Dual Booting Kali Linux and Windows 10

I recently setup my laptop to do a dual boot operating system with Windows 10 and Kali Linux. In the past I had run Windows 10 and used Virtual Box to run Linux distros as virtual machines. This worked fine, but I didn’t get the full use of my laptop since it had to share resources with Windows 10. Dual booting was fairly easy. I’ll make this short and sweet below.

  1. Make sure you have Windows 10 installed and working. If you hard drive is bitlockered, undo this for now.
  2. Make sure you have plenty of free space on your hard drive, 10GB required.
  3. Partition your hard drive to free up space for the Kali Linux install. There are several ways to do this, but I find this method saves a step or two.
    1. Boot to Windows.
    2. Right click the start menu and select Disk Management.
      diskmgmt
    3. Right click your drive and select “shrink volume.”
      shrink
    4. Input the amount you want to shrink the drive from.  This is the amount of unallocated spaced that will be left on the drive for your linux install. I did 30 gigs on mine. Just multiply whatever you want to be free by 1024. EX: 30*1024=30720 will give you 30 gigs of unallocated space.
      shrink2
    5. Confirm you have unallocated space as it should say it and have a black banner instead of blue.
      unallocated
    6. Now we are ready to proceed to the Linux install.
  4. Download Kali Linux and install it to a USB drive.
    1. Kali Linux Download
    2. Make a bootable USB drive
  5. Plug in the bootable USB drive and reboot your machine. Hit F12 while booting and it should give you the option to boot from USB.
  6. When prompted select install.
  7. Follow the steps until you get to the partition option.
    1. Select guided, use largest continuous space
    2. This will install Kali on the freed space you set aside in step 2
  8. When done, reboot and you’ll be presented with a GRUB loader to boot into Kali or Windows. Select your operating system and proceed.
  9. If you previously had bitlocker enabled in Windows, boot to Windows 10 and enable it now.
  10. By default the GRUB loader will select Kali Linux as the default OS to boot to.
    1. If you want to change Windows 10 to be default you’ll first need to boot to Kali Linux.
    2. Something to note, when booting you will see a list of boot options from top to bottom. Zero equals the top options, one the second, and so forth. Just remember this for when we update the GRUB. In the example below zero would be Kali and 2 would be Windows 7.
      grub
    3. Once in Kali open terminal
      1. I use Nano for this option, but you can use whatever text editor you want
    4. nano /etc/default/grub
      grub2
    5. Go to GRUB_DEFAULT and change 0 to 2.
      grub3
    6. When done hit ctrl+x and y to save changes.
    7. Now enter update-grub
  11. Now when you reboot your system it should automatically boot to Windows 10. If you need to boot to Kali make sure you select it before the GRUB loader defaults to Windows.

243 total views, 1 views today

Apple Iphone and the US Government

Apple_logo_black.svgMany of you have seen the news about the Federal Government telling Apple that they must develop a back door to allow them to access the Apple iPhone of the San Bernardino Shooters. If you haven’t read about it, here is a link to the letter from Apple, link. Some will say that not complying with the court order is unpatriotic and a threat to national security. Others will say that it is a violation of privacy.

I agree with Apple on this one. If this backdoor was created, it would be used across all Apple Products (if you’re unfamiliar with back doors, click here). So, whats the big deal? The big deal is that this backdoor can be exploited by anyone, not just court ordered requests by the FBI or NSA (if they even get a warrant). This means hackers could use this backdoor to grab data, images, videos, emails and so forth from your phone.

Think I’m crazy? Of course you do. Well, let me explain some back doors that have caused issues in the past. Have you ever heard of lawful intercept? This is a program designed by telecom companies to allow government agencies to wiretap phone calls. In 2004, this was exploited by hackers (most likely US Intel agencies) to listen into Greek Government officials phone calls, link.

