Code

I/O error text message notification

by on Dec.31, 2016, under Code, Posts

Recently a good friend be-gifted me Banana PI M3 for my birthday. I decided to turn it into a NAS. Granted it is no Synology NAS but it gets the job done and openmediavault is a wonderful software suite to use on it. I thought to myself, “It would be nice to get a notification if there are any I/O errors via dmesg on my homemade NAS. So I whipped up a simple solution:

vim /bin/ioerrorcontact

#!/bin/bash

if dmesg | fgrep ‘I/O error’ &> /dev/null;
then
curl http://textbelt.com/text -d number=MyPhoneNumber -d message=”I/O Error on your NAS” &> /dev/null;
fi

crontab -e

0 * * * *       bash /bin/ioerrorcontact

This is just a quick and simple hack but it’s peace of mind knowing that I have something in place to notify me if my simple NAS is having any issues, especially since I do not have RAID 1 configured on it. RAID 1 via BananaPi or really any other Pi devices at this point isn’t really that great because you would have the split one SATA channel/bandwidth to be able to get it to work. I also strongly recommend that if you’re going to build a low powered NAS device using a Pi device, to use the BananaPi because it has gigabit Ethernet. Other than that, if you have the money to shell out and want a better solution, I recommend Synology NAS products.

#Update 4/14/2017

Textbelt.com now requires a key parameter and is no longer ‘free’:

Leave a Comment :, , , , , , , more...

Kali.nogui.armel.zitstif.chroot.482013 Update

by on Feb.08, 2016, under Code, Posts

For those of you who don’t own devices that are officially supported by nethunter or if you’re not having any luck porting over nethunter using this method: https://github.com/offensive-security/kali-nethunter/wiki/Porting-Nethunter , there is hope for you to at least run Kali on your device. Of course you need a device that is rootable and you’ll need to download the following 7z file:

https://archive.org/download/Kali.nogui.armel.zitstif.chroot.482013/kali.nogui.armel.zitstif.chroot.482013.7z

kali.nogui.armel.zitstif.chroot.482013.7z

md5: d60c5a52bcea35834daecb860bd8a5c7
sha1: f62c2633d214de9edad1842c9209f443bcea385d

kali.img

MD5: be61799f8eb2d98ff8874daaf572a1d5
SHA-1: f9c6a820349530350bbb902d17ae6b4a5173937c

Then simply look over this post: http://zitstif.no-ip.org/?p=811

Once you have this setup, according to “JosephTheHacker Pwn3r” :

Great News ,I have successfully updated your kali img into rolling edtion! ,It really works at my tablet by editing the sources.list file in the “/etc/apt/sources.list”

in sources.list:

deb http://http.kali.org/kali kali-rolling main contrib non-free

deb-src http://http.kali.org/kali kali-rolling main contrib non-free

then I typed apt-get upgrade!

and also I doubled checked the new tools installed on kali img”

So essentially you’ll have to just edit your sources.list file to only have these repositories and issue a:

apt-get update && apt-get dist-upgrade -y

As for how well it works, I’m not quite sure because I am now running the nethunter ROM on my Nexus 6. However, I would like to thank “JosephTheHacker Pwn3r” for looking into this and informing me. Lastly, if rooting your phone is not an option but you still want a debian terminal based environment to work with, I highly recommend checking out Termux:

https://play.google.com/store/apps/details?id=com.termux&hl=en

Leave a Comment :, , , , , , , more...


Kali Linux 2.0 (x64) system upgrade GUI fix

by on Oct.08, 2015, under Code, Posts

When Kali Linux 2.0 came out I decided to upgrade my laptop to this version through the upgrade process (which took very long keep in mind.. it may have just been quicker to just reload the OS). Upon completion of the upgrade process I noticed the desktop GUI and windows didn’t look quite right. Additionally the theme wasn’t right either. Long story short I had to install these packages to fix the issue:

gir1.2-gnomebluetooth-1.0
gir1.2-gnomedesktop-3.0
gir1.2-gnomekeyring-1.0
gkbd-capplet
gnome-accessibility-themes
gnome-backgrounds
gnome-bluetooth
gnome-brave-icon-theme
gnome-calculator
gnome-colors-common
gnome-contacts
gnome-control-center
gnome-control-center-data
gnome-core
gnome-desktop3-data
gnome-dictionary
gnome-disk-utility
gnome-font-viewer
gnome-icon-theme
gnome-icon-theme-symbolic
gnome-keyring
gnome-menus
gnome-mime-data
gnome-online-accounts
gnome-online-miners
gnome-orca
gnome-packagekit
gnome-packagekit-data
gnome-packagekit-session
gnome-screenshot
gnome-session
gnome-session-bin
gnome-session-common
gnome-settings-daemon
gnome-shell
gnome-shell-common
gnome-shell-extension-dashtodock
gnome-shell-extension-easyscreencast
gnome-shell-extension-proxyswitcher
gnome-shell-extension-refreshwifi
gnome-shell-extension-workspacestodock
gnome-shell-extensions
gnome-sushi
gnome-system-log
gnome-system-monitor
gnome-terminal
gnome-terminal-data
gnome-theme-kali
gnome-themes-standard:amd64
gnome-themes-standard-data
gnome-tweak-tool
gnome-user-guide
gnome-user-share
kali-desktop-gnome
libgnome-2-0:amd64
libgnome-bluetooth13
libgnome-desktop-3-10
libgnome-keyring-common
libgnome-keyring0:amd64
libgnome-menu-3-0
libgnome2-0:amd64
libgnome2-bin
libgnome2-common
libgnomekbd-common
libgnomekbd8
libgnomevfs2-0:amd64
libgnomevfs2-common
libgnomevfs2-extra:amd64
libpam-gnome-keyring
libsoup-gnome2.4-1:amd64
network-manager-gnome
policykit-1-gnome

Or you can simply run this quick and dirty script (using sudo obviously):

View as txt here:

Leave a Comment :, , , , , more...

