Tuesday, 17 January 2012

Installing BT5 from CLI on Machines Running NVidia Graphics Cards with No Networking (n00b friendly version!)


The following blog post has been created to bring together a lot of information (some of which you may already know) pertaining to installing BackTrack 5 successfully onto systems that have NVidia graphics cards. For the Linux pros out there, you may be thinking ‘LOL WTF n00b! That’s easy you just set the boot param ‘nomodeset’ in grub then do ‘apt-get install nvidia-common’, but in a lot of cases that won’t work, due to hardware restrictions (e.g. encrypted drives) and the way that Live CDs work. Plus, not everyone has time to Google every issue or knows GRUB parameters off the top of their head’s.

The main reason for doing this (apart from just wanting BackTrack installed on your machine – too much to ask?) is that for carrying out certain types of protectively marked work (government stuff) you are required to image and re-image a lot and troubleshooting this sort of process is a real pain in the arse, so I thought I would be nice and put it all in one place. I hope it proves useful!

  •  Insert the BT5 Live CD and select the 4th Option on the list (BackTrack Text – Default Boot Text Mode). This differs from the first option as it has ‘nomodeset’ in the Kernel parameters, meaning the system will actually boot!
  • Next, find out what graphics card you have installed on your machine, you can do this by typing the following command.
    $ lspci
  •  Download the corresponding driver from the NVidia website (http://www.nvidia.com/Download/index.aspx).
  • Copy the driver script (.run file) onto a FAT32 formatted USB stick.
  • Double click the ‘Install BackTrack’ icon on the Desktop and install BT on the whole disk (set regional options etc.).
  • Once this is complete and you restart, the problem you’ll have now is that you won’t be able to boot into BackTrack as it doesn’t have the correct graphics card driver installed. So, you will need to follow the following steps.
  • Upon bootstrapping, drop into the GRUB menu (either by hitting shift of the down arrow, it depends on your machine). 
  • From here you need to find the operating system you have just installed (it should be the top option), and with it highlighted, press ‘E’ to edit the script. 
  • Move the cursor with the direction arrows until you get to the line that startslinux /boot’.
  •  Towards the end of the line (or continued onto the next line) where the file readsquiet splashthere may be some code with something similar to ‘VGA 740’, if there is, delete it and replace it withnomodeset’. If there is not, just enternomodesetafterquiet splash’.
  • Press Ctrl+X to boot the modified grub entry. Backtrack should now boot to the familiar text prompt. From here, we need to source and install the NVidia drivers.
  • Insert the USB stick with the drivers on that you copied over earlier.
  •  Mount the USB stick on your machine and copy the file to your Desktop by doing the following steps below.Tail the logs using the command below, so that you can see the USB log entries as it’s plugged in:

         $ tail -f /var/log/messages

  •  Plug in the USB device and Look for a line similar to this:

      Jan 17 11:53:25 <your-hostname> kernel: [81590.537888] sdb: sdb1

  •  Your device name will be named '/dev/<device>' which in this example is '/dev/sdb1'. Create a new directory within /media/ called 'usbdrive' with the following command:

      $ mkdir usbdrive

  • Mount the USB device in this location using:

      $ mount -t vfat /dev/sdb1 /media/usbdrive/

  •  After the USB has been mounted, browse to it to check that the driver file is there, then copy it to your machine:

   $ cp <NVIDIA_Linux_x86_64-XXX.XX.run> /home/root/Desktop

  • Now, you need to install the drivers, this can be a bit tricky so make sure you follow the steps exactly.
  • Type: 'prepare-kernel-sources' as this installation requires the Kernel sources to be unpacked for the driver script to run.
  • Copy the ‘include/generated’ folder and all its contents to ‘include/linux’ with the following commands:

   cd /usr/src/linux
   cp -rf include/generated/* include/linux/

  • Run the NVidia driver script using the following command:

     ./NVIDIA_Linux_x86_64-XXX.XX.run --kernel-source-         path='/usr/src/linux'

  • This will start NVidia driver script. At the first screen click ‘Accept’ in order to accept the install agreement.
  • When the install asks “Install NVIDIA’s 32-bit compatibility OpenGL libraries’, select ‘Yes’.
  • The next prompt will ask if you wish to update your X configuration file, click ‘Yes’.
  • Hopefully, this will now give a successful update message! Click ok and then type ‘startx’ to begin the GUI. 
  • Now, you need to edit '/boot/grub/grub.cfg' to make a permanent to the boot parameter. Locate the first entry and delete 'VGA 740' and replace it with 'nomodeset'. 
  • Reboot the machine.
  • Shout huzzah / WTF!


Thursday, 12 January 2012

Introductions, Automation and Simplification



Ok, so time to introduce myself, I'm Ben (bdpuk) I've been a tester for over 5 years and like every other tester out there I spend much more time reading blogs than writing them. This is hopefully about to change.

So my latest obsession is automation and simplification. Put quite simply, getting the grunt work out of the way to make time for the fun stuff. This applies across the board in testing, but really shines through when dealing with internal network assessments or "Evil Insider" type scenarios.

Now I'm not advocating point and shoot ownage, that would be downright irresponsible (see db_autopwn as to why). I'm talking about data collection and aggregation to allow for quick analysis and more to the point less time on customer site.

I think the way this is going to work (if it works at all) is for each post I'm going to write about a few one liners or useful tools that can eventually be put together into one all incompassing framework, the scripts will collect all the required information, process it for use and also hopefully display it in a useful/pretty way. Kind of like a lego project that you attempt to complete over a few weeks, some weeks you might cover a lot, others nothing, maybe a few drastic revisions here and there and in the end you might never complete it, but it's the experience that counts right?

So we're going to start with a subnet, and lets for arguments sake call the subnet 10.10.10.0/24 (one I can remember throughout this series), that'll be our starting point and from here we'll start the datamining. First things first, a lot of tools don't accept CIDR notation (think onesixtyone et al) so we'll need a list of IPs. NMaps list scan comes in handy here:

nmap -sL -n 10.10.10.0/24 | grep "Nmap scan" | cut -f 5 -d " " > ~/<target_org>/targets/IPs.txt

To break that down we're using the nmap list command to produce a list of targets without actually scanning them, and then manipulating the output with grep and cut to provide only a list of IPs.

In the file structure we should save it as IPs.txt in a targets folder, something a long the lines of:

~/<target_org>/targets/IPs.txt

That's a good place to draw to a close on this article, It will continue...

Ninja Edit: Part 2 is located here.