Also, let us not forget that some agencies are beginning to purchase devices that can copy all of your cell phone’s data in minutes. Now-a-days, cell phones are not just for phone calls. They are more complex than the computers used to send men to the moon. Smartphones allow for people to carry all of their private data with them at all times. This includes, but not limited to; pictures, bank records, emails, texts, documents, and so forth.  The 4th amendment should protect us from this as “paper” has been replaced with electronic, but this does not seem to be the case.

Before you judge me (again) as some crazy, anti-establishment person, let me tell you that I’m all for security of this great nation. I will do anything to protect my country, my fellow Americans and have sacrificed for my country and community many times over. I just agree with the words of Ben Franklin, “Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety.” It’s not that I don’t agree with helping out, I just don’t want easy technology to be exploitable by the wrong people, be it a foreign state or a hacker group, or used unlawfully in anyway. Just my two cents.

416 total views, 1 views today

Satellite tracking & Ham Radio

One of the things I have recently had an interest in is Ham Radio Satellites, or AMSAT. There are a bunch of small satelllites in orbit (including the International Space Station) that can be used as repeaters for ham radio.  One of the most well known and easy to use satellites is SO-50.  I’ve heard people on SO-50 that were over 1,000 miles away from me.

If you are looking at getting into satellite tracking or using them for Ham Radio, there are a few things you need to know.

  1. How to track/predict satellite passes
  2. Equipment to communicate from the ground to the satellites
  3. Frequencies of the satellites

Tracking

There are several programs available to predict satellite passes. I purchased one for my iPhone, GoSatWatch. GoSatWatch was $10 and well worth the money. It can track everything from Ham Satellites, the Internation Space Station, visible satellites, commercial and GPS satellites, and Iridium flares (looks like shooting stars). It has the option to show a world map, a sky map, and predict passes for whatever you want to track.

If you want a decent program for the computer, I recommend Gpredict. Gpredict is free and has many of the same features, but requires a computer.

Equipment

baofenguv-5rFor my setup, I run a baofeng uv5r handheld. This handheld cost around $25-30 on amazon. I use Chirp to program it (I will be doing a write up on how to use Chrip).

 

 

 

arrow_antennaSome satellites are strong enough to pick up with an extended whip style antenna. For better reception I purchased an Arrow Antenna. This antenna is great and I have been able to speak and hear with no issues. Just point the antenna towards the satellite as it passes and you will start hearing transmissions. If you are looking to do telemetry or packet radio, you’ll need equipment for this as well. I haven’t ventured into that yet, but I will be exploring that in the future.

 

Frequencies

The last thing you’ll need it a list of the frequencies for which the satellites use. I had generated a list from different locations, but I’m unable to locate the list. Some suggested sites are:

 

When I started this, I had no one to show me how to do anything, so I learned it all on my own the hard way. Some tips from me would be to:

  1. Make sure your squelch is wide open when talking
  2. There are many people attempting contacts, so don’t get discouraged if you can’t break in, just keep trying
  3.  Be patient and try to predict out the passes
  4. Focus on trying to pick up satellites before transmitting
  5. Listen to how people talk before trying transmitting
  6. Write down call signs you here and look them up for distance information
  7. Have fun

654 total views, 1 views today

$40 AMSAT setup

In the past I’ve used my arrow antenna to do most of my AMSAT communications. This afternoon I had a free moment and decided to see what was flying over. SO-50, one of the satellites I track, was actually passing directly over my location. I decided to try out my baofeng uv5r and Nagoya antenna. The radio is about $25 and the antenna runs around $15. I’ve seen videos of people getting this to work, but have never gotten it to before. To my surprise I was able to pick up transmissions. I attempted contact, but the satellite was almost over the horizon at that point. Below is the video.

323 total views, 1 views today

ADS-B Piaware Flight Tracker

I recently purchased a Raspberry PI2 CanaKit from Amazon. My goal is to use it with Ham Radio, but to get a quick project going I set it up as a ADS-B flight tracker.

