Kali tools installation

Encrypt volumes

Volumes / and swap are encrypted.

Change vi config

u505@naos:~$ vi .vimrc
u505@naos:~$ cat .vimrc
set mouse-=a
syntax on
u505@naos:~$ sudo cp .vimrc /etc/skel/
u505@naos:~$ sudo cp .vimrc /root/

Change bashrc

cp bashrc /home/u505/.bashrc
sudo cp bashrc /root/.bashrc
sudo cp bashrc /etc/skel/.bashrc

Packages

sudo apt install cifs-utils ssh xrdp
sudo apt install cifs-utils ssh xrdp ocl-icd-libopencl1 nvidia-driver virtualbox nvidia-cuda-toolkit cmake python3-pip python-pip exiftool keepass2 gobuster mutt rlwrap torbrowser-launcher html2text connect-proxy lynx ltrace strace irssi okular libreoffice snmp-mibs-downloader terminator neo4j jxplorer npm buildtorrent putty ridenum libguestfs-tools ipv6-toolkit kali-linux-everything default-mysql-server bc alien

u505@naos:~$ sudo dpkg --add-architecture i386
u505@naos:~$ sudo apt update
u505@naos:~$ sudo apt install wine32 libc6:i386

u505@naos:~$ curl -sSL https://packages.microsoft.com/keys/microsoft.asc | sudo apt-key add -
Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead (see apt-key(8)).
OK
u505@naos:~$ echo "deb [arch=amd64] https://packages.microsoft.com/repos/vscode stable main" | sudo tee /etc/apt/sources.list.d/vscode.list
deb [arch=amd64] https://packages.microsoft.com/repos/vscode stable main
u505@naos:~$ sudo apt update
u505@naos:~$ sudo apt install code

Python modules

u505@naos:/opt/utils$ sudo pip install mechanize termcolor droopescan hexdump
u505@naos:/opt/utils$ sudo pip3 install websockets pathlib ipparser droopescan hexdump pwntools beautifulsoup4 requests cx_Oracle colorlog pycrypto distorm3

Enable ssh and xrdp

u505@naos:~$ sudo systemctl enable ssh
Synchronizing state of ssh.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install enable ssh
Created symlink /etc/systemd/system/sshd.service → /lib/systemd/system/ssh.service.
Created symlink /etc/systemd/system/multi-user.target.wants/ssh.service → /lib/systemd/system/ssh.service.
u505@naos:~$ sudo systemctl enable xrdp
Synchronizing state of xrdp.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install enable xrdp
u505@naos:~$ cd .ssh/
u505@naos:~/.ssh$ cat authorized_keys
ssh-rsa AAAAB3...xy5w== u505@naos.oamis.net
u505@naos:~/.ssh$ chmod 600 authorized_keys
 u505@naos:~/.ssh$ cd 
u505@naos:~$ sudo vi /etc/ssh/sshd_config
[sudo] password for u505: 
u505@naos:~$ cat /etc/ssh/sshd_config | grep -v "^#" | grep -v "^$"
Include /etc/ssh/sshd_config.d/*.conf
PasswordAuthentication no
ChallengeResponseAuthentication no
UsePAM yes
X11Forwarding yes
PrintMotd no
AcceptEnv LANG LC_*
Subsystem       sftp    /usr/lib/openssh/sftp-server
u505@naos:~$ sudo systemctl restart ssh

Enable MIBS

u505@naos:~$ sudo vi /etc/snmp/snmp.conf
u505@naos:~$ cat /etc/snmp/snmp.conf
# As the snmp packages come without MIB files due to license reasons, loading
# of MIBs is disabled by default. If you added the MIBs you can reenable
# loading them by commenting out the following line.
#mibs :


# If you want to globally change where snmp libraries, commands and daemons
# look for MIBS, change the line below. Note you can set this for individual
# tools with the -M option or MIBDIRS environment variable.
#
# mibdirs /usr/share/snmp/mibs:/usr/share/snmp/mibs/iana:/usr/share/snmp/mibs/ietf

