Ubuntu/Quick Reference

From r00tedvw.com wiki
(Difference between revisions)
Jump to: navigation, search
(Spoof MAC address and connect to network without rebooting)
(Spoof MAC address and connect to network without rebooting)
Line 143: Line 143:
 
  <nowiki>~$ sudo dhclient -r eth0</nowiki>
 
  <nowiki>~$ sudo dhclient -r eth0</nowiki>
 
:turn down interface
 
:turn down interface
  <nowiki>~$ sudo ifdown eth0 down</nowiki>
+
  <nowiki>~$ sudo ifdown eth0</nowiki>
 
:spoof MAC (requires macchanger, looking at alternatives)
 
:spoof MAC (requires macchanger, looking at alternatives)
 
  <nowiki>~$ sudo macchanger -m xx:xx:xx:xx:xx:xx eth0</nowiki>
 
  <nowiki>~$ sudo macchanger -m xx:xx:xx:xx:xx:xx eth0</nowiki>
 
:turn up interface
 
:turn up interface
  <nowiki>~$ sudo ifup eth0 up</nowiki>
+
  <nowiki>~$ sudo ifup eth0</nowiki>
 
From here if you run <code>ifconfig</code> you should see your interface with the new MAC address and DHCP lease with IP address.
 
From here if you run <code>ifconfig</code> you should see your interface with the new MAC address and DHCP lease with IP address.

Revision as of 22:47, 3 February 2016

Contents

Enable Remote Desktop via VNC (12.04+ - these are just default, you may want to configure more)

Dash Home > [type] Desktop > [Select] either Desktop Sharing or Remote Desktop
[check] Allow view and control > [check] require user to enter password > [type] password

Upgrade from 10.04LTS to 12.04LTS via terminal

$ sudo apt-get update
$ sudo apt-get install update-manager-core
$ sudo vi /etc/update-manager/release-upgrades
verify there is the following line in the file
prompt=lts
$ sudo apt-get update && sudo apt-get -y upgrade && sudo apt-get -y autoremove
$ sudo do-release-upgrade -d

rename directory with contents

~$ sudo mv -f /path/oldfolderanem /path/newfoldername

ubuntu 14.04 apt-get error

W: GPG error: http://archive.ubuntu.com trusty Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 40976EAF437D05B5 NO_PUBKEY 3B4FE6ACC0B21F32

Keys are:

40976EAF437D05B5
3B4FE6ACC0B21F32

fix by importing keys from Canonical's key library:

~$sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 3B4FE6ACC0B21F32
~$sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 40976EAF437D05B5

ubuntu 14.04 locale error

error
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
	LANGUAGE = (unset),
	LC_ALL = (unset),
	LANG = "en_US.UTF-8"
    are supported and installed on your system.
perl: warning: Falling back to the standard locale ("C").
solution

1. check what locales you have available on the machine

~$ locale -a
locale: Cannot set LC_CTYPE to default locale: No such file or directory
locale: Cannot set LC_MESSAGES to default locale: No such file or directory
locale: Cannot set LC_COLLATE to default locale: No such file or directory
C
C.UTF-8
POSIX

2. if you're missing the locale for your area like i was, you can sometimes discover the name

~$ locale
locale: Cannot set LC_CTYPE to default locale: No such file or directory
locale: Cannot set LC_MESSAGES to default locale: No such file or directory
locale: Cannot set LC_ALL to default locale: No such file or directory
LANG=en_US.UTF-8
LANGUAGE=
LC_CTYPE="en_US.UTF-8"
LC_NUMERIC="en_US.UTF-8"
LC_TIME="en_US.UTF-8"
LC_COLLATE="en_US.UTF-8"
LC_MONETARY="en_US.UTF-8"
LC_MESSAGES="en_US.UTF-8"
LC_PAPER="en_US.UTF-8"
LC_NAME="en_US.UTF-8"
LC_ADDRESS="en_US.UTF-8"
LC_TELEPHONE="en_US.UTF-8"
LC_MEASUREMENT="en_US.UTF-8"
LC_IDENTIFICATION="en_US.UTF-8"
LC_ALL=

3. once you know which locale you need, you can build it

~$ sudo locale-gen en_US.UTF-8
Generating locales...
  en_US.UTF-8... done
Generation complete.

