The officially official Devuan Forum!

You are not logged in.

#1 DIY » Install Metasploit-Framework From Git on Devuan » 2017-08-15 14:37:38

pedropt
Replies: 0

I am creating this thread also for me to consult in future in case i need .

Before Installing
You should be a root user .

If during instalation you get this error : update-rc.d: not found

You should edit .bashrc on your home folder and add PATH so this file can be located .
for this use nano :

nano ~/.bashrc

and write this line at the end of the file

export PATH=$PATH:/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin

Note : This could happen on a fresh devuan install
STEP 1
Install ruby 2.4.2

- Dependencies for Rudy & Metaploit-Framework

sudo apt-get install git-core curl zlib1g-dev build-essential libpq5 libpq-dev libssl-dev libreadline-dev libreadline5 libyaml-dev libsqlite3-dev sqlite3 libxml2-dev libpcap-dev git-core autoconf postgresql pgadmin3 curl zlib1g-dev libyaml-dev curl libxslt1-dev libcurl4-openssl-dev python-software-properties libffi-dev git 

Install Rubyenv

-

git clone git://github.com/sstephenson/rbenv.git ~/.rbenv
echo 'export PATH="$HOME/.rbenv/bin:$PATH"' >> ~/.bashrc
echo 'eval "$(rbenv init -)"' >> ~/.bashrc

git clone git://github.com/sstephenson/ruby-build.git ~/.rbenv/plugins/ruby-build
echo 'export PATH="$HOME/.rbenv/plugins/ruby-build/bin:$PATH"' >> ~/.bashrc
source ~/.bashrc

- Close your terminals and open one terminal again so bashrc can be reloaded with the new config

UPDATE : Updated ruby version to latest metasploit requirements from 2.4.2 to 2.5.3

rbenv install -v 2.5.3
rbenv global 2.5.3
echo "gem: --no-document" > ~/.gemrc
gem install bundler
gem install rails
rbenv rehash

STEP 2 - Clone metasploit from git and configure it
(This example will install metasploit on /opt directory , but you can choose any directory you want)

mkdir /opt
cd /opt
git clone https://github.com/rapid7/metasploit-framework.git
cd metasploit-framework
bundle install
service postgresql start

Configure metasploit Databases on Postgresql , so it could be faster the search inside metasploit framework

cat <<EOF> $HOME/pg-utf8.sql

update pg_database set datallowconn = TRUE where datname = 'template0';

\c template0

update pg_database set datistemplate = FALSE where datname = 'template1';
 
drop database template1;
 
create database template1 with template = template0 encoding = 'UTF8';
 
update pg_database set datistemplate = TRUE where datname = 'template1';
 
\c template1
 
update pg_database set datallowconn = FALSE where datname = 'template0';
 
\q
 
EOF
sudo -u postgres psql -f $HOME/pg-utf8.sql
sudo -u postgres createuser msfdev -dRS
sudo -u postgres psql
"ALTER USER msfdev with ENCRYPTED PASSWORD 'msf';"

Press Enter
Press CTRL+D

- Create metasploit databases in Postgresql

sudo -u postgres createdb --owner msfdev msf_dev_db
sudo -u postgres createdb --owner msfdev msf_test_db
./msfconsole

Metasploit will start and will create its directory on your Home folder .
write "exit" inside metasploit framework to quit .

- Set database configuration on metasploit home folder to access its database in postgresql

cat <<EOF> $HOME/.msf4/database.yml
 
# Development Database
 
  development: pgsql
 
  adapter: postgresql
 
  database: msf_dev_db
 
  username: msfdev
 
  password: msf
 
  host: localhost
 
  port: 5432
 
  pool: 5
 
  timeout: 5

# Production database -- same as dev
 
production: &production
 
  <<: *pgsql

# Test database -- not the same, since it gets dropped all the time

 test:
 
  <<: *pgsql
 
  database: msf_test_db
 
EOF

Press CTRL+D to Exit

service postgresql start
 
sudo -sE su postgres
 
psql
 
update pg_database set datallowconn = TRUE where datname = 'template0';
 
\c template0
 
update pg_database set datistemplate = FALSE where datname = 'template1';
 
drop database template1;
 
create database template1 with template = template0 encoding = 'UTF8';
 
update pg_database set datistemplate = TRUE where datname = 'template1';
 
\c template1
 
update pg_database set datallowconn = FALSE where datname = 'template0';
 
\q

Press CTRL+D to exit

- Setting up Metasploit database Password on postgresql

sudo -u postgres psql
\password msfdev

Write "msf" and press ENTER key ,
Then confirm again by writing "msf" and pressing ENTER key again .

