Week 1: Setup
Introduction, Notekeeping, and Introductory Linux
Setting Up A Penetration Testing Environment - This will focus on setting up a lab environment, specifically VMWare, Kali Linux, and our lab VMs. The lesson will briefly introduce important aspects of each set up (e.g. Snapshots in VMWare, the Kali Linux toolset, etc.) with the intention to build upon those aspects in later lessons. How to Keep Notes Effectively - This lesson will cover the importance of note taking from a pentester standpoint. The lesson will introduce the Kali Linux built-in note-taking application, KeepNote, and discuss how to take notes effectively. Taking notes during a penetration test is incredibly important as it allows a pentester reference points when writing their final report, discussing timelines with their team or manager, or even discussing specifics of a pentest with a client. Introductory Linux - This lesson will briefly cover the important Linux terminal commands needed to use Kali Linux. Some of the topics that will be covered are: navigating the file system, users and privileges, common network commands, bash scripting, and much more.
Setup
apt update && apt upgrade
# update checks the repos for new versions and indexes
# upgrade downloads all the newest versions
# selected GRUB partition sda instead of sda1
# need to install postgresql 12 and uninstall 11
apt autoremove
# download into /opt/ directory
# /opt is for "the installation of add-on application software packages"
# installed impacket into opt from git
# in directory, pip install .
# use systemctl to turn on services by default (on boot)
systemctl enable ssh
systemctl enable postgresql # useful for metasploit
# just for this session use “service”
service enable apache2
service enable ssh
root@kali:~# ping -c 1 10.0.2.2 | grep "64" | cut -d " " -f 4 | tr -d ":"
10.0.2.2
root@kali:~# cat iplist.txt
10.0.2.3
10.0.2.4
10.0.2.2
10.0.2.15
root@kali:~# for ip in $(cat iplist.txt); do nmap -p 80 -T4 $ip & done
[1] 5115
[2] 5116
[3] 5117
[4] 5118
Useful Locations
/etc/passwd
contains the user list
most users will have permission to read the file
/etc/shadow
contains the hashed passwords
only root can read the file
/var/log/auth.log
stores all security related messages including authentication failures
root@kali:/var/log# grep bob auth.log
Dec 8 11:53:12 kali groupadd[2915]: group added to /etc/group: name=bob, GID=1000
Dec 8 11:53:12 kali groupadd[2915]: group added to /etc/gshadow: name=bob
Dec 8 11:53:12 kali groupadd[2915]: new group: name=bob, GID=1000
Dec 8 11:53:12 kali useradd[2921]: new user: name=bob, UID=1000, GID=1000, home=/home/bob, shell=/bin/bash
Dec 8 11:53:21 kali passwd[2931]: pam_unix(passwd:chauthtok): password changed for bob
Dec 8 11:53:25 kali chfn[2932]: changed user 'bob' information
Dec 8 12:00:12 kali su: (to bob) root on pts/0
Dec 8 12:00:12 kali su: pam_unix(su:session): session opened for user bob by (uid=0)
Dec 8 12:01:24 kali sudo: bob : user NOT in sudoers ; TTY=pts/0 ; PWD=/root ; USER=root ; COMMAND=/usr/bin/cat /etc/shadow
/var/log/syslog
everything, except auth related messages
/var/log/messages
storing valuable, non-debug and non-critical messages
"general system activity"
Last updated
Was this helpful?