Amateur Radio Goals

As a part of getting back into the HAM Radio hobby, I pulled out my existing gear and began making plans to stream line my setup. When I first got into the hobby, my initial goals were to have the ability to communicate in emergency situations, mostly “the end of the world as we know it” or “SHTF” from a prepper perspective. I also wanted to learn more about electronics and electricity in a practical sense. I was still in college at the time, and when it came up as a topic of interest, I was in my senior semesters working on my final project and final topic. Things were too hectic, so I didn’t pick it up at that time. It fell by the wayside, and I didn’t think about it again for several years.

In the summer of 2008, we got news of a class on HAM Radio that was going to be presented at the local library. The class was designed for the local home schooled kids, but they would take anyone. I got special permission from work at the time to take the class time off, and took my two oldest children, since they showed interest. We were supposed to build an SDR kit radio as part of the class participation, but the instructor had some health issues, and the classes trickled to an end without a radio built. I learned that there was a local club, as well as when and where they met each week, so I showed up to lunch with them one Friday. They seemed like a good bunch of people, and encouraged me. I managed to get my license before the class was finished. I passed both my Technician exam and my General exam in one sitting, and began my pursuit of first equipment to buy. It was a little overwhelming. I knew we were supposed to have the SDR when all was said and done, but I also saw that things were slowing down a lot, and I wanted a radio I could use out of the box.

After a little discussion with a few of the club members, I picked up my first hand held. This was a Yaesu FT-60R, and it was a pretty nice HT at the time. The club helped me get it programmed for the local repeaters, and I began checking into the weekly net, regularly. I then began looking for the perfect “grab and go” HF radio. I ended up focusing on Yaesu products, again, and it was a tie between the FT-817ND, FT-857, and FT-897. I settled on the middle ground 857, and was happy with this radio for my needs. I bought a battery pack from a group that does backpack radio, and picked up an HF antenna that packs down nicely from the same group. This gave me all the pieces I needed for my first operable portable station. I had a power supply, a transceiver, and an antenna. This worked okay for a while, but the antenna gave me issues when I tried to operate from my back yard, and one of the club members helped me realize it was interacting poorly with a tree that was too close. Moving it several feet away allowed me to make a contact to New Mexico. It was fun.

Fast forward a few years, and I got my heart set on a new radio that was put out by Elecraft. It was small, portable, did up to 12 watts with an external battery, up to 5 with internal batteries, and could do all modes, not just CW. Since I still hadn’t learned Morse code, I needed a sideband radio, and this could do it. I waited and watched, and watched and waited, and in 2014, my wife and I sat down and did the math. I pulled the trigger on this new radio using tax return money. A week or so after we ordered it, I got cut from my job in a batch of mass layoffs. My wife said to let it come in, and not send it back. She loves me.

The radio was the full package. I got the KX3 transceiver, the PX3 pan adapter, the KXPA500 amplifier (so that I could use it with up to 500 watts output in a home station set up,) and a full Buddipole antenna system. Buddipole is another one of those “break it down and pack it” antennas, but has a lot more configuration options than the one I mentioned earlier. Unfortunately, it is a more complex system, and it takes longer to set it up and break it down, and it’s heavy. It’s very heavy. I’ve used it a total of once.

At some point after obtaining the KX3, I loaned the FT-857 out, and haven’t seen it since. I know who has it, and it’s okay. It’s in good hands, and I know he’s enjoying it. I’d rather it be used by someone than sit on a shelf collecting dust.

Skip forward a few more years and my activity in the hobby has fallen off. My new job (a few months after losing the last one) has me driving further every day, and the stress levels are different and higher. I stopped showing up for the monthly meetings, and weekly “tech night” get togethers. My health began to decline.

Skip to late last year.

I decided that part of my health decline is related to the stress. Most of it, actually. I’m getting back into the hobby, and my goals are much as they were the first time around. Rather than worrying about SHTF, however, I just want a radio setup that I can grab to go play at the park, or in the parking lot at work, or similar. So, without further delay, here’s the gear I have as of today:

Kx3, PX3, a pair of random wires with banana plugs into a binding post antenna, microphone all in a little Harbor Freight knock-off-pelican case.

A Bioenno BPP-120 battery pack.

