarenteening the exploits and payloads that some with metasploit.

sudo bash
port selfupdate
port install ruby19 +nosuffix
echo $PATH # Ensure that /opt/local/bin appears before /usr/bin, else edit ~/.bash_profile file and source it; ". ~/.bash_profile" or "source ~/.bash_profile"
port install mysql5-server
gem install mysql
cd /opt
wget http://updates.metasploit.com/data/releases/framework-4.0.0.tar.bz2
bunzip2 framework-4.0.0.tar.bz2
tar xvf framework-4.0.0.tar
cd msf3
svn update
ln -s /opt/msf3/msf* /opt/local/bin/

References:

https://community.rapid7.com/docs/DOC-1037
http://www.metasploit.com/download/

8/27/2011

WikiCFP

WikiCFP is a useful wiki site that collates CFP.

However am a bit disappointed that it does not automatically track to the following year for the same events, e.g. once a conference is over and the dates for the following year announced, it should link to the following years conference details, instead of manually searching for it.

There is also an iPhone Application called WikiCFP that links to the site. Although functional, the application is not very intuitive, for the relatively high price of the application I was expecting more out of it, e.g. calendar integration, etc.

Runtime on notebooks

Got an Apple MacBook Pro towards the start of the year. Issue was that closing the lid only puts the machine in stand by mode which still consumes power, so I wasn't getting as long a runtime as I would on my old HP nx6120 with a travel battery.

A Google search led me to Todd Huss's[2] page below. This identified the pmset[1] command as being quite useful. I followed the instructions and now have the MacBook hibernating when I close the lid. Since then I have been asked by a number of colleagues about this, so thought I better document it here.

I rebuilt the old HP nx6120 to run Ubuntu 10.04 LTS. Again noticed that I wasn't getting reasonable runtime, instead of the usual 8-10 hrs, I only got around 3-4hrs. A discussion with a colleague led me to Linux Laptop Tools. Again some "Googling" led to the Ubuntu power management[3] which seemed to increase the runtime.

References

8/26/2011

securingSCADA.info

The securingSCADA.info site was launched earlier this year, it now boasts the wiki, that is slowly being populated with resource information on penetration testing, security compliance, etc.

It's targeted towards individuals and organisations from academia and industry working in relation to SCADA, smart grid and related security areas. Of course everyone is welcome to sign up and contribute as the site is driven to providing security through collaboration.

The site is located at http://www.securingscada.info

8/24/2011

Installing joomscan on Ubuntu 10.04 LTS

OWASP Joomla! Security Scanner that "detects file inclusion, sql injection, command execution vulnerabilities of a target Joomla! web site." However it appears to have been neglected, but is promised to be updated soon.

cd /opt
sudo apt-get install -y libtest-www-mechanize-perl
svn co https://joomscan.svn.sourceforge.net/svnroot/joomscan joomscan
cd joomscan
chmod 755 trunk/joomscan.pl
trunk/joomscan.pl update

8/23/2011

Installing Metasploit 4.0.0 on Ubuntu 10.04 LTS

Installing metasploit is quite easy. I have documented the installation instructions that I used below, however its just as simple to follow the more comprehensive instructions from the Rapid7/Metasploit site[1] (https://community.rapid7.com/docs/DOC-1296).

sudo apt-get install -y ruby libopenssl-ruby libyaml-ruby libdl-ruby libiconv-ruby libreadline-ruby irb ri rubygems
wget http://updates.metasploit.com/data/releases/framework-4.0.0.tar.bz2
sudo mkdir /opt/metasploit4
sudo bunzip framework-4.0.0.tar.bz2
sudo tar xvf framework-4.0.0.tar
sudo mv msf3 /opt/metasploit4
sudo chown -R root:root /opt/metasploit4/msf3
sudo ln -s /opt/metasploit4/msf3/msf* /usr/local/bin
cd /opt/metasploit4/msf3
sudo svn update
sudo crontab -e -u root # Enter "1 * * * * * /usr/bin/svn update /opt/metasploit4/msf3/ >> /var/log/msf3update.log 2>&1"
sudo apt-get install -y mysql-server
sudo apt-get install -y rubygems libmysqlclient-dev
sudo apt-get install -y ruby-dev
sudo gem install mysql

References:

https://community.rapid7.com/docs/DOC-1296

7/09/2011

Ubuntu apt-get error

When performing an "apt-get update" I got the following error

Reading package lists... Error!

E: Dynamic MMap ran out of room. Please increase the size of APT::Cache-Limit. Current value: 25165824. (man 5 apt.conf)

E: Error occurred while processing xxx

E: Problem with MergeList /var/lib/apt/lists/xxx

W: Unable to munmap

E: The package lists or status file could not be parsed or opened.

Am unsure why this is happening, but suspect it has something to do with the cache size allocated for the repositories. A quick Google search revealed a debian bug1 that helped.

sudo echo 'APT::Cache-Limit "125829120";' > /etc/apt/apt.conf.d/30cache

Seems to have fixed the problem, a quick sudo apt-get update and sudo apt-get upgrade had me happily hacking away again.

References:

https://bugs.launchpad.net/debian/+source/apt/+bug/24626

4/03/2011

Ramblings...

I cannot speak for other students, but I find feedback and constructive criticism very useful to my education and overall performance. Unfortunately I am finding the latter increasingly absent from the current academic environment, esp. when it comes to submitting official forms to QUT. It seems like a black hole at times

Oh well, “Such is life”. I seem to be quoting this a lot recently. Perhaps as a subconscious resignation to my lot in life. Just realised I have the same initials as Ned Kelly, but unfortunately his proper name was Edward Kelly, so I guess not...

3/06/2011

Cisco 857W Router - Upgrade ADSL Firmware

To upgrade the ADSL firmware you need to get the latest .bin firmware file from Cisco. You will need a CCO and a valid contract to download the file.

One you have this, copy the file to flash using a TFTP server. Then rename the file to remove the version number, then make a backup of the configuration file just in case and reboot the router. The reboot should force the new firmware to be loaded. Once rebooted verify the version of the firmware

Check the version of the firmware current running
show dsl interface ATM 0

Init FW: init_xxx-x.x.xxx.bin
Operation FW: xxx-x.x.x.bin
FW Source: xxxxxxxx
FW Version: x.x.x

Check the amount of space available on flash for the firmware, ensure that the bytes free is greater than the size of the firmware .bin file
show flash

19353600 bytes total (5369856 bytes free)

Copy the firmware .bin file to flash
copy tftp://xxx.xxx.xxx.xxx/adsl_alc_20190.x.x.x.bin

Rename the file on flash to adsl_alc_20190.bin
rename flash:adsl_alc_20190.x.x.x.bin adsl_alc_20190.bin

Reboot the router
reload