For those who don’t know, ADS-B stands for Automatic dependent surveillance – broadcast, and is used by airplanes to send out a broadcast message on 1090 MHz of their positions, flight number, altitude, and speed. The technology is utilized by air traffic controllers as a secondary way to track flights besides radar tracking.

This project took me about half an hour to setup and is still running. I’ll go over the setup and items needed to get this going. It costs less than $100 bucks to do all of this.

Tools needed:

  1. Raspberry Pi
  2. NooElec SDR Receiver
  3. Piaware software – FlightAware.com
  4. Setup an account with FlightAware.com

It is extremely easy to get this going. Flightaware.com, a flight status tracking website, provides all the steps and information needed to create your Piaware device. Basically you download the Piaware software. Install it on your microSD card and insert it into your Raspberry Pi. From there, hook up you NooElec receiver and antenna (it is best to have an outside antenna if possible or one with little obstructions).  Cable up your Ethernet cable and then power on the Raspberry Pi. Once on you can register the device with your FlightAware.com account. You can also browse locally to your Raspberry Pi an see the flights as they pass near you. Below is a screen shot of one I took tonight.

ADSB1

If you click on the Flightaware link next to the flight number, it will bring up the FAA logged route for this aircraft.

ADSB2

Being close to a military base, I see a lot of aircraft appearing and disappearing on the tracker. I’ve been told that the reason for this is that military aircraft only have to enable their transponders when in civilian airspace (this is what I’m told). Also, the military aircraft usually have interesting flight names, but I won’t discuss those here. This project has been fun and I have enjoyed seeing the amount of air traffic and their routes while flying near me. I’ve noticed a sort of “Interstate in the Sky”, as many of the planes travel the same routes. Not sure how much longer I will run this, but it will definitely run until I figure out the Ham Radio application for this device.

269 total views, 1 views today

My Pen Testing Tool Kit

When I first became interested in Pen Testing I had no idea where to begin or the tools to use. In this blog I will cover the tools I use most often and their purpose. Every kit is different, but this is what I use the most.

Here is my list, I will discuss each item in detail:

  1. Kali Linux
    A. Installed on HP 110 Netbook
  2. Alfa AWUSO36NH Wireless Adapter
  3. Wifi Pineapple
  4. 2 x Yagi Wifi antennas
  5. USB Rubber Ducky
  6. NooElec USB RTL-SDR
  7. Maxpedition Lunada Gearslinger Bag

PenTestingToolKit

Kali Linux

When I first started getting into Pen Testing I was trained on CentOS then I moved to Backtrack. I’ve now moved to Kali, which most people are now are using. Granted, you can use any OS you want for Pen Testing, and usually I have to use different ones, but Kali has almost all the tools in one place.

I installed Kali on an old HP Mini 110 netbook. It is not the fastest, but it does fine for running scans and exploits. If you are attempting to do something processor intensive, like password cracking, it is a good idea to run this on a machine that has more power.

This leads me to the next feature with Kali. Kali gives you the option to create a bootable USB image. This link covers how to set that up. The good thing about having a bootable USB is that you do not have to install the OS on your machine to use it. Just run it in live mode and you’re good to go.

The last option for running Kali is to run it as a virtual machine, which I do use regularly. I personally use VirtualBox whenever I do virtual machines. VirtualBox is free and has a lot of helpful articles. Kali actually has images available for download forVirtualBox and WMware.

 Alfa Network Wireless Adapter

In my opinion there are two easy ways into someone’s network. The first is to “ask,” for access via social engineering. The second is wireless exploitation. Wireless testing is one of my favorite aspects of pen testing. I use a Alfa AWUSO36NH Wireless Adapter for wireless testing. The Alfa adapter allows you to run WiFi scans to determine encryption on networks, network names, MAC addresses, and also inject packets back into the networks you are trying to test. With this tool you can crack WEP in no time, capture WPA2 handshakes for offline cracking, and exploit WPS enabled Access Points. You can also use different antennas, like the Yagi ones in my kit.

