How to convert Backtrack 4 final VMware image to ESX.
I’ve had a problem with the image size that is made available by http://www.backtrack-linux.org/. The VMware image is made as a growable vmdk file. This means that is has 15 files of max 2GB. So when I want to convert this image to ESX I will need 30 GB free disk space and that was my biggest problem. I’ve only had 10 GB.
The other thing was when I want to install a new Backtrack on ESX I need 10 GB free disk space for installing vmware-tools. So the easiest way for me is to just backup/restore everything to a new 7 GB disk of the vmware workstation image. And next I will describe how I did this.
First of all download the vmware workstation image form the following link:
http://www.backtrack-linux.org/downloads/
Oke, next I add a new hard disk to the VM of a specific size you will need.
Then you can power on the VM.
When booted logon with the root user en do the following:
# fdisk /dev/sdb
# n
# p
# 1
# default <enter>
For me the next step was the size I needed:
# +6G
# n
# p
# 2
# default <enter>
For me I used the rest of the size available
# default <enter>
# a
# 1
# t
# 2
# 82 (for swap)
# w
After we did this we will have to prepare the partitions for copy the file.
# mkfs.ext3 /dev/sdb1
# mkswap /dev/sdb2
# swapon /dev/sdb2
Now we will need to mount the partitions:
# mkdir /mnt/bt
# mount /dev/sdb1 /mnt/bt
Now we’re going to copy the file system to the new disk and add the missing directories: (keep in mind that there are 2 – – before preserve)
# cp –preserve -R /{bin,dev,home,pentest,root,usr,boot,etc,lib,opt,sbin,var,srv} /mnt/bt
# mkdir /mnt/bt/{mnt,tmp,proc,sys}
# chmod 1777 /mnt/bt/tmp
The next step is to edit the /etc/fstab and /boot/grub/menu.lst to prepare the booting process to mount everything to the correct disk. In these file you will see that everything is mounted with a UUID number. So we first have to figure out what kind of new number the new disk has so we can copy this number and replace it in the files I just described.
To make it easier for yourself start the gui so you can cut & paste the UUID number:
# startx
Open a console and try to find :
# vol_id /dev/sdb1
Select and copy the UUID number and do as follow:
# vi /mnt/bt/etc/fstab
Replace the UUID of / (root) with the new one and save and quit :wq
# vol_id /dev/sdb2
(you can also use blkid instead of vol_id)
Select and copy the UUID number and do as follow:
# vi /mnt/bt/etc/fstab
Replace the UUID of swap with the new one and save and quit :wq
Now we need to edit the boot-loader menu file /boot/grub/menu.lst
# vol_id /dev/sdb1
Select and copy the UUID number and do as follow:
# vi /mnt/bt/boot/grub/menu.lst
Edit all UUID numbers of the old disk for the new one and save and quit.
After we did this we can shutdown the machine.
# shutdown -P now
Now we can remove the original disk and mount the backtrack iso to the cd-rom drive.
Start the VM and boot from the cd-rom drive.
Logon with root and do the following:
# grub
# find /boot/grub/stage1
# root (hd0,0)
# setup (hd0,0)
# quit
# reboot (unmount backtrack iso)
If you done everything correctly as I did it should be running now.
When everything is working you can shutdown the VM again and download the VMware converter. It is free so you can download it without any problem. See the following link:
http://www.vmware.com/products/converter/
When installed just use the wizard for converting you vmware wokrstation to an ESX server. This is done so easily I don’t go to explain the whole process. I think you can figure this out yourself. Otherwise google it.
Grtz,
..NiiB..
How to enable ssh for ESX3i
There is an unsupported way to enable ssh for ESX3i. I will tell you how to do this:
First go to your console of the ESX3i host and press ALT + F1 to access. The you just type in the screen unsupported and press <enter>. Now you will see the Tech Support Mode warning and a password prompt. Type in you password for the root user to login.
After this you will receive a promt like this #. No we will have to edit a config file named inetd.conf. Type the following:
# vi /etc/inetd.conf
Find the line with #ssh in it and remove the # sign. After this you can save the file press <esc> and type :wq and press <enter>.
Now we have edit the config file and we need to reload it. You can do it with a reboot, but we want our vm’s up and running. This can be done by the following command:
# kill -s HUP <PID>
To find the <PID> number you will just need this command:
# ps | grep inetd
For ESX3i version lower dan Update 2 you can just restart services.sh. This can be done by the following command:
# /sbin/services.sh restart
If you want to fast copy file over scp you can use WinSCP or a faster copying tool Veam FastSCP. This can be found by the following link http://www.veeam.com/vmware-esxi-fastscp.html
Google Hacking
Google is the most handy hacking security tool around. If you master the search operators in google it will give you a first head start for penetration testing. Johnny Long has written a good book about this. When you read this book it will amaze you how much info you can gather with google.
“Syngress – Google Hacking for Penetration Testers Volume 2”.
He keeps also a large GHDB (Google Hacking Database) up-to-date with nice searches. The http://www.foundstone.com has a tool that make use of his database and added their own databse to it. They named it sitedigger. To download this tool go to: http://www.foundstone.com/us/resources/proddesc/sitedigger.htm
If you are just novice. Just go to http://www.googleguide.com or http://www.google.com/support/websearch/bin/answer.py?hl=en&answer=136861 to make a first start. For more advanced operators check the following links:
http://www.googleguide.com/advanced_operators.html
http://www.googleguide.com/advanced_operators_reference.html
You can also use other search engines. To see the difference with other capabilities with search operators. For an overview see the following link:
http://www.searchengineshowdown.com/features/
Update 7-3-2010:
Highlighted a few operators:
For example you can search in Gigablast with operator ip: and I can say that for information gathering I use this option a lot.
