Getting Started - Get your VMs ready

Offensive Security is a great way to improve your corporate cybersecurity posture.

I like the idea as it similar to a old chess principle, "attack is the best defense".

Unlike a table top exercise or audit, you can test your exploits' or cyber security offensive ideas to probe security gaps in your corporate network.


Hosting labs on virtual machines is a great idea, without risking your regular workstation, accidents can sometimes happen when your kernel exploits go haywire or you rather NOT run vulnerable goat virtual machines on your home WiFI networks.

Oracle VirtualBox are a good way to start as I cannot imagine paying for a VMware workstation suite.

Invest some time and visit the site below.  You will get good instructions to download and install the virtual machine software.

https://www.virtualbox.org/wiki/Downloads

At the URL https://www.virtualbox.org/wiki/Downloads

Look for a section that says "VirtualBox Extension Pack" and click "All Supported platform".  When you see a pop-up box, make sure it says Open with Virtualbox Manager (default) and click OK.

 

This improves the usability of the virtual box VM.  The VM is hosted in a VirtualBox Windows and you do not need to play special tricks to "capture" the keyboard and mouse, VMware workstation users who are usually driven crazy by the mouse or keyboard capture will find this a great relief.

After reading the installation guides, I easily install VirtualBox on my laptop, it is rather easy. 

This great link explained the various types of network clearly, well I certainly wished that VMware does a better job of explaining their various network options in their paid workstation software.

https://www.nakivo.com/blog/virtualbox-network-setting-guide/

The next step is tricky, do I use Kali Linux, Parrot OS or Commando VM?

Well I opted for Parrot OS as it has slightly more cyber security tools.

Go to the Parrot OS site and read the FAQs again .... below;

https://docs.parrotlinux.org/faq/

I took the easy way out, I downloaded the Parrot Security OVA file, use the defaults for the RAM, CPU Cores, 128MB video ram and spin up a nice Parrot OS Security VM with the nice Mate Terminal below.


Yes, passwords.  The default password is toor. You are advised to change the root and user password.

Click Application->Systems Tools and select Root Terminal.  At the command prompt, type passwd root to change the root password. 

This allows you to su to root at the Mate terminal from the default user account.  To run the Mate Terminal, click Application->System Tools->Mate Terminal.

Give yourself a pat in the back once this is done!

Comments

Post a Comment

Popular posts from this blog

Now go grab bashdb for debugging bash on Visual Studio Code

Image
Strangely by default, the bash debugger or bashdb is not part of the build, so apt installs are out. Therefore we need to spend some time to get bashdb up and and working.    We will need 3 components or the bashdb deb package will complain bitterly that libreadline6 and multiarch-support are missing and refuse to budge. To solve this problem, we need to install bashdb from the deb packages manually.  Go the following websites to download the deb install packages for the following; https://packages.debian.org/jessie/amd64/libreadline6/download https://packages.debian.org/jessie/amd64/multiarch-support/download https://ubuntu.pkgs.org/16.04/ubuntu-universe-amd64/bashdb_4.3.0.91+ds-4_amd64.deb.html To install, su to root and type dpkg -i <deb-package-name> to install the 2 required libraries before installing bashdb . Next fire up the Visual Studio Code that is pre-installed on Parrot OS, for some strange reason, Visual Studio Code is given a strange nam...
Read more

Learning C/C++ and Assembly may be the best thing for Offensive Security

Image
I read with interest how various Western Red Teams go through all lengths to get a single Mitre test working nicely, dumping lsass.exe. In addition, the Blue Teams have a lot of help in this area with EDRs aka expensive Endpoint Detection and Response software hitting all alerts when you even try to get near to lsass.exe process. Most of the red team companies do write great blogs documenting the efforts they put in their process dumpers.  Obviously they will not share their secret sauce in a free blog. The logic is simple, why let their months of hard work go down the drain when some nice chaps will download their work to Virustotal or turn them into some machine learning generated signatures when the commercial EDR companies tow Virustotal for intelligence. If you read their blogs carefully, how do they fool the EDRs using merely C/C++?  Yes, the mention syscall but they do not go reveal all their secrets easily. Ok, luckily my C/C++ and x86 Assembly are largely intact despi...
Read more

Doing Something That F5 Should Have Done Long Ago

Image
If you are a PT or Offensive chap, you will pay attention to web application parameters for cheap thrills. Generally Red Teams helps the Blue Team, we are not auditors. It is not surprising to find hundreds of parameters for a web application. Now if you are a Blue Team victim, you might want a job switch when you see this below. The next logical step is as follows ...  Question: " Mr F5, is this view exportable? " Answer: " Not until England wins the Euro or World Cup. " In offensive security, we do not take " No " for a lame answer. Parameters' exported.   Nice, now to analyse it for potholes and entry points.
Read more