WiFi Pineapple

The WiFi Pineapple is another wireless auditing tool. It comes with two antennas, which can be swapped for other antennas. The Pineapple can do recon of access points in an area, exploits on those access points, or act a free, open WiFi network. If a person were to connect to the open network you can utilize the Pineapple to act as a man in the middle and strip out packets, spoof DNS, capture credentials, and much more. The WiFi Pineapple is sold by Hak5 and is a great, fun tool to use.

Yagi WiFi antennas

To help increase the distance for my wireless testing I purchased two directional Yagi Antennas. These antennas can connect to the Alpha Networks Card or the WiFi Pineapple. These antennas were around $20 dollars for the two on EBay.

USB Rubber Ducky

The USB Rubber Ducky is the ultimate Social Engineering tool. This looks like a common thumb drive, but it is far from that. It is actually a keystroke injection attack platform. Basically it acts like a keyboard when plugged into a person’s machine and automatically types out commands. The commands are placed on the rubber ducky via a simple scripting language, saved to a Micro SD card, and inserted into the rubber ducky. These scripts can execute programs, save files and FTP them to remote locations, insert backdoor connections to machines, and many more things. A pen tester could drop the device in a common area in the hopes a user will plug it in. The rubber ducky can execute commands very quickly, making it an ideal tool to use when testing physical security. If you are able to get in front of a machine, plug the rubber ducky in and let it run the scripted commands while you do some more exploring around the complex. Of course, you’ll need to have it configured prior to using it.

NooElec USB RTL-SDR

The NooElec USB RTL-SDR is a mini Software Defined Radio USB device. It comes with a small antenna, but you can purchase a larger replacement if you want. With SDR, a pen tester could test anything that run over radio waves, not just WiFi. Things such as smart meters and RFIDs are a few examples. I’m new to SDR, but have had some fun with it like picking up the local Fire/EMS/Police dispatch. This device is very inexpensive, around $20.

Maxpedition Lunada Gearslinger Bag

No Pen Testing kit is complete without a tacticool bag to carry it all in. The maxpedition bag is very durable and can store everything I carry, with the exception of the yagi antennas. These can actually be strapped to the sides if necessary with the use of the MOLLE system. The bag is not very big, but can pack in an IPad or netbook without a problem. Definitely a great bag for when you don’t want to tote around a full size backpack.

My pen testing tool kit took me several years to put together. I’m still modifying it all the time. This is an ever evolving game, and so should your pen testing tool kit.

322 total views, 2 views today

Ham Radio Attic Antenna

About a year ago I obtained my Ham Radio Technician License.  The very first radio I purchased was a Baofeng UV-5R Handheld. This radio was good for listening while driving around, but I needed a good setup in the Cole Command Center. I ended up getting a Kenwood TM-V71a radio with the Kenwood KPS-15 Power supply, that I setup as a base station.

IMG_0116

The setup was fantastic minus one thing, the antenna. Due to my HOA regulations I am not allowed to place a visible antenna on the outside of my house. I debated stringing one in a tree behind my house, but decided against it. After some research I decided the best thing to do would be to install an attic antenna.

The antenna I purchased was a Comet GP-1 from the antenna farm, Link.

IMG_0558

The second problem I ran into was the fact that there were no wall plates designed for the connections for this antenna and radio.  I searched all over looking for something that mirrored a tv coax wall plate, but for the PL259 connector, but came up with nothing. I ended up purchasing a female2female PL259 connector and a blank wall plate. After some measuring I drilled out the blank wall plate and placed the connector through it.

IMG_0327

IMG_0328

The next step in the process was to cut the wall plate hole and drop the coax cable from the attic to the wall plate. I had an old phone drop that I removed off the stud and replaced it with a hollow wall drop and the new custom plate.

IMG_0329

IMG_0330

IMG_0331

Once the cable was connected to the back of my radio everything worked like a champ. I can hit the local repeaters with no problems and have even made a direct contacts about 45 miles away.

358 total views, 1 views today