Bus 001 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
Bus 001 Device 002: ID 80ee:0021 VirtualBox USB Tablet
Bus 001 Device 004: ID 0bda:8812 Realtek Semiconductor Corp. RTL8812AU 802.11a/b/g/n/ac 2T2R DB WLAN Adapter
We'll be dealing with the Realtek device.
Ensure your system is update to date with the following commands:
Listening to Security Now brought this Windows flaw to my attention. There appears to be a heuristics flaw in the secure time seeding function in Windows. This flaw may reset the computers clock to hours, days, months or years. This has the the potential of a HUGE support headache never mind a potential security flaw.
The following was copied from the this website: maketecheasier
Install VLC.
Then install Handbrake.
Ubuntu does have Handbrake in its repositories, but due to the legal grayness of libdvdcss, it’s not in the repositories. Instead, Ubuntu provides a script to build the package yourself. Don’t worry, it’s all automatic. Start by installing libdvd-pkg, the script package.
sudo apt install libdvd-pkg
A menu will pop up in the terminal asking if you want to continue. Agree to everything and keep going. When it’s done, you’ll need to reconfigure the package to build and install libdvdcss.
sudo dpkg-reconfigure libdvd-pkg
Rip a DVD
Open Handbarke.
Load the Source
Begin by selecting your source. This could be a source file, but in this case, it’s your DVD drive. You’ll see an “Open Source” button in the upper-left corner of the screen. Click it.
A new window will open for you to browse to your source. There are a couple shortcuts to your DVD drive. First, if you already have your DVD in the drive, it should appear with the DVD’s title on the left of the window. Click on it and select “VIDEO_TS” to open.
You can also use the “Detected DVD devices” drop-down at the bottom of the window. It’ll probably have your drive selected already, so you can just open it right from there. If not, you can usually find your drive under the drop-down. It’s usually a drive letter like “/dev/sr0.”
After you select it, your drive will spin and start reading your DVD. A progress bar will pop up at the top of the Handbrake window as it loads your DVD. When it’s done, you’ll see your DVD’s title listed as the source in the upper-left.
Select the Preset
Handbrake has presets with common aspect ratios, frame rates, and support for certain devices. You’ll find the preset list in the upper-right corner of the Handbrake window.
Scroll through and see what looks best for your use. If you’re just looking to make a copy of your DVD, you can select the “Fast 1080p30” preset as a good default. It will produce a quality 1080p copy of your DVD. If your DVD is an older standard definition DVD, Handbrake will use the native dimensions of the DVD and copy it as is.
Add Titles to the Queue
Turn your attention back to the upper-left corner of the screen. Take a look at the “Title” drop-down directly under the “Source” label with your DVD’s title.
DVDs are broken up into titles. These are the individual videos on the DVD, and most of them are just garbage from the menus. It’s up to you to pick out the titles that contain the actual content that you want. The easiest way to do so is with the duration of the title. If your DVD is a movie, you can find the title with the same run time as the full film. If you’re looking for the episodes of a TV show, find titles that last about as long as one. They should all be fairly uniform. When you have your title, select it.
Below the title drop-down, take a look under the “Destination” header. There you can name your file. Under that, you can choose the destination for your video. You can place it anywhere with enough free space.
After everything looks good, press the “Add To Queue” button in the menu across the top of your window. It’s right next to the “Open Source” one. If you’re doing TV episodes, repeat these steps for each episode, adding each one to the queue.
Rip!
Now that you have all of the titles that you want to back up in your queue, you can start ripping. If you’d like to double-check your queue, click the “Show Queue” button in the top menu. It’ll display all of your enqueued titles and the output file names.
Click “Start Encoding” in the top menu to start ripping your DVD. Handbrake will take a decent amount of time, depending on your CPU and DVD drive speeds, to work its way through your selected titles. When it’s done, it’ll show you a success message. At that point you’re free to eject your DVD and/or close Handbrake.
The NSA (National Security Agency) recently published a decent guide to secure your home network. Some recommendations may be too technical to implement. Even if people implemented only half of the bullet points contained in the 9 page document, it would a huge step into securing a home network. But I think the majority are doable.