Press CTRL+D to exit .

service postgresql restart

- STEP 3

Create symlinks to metasploit executables on your sbin folder (so you can run metasploit anywhere)

ln -s /opt/metasploit-framework/msfconsole /usr/local/sbin/msfconsole
ln -s /opt/metasploit-framework/msfupdate /usr/local/sbin/msfupdate
ln -s /opt/metasploit-framework/msfvenom /usr/local/sbin/msfvenom

Everything is installed , now you can run metasploit by writing in your terminal "msfconsole" .
You can update your metasploit by writing in terminal "msfupdate"

#2 Re: DIY » speaking visually » 2017-02-28 00:39:01

yup , nice picture and in fact aligned with the reality of systemd  .
Linux is a free choice OS , and systemd was implemented by force .

This is why i changed to Devuan , however , it took me a while to find devuan , and i only knew that devuan existed by a video of critics of systemd when a guy spoke about alternatives linux OS without systemd implemented .

#3 DIY » What to do if grub boot loader disapeard » 2017-02-03 16:09:40

pedropt
Replies: 1

One of the most common errors that people do when they are installing a dual OS (Windows/Linux) is to install first linux and then windows next .
If the windows OS is 8 or above then it is even worst , because windows 8 on installing create 2 partitions on hard disk for itself .
So , if your case is this one , and you lost your grub bootloader and now computer goes directly to windows , then what you should do is :

1st : download this image "super_grub2_disk_hybrid_2.02s6.iso"
https://sourceforge.net/projects/superg … o/download

2nd - download W32 Disk image writer and install it on your windows
https://sourceforge.net/projects/win32diskimager/

3rd - get an usb storage pen to write the image from supergrub 2 .

4th - write the image
(my case was drive K , but you should check witch drive letter is assigned from windows to your USB pen and select it , by default is a (removable drive) .
image_writer.jpg

you can also instead using an usb pen , you can write this image on a CD that will work too

5th - After the image is writen on your USB pen or CD , reboot your computer and press continually F12 to get boot startup selection .
(the command could be different from bios to bios manufacturer , some bios is F11 instead F12)
bios_boot.jpg

(In my case is an usb pen drive , and its name is "Kingston data traveler" , but yours will have other name "in case other pen brand" , or if you are using a CD then you must select your CD drive to bios start up .)
you must have your pen inserted on a USB port , or your CD with supergrub image  when you are rebooting the computer .

6th - when your Usb pen or CD start to boot , this screen from grub will popup .
grub_detect.jpg
(select to detect and show boot methods)

7th - after 1 minute of searching the hard disks , grub wll show your installed operating systems , and give you an option to select to witch one you want to start .
Devuan_grub.jpg
My case shows kali linux , because my devuan was migrated from a kali wheezy distribution , but yours will show (Devuan GNU/linux) , or whatever linux name distribution you have installed

Select yours like it is in the image before .

8th - You will boot to your linux , and now you have to reinstall grub again on your hard disk boot record , to do that open a terminal in your linux and write :

grub-install  /dev/sda

(by default the first hard disk on bios boot is sda on linux
grub_install.png

9th - After grub been installed , all you have to do is to update grub and reboot your computer .

update-grub

grub_update.png

To reboot linux you may go to your linux top panel and select reboot , or in the terminal window write (reboot)

reboot

Computer will reboot and your grub menu will appear with your previous boot options to you to choose.