Setup TPM

DOES NOT COMPILE

u505@naos:~$ sudo systemctl start trousers
u505@naos:~$ sudo tpm_takeownership -z
Enter owner password:
Confirm password:
u505@naos:~$ cd /opt/
u505@naos:/opt$ sudo git clone https://github.com/Rohde-Schwarz-Cybersecurity/TrustedGRUB2
Cloning into 'TrustedGRUB2'...
remote: Enumerating objects: 82525, done.
remote: Total 82525 (delta 0), reused 0 (delta 0), pack-reused 82525
Receiving objects: 100% (82525/82525), 19.60 MiB | 20.73 MiB/s, done.
Resolving deltas: 100% (61859/61859), done.
u505@naos:/opt$ cd TrustedGRUB2/
u505@naos:/opt/TrustedGRUB2$ sudo ./autogen.sh
u505@naos:/opt/TrustedGRUB2$ sudo ./configure --prefix=`pwd` --target=i386 -with-platform=pc
u505@naos:/opt/TrustedGRUB2$ sudo make

Local repositories

u505@naos:~$ cd /opt/
u505@naos:/opt$ sudo chgrp u505 ./
u505@naos:/opt$ sudo chmod 775 ./
u505@naos:/opt$ git clone https://u505@gitserver/git/HTB.git
u505@naos:/opt$ cd HTB/
u505@naos:/opt/HTB$ git config --global user.name "Daniel Simao"
u505@naos:/opt/HTB$ git config --global user.email "daniel@simao.us"
u505@naos:/opt$ git clone https://u505@gitserver/git/Collection1.git

Enable Wireshark sniffing for local user

Add user to group wireshark

u505@naos:~$ sudo usermod -a -G wireshark u505
u505@naos:~$ sudo dpkg-reconfigure wireshark-common

External utils

GDB tools

u505@naos:~$ cd /opt/
u505@naos:/opt$ mkdir utils
u505@naos:/opt$ cd utils/
u505@naos:/opt/utils$ git clone https://github.com/hugsy/gef.git
u505@naos:/opt/utils$ sudo pip install capstone keystone-engine pylint ropper unicorn
u505@naos:/opt/utils$ sudo pip3 install capstone keystone-engine pylint ropper unicorn
u505@naos:/opt/utils$ git clone https://github.com/longld/peda.git
u505@naos:/opt/utils$ git clone https://github.com/pwndbg/pwndbg
u505@naos:/opt/utils$ vi ~/.gdbinit
u505@naos:/opt/utils$ cat ~/.gdbinit
define init-peda
source /opt/utils/peda/peda.py
end
document init-peda
Initializes the PEDA (Python Exploit Development Assistant for GDB) framework
end


define init-gef
source /opt/utils/gef/gef.py
end
document init-gef
Initializes GEF (GDB Enhanced Features)
end


define init-pwndbg
source /opt/utils/pwndbg/gdbinit.py
end
document init-pwndbg
Initializes PwnDBG
end
u505@naos:/opt/utils$ sudo cp ~/.gdbinit /root/.gdbinit
u505@naos:/opt/utils$ sudo cp ~/.gdbinit /etc/skel/.gdbinit

Pwntools

u505@naos:/opt/utils$ sudo pip install pwntools
u505@naos:/opt/utils$ sudo pip3 install pwntools

One gadget

u505@naos:/opt/utils$ git clone https://github.com/david942j/one_gadget.git
u505@naos:/opt/utils$ cd one_gadget/
u505@naos:/opt/utils/one_gadget$ sudo gem install one_gadget
u505@naos:/opt/utils/one_gadget$ cd ..

