[ Penny ] - OS-0x02 - Environment

beginner
pentesting
linux
hacking
guide

#1

Heyho all,

now the time has come and I post the next part of the Penny Guide. :wink:
But before we enter the world of pentesting we have to create our pentesting environment. In the previous topic I showed you how to install Kali Linux.
In this topic you will see a few ways which allows you to make you more effectively.

Content:

  1. Sources.lst
  2. Updates & Upgrades
  3. Terminal
  4. Shortcuts
  5. Terminator
  6. Bash
  7. Design
  8. Note taking

1. Sources.lst

Before we can update Kali we have to edit a file called “sources.lst”. Open the terminal on the left side of the dock and type the following:

nano /etc/apt/sources.lst

Using the Nano-Editor we are able to edit this file. So add the following lines at the bottom of this file:

deb http://http.kali.org/kali kali-rolling main non-free contrib
deb-src http://http.kali.org/kali kali-rolling main non-free contrib

It should look like this:

Now save [Ctrl + O] & exit [Ctrl + X] this file.

[ EX-1 ]: Ask Google what the “sources.lst” is.

2. Updates & Upgrades

No we are able to update Kali.

apt update -y && apt upgrade -y && apt dist-upgrade -y && apt autoremove -y && apt autoclean -y

That’s a basic stuff but it is important. Some software has bugs inside. We have to ensure we are up to date with the tools we are working with. I don’t think you want that your tools will be used against yourself. :wink:
By the way:

  • You can autocomplete the commands by typing the Tabulator.

[ EX-2 ]: Make sure you understand what you typed. What is apt? What is it used for? What alternatives can you find?

If you have some commands you don’t understand try to use https://explainshell.com/ . This should help you to understand the structure of it.

3. Terminal

To increase our productivity we have to make sure we can work fast. Without thinking about what we have click to and where we can find it. Easy. I’ve got two favourite tools.

  • Terminator
  • Tmux

I am using Terminator. That’s a great and powerful terminal-multiplexer written in Python. Why?
Before I answer this question let us install it first.

apt install terminator

Which terminal-multiplexer is better for you, you have to find out by yourself. Both of them have their pros and cons. Just take time and play with them both.

apt install tmux

A great review about Tmux you can find here: https://www.youtube.com/watch?v=Lqehvpe_djs
This video was created by IppSec. I strongly recommend to visit his channel and take a look about his methodology.

4. Shortcuts

If you click on the powerbutton on the top right corner and on the tools button you will enter the settings menu. There you can find at the bottom the section “Devices”. Click on it. Here we are able to edit the keyboard shortcuts.
On the bottom we click on the [+] and set your shortcuts.
I am using the combination of Ctrl + X for terminator and Ctrl + F for Firefox.
But you can add whatever you like.

grafik

5. Terminator

Now lets jump into Terminator. Terminator has a lot of options you can configure. My favourites are the logger and terminal-screenshot. To enable them right-click on the opened terminator and go to Preferences.
You will see you can customize it as you wish. But going to Plugins we can find the preinstalled plugins. Just check the plugins Logger, TerminalShot and close it. Another right-click on the Terminator will show you at the bottom the just activated plugins. Play with it. Try things out. Feel free. It’s your environment you have to work with. So you have to understand all of the settings. :wink:

[ EX-3 ]: Don’t forget about Tmux. Watch the video. Read about them both. Do everything you want with it. PRACTICE.

All the settings we previously saw are all in a single file. Everything is a file.
LiveOverflow. Nice guy. He knows what he is talking about:

But back to Terminator. The config file of the terminator you can at the following path:

~/.config/terminator/config

Just open it with Nano and you will see everything about the settings. I created my own config which allows me to work really fast. I can split the terminal, move it whatever I like, create new tabs, rename them, copy & paste everything I need. You can download it from here:

If you want to use it, feel free to do so. For that you will just need to copy & paste the content of my config to yours. After that just restart the terminator.

So, back to the question. Why Terminator?
Why not? :wink:

[ EX-4 ]: Play with Terminator. Find out a way to use and configure it for your strengths.

6. Bash

But what the hell we are typing all the time? That’s BASH. Take a moment and look what you can find about it. What do you need to know about it? Search for beginner guides. There is a lot of good stuff out there.

However there is one thing I want to show you:
http://bashrcgenerator.com/

That’s a bashrc Generator. Using it you can design your prompt whatever you like.
Even here I created my own.

Use it if you like. Or create your own. Yeah, better you create your own. :wink:

7. Design

Design. On Linux? Yap. You are able to design Kali as you like.
http://extensions.gnome.org/
https://www.gnome-look.org/
Easy. You just have to understand the structure of Debian and how to use your terminal

8. Note taking

Wait, one thing I forgot. What if we need to repeat the things? How did we do that? Damn…
Ok. For this part I recommend CherryTree. It’s already installed in Kali. Just open it and take a look.
Now repeat all the things by your own and take your own notes with structure.

You have to learn a few things from this guide:

  1. Get an overview
  2. Understand how it works
  3. Understand what options you have
  4. Construct the art of your documentation
  5. Learn how to search for things
  6. Learn by your own
  7. Just don’t give up & try a LITTLE bit harder :wink:

best regards,
Cry0l1t3


(Co-Founder and Part-time Fool ) #2

Kali is cool, but what do you think about Arch with BlackArch Repo’s? I never really understood why people use Kali, and then install it, when you can install all the packages manually, and have a better system.

Do you find Kali is stable? I always find Kali breaks whenever I use it.


#3

(Black)Arch is a good one. But if you want to install all packages manually you can use Kali too. Offsec offers the Kali ISO as a Light version. There are only the most important packages preinstalled. You can delete this packages and install whatever you like.

I know what do you mean. But what OS is really better? It’s depend on the user. On (Black)Arch you can do everything manually. I recommend it and didn’t recommend it. The reason for this is the technical knowledge of the user. A beginner that doesn’t understand the structure of Linux won’t become happy with Arch. Kali in contrast of (Black)Arch is a little bit easier to use and brings everything you need. By the way it depends on the time you want to invest.

Kali 1 was really unstable. I break the system almost every two weeks. But I learned to use is the right way. If you want to take a closer look into Kali I would recommend Kali Revealed. Offsec explains everything about Kali.


#4

Because those terribly maintained repo’s have file conflicts almost everywhere! And it breaks my arch! Instead, use ArchStrike. It has less tools but it actually works without breaking or file conflicts!

Or be smart and do what I do: isolate your pen-testing environment in a VM that runs Kali and only install GPU/CPU crackers on your host machine (wireless tools for laptops), and only those.

Kali was never meant to be installed as a main OS, but as a VM or live-USB. Offensive Security has confirmed this multiple times.


(Naloxone) #5

Great writeup! I wish more people appreciated these posts. Over the years ive noticed people take this free info for granted but will run into situations where linux is needed.