VERY IMPORTANT : Do not install grub on secondary partitions on your hard disk , like (sda1 , sda2 , sdb1 , etc,,,) , this will problably damage the data on those partitions. USE only (sda , sdb , etc... depending on your case)

#4 Re: DIY » How to set Grub default startup in dual boot for Windows » 2017-02-02 10:48:42

your initial instructions were to edit a file (grub.cfg) that says, right at the top, "DO NOT EDIT THIS FILE"
posting bad info about grub is really a dangerous thing to do

It is only "dangerous" if you edit something outside the values i said in topic .
And there is not dangerous thing editing the grub.cfg file like i told before , because my first edit would make a temporary boot order sequence until command "update-grub" is applied on terminal by user or by any software automatically .
Example :
Imagine that you edited the file grub.cfg , and grub is now booting automatically to windows , but you go to linux and you install your graphic card proprietary drivers from a nvidia or ati file  .
What would happen , is after the new graphic driver is installed , the nvidia or ati tool will do the command "update-initramfs -u" and "update-grub" , to insert the driver in the boot of the linux .
After that happen , your boot order will return automatically to the default order , witch is linux first .
Now , by changing /etc/default/grub file , that will not happen , because grub will pick the default configuration from this initial file , witch was setup up to keep windows as a primary OS boot target .

Note
IF you edit like i told , then there is no problem at all .
But if you start to change things by yourself without any knowledge , then that is dangerous.
And by the way , every file of linux is dangerous wink

VERY IMPORTANT!!!
I created this topic mostly for those people that do not know what is linux , but have listen about it on the web , want to try it ,  but are mad because everytime they start the computer it goes directly to linux and they wanted to go to windows to play his favorite game and to those people that have only one computer in home , and the father and mother barely knows windows because they only go to facebook , while the son loves linux , but everytime the father and mother starts the computer they get pissed because it goes directly to linux and they don`t know how to use it . So , after the son edit the file , next time his father and mother starts up the computer , it will go directly to their favorite OS , witch by the way is the most vulnerable OS on the internet and where anyone with a bit of knowledge can hack to it using linux and grab personal data from those persons that use it wink

*Edited

#5 Re: Installation » firmware? » 2017-02-02 01:35:57

Ok , finally got some time to read all the posts here .
Intel advanced-N 6205 wireless driver is compiled on the package "firmware-iwlwifi"
device drivers list from this package
https://wiki.debian.org/iwlwifi#supported

This way , you only need to do this :

apt-get install firmware-iwlwifi

Do this with your wifi pen disconnected , and after the instalation of the package you should connect your wifi pen to be detected .

Al you all may know , a DVD install and a CD install have many differences in packages inside the distro .
The best way from now on is to when installing devuan from a CD , to have the wifi pen connected , so the OS on install detect it and download the appropriate driver .
Common firmwares like realtek and ralink should be there by default because those are the most used wifi chipsets everywhere .

#6 Re: Installation » firmware? » 2017-02-01 02:56:13

what are the chipsets of your wireless pens ?
you can get that information on terminal by using the command

lsusb

or for more information

lsusb -vv

Here it is an example of an rtl8187 wireless usb device using that command
lsusb.png

for kinivo wd320 the website provide linux drivers in case the OS does not detect the chipset .

all you have to do in case that devuan does not have the driver for that chipset is opening a terminal and apply these commands :

wget http://downloads.kinivo.com/product/driver/wid320/2011_0719_RT3070_RT3370_RT5370_RT5372_Linux_STA_V2.5.0.3_DPO.bz2
tar -xjvf 2011_0719_RT3070_RT3370_RT5370_RT5372_Linux_STA_V2.5.0.3_DPO.bz2
cd 2011_0719_RT3070_RT3370_RT5370_RT5372_Linux_STA_V2.5.0.3_DPO
make && make install

but for what i could check from the package , it looks that device is using an ralink chipset , and for that you just need to :

 apt-get install firmware-ralink

I have serious doubts that devuan does not have you guys drivers , because if devuan does not have them , then debian jessie does not have them too .

try these commands

depmod -a 

this will insert the driver (if exists) to your device

lsmod

this will show you all modules loaded in your system

modinfo xxxx 

this will show you more information on a specific driver
example in my case : modinfo rtl8187

I did not check other posts on this topic because i am in an hurry , i will check tomorrow .

