Change default network name (ens33) to old “eth0” on Ubuntu

# ifconfig
ens33     Link encap:Ethernet  HWaddr 00:0c:29:bb:8b:8e
          inet addr:10.0.10.131  Bcast:10.0.10.255  Mask:255.255.255.0
          inet6 addr: fe80::20c:29ff:febb:8b8e/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:150 errors:0 dropped:0 overruns:0 frame:0
          TX packets:82 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:20532 (20.5 KB)  TX bytes:10858 (10.8 KB)

# dmesg | grep -i eth
[    2.196929] e1000 0000:02:01.0 eth0: (PCI:66MHz:32-bit) 00:0c:29:bb:8b:8e
[    2.196938] e1000 0000:02:01.0 eth0: Intel(R) PRO/1000 Network Connection
[    2.204129] e1000 0000:02:01.0 ens33: renamed from eth0

# nano /etc/default/grub
add this
GRUB_CMDLINE_LINUX=”net.ifnames=0 biosdevname=0″

# grub-mkconfig -o /boot/grub/grub.cfg

# cat /etc/network/interfaces
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet static
        address 10.0.10.131
        netmask 255.255.255.0
        dns-nameservers 8.8.8.8
        gateway 10.0.10.1
# reboot

# ifconfig
eth0      Link encap:Ethernet  HWaddr 00:0c:29:bb:8b:8e
          inet addr:10.0.1.11  Bcast:10.0.10.255  Mask:255.255.255.0
          inet6 addr: fe80::20c:29ff:febb:8b8e/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:230 errors:0 dropped:0 overruns:0 frame:0
          TX packets:136 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:29638 (29.6 KB)  TX bytes:19317 (19.3 KB)
Advertisements

Unbound DNS Server Installation

update and upgrade
# apt-get update
# apt-get upgrade -y

-disable firewall
# ufw disable
-set correct date and timezone
# rm /etc/localtime
# ln -s /usr/share/zoneinfo/Asia/Jakarta /etc/localtime

-disable dnsmasq
# cat /etc/NetworkManager/NetworkManager.conf
[main]
plugins=ifupdown,keyfile,ofono
#dns=dnsmasq
[ifupdown]
managed=false

-install unbound dns
# apt-get install unbound
-set cronjob to download named.root automatically
# wget https://www.internic.net/domain/named.root -o /etc/unbound/root.hints
# cat /etc/cron.d/named-root
0 * * * * root wget -c http wget -c http://www.internic.net/domain/named.root -O /etc/unbound/root.hints
# crontab /etc/cron.d/named-root

# cat unbound.conf
server:
    interface: 0.0.0.0
    interface: ::0
    access-control: 0.0.0.0/0 allow
#    access-control: 127.0.0.0 allow
#    access-control: 2001:db8:dead:beef::/48 allow
    # unbound optimisation
    num-threads: 4
    msg-cache-slabs: 16
    rrset-cache-slabs: 16
    infra-cache-slabs: 16
    key-cache-slabs: 16
    outgoing-range: 206
    so-rcvbuf: 4m
    so-sndbuf: 4m
    so-reuseport: yes
    rrset-cache-size: 100m
    msg-cache-size: 50m
    # unbound security
    do-ip4: yes
    do-ip6: yes
    do-udp: yes
    do-tcp: yes
    cache-max-ttl: 86400
    cache-min-ttl: 3600
    hide-identity: yes
    hide-version: yes
    minimal-responses: yes
    prefetch: yes
    use-caps-for-id: yes
    verbosity: 1
    harden-glue: yes
    harden-dnssec-stripped: yes
    root-hints: “/etc/unbound/root.hints”
    private-domain: “ngtrain.com
    private-address: 10.0.10.0/24
#  private-address: 2001:db8:dead:beef::/48
    local-data: “vc.ngtrain.com.  IN A 10.0.10.80″
    local-data-ptr: “10.0.10.80  vc.ngtrain.com
forward-zone:
    name: “.”
    forward-addr: 1.1.1.1
    forward-addr: 9.9.9.9
include: “/etc/unbound/unbound.conf.d/*.conf”