A selection of any of the following antenna systems: The superantennas MP-1 (first HF antenna I owned.) The “yo-yo-vee” (a clothesline antenna that makes a dipole.) The “random speaker wire antenna” (packed in the case.) The “Opek 2m through 80m” on a mag mount. The “Buddipole system” that is heavy and complex, but gives the greatest flexibility in setting up.

I’ve started going back to tech nights, and meeting with the club for lunch on Saturdays. My gear setup is about where I want it. I need something to toss a line in a tree, and I need a couple of kite winders to wind the wires on for the speaker wire antenna, but that’s all I’m missing at the moment. When I finish getting the package put together, I’ll start taking the radio out to operate, and will try to get my adventures on video. If I succeed, I’ll put them up on YouTube, and share from there. Until then, I’ll keep a running log of how this is going, here.

Next post will be UNIX related. I’ll start the SSH stuff I promised last week.

Good riddance 2018. Hello 2019

I fell off the face of the planet when I began my OSCP journey. My journey didn’t make it far at all. I never even made it into the labs. I got the VM downloaded, the educational materials downloaded, and went through most of that content over my lunch hours, as well as several evenings. However, we had several very badly timed problematic events in our lives that kept me delayed from making it into the labs. A close family member came down with an unusual sickness, the bonus kids have had a rough time as the holidays approached for one more year without their mother, and the day job doubled down with more hectic workload than I expected, even though I knew it would be heavy. I’ve also been sick off and on a lot the last half of the year, myself. We felt this was partially related to stress, and as a family we decided that it was okay to take the hit on my failure to get into the labs.

All that said, the holidays are past us, now. The bonus kids are doing a little better for it, already. The family member is recovering slowly, but steadily. I have become more active in the local HAM Radio club again, which is helping with my stress levels. I’m ready to put 2018 behind me. As several people have already stated in various ways, I made the mistake of telling 2018 to “come at me, bro” and it did. It did with a viciousness I wasn’t ready for. To 2019, I say, “please come in, sit down, have a cup of tea, and don’t hurt me.”

I don’t make New Year’s resolutions, but I will state a few things that should be coming down the pipeline from UnixSecLab. First, I intend to come back to the OSCP by way of ordering more lab time after I’ve had a chance to recover from 2018-itis. Second, I’m considering standing up a YouTube channel that covers some of the projects I’ve covered here in the past, as well as a section on the HAM Radio hobby. My GCIH falls off this coming year, if I don’t do something to renew it. I’m still chewing on whether to make that attempt or not, and if not, what plan to get a different SANS certificate in its place. I’m more focused on getting the OSCP certificate, but it would be good to keep at least one SANS cert on my wall.

I will probably be returning to posts focused on SSH configuration over the next several weeks. This topic came up at the day job, and the discussions have generated several stair stepping questions that can be addressed one degree at a time. Some of the answers may be beneficial to others who haven’t done the thought exercises, and may want reference to some ideas on how to proceed in their own environments. What gets presented may or may not reflect what is being done at the day job, but I will try to go as deep into the rabbit hole on creating a secure SSH key management system as I can, with branching options for how to deal with each issue at hand.

I hope everyone has a chance to recover from the brutality of 2018, and I wish the best of the best of 2019 to come for each of you.

General updates.

I apologize up front, but this is more of a “what’s been going on from a personal perspective” post, than a “here’s my progress toward OSCP” post.

I did get to spend four days in training at work.  The class covered Python 3, and I did learn a few things.  I’m still not a fan of the formatting, but I’m less disgusted with the language than I was before the class.  It has some features that are nice, and I’ll probably go back through Violent Python and translate it into python3 code, from scratch, this time, instead of trying to go back over what I stumbled through last time I did it.  It’ll be good for me.

I also didn’t make any progress on PentesterLab PRO, this week.  Our bank decided to decline the payment under the “fraud prevention” department.  Normally, we get a call that we can say “this was legit, let it through,” which they did the first month.  This time, they just flat out denied the payment.  Between my wife and I, we spent a good chunk of the day trying to get them to approve the payment.  The process was painful, and even then, the payment got denied a second time when processing tried to go through.  We worked with the good folks at PentesterLab’s site, and they were easy to work with on determining an alternative payment method.  We are very happy with the service, thus far.