Ghidra

u505@naos:/opt/utils$ wget -q https://ghidra-sre.org/ghidra_9.1.2_PUBLIC_20200212.zip
u505@naos:/opt/utils$ unzip ghidra_9.1.2_PUBLIC_20200212.zip
u505@naos:/opt/utils$ ln -s ghidra_9.1.2_PUBLIC ghidra
u505@naos:/opt/utils/ghidra$ sudo vi /usr/share/applications/Ghidra.desktop
u505@naos:/opt/utils/ghidra$ cat /usr/share/applications/Ghidra.desktop
[Desktop Entry]
Name=Ghidra
Encoding=UTF-8
Exec=sh -c "/opt/utils/ghidra/ghidraRun"
Icon=/opt/utils/ghidra/docs/images/GHIDRA_1.png
StartupNotify=false
Terminal=false
Type=Application
Categories=07-reverseengineer;

LinEnum

u505@naos:/opt/utils$ git clone https://github.com/rebootuser/LinEnum.git

Pspy

u505@naos:/opt/utils$ mkdir pspy
u505@naos:/opt/utils$ cd pspy/
u505@naos:/opt/utils/pspy$ wget -q https://github.com/DominicBreuker/pspy/releases/download/v1.2.0/pspy32
u505@naos:/opt/utils/pspy$ wget -q https://github.com/DominicBreuker/pspy/releases/download/v1.2.0/pspy64
u505@naos:/opt/utils/pspy$ wget -q https://github.com/DominicBreuker/pspy/releases/download/v1.2.0/pspy32s
u505@naos:/opt/utils/pspy$ wget -q https://github.com/DominicBreuker/pspy/releases/download/v1.2.0/pspy64s
u505@naos:/opt/utils/pspy$ chmod +x *
u505@naos:/opt/utils/pspy$ cd ..

Nmapautomator

u505@naos:/opt/utils$ git clone https://github.com/21y4d/nmapAutomator.git
u505@naos:/opt/utils$ chmod +x nmapAutomator/nmapAutomator.sh

Dirsearch

u505@naos:/opt/utils$ git clone https://github.com/maurosoria/dirsearch.git

Jaws (Just another Windows (Enum) script)

u505@naos:/opt/utils$ git clone https://github.com/411Hall/JAWS.git

mdless (to see md files in terminal)

u505@naos:/opt/utils$ git clone https://github.com/ttscoff/mdless.git
u505@naos:/opt/utils$ cd mdless/
u505@naos:/opt/utils/mdless$ sudo gem install mdless
u505@naos:/opt/utils/mdless$ cd ..

Impacket

u505@naos:/opt/utils$ git clone https://github.com/SecureAuthCorp/impacket.git
u505@naos:/opt/utils$ cd impacket/
u505@naos:/opt/utils/impacket$ sudo python3 setup.py install
u505@naos:/opt/utils/impacket$ cd ..

Nullinux

u505@naos:/opt/utils$ git clone https://github.com/m8r0wn/nullinux.git

Decrypt mRemoteNG passwords from config files

u505@naos:/opt/utils$ git clone https://github.com/haseebT/mRemoteNG-Decrypt.git

Cisco Type 7 password decrypter

u505@naos:/opt/utils$ git clone https://github.com/theevilbit/ciscot7.git

Evil-winrm

u505@naos:/opt/utils$ sudo gem install evil-winrm

Fix deprecated message

u505@naos:/opt/utils$ sudo gem install openssl

https://github.com/mdp/gibberish/pull/27/commits/6329a149916e13b02e1337b4daaf74513785670c