An other operator what I used very often is the daterange: <start-date>-<end-date> This will make use of Julian Date. For an automatically calculation visit http://aa.usno.navy.mil/data/docs/JulianDate.php
Have fun!
Grtz,
..NiiB..
Python from novice to advance
When I was starting to learn Python I haven’t got a starting point. I first did some tutorials on the wiki.python.org and that was fun to do and I learned a lot while playing around.
So after a while I needed to get more advance stuff and found a book named dive in to python and it’s available for free. To take yourself to a advanced level this is the book you will need.
Grtz,
..NiiB..
Speech with Python
I’ve founded a nice tutorial about using synthesizer speech with python. To make use of this you will have to use a Windows System to install some packages.
Have fun!
http://mindtrove.info/articles/synthesizing-speech-with-pytts/
Grtz,
..NiiB..
Enable snmp for the Speedtouch Thompson 780
To enable snmp you have to use telnet to connect to the speedtouch router.
# telnet x.x.x.x
After this type in the following commands:
# service system modify name=SNMP_AGENT state=enabled
to check if it is really enabled type:
# service system list
If you are using telnet and you can’t scroll up to see the full list use the shift + ‘Page up’ key to do so.
Default the community string is public. If you want to change it to your own one type the following cli:
# snmp community add securityname=ROCommunity communityname=<community>
If you have a Linux System you can also check if it’s working. Go to your bash shell and type the following command:
# snmpwalk -m ALL -v1 -c <communitystring> <ip address router>
Have fun,
Grtz,
..NiiB..
Shh or sftp server for Windows
Follow the link for the software. Here you can download a freeware program to install a sshd or sftp server on your windows machine.
Testing speed harddisk on linux
Choose a harddisk to test disk speed. In this example it will be /dev/hda2:
time dd if=/dev/hda2 of=/dev/null bs=1024k count=128
For more information on how to do this check link.
BeginnersGuides for learning Python
If you want to learn Python this link is something for you.
vi’s beginners guide
vi is a rather powerful text editor, found on most UNIX-based systems. Because it’s so widespread, it’s really handy to know a little bit about it – especially if you are administering a lot of machines, or find yourself on an unfamiliar system.
Unfortunately, vi can be a bit daunting for the new user due to the vast number of commands it understands. Many complete vi references exist, but sometimes it can take a while leafing through pages of information just to find out how to correct a typing error!
The summary below gives a new user just enough information to start using vi successfuly, without getting swamped in the details.
Basic Concepts
The most important thing to know is this:
There are two main modes in vi – command mode, and edit mode.
Always try and remember which mode you’re in. This isn’t always easy, but it’s a good mental exercise. It’s a bit like knowing which gear you’re in whilst driving a car.
Edit Mode (i)
By default, vi starts up in command mode. There are lots of ways to get into edit mode from command mode. Here are a few of them…
i Insert (when you just want to type something) r Replace this character with the next key pressed R As above, but stay in replace mode (for replacing multiple characters) o Start inserting on the next line O Start inserting on the previous line A Start inserting at the end of this line I Start inserting at the beginning of this line
…and there are a few more, but that’s enough to be getting along with for now.
Then type away 🙂
Command Mode (Esc)
The Esc key brings you to command mode. If you’re already in command mode, you may hear a beep or see a “visual bell” – which is just a flash of the screen.
In command mode, you’ll be wanting to do things like saving your file, quitting the program, searching for a text string. Stuff like that. Here’s a helpful reference list. All commands are case-sensitive.
:w Write the file to disk. :w filename Write the file out to disk with a new filename :w! Write, disregarding any warnings :q Quit :q! Quit, disregarding any warnings :wq Write and quit :x Write and quit
Cursor movement (also in command mode):
Arrow keys move the cursor around, as do h, j, k and l.
G Moves to the last line of the file
23G Move to line 23. You'll not see the numbers appear as you
type them (As you'd expect, this works for other numbers too.
For instance, 1G is a very useful command)
$ Move to the end of the current line
^ Move to the beginning of the current line
w Move forward by one word
And now for some copying and pasting:
x Delete the current character
yy Copy the current line
dd Delete the current line (also copies the line - a bit like
'cut', but *anything* that's deleted gets copied)
D Delete from here to the end of the line
p Paste the last copied thing (after the cursor)
P Paste the last copied thing (before the cursor)
Some slightly more advanced stuff can be achieved by messing around with the above letters, and sticking some numbers in as well…
eg.
ddp Swaps the current line with the next [cut then paste]
xp Swaps the current character with the next [cut then paste]
4x Deletes the next 4 characters
4dd Deletes the next 4 lines. This can be v useful for cutting
and pasting whole blocks of text.
4yy Copies the next 4 lines
dG Deletes everything from this line to the end of the file
yG Copies everything from this line to the end of the file
p Pastes that which you last copied or deleted
As you can see, a lot of the commands are just combinations of other commands.
eg. y copy $ move to the end of the line y$ copy everything from here to the end of the line d delete $ move to the end of the line d$ delete everything from here to the end of the line
Confusingly, D also deletes everything to the end of the line (like d$), but Y copies the entire line (like yy). Don’t worry too much about this. In vi there is often more than one way to do things.
One last useful command is J. It’s much more useful than it looks 🙂
J Append the next line onto this one.
There is no security on this earth. Only opportunity. 