Ubuntu/Quick Reference
(→Spoof MAC address and connect to network without rebooting) |
(→Spoof MAC address and connect to network without rebooting) |
||
| Line 140: | Line 140: | ||
==Spoof MAC address and connect to network without rebooting== | ==Spoof MAC address and connect to network without rebooting== | ||
Took me awhile to figure out what series of events would allow me to spoof a MAC address, obtain a new DHCP lease and IP address, and connect to the network without rebooting. Turns out it was super simple. | Took me awhile to figure out what series of events would allow me to spoof a MAC address, obtain a new DHCP lease and IP address, and connect to the network without rebooting. Turns out it was super simple. | ||
| − | |||
| − | |||
:turn down interface | :turn down interface | ||
<nowiki>~$ sudo ifdown eth0</nowiki> | <nowiki>~$ sudo ifdown eth0</nowiki> | ||
| − | :spoof MAC | + | :spoof MAC |
| − | <nowiki>~$ sudo | + | <nowiki>~$ sudo ifconfig eth0 hw ether xx:xx:xx:xx:xx:xx</nowiki> |
:turn up interface | :turn up interface | ||
<nowiki>~$ sudo ifup eth0</nowiki> | <nowiki>~$ sudo ifup eth0</nowiki> | ||
From here if you run <code>ifconfig</code> you should see your interface with the new MAC address and DHCP lease with IP address. | From here if you run <code>ifconfig</code> you should see your interface with the new MAC address and DHCP lease with IP address. | ||
Revision as of 23:40, 3 February 2016
Enable Remote Desktop via VNC (12.04+ - these are just default, you may want to configure more)
- Dash Home > [type] Desktop > [Select] either Desktop Sharing or Remote Desktop
- [check] Allow view and control > [check] require user to enter password > [type] password
Upgrade from 10.04LTS to 12.04LTS via terminal
$ sudo apt-get update $ sudo apt-get install update-manager-core $ sudo vi /etc/update-manager/release-upgrades
- verify there is the following line in the file
prompt=lts
$ sudo apt-get update && sudo apt-get -y upgrade && sudo apt-get -y autoremove $ sudo do-release-upgrade -d
rename directory with contents
~$ sudo mv -f /path/oldfolderanem /path/newfoldername
ubuntu 14.04 apt-get error
W: GPG error: http://archive.ubuntu.com trusty Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 40976EAF437D05B5 NO_PUBKEY 3B4FE6ACC0B21F32
Keys are:
40976EAF437D05B5 3B4FE6ACC0B21F32
fix by importing keys from Canonical's key library:
~$sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 3B4FE6ACC0B21F32 ~$sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 40976EAF437D05B5
ubuntu 14.04 locale error
error
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
LANGUAGE = (unset),
LC_ALL = (unset),
LANG = "en_US.UTF-8"
are supported and installed on your system.
perl: warning: Falling back to the standard locale ("C").
solution
1. check what locales you have available on the machine
~$ locale -a locale: Cannot set LC_CTYPE to default locale: No such file or directory locale: Cannot set LC_MESSAGES to default locale: No such file or directory locale: Cannot set LC_COLLATE to default locale: No such file or directory C C.UTF-8 POSIX
2. if you're missing the locale for your area like i was, you can sometimes discover the name
~$ locale locale: Cannot set LC_CTYPE to default locale: No such file or directory locale: Cannot set LC_MESSAGES to default locale: No such file or directory locale: Cannot set LC_ALL to default locale: No such file or directory LANG=en_US.UTF-8 LANGUAGE= LC_CTYPE="en_US.UTF-8" LC_NUMERIC="en_US.UTF-8" LC_TIME="en_US.UTF-8" LC_COLLATE="en_US.UTF-8" LC_MONETARY="en_US.UTF-8" LC_MESSAGES="en_US.UTF-8" LC_PAPER="en_US.UTF-8" LC_NAME="en_US.UTF-8" LC_ADDRESS="en_US.UTF-8" LC_TELEPHONE="en_US.UTF-8" LC_MEASUREMENT="en_US.UTF-8" LC_IDENTIFICATION="en_US.UTF-8" LC_ALL=
3. once you know which locale you need, you can build it
~$ sudo locale-gen en_US.UTF-8 Generating locales... en_US.UTF-8... done Generation complete.
4. make sure it's up to date (which is should be)
~$ sudo dpkg-reconfigure locales Generating locales... en_US.UTF-8... up-to-date Generation complete.
5. check to see if the new locale is listed and verify you no longer get the error
~$ locale -a C C.UTF-8 en_US.utf8 POSIX
You'll see here that unlike in step 1, you get the required responses without an error message.
search for directories recursively and add execute permission
~$ find /var/www/mysite.com/ -type d -exec chmod+x {} \;
port scan from behind a firewall to determine which ports are open
first, there are a couple of things you'll need:
- linux box inside the firewall with nmap installed
- linux box outside the firewall with tcpdump installed
essentially, we are going to use nmap to port scan the box outside the firewall from inside, then look at the tcpdump logs and determine which packets got there and what ports they were destined for.
setup tcpdump
setup tcpdump to capture the traffic on the outside box
~$ tcpdump -i <interface> -n <source> i.e. ~$ sudo tcpdump -i venet0:0 -n "src host 8.8.8.8 and not (dst port 80 or dst port 443)" -w port_scan.cap
In my example above, i went 1 extra step and said not to capture any packets going to port 80 or 443. I did this because I saw my firewall had a nifty little feature where it redirected traffic for restricted ports to 80 and 443, so because I already knew these were open, I could determine that any traffic hitting these ports was from redirected blocked ports.
scan with nmap
use nmap from the inside box
~$ nmap -p 1-65535 8.8.8.8
Simple nmap scan of all ports from 1 to 65535 (which are all available ports). The wildcard scan "*" didnt work as well as this did and i got a few more results.
parse the pcap
Once your nmap is done, now we can go back to our box on the outside, stop the tcpdump and start parsing it.
- convert to txt
- first lets convert the pcap to txt
~$ tcpdump -n -r portscan.cap > port_scan.txt
- look at the txt
- really quickly, this is an example of the txt output from our pcap
03:43:59.008245 IP 4.2.2.2.53008 > 8.8.8.8.10443: Flags [S], seq 1225698019, win 14600, options [mss 1380,sackOK,TS val 153049091 ecr 0,nop,wscale 7], length 0
- parse the txt
- now lets extract just the port numbers we care about
~$awk '{print $5;}' port_scan.txt | sed 's/8.8.8.8.//g' | sed 's/://g'
To break down the example above:
- awk uses whitespaces as delimiters by default, so its easy to see the 2nd IP listed with the port is the 5th object.
- the first sed then looks for the outside box's IP, and replaces it with nothing (deleting it)
- the second sed cleans it up by replacing the colon after the port with nothing (deleting it)
results
So in the end, you end up with a nice list of open ports, like such:
~$ awk '{print $5;}' port_scan.txt | sed 's/8.8.8.8.//g' | sed 's/://g'
22
8080
22
22
8173
8173
43
43
5050
5050
15210
15210
1003
1003
8082
10443
10443
Spoof MAC address and connect to network without rebooting
Took me awhile to figure out what series of events would allow me to spoof a MAC address, obtain a new DHCP lease and IP address, and connect to the network without rebooting. Turns out it was super simple.
- turn down interface
~$ sudo ifdown eth0
- spoof MAC
~$ sudo ifconfig eth0 hw ether xx:xx:xx:xx:xx:xx
- turn up interface
~$ sudo ifup eth0
From here if you run ifconfig you should see your interface with the new MAC address and DHCP lease with IP address.