u505@naos:/opt/utils$ sudo vi +39 /usr/lib/ruby/vendor_ruby/net/ntlm/client/session.rb
u505@naos:/opt/utils$ sudo vi +128 /usr/lib/ruby/vendor_ruby/net/ntlm/client/session.rb
u505@naos:/opt/utils$ sudo vi +140 /usr/lib/ruby/vendor_ruby/net/ntlm/client/session.rb
u505@naos:/opt/utils$ grep -n 'OpenSSL::Cipher::Cipher.new("rc4")' -A1 /usr/lib/ruby/vendor_ruby/net/ntlm/client/session.rb
39:          #rc4 = OpenSSL::Cipher::Cipher.new("rc4")
40-          rc4 = OpenSSL::Cipher.new("rc4")
--
129:            #rc4 = OpenSSL::Cipher::Cipher.new("rc4")
130-            rc4 = OpenSSL::Cipher.new("rc4")
--
140:            #rc4 = OpenSSL::Cipher::Cipher.new("rc4")
141-            rc4 = OpenSSL::Cipher.new("rc4")

Sysinternal tools

u505@naos:/opt/utils$ mkdir Sysinternals
u505@naos:/opt/utils$ cd Sysinternals/
u505@naos:/opt/utils/Sysinternals$ wget -q https://download.sysinternals.com/files/SysinternalsSuite.zip
u505@naos:/opt/utils/Sysinternals$ unzip SysinternalsSuite.zip
u505@naos:/opt/utils/Sysinternals$ cd ..

Php shell

u505@naos:/opt/utils$ git clone https://github.com/Dhayalanb/windows-php-reverse-shell.git
u505@naos:/opt/utils$ git clone https://github.com/WhiteWinterWolf/wwwolf-php-webshell.git
u505@naos:/opt/utils$ git clone https://github.com/b374k/b374k.git

Windows Exploit suggester

u505@naos:/opt/utils$ git clone https://github.com/bitsadmin/wesng.git
u505@naos:/opt/utils$ cd wesng/
u505@naos:/opt/utils/wesng$ sudo python3 setup.py build
u505@naos:/opt/utils/wesng$ sudo python3 setup.py install
u505@naos:/opt/utils/wesng$ cd ..

Urlencode

u505@naos:/opt/utils$ mkdir urlencode
u505@naos:/opt/utils$ cd urlencode/
u505@naos:/opt/utils/urlencode$ wget -q https://gist.githubusercontent.com/cdown/1163649/raw/356166e6a1564d93e02e174718eb59f50108a7aa/gistfile1.sh
u505@naos:/opt/utils/urlencode$ cd ..

Bloodhound

u505@naos:~$ sudo neo4j console
[sudo] password for u505:
Active database: graph.db
Directories in use:
 home:         /usr/share/neo4j
 config:       /usr/share/neo4j/conf
 logs:         /usr/share/neo4j/logs
 plugins:      /usr/share/neo4j/plugins
 import:       /usr/share/neo4j/import
 data:         /usr/share/neo4j/data
 certificates: /usr/share/neo4j/certificates
 run:          /usr/share/neo4j/run
Starting Neo4j.
WARNING: Max 1024 open files allowed, minimum of 40000 recommended. See the Neo4j manual.
2020-06-23 19:58:50.402+0000 INFO  ======== Neo4j 3.5.3 ========
2020-06-23 19:58:50.412+0000 INFO  Starting...
2020-06-23 19:58:52.587+0000 INFO  Bolt enabled on 127.0.0.1:7687.
2020-06-23 19:58:53.777+0000 INFO  Started.
2020-06-23 19:58:54.583+0000 INFO  Remote interface available at http://localhost:7474/

u505@naos:/opt/utils$ git clone https://github.com/BloodHoundAD/BloodHound.git
u505@naos:/opt/utils$ sudo npm install -g electron-packager
u505@naos:/opt/utils$ cd BloodHound/
u505@naos:/opt/utils/BloodHound$ sudo npm install
u505@naos:/opt/utils/BloodHound$ sudo npm update
u505@naos:/opt/utils/BloodHound$ sudo npm run linuxbuild
u505@naos:/opt/utils/BloodHound$ sudo chmod 4755 /opt/utils/BloodHound/BloodHound-linux-x64/chrome-sandbox
u505@naos:/opt/utils/BloodHound$ cd BloodHound-linux-x64
u505@kali:/opt/utils/BloodHound/BloodHound-linux-x64$ ./BloodHound

u505@kali:/opt/utils/BloodHound/BloodHound-linux-x64$ cd ..
u505@naos:/opt/utils/BloodHound$ cd ..

