Hi everybody ! / Bonjour tout le monde !

You need to see this blog as a big brainstorm, my safekeep park.  A place where i can save my ideas, projects and sensitive information.  Do not hesitate to ask any questions about the howto you will try on my blog.

Il faut voir ce blog comme un pense bête géant.  Un endroit ou je pourrai entreposer mes projets ou des notions importantes.  Je vais principalement écrire en anglais, mais si vous avez besoin d’informations en français sur mes projets ou des questions sur les tutoriels n’hésitez pas a commenter.

M.

Advertisements

Testing kali linux on windows 10 with WSL

Second try :
Kali can be found directly on the windows store. This version is much more stable than the one i tried to patch from ubuntu with the git repo in my first try.

Some usefull tweeks can be found here : https://www.kali.org/news/kali-linux-in-the-windows-app-store/

Everything is working well for now.

Edit 1 )
To make nmap work, install it on windows and make an alias :

alias nmap='"/mnt/c/Program Files (x86)/Nmap/nmap.exe"'

View story at Medium.com

M.

FIRST TRY :
This version is not stable.

WSL stand for windows subsystem for linux

its a kindof native port for linux inside windows. not like emulation, it share the ressources directly from windows to run linux binaries.

To repare fuckedup things at first do those :

To fix error of expired cert. when trying to use apt-get command just do this :

wget https://http.kali.org/kali/pool/main/k/kali-archive-keyring/kali-archive-keyring_2018.1_all.deb
apt install ./kali-archive-keyring_2018.1_all.deb
apt-get update

To fix error when you are not able to resolve address (aka dns is fuckedup)
just edit /etc/resolv.conf and add your favorite dns aka 1.1.1.1 or 8.8.8.8

after do an apt update && apt upgrade

Ref.
https://www.zdnet.com/article/windows-subsystem-for-linux-graduates-in-windows-10-fall-creators-update/
https://www.blackmoreops.com/2018/02/21/kali-linux-on-windows-subsystem-for-linux/#comment-25157

Way to find clues inside a ctf box

we find a file that was created by the maker in the process of creation ie : flag.txt.

Flag.txt was created 22 august 2017

find / -type f -newermt 2017-08-20 ! -newermt 2017-08-24 -ls 2>/dev/null

We see all files that have changed between 20-08 and 24-08 (if needed we can change the range)

With that we can see interesting changes inside the boxes

A journey into Windows pentesting.

I did root many windows rig in the last week.  You can practice your skill too, just go to hackthebox.eu.  Here i will not tell you how specificity root those vulnerable windows os, i just want to keep some of the basics that i learned from this.

As expected the info gathering is the same nmap nikto dirb etc.

The windows command line, as i am used to unix bash this command line was like Korean to me.

Here are the basic commands that are useful : Continue reading