#7 Re: DIY » How to set Grub default startup in dual boot for Windows » 2017-01-30 23:21:36

correct wink , changing .

entrys 7 and 8 exist here because i had in the past windows installed in those partitions that gave me some problem , and i had data on those partitions that i did not wanted to format , so i installed new windows in a different drive and deleted the windows folder on that problematic OS , but i never remember to remove the boot files ntldr and msdos.sys and etc ...
Well , i did not had here much time to deal with that issue , and after all is not disturbing me at all , grub detected those drives and created the links to boot , but in reality those options do not boot , ehehehehe .
I will deal with that when i get some time here "if i remember it".
Thanks for the info on grub .

#8 DIY » Creating a start and stop script for Nessus and nexpose » 2017-01-30 21:32:21

pedropt
Replies: 0

I just have installed Nessus vulnerability scanner on my devuan , and i notice that after the instalation no icons were created on the menu to start the service or stop it , this is important not only for this app but also for many others apps that load many computer resources and you are not already working on it .
This topic was created for those that use a specific app for 1 or 2 hours and then does not use it on that day for many more hours ahead and want to kill the services of that app to save computer resources .

I created a script for start for each app , and another script for stop for each app and have put them on (/usr/local/sbin) directory .

In case of  nessus , the scripts are called "nessus-start" & "nessus-stop"
for nexpose i used the same principle , witch is "nexpose-start" and "nexpose-stop"

The script to start nessus

#!/bin/bash
service nessusd start
echo " Nessus service has started , reedirecting to nessus loginpage in 3 seconds"
sleep 3
open firefox "https://127.0.0.1:8834/"

this last script initiates nessus script and redirect the user to nessus login page witch is on localmacine "127.0.0.1" and the default port 8834 using https .

The script to stop nessus

#!/bin/bash
echo "Stopping Nessus service"
service nessusd stop
echo "Service stopped"
sleep 3s

NOTE: you can add the shortucts to the main menu using this other topic i created
https://dev1galaxy.org/viewtopic.php?id=124
but using this code for command :

sh -c "cd /usr/local/sbin && ./nessus-start;${SHELL:bash}"

with this code the shell window will close automatically after all commands are done in the script , but if you want the shell opened after the script finish , then use this code :

sh -c "cd /usr/local/sbin && ./nessus-start;${SHELL:-bash}"

For Nexpose the scripts are diffent because nexpose starts multiple services , (postgresql , couchdb , etc...) .

The script to start nexpose in case was made in its default instalation directory (the default is : /opt/rapid7/nexpose)

#!/bin/bash
echo " Starting Nexpose Service ,and redirecting you to nexpose login page https://127.0.0.1:3780"
echo "Nexpose services takes a minute to be operational , so refresh your browser in 1 minute"
service nexposeconsole start
sleep 4s
open firefox "https://127.0.0.1:3780/"
cd /opt/rapid7/nexpose/nsc && ./nsc.sh

Nexpose is a very heavy app that takes sometime to load , around here it takes 1 minute until i get access to web login interface , so that was the reason i left that message in the bash script o user reload the page in one minute , and i started a 4 seconds pause after that so user can read the message .

The script to stop nexpose services

#!/bin/bash
echo " Killing all processes related to nexpose"
service nexposeconsole stop
killall -u nxpgsql
kill $(ps aux | grep 'nsc.sh' | awk '{print $2}')

This stop script kills all processes related to username created by rapid 7 installation for services "nxpgsql" , and kills the active terminal window where startup script is running (that must not be closed) .

You should aldo install chkconfig tool to remove those boot services from boot startup

 apt-get install chkconfig

and issue the command on terminal :

chkconfig nessusd off && chkconfig nexposeconsole off

Note2: I believe that this topic is not much related to devuan normal users , however system administrators use this tools to check vulnerabilities on their servers before someone outside do some harm to company web services .
I also post it because i may need it in a few months or years and i may not remember at that time how did i do it.