When the weekend arrived, my wife and I sat down and scheduled out what all needed to get done.  Household errands won out over any training, this time.  Now that the payment issues are resolved, I’ll likely do some of the exercises during the week, this week, though.

So what did we get done?  We addressed fixing/streamlining some household processes that help a family of 11 people get along.  We also bought some plants to stick in the ground/in containers.  The Chinese Artichokes didn’t make it over the winter, but both containers of Jerusalem Artichokes did.  The container that had the Chinese ‘Chokes will be replanted with a Chocolate Mint, and a sprinkle of Marigold seeds.  We have a Peppermint plant that seems to come back every year, even though the Lemon Balm seems to take over and choke out everything in its path, and it’s right next to the balm.  I’m thinking of taking a snip snip cutting of that, shoving it three quarters into the ground, and seeing if it will root in the same container as the Chocolate Mint.  I’m only considering it, though.  If those two start competing, we’d much rather than the Chocolate Mint than the Peppermint.

We’ve also got two new high bush Blueberry bushes that will be planted this week, if not already done by the time this post goes live.  There is a single Blueberry plant on the corner of the house that has managed to survive the 14+ years we’ve lived here, and while it isn’t thriving, the fact that it keeps coming back is encouraging.

We also picked up some everbearing Strawberries.  These will go in the strawberry planter my wife got as a gift from my parents a couple of years ago.  These are her Mother’s Day gift from the rest of us, this year.  Yes, it’s a week early, but she doesn’t mind.

Later this week, we’ll order some “Raspberry Shortcake ™” Raspberries from an online nursery.  The local shop had some a week or three back, but we didn’t buy them.  I specifically wanted some this week, but they were out, and they don’t know when another shipment might arrive.  I know another distributor that carries these, so we’re planning to purchase a couple of gallon sized orders, and they’ll go in a couple more plastic “whiskey half barrel” planters like the ones the Sunchokes (Jerusalem Artichokes) are in.

This week has been better than last week was, with regards to the depression.  The plant therapy helps.  The hack therapy does, too, and I do intend to get through more of the Essentials Badge at PentesterLab this week.  If they release the rest of the Unix Badge, I’ll also finish it out.

If I get feedback about not liking the plant talk, I’ll try to keep it on the other blog, and bring it back sooner, but I’d rather work with just UnixSecLab for now, and not deal with running two at once.  If nobody complains, I may still drop an update here, every now and then about how the gardening is going.

Thanks for sticking with me, and I’m sorry this post was a bit light on technical stuff.  Next week should be much better.

Updates – OSCP prep (PentesterLab PRO) pt. 4

This was a rough week.  First, I was on call, which is always stressful.  Second, everyone else in the house had a head cold of some sort.  We suspect it was weather related.  I ended up working from home, bouncing back and forth between putting out fires/handling normal requests for work, and checking on the kids and wife/fixing meals/handling household chores to keep us from falling too far behind.  Third, Saturday was the 10 year anniversary of the murder of my little brother.  I’ve been in a dark place this month, and that event was the primary driver for it.

As a progress report, I can say that I managed to get past a few more of the Essentials Badge exercises.  I also completed all of the newest unlocked exercises for the Unix badge.  This brings me to 18/60 Essentials Badge total, and 32/35 Unix Badge total exercises.  I got stuck on another Essentials Badge exercise, caved a little early, sent a support request, then figured it out on my own about five minutes after sending the request in.

The issue was that I wasn’t URL encoding the plus sign with “%2b” since the browser was encoding most everything else for me.  I didn’t realize it also needed encoding.  I’m almost positive I read that it needed to be, but my brain again translated that as “if it needs it, browser will take care of it” and I didn’t check my work.  As soon as I figured it out, I tested with manual encoding, and got the flag for completion.

I’m not stuck on the next exercise, but it’s a little more involved, and I’m already exhausted from my hell week adventures.  I’ll tackle them more later this coming week.

As a depression management tactic, my wife took me to see Avengers: Infinity War, on Sunday.  It was a real tear jerker, but I was expecting it, and it really did me more good than harm, so it was a good call.  Any kind of date with my wife helps, but I’m really impressed with the Marvel Cinematic Universe movie franchise, thus far, so I was glad for the distraction.