Open a second terminal and disconnect a client from the AP by executing the following command. This will allow one to capture the handshake between the AP and client. Handshake will be in the generated pcap file.
Note: This article is a compilation of notes taken while reading Linux Basics for Hackers by OccupyTheWeb. Commands apply to Kali Linux, but can be used on most Debian based distributions. Also, descriptions for most commands have come from the man pages. Enjoy!
Searching Linux
Basic
Locate: Will search the entire file system for your word(s). Unfortunately it uses an index/cache database that may not be up-to-date. The database can be updated manually via: sudo updatedb
Finding Binaries
whereis: This command returns location, source and man page, if available.
Only returns the location os binaries in the PATH variable. Typical directories include: /usr/bin and usr/sbin.
Advanced Searches:
find: Using a target location, find files base on filename, date of creation/modifcation, owner/group, permissions and size.
One can use wildcards: * . ? and []
*: matches one or more occurrences of any character, including no character.
?: matches a single occurrence of any character.
[]: matches any occurrence of character enclosed in the square brackets. It is possible to use different types of characters (alphanumeric characters): numbers, letters, other special characters etc.
grep: A string and pattern matching utility that displays matching lines from multiple files.
File and Directory Administration
cat: Short for concatenation, used to display contents of a file, but can be used to create small files.
cat > test.txt: allows a user to start typing text into the file test.txt via interactive mode. Pressing ctrl+D will stop the capture. To append the same file replace the redirect (>) with a double redirect (>>).
touch: Originally created to change the date of a file (created or modified). If file doesn't exist will create an empty file.
mkdir: Creates directory.
cp: Creates a duplicate file in the new location
mv: Moves file from location to another. Also used to rename a file.
rm: Deletes a file. When used with the -r option will delete directory and all its contents.
rmdir: Removes directory only if contents are empty. Of course there's an option to ignore not empty messages.
View File's Contents
cat: Streams entire file contents to screen.
head: allows you to view the beginning of a file. Defaults to first 10 lines. Adding a dash (-) number will display those number of lines.
tail: Tail is the same as head except displays the last number of lines of a file.
nl: Displays a file with line numbers
grep: Allows one to filter the content of a file for display.
sed: Search file for occurrences of word or text pattern and then perform an action on it (i.e., replace). s/regexp/replacement/
Basic Linux Networking
ifconfig: basic tool to interact with active network interfaces. Ifconfig is used to configure the kernel-resident network interfaces. It is used at boot time to set up interfaces as necessary. After that, it is usually only needed when debugging or when system tuning is needed.
If no arguments are given, ifconfig displays the status of the currently active interfaces. If a single interface argument is given, it displays the status of the given interface only; if a single -a argument is given, it displays the status of all interfaces, even those that are down. Otherwise, it configures an interface.
Changing MAC Address: sudo ifconfig eth0 hw ether <address>
iwconfig: is similar to ifconfig(8), but is dedicated to the wireless interfaces. It is used to set the parameters of the network interface which are specific to the wireless operation (for example : the frequency). Iwconfig may also be used to display those parameters, and the wireless statistics (extracted from /proc/net/wireless). All these parameters and statistics are device dependent. Each driver will provide only some of them depending on hardware support, and the range of values may change. Please refer to the man page of each device for details.
Understand this command becomes useful when using aircrack-ng. When cracking wireless passwords you'll want to put your interface in promiscuous mode.
dhclient: The Internet Systems Consortium DHCP Client, dhclient, provides a means for configuring one or more network interfaces using the Dynamic Host Configuration Protocol, BOOTP protocol, or if these protocols fail, by statically assigning an address.
Refreshing ip for eth0: dhclient eth0
dig: DNS lookup utility.
dig is a flexible tool for interrogating DNS name servers. It performs DNS lookups and displays the answers that are returned from the name server(s) that were queried. Most DNS administrators use dig to troubleshoot DNS problems because of its flexibility, ease of use, and clarity of output. Other lookup tools tend to have less functionality than dig.
Although dig is normally used with command-line arguments, it also has a batch mode of operation for reading lookup requests from a file. A brief summary of its command-line arguments and options is printed when the -h option is given. The BIND 9 implementation of dig allows multiple lookups to be issued from the command line.