PowerSploit

u505@naos:/opt/utils$ git clone https://github.com/PowerShellMafia/PowerSploit.git -b dev

John the Ripper Magnum

u505@naos:/opt/utils$ git clone https://github.com/magnumripper/JohnTheRipper.git

Install DotNET

u505@naos:/opt/utils$ mkdir dotnet
u505@naos:/opt/utils$ cd dotnet/

Web Page: https://dotnet.microsoft.com/download/dotnet-core/thank-you/sdk-3.1.404-linux-x64-binaries -> Link

u505@naos:/opt/utils/dotnet$ wget https://download.visualstudio.microsoft.com/download/pr/ec187f12-929e-4aa7-8abc-2f52e147af1d/56b0dbb5da1c191bff2c271fcd6e6394/dotnet-sdk-3.1.404-linux-x64.tar.gz
--2020-12-23 16:13:38--  https://download.visualstudio.microsoft.com/download/pr/ec187f12-929e-4aa7-8abc-2f52e147af1d/56b0dbb5da1c191bff2c271fcd6e6394/dotnet-sdk-3.1.404-linux-x64.tar.gz
Resolving download.visualstudio.microsoft.com (download.visualstudio.microsoft.com)... 2606:2800:11f:7de:d31:7db:168f:1225, 93.184.215.201
Connecting to download.visualstudio.microsoft.com (download.visualstudio.microsoft.com)|2606:2800:11f:7de:d31:7db:168f:1225|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 121227603 (116M) [application/octet-stream]
Saving to: ‘dotnet-sdk-3.1.404-linux-x64.tar.gz’


dotnet-sdk-3.1.404-li 100%[========================>] 115.61M  55.8MB/s    in 2.1s


2020-12-23 16:13:40 (55.8 MB/s) - ‘dotnet-sdk-3.1.404-linux-x64.tar.gz’ saved [121227603/121227603]

u505@naos:/opt/utils/dotnet$ tar xfz dotnet-sdk-3.1.404-linux-x64.tar.gz
u505@naos:/opt/utils/dotnet$ export DOTNET_ROOT=/opt/utils/dotnet
u505@naos:/opt/utils/dotnet$ export PATH=$PATH:$DOTNET_ROOT
u505@naos:/opt/utils/dotnet$ dotnet --info
.NET Core SDK (reflecting any global.json):
 Version:   3.1.404
 Commit:    470f6754b3


Runtime Environment:
 OS Name:     kali
 OS Version:  2020.4
 OS Platform: Linux
 RID:         linux-x64
 Base Path:   /opt/utils/dotnet/sdk/3.1.404/


Host (useful for support):
  Version: 3.1.10
  Commit:  1721e39439


.NET Core SDKs installed:
  3.1.404 [/opt/utils/dotnet/sdk]


.NET Core runtimes installed:
  Microsoft.AspNetCore.App 3.1.10 [/opt/utils/dotnet/shared/Microsoft.AspNetCore.App]
  Microsoft.NETCore.App 3.1.10 [/opt/utils/dotnet/shared/Microsoft.NETCore.App]


To install additional .NET Core runtimes or SDKs:
  https://aka.ms/dotnet-download