This coming week, I’m supposed to be learning a little Python with some other coworkers.  I have a distaste for the language, due to the structure of the code (it always looks like it wants to just drift off the page, then wakes up and slams back to the left to do it all over again.)  I’ve been forcing myself to try to learn it a little along, however, and this class will give me some structured direction to my learning.  My current tactics have mostly included converting the python2.x code from Violent Python into python3.6 compatible code.  In this way, I learn a little of both 2 and 3, and it forces me to think about the code, not just blindly type what’s in the book and pray that it works.

That’s all I have for this week.  Hopefully, next week will be a better update in general.

Updates – OSCP prep (PentesterLab PRO) pt. 3

When last we left our student, he was stuck on an exercise at PentesterLab PRO.  The exerise was the last AUTHO in the list.  Two weekends straight were rough, and he finally broke down and started speaking of himself in the third person.  Or contacted support to determine whether the exercise itself was broken, or something else was wrong with his understanding.

He… ahem… *I* got a response, and I kicked myself repeatedly after I received it.  I did nothing wrong, other than spell the word wrong.  There’s a distinct difference in how the word for the parameter is spelled in American English vs. European English.  In America, we spell it with a “z” before the “ation.”  The exercise uses the European spelling, and while my brain read it fine, when I went to type in the parameter into either mitmproxy or Burp Suite, I Americanized it,every… single… time.

My boss has a habit of copy/pasting most everything.  His keyboard skills for highlighting the bits he wants to select, copying, then moving to the line he wants to modify, and pasting in things like Google Mail, and Docs are beyond me.  I have to move my hand to the mouse, and that bothers me.  I also type somewhere between 70 and 90 WPM on a good day, so I often just type instead.

I should listen to my boss more often.  I should learn some of this keyboard tricks.  I probably won’t, but I should.

I was so frustrated with myself over this that I didn’t touch the labs again until Sunday.  I did one exercise to force myself to progress, and I’ll probably work on it more during the week, this week, but for now I only progressed by five exercises.  The last AUTHO and the first four CODEXEC (code execution) exercises were all I managed, this week.

I did let myself get distracted by some of my non-tech hobbies, though.  I put a couple of plants in the ground, purchased my copy of “The Great American Farm Tour” (GAFT) from Abundant Permaculture, and watched some videos from the purchase.

My focus this year is still UnixSecLab, and getting my OSCP is a hug part of that.  I’m still not completely abandoning Jack of all Hobbies, though, and I’m getting ideas for next year so I can ramp up operations for it.  Until then, all posts will be here, and the other will just lie dormant.

Next week, I should have much more progress to report.  Thanks for sticking with me through my journey.

Updates – OSCP prep (PentesterLab PRO) pt. 2

Last week, I got kind of stuck on one of the Essentials Badge exercises, and I’m trying really hard to just do these in the order presented.  I wasn’t able to work on this any during the week.  Friday, I had a serious sinus flare up that kept me home from work, but later than evening and during the weekend, I started on a different badge as a “feel good, lots of progress” kind of thing.  I did all 27 of the available Unix Badge exercises.  There are 35 total, but only 27 are unlocked, at this time.

My goal for the rest of the week is to work on the Essentials Badge some more, one exercise or two at a time (per day.)

The rest of the weekend was kind of procrastination, because I focused on getting some progress in my favorite online game: Guild Wars 2.  I did this, because sometimes you just need a break, and have some fun.  I’ll keep working on getting my griffon mount, but I’m not allowed to touch the game each day until I’ve either completed an exercise in PentesterLab, or I’ve worked a full two hours without progress.  If I can’t get the exercise in two hours, I don’t need to be stressing myself out over it.

The goal at this point is to get through the Essentials Badge over the next couple of weeks, then take a look at the White Badge.

So far, these exercises have been pretty straight forward, until they aren’t.  I’m not sure if the last AUTHO_06 exercise I got stuck on is due to a failure to understand the requirement on my part, or due to a bug in the system.  I believe I understand what is wanted, but nothing I tried last week was working, so I can’t really say.  I’m considering going back through the entire AUTHO_# set using the same username every time, in case the later ones play on earlier ones, and I may have gotten my stuff out of sync, somehow.

Updates – OSCP prep (PentesterLab PRO)

We had some birthday related festivities in the house most of the weekend, but I did work on the PentesterLab PRO progression this week(end.)

