Date post: | 28-Jul-2015 |
Category: |
Documents |
Upload: | jelmer-de-reus |
View: | 32 times |
Download: | 6 times |
6/16/2015 Postinstall configuration of BackBox Linux 3 | SinFlood.NET
http://sinflood.net/?p=104 1/10
Postinstall configuration of BackBoxLinux 3Posted on December 16, 2012
In the previous article, we have setup a VM with the BackBox 3 distribution.
See Getting started with BackBox 3 on Windows 8 with HyperV
To be able to use some of our favorite tools, we need to take a few postinstallation steps:
Update pentesting frameworksSetup the OpenVAS FrameworkSetup the PostgreSQL backend for Metasploit FrameworkStart msfconsole and let MSF store it’s data in PostgreSQL
Update pentesting frameworks
Navigate to the ‘Update’ folder in the start menu and run each of the update scripts. Enteryour password and run the next update one. You can run all of these at the same time. It willtake a while, however.
SinFlood.NETblogging on network technology & security
6/16/2015 Postinstall configuration of BackBox Linux 3 | SinFlood.NET
http://sinflood.net/?p=104 2/10
After running the update scripts, there’s still a few things that need to be configured for someof the services and applications. In the following parts, we’ll setup the tools we need to startusing the security toolkit for security auditing in a followup article.
Setup the OpenVAS Framework
If you haven’t updated this part yet, do it now by selecting “openvas” from the update folderin the Gnome start menu. At the end of updating, it will reload the plugins and start and stopall services.
6/16/2015 Postinstall configuration of BackBox Linux 3 | SinFlood.NET
http://sinflood.net/?p=104 3/10
While the services are stopped, you need to reinitialize the database of fingerprints so the updates can be used by the openvas scanner. Run the following command to reinitialize thedatabase.
$ sudo openvasmd rebuild
It might take quite a while when it runs the first time. Create an OpenVAS administrative account
Issue the “openvasadduser” command to start a wizard for user accounts on OpenVAS. Fillout the form, hit “CTRL+D” at the “rules” section and confirm to add the user like below
6/16/2015 Postinstall configuration of BackBox Linux 3 | SinFlood.NET
http://sinflood.net/?p=104 4/10
Start OpenVAS services and login to the web frontend
$ sudo openvasservices start
This command will take a while since it needs to load all components and plugins again.
The Greenbone Security Assistant is a web frontend for OpenVAS that is also started. Itlistens on port 9392 by default. If you’re not sure, use “netstat”
Now let’s open a browser and login to URL “http://localhost:9392”
6/16/2015 Postinstall configuration of BackBox Linux 3 | SinFlood.NET
http://sinflood.net/?p=104 5/10
In a followup article we’ll be getting more into the details of vulnerability scanning withOpenVAS. You can stop the OpenVAS services by using the command line or the startmenu folder called “services”.
6/16/2015 Postinstall configuration of BackBox Linux 3 | SinFlood.NET
http://sinflood.net/?p=104 6/10
For now, let’s continue with the postinstallation steps and configure a database backend forthe Metasploit Framework.
Setup the PostgreSQL backend for Metasploit Framework
In the Metasploit Framework and in other tools, you might want to store information in adatabase. To be able to do this, we need PostgreSQL running, and we need a user accountand database to start off with.
Start PostgreSQL server
First, you need to start the PostgreSQL server. You can run the startup script in the“services” folder in the start menu or using the following command
$ sudo /etc/init.d/postgresql start
Create a database and a user
We need to switch user to “postgres” to create these objects, like below. The “P” switch isused to add a password to the user account. Otherwise, it won’t let you authenticate.
6/16/2015 Postinstall configuration of BackBox Linux 3 | SinFlood.NET
http://sinflood.net/?p=104 7/10
Create a database for the new user and switch back to your own user account
postgres@BB3:~$ createdb owner=dbadminos T template0 MSFDB01
postgres@BB3:~$ exit
Launch Metasploit’s “msfconsole” and connect to your database
If you haven’t already updated the Metasploit Framework, do it now using the “msfupdate”command
$ sudo msfupdate
$ msfconsole
First, we need to check the current database support with “db_status”. The “db_connect”command with the “h” switch will show the required parameters for connecting to a databaseserver.
6/16/2015 Postinstall configuration of BackBox Linux 3 | SinFlood.NET
http://sinflood.net/?p=104 8/10
Finally, let’s connect to our database
msf> db_connect dbadminos:[email protected]/MSFDB01
Note that you can use separate databases to store your information for various clients ordepartments. This is why the user account in PostgreSQL is configured to be able to createmore databases. The command “db_connect” can now be used for new databases by justreferencing to a different name than “MSFDB01”. If this is the first time that we connect to this database, it will setup the tables andproperties Metasploit Framework needs from a database. Issue the “db_status” command again to verify it’s connectivity:
Create a workspace within your new database
In “msfconsole” you can also store data in separate workspaces to create a better overviewof things like various parts of an infrastructure or various types of target operating systems. The current workspace is “default”. To add a workspace, issue the “workspace” command.The following options are available
6/16/2015 Postinstall configuration of BackBox Linux 3 | SinFlood.NET
http://sinflood.net/?p=104 9/10
3 THOUGHTS ON “POSTINSTALL CONFIGURATION OF BACKBOX LINUX 3”
Let’s create workspace “customer1dmz1” and list the active workspace to be sure
Connect back to the default workspace
msf> workspace default
Wrapping up
The most important tools have been configured and can now be used to have some fun withBackBox Linux 3 in a security audit. In the upcoming article, we’ll do a lab example of a security audit with the following sections:
Modify the OpenVAS scanning configurationScan a host with the Greenbone Security AssistantImport the results into Metasploit FrameworkExploit the host using Armitage and msfconsoleDiscuss and execute various postexploit tools
This entry was posted in HOWTO's and tagged backbox linux, metasploit, openvas,postgresql by jelmer.dereus. Bookmark the permalink [http://sinflood.net/?p=104] .
Lukeon January 10, 2013 at 4:45 pm said:
Thanks for this article! I am looking forward to your upcoming articles for BackBox
6/16/2015 Postinstall configuration of BackBox Linux 3 | SinFlood.NET
http://sinflood.net/?p=104 10/10
Comments are closed.
and definitely urge you to continue writing your tutorials.
Jelmer de Reuson January 10, 2013 at 7:15 pm said:
Hi Luke, thanks for your reply. I’m currently working on the next article whichis a ‘simple exploit tutorial’.Your reply is extra motivation to get it done.
stick around
noemon January 12, 2013 at 6:50 am said:
excellent . thanks. eloquently put. will wait for next.