Teamviewer password decrypt

u505@naos:/opt/utils$ mkdir teamviewer_password_decrypt
u505@naos:/opt/utils$ cd teamviewer_password_decrypt
u505@naos:/opt/utils/teamviewer_password_decrypt$ wget https://gist.githubusercontent.com/rishdang/442d355180e5c69e0fcb73fecd05d7e0/raw/a086d9de31c53bcbefee447a746a868674af56e6/teamviewer_password_decrypt.py
--2020-12-31 13:22:07--  https://gist.githubusercontent.com/rishdang/442d355180e5c69e0fcb73fecd05d7e0/raw/a086d9de31c53bcbefee447a746a868674af56e6/teamviewer_password_decrypt.py
Resolving gist.githubusercontent.com (gist.githubusercontent.com)... 199.232.0.133
Connecting to gist.githubusercontent.com (gist.githubusercontent.com)|199.232.0.133|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1022 [text/plain]
Saving to: ‘teamviewer_password_decrypt.py’


teamviewer_password 100%[===================>]    1022  --.-KB/s    in 0s


2020-12-31 13:22:08 (21.8 MB/s) - ‘teamviewer_password_decrypt.py’ saved [1022/1022]

NC for windows

u505@naos:/opt/utils$ git clone https://github.com/int0x33/nc.exe
Cloning into 'nc.exe'...
remote: Enumerating objects: 13, done.
remote: Total 13 (delta 0), reused 0 (delta 0), pack-reused 13
Receiving objects: 100% (13/13), 114.07 KiB | 965.00 KiB/s, done.

Mysql server

Change root password (initially blank).

naos:~# mysql -p
Enter password: <ENTER>
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 48
Server version: 10.5.8-MariaDB-3 Debian buildd-unstable


Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.


Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.


MariaDB [(none)]> alter user 'root'@localhost identified by 'u505';
Query OK, 0 rows affected (0.003 sec)


MariaDB [(none)]> flush privileges;
Query OK, 0 rows affected (0.001 sec)


MariaDB [(none)]> quit
Bye

Change binding from localhost to all interfaces.

naos:/etc/mysql/mariadb.conf.d# cat 99-u505.cnf
[mysqld]
#datadir         = /opt/db/mysql
bind-address            = 0.0.0.0
#log_bin                 = /opt/db/mysqldump/bin/bin
#expire_logs_days        = 10
#max_binlog_size         = 100M
#log_bin_trust_function_creators = 1
#innodb_file_per_table=1
#server-id=1
#max_connections=1000
#max_allowed_packet      = 64M
#sql_mode = "NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION"




#slow_query_log = 1
#slow_query_log_file    = /var/log/mysql/slow.log
#long_query_time = 10

Restart service

naos:/etc/mysql/mariadb.conf.d# systemctl stop mysql
naos:/etc/mysql/mariadb.conf.d# systemctl start mysql
naos:/etc/mysql/mariadb.conf.d# netstat -ntpl | grep maria
Active Internet connections (only servers)
tcp        0      0 0.0.0.0:3306            0.0.0.0:*               LISTEN      11370/mariadbd

Tomcat reverse shell deployer

u505@naos:/opt/utils$ git clone https://github.com/mgeeky/tomcatWarDeployer.git
Cloning into 'tomcatWarDeployer'...
remote: Enumerating objects: 269, done.
remote: Total 269 (delta 0), reused 0 (delta 0), pack-reused 269
Receiving objects: 100% (269/269), 193.51 KiB | 1.83 MiB/s, done.
Resolving deltas: 100% (148/148), done.

SirepRAT

u505@naos:/opt/utils$ git clone https://github.com/SafeBreach-Labs/SirepRAT.git
Cloning into 'SirepRAT'...
remote: Enumerating objects: 156, done.
remote: Counting objects: 100% (156/156), done.
remote: Compressing objects: 100% (93/93), done.
remote: Total 217 (delta 104), reused 105 (delta 61), pack-reused 61
Receiving objects: 100% (217/217), 6.39 MiB | 19.36 MiB/s, done.
Resolving deltas: 100% (131/131), done.