There are 60 progression levels in the Essentials Badge grouping.  It started off overly simple, went straight to hair pulling, then got overly simple again for a few more, then I hit the AUTHO_05 level, which is a mass assignment vulnerability issue.  Note that AUTHO_04 is, as well, and it wasn’t terrible.  The AUTHO_05 level is AUTHO_04 “fixed” so you have to find another way to get to the goal.

I spent several hours banging my head against the wall on this.  I shut down my kali vm, walked away for a bit, ate some dinner, and came back to it.  I finally got past it by changing my “true” to a “1” in the key/value pair I was injecting via the proxy.  Seriously?  Seriously.

AUTHO_06?  Yeah, it’s just as bad.  Still trying to figure out what magic combination of key(name) and value(name) to use for it.  The “hint” says one thing, but nothing I try around that is working, so it’s probably either a big mess, or something really simple I’m missing.

My lack of experience with Burp Suite and mitmproxy may be my biggest problem, but I actually had some decent success with both tools for most of the exercises, thus far.  I was planning to use OWASP ZAP as part of my progression, but I changed my mind.  Burp and ZAP are the two biggest players in the attack proxy space, but mitmproxy is command line based, and thus has a smaller memory footprint.  The only exercise I wasn’t able to use it on, yet, was one where when I modified the POST to be sent, I never got the full page response back, and that’s more due to a lack of familiarity with the tool than anything.  I’m going to try to learn what other flags and/or settings I might need in order to make those work, and when I’m comfortable with it, I’ll do a write-up here on how to use it in comparison to Burp (which I’m also having to learn as I go.)

One of the exercises led me to two other CLI tools to stick in my back pocket.  The “hash-identifier” tool helps narrow down what kind of hash a string of characters might be.  The “findmyhash” command helped search a massive number of online rainbow table style sites to check what the keyword to the hash was.  What was messing me up the most on this was I guessed it to be a certain kind of hash, but when I passed the suspect key (the name of the user) to that hash using the echo command to print the word being hashed piped to the openssl <hash> command, the value I got back didn’t match what I was comparing it to.  My problem was using “echo” instead of “printf” since echo tacks on a carriage return and/or new line, and that messes up the hash.  Once I figured this out, I was able to progress to the next exercise quickly.

All in all, web app testing is one of my weaknesses, and these exercises have been very helpful, thus far.  I recommend PentesterLab PRO for brushing up on these kinds of attacks, since they cover a wide array of attack types without giving you too much detail so you are forced to research and learn, much as I suspect the PWK/OSCP will be.

A quick note about all of the commands I’ve mentioned in this post.  They are all installed by default in the full Kali VM OVA build.  I didn’t have to apt-get install any of them.

Updates – OSCP Prep and New Book

Last Monday, I posted about my plan for preparing for and eventually taking and passing the OSCP (Offensive-Security Certified Professional.)

My prep work for the week has included:

  • Finishing my Cornell Style notes on the eLearnSecurity Reports and Methodology information.
  • Signing up for PentesterLab PRO.
  • Passing the “Introduction” badge on PentesterLab PRO.
  • Installing 4 of the 5 lab machines as described in Tony Robinson’s “Building Virtual Machine Labs” book.
    • The only lab machine left is the Metasploitable machine, which I intend to work on this week.
  • Installed Kali VM on my main gaming laptop for doing further PentesterLab PRO exercises.

Sunday (April 1) Michael W. Lucas announced his “#mwlSecretbook” title.  He’s been working on this book for months, but kept the title secret, until now.  This is the 13th book in the “Mastery” series, and as a Print Sponsor (and Print Patreon Patron,) I got a copy of the PDF bright an early in my email.  I took the morning to read the book.

The title?  “Ed Mastery.”  That’s right… this book is all about using the “ed” line editor for Unix systems.  I think this was an excellent book to release, for multiple reasons.

  1. There are already excellent books on the “sed” and “awk” commands that give a brief explanations, one-liners, and so on, available on the market.
  2. The “ed” editor is one of the least utilized editors, yet it is almost guaranteed to exist on any Unix system you may find yourself on.  The “ed” command is part of the POSIX definitions, after all.  Some newer Linux distributions are beginning to leave this out, but I blame the stupidity that is “systemd” for swaying this kind of thinking.
  3. The simplicity of the command is staggering, and after you’ve used it for a few days, it seems second nature.  It’s worth at least practicing this command to have it in your back pocket.
  4. It works, even when your TERM settings get jacked up.  It works when you’re in a single user session that only mounted “/” because of corrupted filesystem issues, and you need to modify configuration files but don’t have access to “vi” since that usually lives in “/usr” (and isn’t statically compiled.)  It just works.  Period.