Sewing Patches in the Veil AV Evasion Framework

by on Aug.24, 2013, under Code, Posts

I have to admit that I am a little bit weary about the gaining popularity of Veil. AV evasion is really a game of cat and mouse, between the anti-virus companies and the individuals who are trying to evade detection. In this article we will be taking the role of the ‘mouse’ per se by working with this framework. We will first fix a bug in the framework and I will also show you how to use this framework in an ARM Kali chroot environment where wine is not readily available.

First, let us fix Veil because without this fix, Veil’s use under a Linux environment is diminished greatly. To get the Veil framework, you can either do:

git clone https://github.com/ChrisTruncer/Veil veil

Or

sudo apt-get install veil #If you have the right repositories or are using Kali Linux


To get the newest bleeding edge version, you’ll want to use the git method. However, if you use this method you will need to run the setup.sh script under the setup directory. This will handle the installing of the necessary dependencies. If you’re running an ARM Kali chroot environment on an Android based device, you will want to use ‘git’ because if you attempt to use apt-get to install veil, it will bomb out and give you an error message that wine is unavailable.

Upon my first use of Veil, I followed this post from the SANS Penetration Testing website closely. One issue I ran into was in the ‘How would you like to create your payload executable?‘ stage. The default method ‘Pyinstaller’ method did not seem to be creating an executable  in the veil/output/compiled/ directory, but it would create a source file in the source directory (which is still useful, more on this later).

I knew the framework relied on wine and a wine installed version of python to generate payloads under a Linux environment but wasn’t sure where to look for where this took place in Veil’s code. I started greping for wine in the Veil python modules and soon discovered this interesting piece of code that appeared to be the source of the problem.

Line 84 of the supportfiles.py file which is in the veil/modules/common/ directory contains this line of code:

os.system(‘wine ‘ + os.path.expanduser(‘~/.wine/drive_c/Python27/python.exe’) + ‘ ‘ + os.path.expanduser(‘~/pyinstaller-2.0/pyinstaller.py’) + ‘ –noconsole –onefile ‘ + payloadFile )

Due to the fixed path of ‘~/pyinstaller-2.0/pyinstaller.py’ for Veil to work with this current code, one must have this directory structure and files in their home directory. If you’re using Kali Linux, change this piece of code to ‘/usr/share/pyinstaller/pyinstaller.py’ and Veil will now create portable windows executables.

Before I discovered the source of this bug and simple fix for it, I took the harder route and attempted to create the portable executables under wine following these requirements (from https://github.com/ChrisTruncer/Veil/blob/master/README.md ) :

Windows

  1. Python (tested with x86 – http://www.python.org/download/releases/2.7/)
  2. Py2Exe (http://sourceforge.net/projects/py2exe/files/py2exe/0.6.9/)
  3. PyCrypto (http://www.voidspace.org.uk/python/modules.shtml)

I soon learned there were issues with py2exe working under wine. py2exe under wine creates invalid windows portable executables. (http://stackoverflow.com/questions/12170373/python-to-windows-executable-under-wine). I was then stuck with the Py2Exe method that relies on having a Windows machine readily available.

Veil Mobile Scenario

This then brings me back to the mobile scenario. To the best of my knowledge at the moment (and correct me if I’m wrong) you can’t install wine under an ARM Kali Linux chroot environment. So if you want to create payloads using Veil on your Android device, you will have to first obtain Veil via git. Secondly, there is no need to fix the code like I posted. You can leave the code as is.

You can now create python source files using either pyinstaller or py2exe under Veil. If you use the pyinstaller method, you will have to copy the files to a Linux machine that has necessarily dependencies for Veil and you can simply create an executable doing something like this:

wine ~/.wine/drive_c/Python27/python.exe /usr/share/pyinstaller/pyinstaller.py meterpreterpayload.py

Or you can use the py2exe method and copy the files to a Windows machine and compile your executable that way.

Other issues with Veil

One minor annoyance with Veil, is that I’ve noticed the portable executables are kind of hefty in size. If you create a payload using the pyinstaller method, the executable is about 2.4 megs and if you create one using the py2exe method under windows, the executable is over  5 megs. This is quite large in comparison to using msfpayload/msfencode or msfvenom, which creates payloads that are typically less than 100 kilobytes.

I would also like to see Veil being able to bind the obfuscated payload to non malicious executable like putty, however all in all I’m very impressed with this framework and hope the developers like Chris Truncer keep up the good work.

Leave a Comment :, , , , , , , , , more...

Looking for something?

Use the form below to search the site:

Still not finding what you're looking for? Drop a comment on a post or contact us so we can take care of it!