chisel

u505@naos:/opt/utils$ mkdir chisel
u505@naos:/opt/utils$ cd chisel/
u505@naos:/opt/utils/chisel$ wget -q https://github.com/jpillora/chisel/releases/download/v1.7.4/chisel_1.7.4_linux_amd64.gz
u505@naos:/opt/utils/chisel$ wget -q https://github.com/jpillora/chisel/releases/download/v1.7.4/chisel_1.7.4_windows_386.gz
u505@naos:/opt/utils/chisel$ wget -q https://github.com/jpillora/chisel/releases/download/v1.7.4/chisel_1.7.4_windows_amd64.gz
u505@naos:/opt/utils/chisel$ gunzip *
u505@naos:/opt/utils/chisel$ mv chisel_1.7.4_windows_amd64 chisel_1.7.4_windows_amd64.exe
u505@naos:/opt/utils/chisel$ mv chisel_1.7.4_windows_386 chisel_1.7.4_windows_386.exe
u505@naos:/opt/utils/chisel$ chmod +x chisel_1.7.4_linux_amd64

Oracle Database Attacking Tool (ODAT) and Sqlplus

u505@naos:/opt/utils$ git clone https://github.com/quentinhardy/odat.git
Cloning into 'odat'...
remote: Enumerating objects: 97, done.
remote: Counting objects: 100% (97/97), done.
remote: Compressing objects: 100% (53/53), done.
remote: Total 1089 (delta 55), reused 78 (delta 44), pack-reused 992
Receiving objects: 100% (1089/1089), 941.00 KiB | 5.35 MiB/s, done.
Resolving deltas: 100% (674/674), done.
u505@naos:/opt/utils$ cd odat/
u505@naos:/opt/utils/odat$ git submodule init
Submodule 'docs' (https://github.com/quentinhardy/odat.wiki.git) registered for path 'docs'
u505@naos:/opt/utils/odat$ git submodule update
Cloning into '/opt/utils/odat/docs'...
Submodule path 'docs': checked out '402d0446a807f8c75e07addaf0887a82c739bf1f'

Download and install Oracle clients.

u505@naos:/opt/utils/odat$ cd ..
u505@naos:/opt/utils$ mkdir Oracle
u505@naos:/opt/utils$ cd Oracle/
u505@naos:/opt/utils/Oracle$ wget -q https://download.oracle.com/otn_software/linux/instantclient/211000/oracle-instantclient-sqlplus-21.1.0.0.0-1.x86_64.rpm
u505@naos:/opt/utils/Oracle$ wget -q https://download.oracle.com/otn_software/linux/instantclient/211000/oracle-instantclient-basic-21.1.0.0.0-1.x86_64.rpm
u505@naos:/opt/utils/Oracle$ wget -q https://download.oracle.com/otn_software/linux/instantclient/211000/oracle-instantclient-devel-21.1.0.0.0-1.x86_64.rpm

Check the files size with web page.

u505@naos:/opt/utils/Oracle$ ls -ltr
total 56396
-rw-r--r-- 1 u505 u505 56355344 Dec  1 12:07 oracle-instantclient-basic-21.1.0.0.0-1.x86_64.rpm
-rw-r--r-- 1 u505 u505   721868 Dec  1 12:07 oracle-instantclient-sqlplus-21.1.0.0.0-1.x86_64.rpm
-rw-r--r-- 1 u505 u505   667308 Dec  1 12:07 oracle-instantclient-devel-21.1.0.0.0-1.x86_64.rpm

Convert rpm file to deb.

u505@naos:/opt/utils/Oracle$ sudo alien *.rpm
Warning: Skipping conversion of scripts in package oracle-instantclient-basic: postinst postrm
Warning: Use the --scripts parameter to include the scripts.
oracle-instantclient-basic_21.1.0.0.0-2_amd64.deb generated
oracle-instantclient-devel_21.1.0.0.0-2_amd64.deb generated
Warning: Skipping conversion of scripts in package oracle-instantclient-sqlplus: postinst postrm
Warning: Use the --scripts parameter to include the scripts.
oracle-instantclient-sqlplus_21.1.0.0.0-2_amd64.deb generated