At a previous place of employment, we had to fix some boot issues every now and then.  Doing this required booting into single user mode (root) where the filesystem only mounted “/” at first.  Sometimes, we could mount “/usr” manually, then use vi to modify our files.  The problem was that “vi” wasn’t statically compiled, and thus lived in “/usr” instead of “/bin” where the statically compiled programs were stashed.  I always wondered what would happen if “/usr” crapped itself, and thought it would be best to learn “ed” as an alternative.

I first learned ed by forcing myself to use it instead of any other text editor for a whole week.  The first couple of days were a little painful, but after that, it became pretty comfortable.

I haven’t been forced to use it, but I’ve always been happy to have it in my back pocket.  I have used it (and vi) to demonstrate poorly configured SUDO policy in the past.

After spending my morning reading the PDF version of this book, I’ve decided I need to brush up on it.  It’s been a few years since I forced myself to learn it, and this book does include some tricks I never figured out on my own back then.  If you’re in the Unix space: User, SysAdmin, or Pentester; get this book.

Plans for this coming week:

  • Finish building the Tony Robinson style lab.
  • Continue working on the Essentials Badge on PentesterLab PRO.
  • Continue improving my workflow and documentation methodology.
  • Begin using “ed” regularly, again.

Journey to OSCP – The Plan

I’ve mentioned it a few times before today, but I plan to take the Penetration Testing with Kali course, and Offensive-Security Certified Professional exam this year.  I’ve been spastic about preparations up to this point.

Thus far, I’ve read a few blog posts about others’ journeys to OSCP.  I’ve gone back to my eLearnSecurity Professional Penetration Tester course materials.  I’ve watched some amazing YouTube channels that cover some walk-throughs of Vuln Hub and Hack The Box machines.  I’ve pulled some books already in my collection, and added a few more that should help in my own journey.

I’ve laid out a generic (no dates) plan for how to prepare for the end goal.

Some of the steps require going back to previous steps for review and revision so I can hone my methodology.  The reporting pieces will be closer to eLearnSecurity’s style than the more brief PWK style, most likely, but I’ll probably present something closer to PWK style for the actual OSCP, since that’s what they are looking for.  The PWK style will be a portion of the eLS style in the end, so it’s just a subset, not a replacement.

The general flow of preparation looks like this:

  • Take Cornell Style notes on the Methodology and Reporting documents provided by eLS.  DONE
    • Create initial “Methodology” work flow guide for myself.
    • Create initial templates and scripts to create the templates during work flow for “Reports” eLS style for myself.
  • Take Cornell Style notes on the appropriate chapters from Building Virtual Machine Labs by Tony Robinson
    • Build a lab by the guide above.  I started to do this already using ProxMox, but the ProxMox installation had issues, and I abandoned that, rather than spending precious time trying to “just make it work.”  I have a ProxMox desktop lab, already, but it’s too small for the machines listed in the guide, and I don’t want to mix that lab with this one.
  • Take Cornell Style notes on each of IppSec‘s walk-through videos
    • Use these notes to revise and hone my own Methodology work flow guide.
  • Sign up for PentesterLab PRO.
    • Work through at least the White and Yellow badges.
    • Work through the “bootcamp” page suggestions.
    • Go back and review eLS course material where relevant.
  • Work through Tulpa’s preparation guide.
  • Finish reviewing eLS course material after all of above, if not already complete.
  • Subscribe to Hack The Box.
    • Work through retired machines, then review my results/techniques/methodology and compare with online walk-throughs of these machines.
    • Work on non-retired machines.
  • ONGOING – Lunch twice a week at work, work on a downloaded VM from Vuln Hub.
  • Order PWK and schedule OSCP exam.

Yes, that is a lot to do before the last bit (actually ordering/working the course and taking the exam.)  Yes, I will do all of that THIS YEAR.