# reboot

Change Shell Prompt color

for example you want to change username and hostname like this

mario@mycomputer

add into /etc/skel/.bashrc
# If root then red text prompt otherwise green
CURRENTUSER=`whoami`
if [ “$CURRENTUSER” = “root” ]; then
PS1=’\[\033[38;5;1m\]\u\[$(tput sgr0)\]\[\033[38;5;15m\]@\[$(tput sgr0)\]\[\033[38;5;22m\]\h\[$(tput sgr0)\]\[\033[38;5;15m\] \[$(tput sgr0)\]\[\033[38;5;4m\]\w\[$(tput sgr0)\]\[\033[38;5;15m\]#\[$(tput sgr0)\]’
else
PS1=’\[\033[38;5;2m\]\u\[$(tput sgr0)\]\[\033[38;5;15m\]@\[$(tput sgr0)\]\[\033[38;5;1m\]\h\[$(tput sgr0)\]\[\033[38;5;15m\] \[$(tput sgr0)\]\[\033[38;5;4m\]\w\[$(tput sgr0)\]\[\033[38;5;15m\]\\$\[$(tput sgr0)\]’
fi

TeamViewer installation on Kali

-install sddm as default X windows because default X windows in Kali didn’t allow remote TeamViewer without login GUI first

# apt-get install sddm

# dpkg –add-architecture i386
# apt-get update
# dpkg -i –force-depends teamviewer_i386.deb
# apt-get install -f

# teamviewer –daemon start

-get current TeamViewer id either from GUI or CLI
# teamviewer –info print version, status, id
 TeamViewer                           12.0.71510  (DEB)
 teamviewerd status                   ● teamviewerd.service – TeamViewer remote control daemon
   Loaded: loaded (/etc/systemd/system/teamviewerd.service; enabled; vendor preset: disabled)
   Active: active (running) since Sun 2017-03-19 09:02:02 PDT; 9min ago
  Process: 1140 ExecStart=/opt/teamviewer/tv_bin/teamviewerd -d (code=exited, status=0/SUCCESS)
 Main PID: 1162 (teamviewerd)
    Tasks: 12 (limit: 4915)
   CGroup: /system.slice/teamviewerd.service
           └─1162 /opt/teamviewer/tv_bin/teamviewerd -d
Mar 19 09:02:00 kali2 systemd[1]: Starting TeamViewer remote control daemon…
Mar 19 09:02:02 kali2 systemd[1]: Started TeamViewer remote control daemon.

 TeamViewer ID:                        798024234

-run teamviewer gui
# teamviewer
click Connection/Setup Unattended Access
click Next
Image.png
Image.png

click Finish

Now you can remotely connect to your Linux TeamViewer
NOTE:
-every time you adding device or login to new device while login to your TeamViewer a/c. TeamViewer will ask your permission by sending an email with title “Device authorization needed”
Just click a link in that email to add your device into your TV a/c

MichaCry an Automatic Pentesting Tools

# cd /root
# apt-get install figlet -y
# cd MichaCry
# chmod +x michaCry.sh personalCom.sh setup.sh webApp.sh wireless.sh
# vi setup.sh
change this part
# vi michaCry.sh
change
espeak
to

echo

# ./setup.sh
# ./michaCry.sh

20170304 17.15.jpg

screen root privillege escalation

NOTE:
-this exploit will make normal user become root
-tried working with Ubuntu 13.x with old patches but not with Debian 8 or Parrot with latest patches

If you don’t have screen 4.05 then you need to install or compile yourself
# apt-get install screen
or
# cd /root
# cd screen-4.5.0
# apt-get install libncurses5-dev
# ./configure;make;make install

# screen -v
Screen version 4.05.00 (GNU) 10-Dec-16

# su – user1
$ ./screenroot.sh
~ gnu/screenroot ~
[+] First, we create our shell and library…
[+] Now we create our /etc/ld.so.preload file…
[+] Triggering…
‘ from /etc/ld.so.preload cannot be preloaded: ignored.
[+] done!
No Sockets found in /tmp/screens/S-user1.

# whoami
root

Installing FireFox on Debian

# echo “deb http://mozilla.debian.net/ jessie-backports firefox-release” >> /etc/apt/sources.list.d/mozilla-firefox.list
# cat /etc/apt/preferences.d/mozilla-firefox
Package: *
Pin: origin mozilla.debian.net
Pin-Priority: 501

# apt-get update
# apt-cache policy firefox
firefox:
  Installed: 51.0.1-3
  Candidate: 51.0.1-3
  Version table:
 *** 51.0.1-3 1001
       1001 http://mirrordirector.archive.parrotsec.org/parrot stable/main amd64 Packages
        100 /var/lib/dpkg/status
     51.0.1-3~bpo80+1 501
        501 http://mozilla.debian.net jessie-backports/firefox-release amd64 Packages

# apt-get install firefox -y