Install Oracle packages

u505@naos:/opt/utils/Oracle$ sudo dpkg -i *.deb
(Reading database ... 532110 files and directories currently installed.)
Preparing to unpack oracle-instantclient-basic_21.1.0.0.0-2_amd64.deb ...
Unpacking oracle-instantclient-basic (21.1.0.0.0-2) over (19.6.0.0.0-0kali1) ...
Selecting previously unselected package oracle-instantclient-devel.
Preparing to unpack oracle-instantclient-devel_21.1.0.0.0-2_amd64.deb ...
Unpacking oracle-instantclient-devel (21.1.0.0.0-2) ...
Selecting previously unselected package oracle-instantclient-sqlplus.
Preparing to unpack oracle-instantclient-sqlplus_21.1.0.0.0-2_amd64.deb ...
Unpacking oracle-instantclient-sqlplus (21.1.0.0.0-2) ...
Setting up oracle-instantclient-basic (21.1.0.0.0-2) ...
Setting up oracle-instantclient-devel (21.1.0.0.0-2) ...
Setting up oracle-instantclient-sqlplus (21.1.0.0.0-2) ...
Processing triggers for libc-bin (2.31-6) ...
Processing triggers for kali-menu (2021.1.2) ...

Update .bashrc of our user with Oracle environment variables.

u505@naos:/opt/utils/Oracle$ cp ~/.bashrc ~/.bashrc.withoutOracle
u505@naos:/opt/utils/Oracle$ vi ~/.bashrc
u505@naos:/opt/utils/Oracle$ tail -n 3 ~/.bashrc
export ORACLE_HOME=/usr/lib/oracle/21/client64/
export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$ORACLE_HOME/lib
export PATH=${ORACLE_HOME}bin:$PATH

Update library path file.

u505@naos:/opt/utils/Oracle$ echo "/usr/lib/oracle/21/client64/lib/" | sudo tee /etc/ld.so.conf.d/oracle.conf
/usr/lib/oracle/21/client64/lib/
u505@naos:/opt/utils/Oracle$ cat /etc/ld.so.conf.d/oracle.conf                    
/usr/lib/oracle/21/client64/lib/
u505@naos:/opt/utils/Oracle$ sudo ldconfig

Volatility

u505@naos:/opt/utils$ git clone https://github.com/volatilityfoundation/volatility3.git
Cloning into 'volatility3'...
remote: Enumerating objects: 434, done.
remote: Counting objects: 100% (434/434), done.
remote: Compressing objects: 100% (261/261), done.
remote: Total 22576 (delta 212), reused 358 (delta 169), pack-reused 22142
Receiving objects: 100% (22576/22576), 4.41 MiB | 16.02 MiB/s, done.
Resolving deltas: 100% (16885/16885), done.

References

• https://github.com/morbitzer/linux-luks-tpm-boot
• https://community.spiceworks.com/topic/1970944-tpm-luks-bitlocker-full-disk-encryption-for-linux
• https://resources.infosecinstitute.com/linux-tpm-encryption-initializing-and-using-the-tpm/#gref
• https://security.stackexchange.com/questions/182320/securing-ubuntu-bootloader-using-tpm
• https://medium.com/bugbountywriteup/pwndbg-gef-peda-one-for-all-and-all-for-one-714d71bf36b8
• Fix deprecation of constant OpenSSL::Cipher::Cipher in ruby-2.4
• How to Install Visual Studio Code and .Net Core to Kali Linux
• [https://github.com/quentinhardy/odat ODAT
• Oracle Instant Client Downloads for Linux x86-64 (64-bit)
• https://github.com/volatilityfoundation/volatility3
• How to Install Volatility 2.6 in Kali 2020.4

Daniel Simao 14:42, 22 June 2020 (EDT)