I downloaded from vulnhub and put Kioptrix 2014 on my lab network for my next machine challenge. This box had some software I hadn’t seen before, exposed social security numbers and lacked some of the commands I usually attacked.
I wasn’t able to get an interactive shell without using the metasploit framework, which is a little disappointing….but overall it was a fun box to hack on.
If you’re looking for tools like
route and are getting a
command not found error, you are missing the
net-tools package. This used to be installed by default, but since Ubuntu 18.04 it is not.
Simple fix. Just install it:
sudo apt-get install -y net-tools
Ever since Ubuntu, my Linux distro of choice, switched from
/etc/network/interfaces to start using Netplan I have a mental block about how to configure a static IP. Hence this post.
Today I wanted to keep working through the Kioptrix Level 1.2. I pulled the machine from vulnhub and set it up on my ESXi lab network.
I’m running Kali on an OLD Macbook Air. I ran an update today and was having trouble completing the initramfs update so I removed the old kernels and rebooted.
Of course when the system came back up, the wifi adapter wasn’t working. Missing firmware. The Macbook is using a Broadcom 43224 device.
After some troubleshooting and internet researching, I found I needed to install a brcmsmac package. Thanks to this debian wiki page. I grabbed an Alfa USB wireless adapter to get online in the meantime.
These are the commands I ran. Simple fix, just using apt-get and modprobe.
sudo apt-get install firmware-brcm80211
modprobe -r brcmsmac
The wifi adapter came back up after that. Just leaving this here in case it can help someone else too.
Today’s boot2root machine is an old one: Kioptrix Level 1 from all the way back in 2010. I’ve got the machine downloaded and added to my lab network on my ESXi server.
Since I use terraform to clone and provision VMs on ESXi, I need to use VMWare’s ovftool. However, I’ve been having errors lately. The OVFTool wants to install using python2, and I keep getting syntax errors. Seems like it’s using my Python3 install and I can’t get it to install.
If we cannot install the ovftool via the conventional way, we have to find a detour or a workaround to get there. For this particular issue with the failed installation on Ubuntu 20.04, this means extracting the ovftool files from the installation .bundle, copying them to /usr/bin/ and configure an alias for the ovftool executable.
For my home network, I’ve been trying to transitioning to using an Infrastructure-as-code (IaC) approach based on a terraform and the terraform esxi provider plugin. I maintain a few “gold images” of the base line systems, then clone and provision as needed.
I’m not sure where the root cause of this issue is, but I’ve seen it pop up a few times now so I figured I’d write down how I’ve fixed it.
I perform quarterly phishing awareness simulations for one of my consulting clients so I needed a way to easily recreate my phishing infrastructure. This is heavily inspired from this ired.team’s blog post. Just customized for my simple needs.
You can check out the code I’m using on GitHub.