4. make sure it's up to date (which is should be)

~$ sudo dpkg-reconfigure locales
Generating locales...
  en_US.UTF-8... up-to-date
Generation complete.

5. check to see if the new locale is listed and verify you no longer get the error

~$ locale -a
C 
C.UTF-8
en_US.utf8
POSIX

You'll see here that unlike in step 1, you get the required responses without an error message.

search for directories recursively and add execute permission

~$ find /var/www/mysite.com/ -type d -exec chmod+x {} \;


port scan from behind a firewall to determine which ports are open

first, there are a couple of things you'll need:

  1. linux box inside the firewall with nmap installed
  2. linux box outside the firewall with tcpdump installed


essentially, we are going to use nmap to port scan the box outside the firewall from inside, then look at the tcpdump logs and determine which packets got there and what ports they were destined for.

setup tcpdump

setup tcpdump to capture the traffic on the outside box

~$ tcpdump -i <interface> -n <source>
i.e. ~$ sudo tcpdump -i venet0:0 -n "src host 8.8.8.8 and not (dst port 80 or dst port 443)" -w port_scan.cap

In my example above, i went 1 extra step and said not to capture any packets going to port 80 or 443. I did this because I saw my firewall had a nifty little feature where it redirected traffic for restricted ports to 80 and 443, so because I already knew these were open, I could determine that any traffic hitting these ports was from redirected blocked ports.

scan with nmap

use nmap from the inside box

~$ nmap -p 1-65535 8.8.8.8

Simple nmap scan of all ports from 1 to 65535 (which are all available ports). The wildcard scan "*" didnt work as well as this did and i got a few more results.

parse the pcap

Once your nmap is done, now we can go back to our box on the outside, stop the tcpdump and start parsing it.

convert to txt
first lets convert the pcap to txt
~$ tcpdump -n -r portscan.cap > port_scan.txt
look at the txt
really quickly, this is an example of the txt output from our pcap
03:43:59.008245 IP 4.2.2.2.53008 > 8.8.8.8.10443: Flags [S], seq 1225698019, win 14600, options [mss 1380,sackOK,TS val 153049091 ecr 0,nop,wscale 7], length 0
parse the txt
now lets extract just the port numbers we care about
~$awk '{print $5;}' port_scan.txt  | sed 's/8.8.8.8.//g' | sed 's/://g'

To break down the example above:

  1. awk uses whitespaces as delimiters by default, so its easy to see the 2nd IP listed with the port is the 5th object.
  2. the first sed then looks for the outside box's IP, and replaces it with nothing (deleting it)
  3. the second sed cleans it up by replacing the colon after the port with nothing (deleting it)


results

So in the end, you end up with a nice list of open ports, like such:

~$ awk '{print $5;}' port_scan.txt  | sed 's/8.8.8.8.//g' | sed 's/://g'
22
8080
22
22
8173
8173
43
43
5050
5050
15210
15210
1003
1003
8082
10443
10443

Spoof MAC address and connect to network without rebooting

Took me awhile to figure out what series of events would allow me to spoof a MAC address, obtain a new DHCP lease and IP address, and connect to the network without rebooting. Turns out it was super simple.

drop DHCP lease
~$ sudo dhclient -r eth0
turn down interface
~$ sudo ifdown eth0
spoof MAC (requires macchanger, looking at alternatives)
~$ sudo macchanger -m xx:xx:xx:xx:xx:xx eth0
turn up interface
~$ sudo ifup eth0

From here if you run ifconfig you should see your interface with the new MAC address and DHCP lease with IP address.

Personal tools
Namespaces

Variants
Actions
Navigation
Mediawiki
Confluence
DevOps Tools
Open Source Products
Ubuntu
Ubuntu 22
Mac OSX
Oracle Linux
AWS
Windows
OpenVPN
Grafana
InfluxDB2
TrueNas
MagicMirror
OwnCloud
Pivotal
osTicket
OTRS
phpBB
WordPress
VmWare ESXI 5.1
Crypto currencies
HTML
CSS
Python
Java Script
PHP
Raspberry Pi
Canvas LMS
Kaltura Media Server
Plex Media Server
MetaSploit
Zoneminder
ShinobiCE
Photoshop CS2
Fortinet
Uploaded
Certifications
General Info
Games
Meal Plans
NC Statutes
Politics
Volkswagen
Covid
NCDMV
Toolbox