Unless it is told to query a specific name server, dig tries each of the servers listed in /etc/resolv.conf. If no usable server addresses are found, dig sends the query to the local host.
When no command-line arguments or options are given, dig performs an NS query for "." (the root).
It is possible to set per-user defaults for dig via ${HOME}/.digrc. This file is read and any options in it are applied before the command-line arguments. The -r option disables this feature, for scripts that need predictable behavior.
The IN and CH class names overlap with the IN and CH top-level domain names. Either use the -t and -c options to specify the type and class, use the -q to specify the domain name, or use "IN." and "CH." when looking up these top-level domains.
be aware that in Linux some users refer DNS as BIND (Berkeley Internet Name Domain). Same thing ...
Changing DNS server via /etc/resolv.conf
IF using a DHCP address and the server provides DNS. when renewing DHCP address will replace file contents.
Local DNS file with /etc/hosts
Ensure to use tab between ip and domain name, not space.
Structure is: ip <Tab> hostname <Space> [aliases]...
Installing Software on Linux
CLI (via apt)
apt: provides a high-level commandline interface for the package management system. It is intended as an end user interface and enables some options better suited for interactive usage by default compared to more specialized APT tools like apt-get(8) and apt-cache(8).
apt search <package name>: can be used to search for the given regex(7) term(s) in the list of available packages and display matches. This can e.g. be useful if you are looking for packages having a specific feature. If you are looking for a package including a specific file try apt-file(1)
apt install, reinstall, remove, purge (apt-get(8)): Performs the requested action on one or more packages specified via regex(7), glob(7) or exact match. The requested action can be overridden for specific packages by appending a plus (+) to the package name to install this package or a minus (-) to remove it.
A specific version of a package can be selected for installation by following the package name with an equals (=) and the version of the package to select. Alternatively the version from a specific release can be selected by following the package name with a forward slash (/) and codename (bullseye, bookworm, sid ...) or suite name (stable, testing, unstable). This will also select versions from this release for dependencies of this package if needed to satisfy the request.
Removing a package removes all packaged data, but leaves usually small (modified) user configuration files behind, in case the remove was an accident. Just issuing an installation request for the accidentally removed package will restore its function as before in that case. On
the other hand you can get rid of these leftovers by calling purge even on already removed packages. Note that this does not affect any data or configuration stored in your home directory.
apt update: is used to download package information from all configured sources. Other commands operate on this data to e.g. perform package upgrades or search in and display details about all packages available for installation.
apt upgrade: is used to install available upgrades of all packages currently installed on the system from the sources configured via sources.list(5). New packages will be installed if required to satisfy dependencies, but existing packages will never be removed. If an upgrade for a package requires the removal of an installed package the upgrade for this package isn't performed.
From time to time I'll execute sudo apt update && sudo apt upgrade-y to update and upgrade all in one shot. remove the -y if you're not feeling adventurous.
Repositories contain packages for particular Linux distros. To add or remove repositories edit this file: /etc/apt/sources.list. Here's a decent explanation of the file.
GUI (via apt)
Several "front-end" interfaces exist, such as aptitude(8), synaptic(8) and wajig(1). Depends on the Linux distribution you're using.
When software is not available via a Linux repository, it may be available via GitHub. Do a search on GitHub. Copy the Code url and use the the following command to clone the software to a location on your computer. Also, prior to cloning a project always read up on the project's documentation. I highly recommend creating a GitHub account and start using with scripts and software you create.
git clone <url>:
Clones a repository into a newly created directory, creates remote-tracking branches for each branch in the cloned repository (visible using git branch --remotes), and creates and checks out an initial branch that is forked from the cloned repository’s currently active branch.
After the clone, a plain git fetch without arguments will update all the remote-tracking branches, and a git pull without arguments will in addition merge the remote master branch into the current master branch, if any (this is untrue when "--single-branch" is given; see below).