I will update “where I’m at” posts on this blog as I work through my process.  This way, you all can follow along.  The PWK/OSCP is too important to me to just jump feet first into.  I have limited time due to the size of my family (9 kids,) full time job (with hour commute to, and hour commute from work each day,) and the occasional week of on call.  I want to brush up and hone my methodology before I jump.  I believe this will make the experience more fulfilling.

Here’s to a time-packed and challenging year ahead.

Pi-Top Kali – Getting Kali Installed

Over the last few weeks, I’ve gone through the process of installing Kali onto its own microSD card for use on the pi-top.  I started with the latest 2017 image, but recently the first 2018 image became available, so I did the procedure again.  This document will cover the latest image.

First, I downloaded the image from the site onto my Linux Mint laptop.  Next, I verified the checksum.

sha256sum ./kali-linux-2018.1-rpi3-nexmon.img.xz
1ce9fb1ab69c709046b3ddddfeff6481b484f19e8b2b61725cebfb6361953c08  ./kali-linux-2018.1-rpi3-nexmon.img.xz

This matched the checksum on the site.  After verification, I unpacked the xz archive with unxz.  This created the kali-linux-2018.1-rpi3-nexmon.img image file for installation.

unxz kali-linux-2018.1-rpi3-nexmon.img.xz

Next, I put a new 32G microSD card in to receive the image.  I checked dmesg output to verify that the card was recognized successfully.

[11115.585761] mmc0: new ultra high speed SDR50 SDHC card at address 0001
[11115.603234] mmcblk0: mmc0:0001 00000 29.8 GiB
[11115.606945]  mmcblk0: p1

In order to install, I unmounted the auto-mounted card and used dd to tranfer a copy of the image to the card.

sudo dd if=./kali-linux-2018.1-rpi3-nexmon.img of=/dev/mmcblk0 bs=512k
14000+0 records in
14000+0 records out
7340032000 bytes (7.3 GB, 6.8 GiB) copied, 388.375 s, 18.9 MB/s

I ejected and re-inserted the card to verify it is seen correctly.  Both partitions were picked up, and I unmounted these for the next step.  Because the image is much smaller than the size of the card, I needed to resize the linux partition to take advantage of the extra space.  I used GParted for this.

GParted has an issue with the e2fsck not being up to date enough.  I had to install the following two packages manually, before growing the EXT4 mount point:

sudo apt-get install ./e2fsprogs_1.43.8-1ubuntu1_amd64.deb ./e2fslibs_1.43.8-1ubuntu1_amd64.deb

Once GParted was working correctly, I used it to resize the linux partiton.

sudo gparted /dev/mmcblk0

I selected the EXT4 mount, chose “move/resize,” and resized it to take up all of the unallocated space.  I then applied the change, and closed the program.

I swapped microSD cards to put Kali into the pi-top and remove polarisOS.  Booting the machine worked fine on first try, so the image appears to be installed okay.

I had a few housekeeping tasks to take care of.

My first housekeeping task was to create a new password for the root user.  Second was to regenerate host keys.  Most pre-built images should go through these two basic steps, since they ship with pre-generated widely known shared keys and passwords.

To regenerate the host keys, I ran:
root@kali:~ rm /etc/ssh/ssh_host_*
root@kali:~ dpkg-reconfigure openssh-server
root@kali:~ service ssh restart

I was surprised to find that the newest version of kali actually didn’t ship with pre-installed ssh host keys.  When I ran the rm command, it failed with file not found, and a file listing of /etc/ssh confirmed there were none to remove.  I only needed the dpkg-reconfigure and service restart.

My next steps included updating the system, since Kali-Rolling updates very frequently.  In order to do this, I put the machine on the network, then ran the following:

ntpdate 0.us.pool.ntp.org
apt-get update
apt-get upgrade

The reason for the ntpdate first is that the machine doesn’t come with a configured NTP service, and the clock on the Pi puts the machine several months behind the real world.  It thought it was December 14 rather than current date.  The other two commands updated the APT cache, and then updated the system to latest.

My final task was to go through the process of updating the repository lists to be able to install the “pt-*” packages from polarisOS, but I ran into a dependency error on one of the packages, which prevented that from working properly.  I’ll continue to troubleshoot this issue before I go into the deep details of setting it up, but the error I ran into was that the python3-pt-idletime package was dependent upon python3 (< 3.6) where 3.6.4 is the current version in Kali.