#9 DIY » How to set Grub default startup in dual boot for Windows » 2017-01-28 17:02:52

pedropt
Replies: 5

This case happens all the time with everyone that have windows OS installed on their computer , but then install a linux OS and grub by default sets the linux OS by default start up .
To change the default boot order in Grub all that must be done are these steps :

This is my default grub order , and as you can see , Devuan Linux will start if i do not select my windows OS .
On this next image i added a few text to teach you how to interpret the default boot .
Entry 0 (witch is on grub.cfg file) is devuan , but as you can see , i have my windows XP on entry 6 .
grubdefault.jpg

So , all you have to do is edit in your devuan linux the file grub.cfg , and that you can you any text editor in devuan , i will use nano editor .

nano /etc/default/grub

grub.png

As you can see in last image , i changed the line that was :
GRUB_DEFAULT=0  -> GRUB_DEFAULT=6  , because in my case , my windows XP was on entry 6 .
If my xp was ex: entry 4 , then then instead using 6 i would use 4 .

Save the changes in your grub file  .

Open your terminal and write the command "update-grub" to apply the changes
grub2.png

Here it is how it looks after the changes were made :
grub_changed.jpg

and this is my windows XP starting up :

windows_startup.jpg

#10 DIY » How to add a shell tool shortcut to Devuan Menu » 2017-01-28 16:13:52

pedropt
Replies: 0

As everyone already experienced , as long as times passes by and we install tools in our linux machine , if we do not use if often then will probably be forgotten its name from our mind , and after a few weeks we need to run that tool but we forgot its name .
So , the best thing is to add a launcher shortcut for it on our Devuan menu , so next time we do not need to start looking in OS where it is and what is its name .

The example i will give will be for a simple tool on github called ssh-audit , but this process can be made for any other tools you may want to add to your menu .

Link of the tool : https://github.com/arthepsy/ssh-audit

In my case i have cloned the tool to a specific directory i have in my system for that , but anyone can clone it to whatever place you want in your OS .
My example directory is in : /tools/ssh  directory
First of all go to your target directory where you want the tool to be cloned and issue the command :

git clone https://github.com/arthepsy/ssh-audit.git

like it is in the next image :
clone.png

Next step is to test if tool is working or not , this is important because some tools need dependencies to run , but in this case this tool already its dependencies installed in my OS .

testtool.png

Ok , now that we see that the tool is does not have any issue on starting up , we need to test it on a real ip address to see if any error popup or not during the scan .

testscan.png

This ip i used was a random ip i found with port 22 opened .

Now that we can see the everything is working fine , we will add the tool to our Devuan XFCE4 menu .
To do that open the app in (Accessories/Main Menu)
menuedit.png

After main menu is opened , click on "New Item" and this new window will popup :

launcheredit.png

In the Name field put your tool name , in this case "SSH-Audit"
on the command field put this next code :

sh -c "cd /tools/ssh/ssh-audit && ./ssh-audit.py -h;${SHELL:-bash}"

this code may change depending where you have your tool installed .
if you have for example your tool installed on this directory "/root/ssh-audit" , then the code must be :

sh -c "cd /root/ssh-audit && ./ssh-audit.py -h;${SHELL:-bash}"

the CD command tells the shell that will open to navigate to that directory , and the "&&" = to execute also the command ahead .
Witch is "./ssh-audit.py" .

Select also the option "Launch in Terminal" , because this tool is a terminal tool and not a graphical tool .

To add an icon to that tool , then click on the default image on the left , and select the image that you want to add to that shorcut from your OS .
by default , icons in linux are located in "/usr/share/icons" directory , but if you found a cool image on the web , then save that image to your Hard disk , and select its location and filename , like i did with this next image :

launcher_icon.png

On this last window you see a big image because i selected an image from the web and not an icon , but the main menu tool will resize it when you save you new menu shortcut .

Press the button "OK" to save your new shortcut .

Now , if you open your Devuan Menu Again , you will see your new tool shortcut there  , like it is in my next image :
menuok.png

After this point , anytime you want to use your tool , everything you need to do is launch it from your Main menu shortcut , like it is in my next image :

runmenu.png

Board footer

Forum Software