Linux File System Permissions
ls -l: Long listing information about files and directories. For example ls -l /usr/share/hashcat provides the following listing:
first character is type (d = directory or - file) and the rest are the permissions in groups of three (rwx where r=read; w=write; x=execute). If a dash (-) exists that permissions is not granted. Grouping corresponds to owner (or user), group and other (all other users).
number of links
the user and group ownership
size (bytes)
created/modified date
name (the above example also shows a symbolic link)
chown: changes the user and/or group ownership of each given file. If only an owner (a user name or numeric user ID) is given, that user is made the owner of each given file, and the files' group is not changed. If the owner is followed by a colon and a group name (or numeric group ID), with no spaces between them, the group ownership of the files is changed as well. If a colon but no group name follows the user name, that user is made the owner of the files and the group of the files is changed to that user's login group. If the colon and group are given, but the owner is omitted, only the group of the files is changed; in this case, chown performs the same function as chgrp. If only a colon is given, or if the entire operand is empty, neither the owner nor the group is changed.
chgrp: change group ownership. Change the group of each FILE to GROUP. With --reference, change the group of each FILE to that of RFILE.
chmod: changes the file mode bits of each given file according to mode, which can be either a symbolic representation of changes to make, or an octal number representing the bit pattern for the new mode bits.
The format of a symbolic mode is [ugoa...][[-+=][perms...]...], where perms is either zero or more letters from the set rwxXst, or a single letter from the set ugo. Multiple symbolic modes can be given, separated by commas.
A combination of the letters ugoa controls which users' access to the file will be changed: the user who owns it (u), other users in the file's group (g), other users not in the file's group (o), or all users (a). If none of these are given, the effect is as if (a) were given, but bits that are set in the umask are not affected.
The operator + causes the selected file mode bits to be added to the existing file mode bits of each file; - causes them to be removed; and = causes them to be added and causes unmentioned bits to be removed except that a directory's unmentioned set user and group ID bits are not affected.
The letters rwxXst select file mode bits for the affected users: read (r), write (w), execute (or search for directories) (x), execute/search only if the file is a directory or already has execute permission for some user (X), set user or group ID on execution (s), restricted deletion flag or sticky bit (t). Instead of one or more of these letters, you can specify exactly one of the letters ugo: the permissions granted to the user who owns the file (u), the permissions granted to other users who are members of the file's group (g), and the permissions granted to users that are in neither of the two preceding categories (o).
A numeric mode is from one to four octal digits (0-7), derived by adding up the bits with values 4, 2, and 1. Omitted digits are assumed to be leading zeros. The first digit selects the set user ID (4) and set group ID (2) and restricted deletion or sticky (1) attributes. The second digit
selects permissions for the user who owns the file: read (4), write (2), and execute (1); the third selects permissions for other users in the file's group, with the same values; and the fourth for other users not in the file's group, with the same values.
chmod never changes the permissions of symbolic links; the chmod system call cannot change their permissions. This is not a problem since the permissions of symbolic links are never used. However, for each symbolic link listed on the command line, chmod changes the permissions of the pointed-to file. In contrast, chmod ignores symbolic links encountered during recursive directory traversals.
Linux set permission defaults for files and directories as 666 and 777 respectively. But Debian systems umask is preconfigured to 022. umask subtracts from the default, so 666 becomes 644 and 777 becomes 755. Each user may modify their umask via ~/.profile file.
SUID (Set owner User ID up on execution) is a special type of file permissions given to a file. Users will get file owner’s permissions as well as owner UID and GID when executing a file/program/command.
To SUID using symbolic: chmod u+s <file name>
To SUID using numeric (octal): chmod 4750 <file name>
When a file has its SUID bit set long listing permissions will like: -rwsr-x---
SGID (Set Group ID up on execution) is a special type of file permissions given to a file/folder. Users will get file Group’s permissions when executing a Folder/file/program/command. When the bit is set on a directory new files created in that directory goes to the directory creator's group.
To SGID using symbolic: chmod g+s <file name>
To SGID using numeric (octal): chmod 2750 <file name>
When a file has its SUID bit set long listing permissions will like: -rwxr-s---
Sticky bit is a permision bit set on a directory, allowing a user to rename or delete files contained in it. This is a legacy function and not used anymore.
Exploiting SUID and SGID: Sometimes a developer may set the SUID bit of a program to access files that require root privileges. This allows a user to gain unintentional root privileges, providing the user do whatever they want. the following command will list all filesfor the root user with the permissions 4000: find / -user root -perm -4000
Similarly this can be done for SGID. Change -4000 to -2000 to find files/directories
