Sunday, February 17, 2019

How to Linux or Something Like That

I am by no means a Linux expert, but at work I am the one they tend to defer to with "how do I Linux" questions. So maybe it would be worthwhile to make a small beginner guide on how to at least pretend you know what you're doing. So let's get out the basic "gotchas" of Linux and some semantics.

Linux is a kernel. Linux is to Ubuntu (or whatever you flavor is) as Windows NT is to Windows 7. I sometimes com across those snarky "Linux isn't an OS" comments online and it gets annoying, but this is the brief explanation to those.

Linux itself comes in different distributions referred to as "distros" or "flavors." If you're gonna talk about Mint, flavors seems like the better term, although it may get weird when you talk about Puppy being your favorite flavor. Sometimes different distributions are just the same one with a different desktop environment (DE) or software pre-loaded on it. Some desktops include things like Gnome, KDE, X11, xfce, MATE, LXQt, etc. There are a lot of desktop environments. To further add to some confusion, there are also window managers (WM) like xmonad, i3, and a million other ones. When discussing with others the environments they use, it can get complicated and layered because everyone uses a million and one things just to stick two windows on the screen at just the right location and spacing.

Personally, I use things mostly default because I often have to move around to a lot of different environments. I use CentOS minimal (no DE), Kali, Windows 7, Windows 10, Mac OSX Sierra, Ubuntu and various derivatives of, just to name a few.

If you're looking to pick the right distro for you, you can check out Distro Watch, they keep up to date on everything. Browsing there, you can find quite literally hundreds to choose from. Each one varies to some extent with the file structure, commands, or general way of doing things.

One of the big things for people starting out is the package manager. Without being able to install software, there are limitations for those that don't just make things themselves and package managers are the biggest help. It's one of the things that I loved when starting out with Linux. You can download or keep up-to-date all of your software in a simple manor. Each distro has its own way of doing things. Debian based has aptitude, RedHat based has yum, Arch based has pacman, and so on. Most have some form of package tool and special format.

I'm on Kali right now, so if I want to update all of my stuff, I may do something like:

apt-get update && apt-get upgrade -y

This is really dependent on what distro you're on, what kind of updates you're getting (like if you're on a rolling distro), and the like.

Now a brief look at file structures. The root file is /. It contains a handful of folders such as bin (user binaries), boot (boot files), dev (device files), etc (configuration files), home (user folders), lib (libraries), mnt (mount), opt (optional apps, usually ones you install outside of a package manager will end up here), proc (process information), root (root user, not to be confused with the file root), sbin (system binaries), srv (service data), tmp (temporary files), usr (user programs), and var (variable files such as logs, default web root for web services, etc.). Chances are you actually have many more than that, and it all depends on the distribution. I'm personally a fan of how Linux handles devices in the dev folder allowing you access to devices in similar ways you interact with files.

Shells. Your shell on a Linux system is an invaluable tool for when all else fails. Knowing how to use it is immensely helpful, and customizing it to make it your own is very satisfying. Most variations seem to default to Bash (Bourne Again Shell), based off of the Bourne Shell. There are numerous other variations such as Korn shell (ksh), Almquist Shell (ash), Dash (default for recent debian distros), C shell (csh), tcsh (unix compatible c shell that Mac used for a while), Friendly Interactive shell (fish), Z shell (zsh), and many more. Most of them have cross compatibility with minor changes here and there for syntax and the big distinction being how they handle interactive sessions.

Personally, I use zsh with Oh-my-zsh!, and tmux (a terminal multiplexer) when I'm getting down and dirty. For scripting, I stick to good ol' Bash... or Python or Tcl, depends on what I'm doing really. Tcl seems to pop up at random and I use it at work for a custom backup script for the many switches we have (with expect).

Some of the more basic things you would do to get started on Linux and really grab into the shell is basic file navigation and text editing. When it comes to text editing, I love Vim. My favorite thing about Vim/Vi is how quick and easy it is to do stuff when you know what you're doing. My second favorite things is when people copy a command with vi or vim in it and have no idea what they're doing. You see kids, Vi is a visual text editor that requires knowing commands in it to edit, save, and even exit it. There is also nano, which is to speed with most newcomers, but not every distro comes with it. So let's go over a quick and incomplete Vi/Vim lesson!

To quit the program you type :q
To move the cursor, you can use arrows or h (left), j (down), k (up), l (right)
To insert text (go into insertion mode), i inserts on the cursor, a inserts after, I inserts at the very beginning, A at the very end of the line
To stop inserting, press esc
Backspace doesn't always work, delete always does, x will delete when not in insertion mode
To save you type :w
To save and quit you can type :wq or :x
To quit without saving, you type :q!

There are also ways to copy and paste, regex substitute, find, and all sorts of things. If you start getting used to it now, you can soon start to learn all the other cool things.

Let's say we want to edit the hostname on a computer. We do something along the lines of:

cd /etc
vim hostname

Then press i, type in the hostname, press esc, then :wq
We can then restart the computer. So what are some quick and easy commands to get started?

cd <directory> (change directory)
mkdir <directory> (make directory)
touch <file> (create a file)
rm <file> (remove a file)
cp <file1> <file2> (copy a file)
mv <file1> <file2> (move or rename a file)

There are a lot of commands, and it changes from system to system to some degree. Without getting into one specifically, it's hard to go too in-depth.

So how do you pick a distro for you to get started? Major distributions are a good start with the large communities and lots of documentation and tutorials. Ubuntu, Mint, CentOS, Debian, Fedora, Manaro are just a handful of some of the major ones. I personally started out with Ubuntu. With Ubuntu I could do everything with GUI and introduce myself into command line stuff at my own pace. After that, I learned how to configure and run systems entirely from the command line.

Saturday, February 16, 2019

ROT Cipher in Python

Recently I was messing around with some stuff and kept needing a Caesar Cipher deciphered and kept using some not-so-good online ones. So what better thing to do than make one myself. Why even stop at a Caesar Cipher and just make an adjustable ROT tool. So rather than copying one that probably works better and has a nicer design, I made my own.

#!/usr/bin/python3
#
# Made by: Matthew DeSantis
#          www.anarchy46.net

import sys
import os

# Upper case limits
CAP_MIN = ord( 'A' )
CAP_MAX = ord( 'Z' )
# Lower case limits
LOW_MIN = ord( 'a' )
LOW_MAX = ord( 'z' )

# Rotate the characters
def rotate ( offset, c ):
    o = ord( c )
    # Uppercase
    if o >= CAP_MIN and o <= CAP_MAX:
        o = o + offset
        # Loop back to beginning
        if o > CAP_MAX:
            o = o - CAP_MAX + CAP_MIN - 1

        # Loop back to end for backwards
        elif o < CAP_MIN:
            o = CAP_MAX - CAP_MIN + o + 1

    # Lowercase
    elif o >= LOW_MIN and o <= LOW_MAX:
        o = o + offset
        # Loop back to beginning
        if o > LOW_MAX:
            o = o - LOW_MAX + LOW_MIN - 1

        # Loop back to the end
        elif o < LOW_MIN:
            o = LOW_MAX - LOW_MIN + o + 1

    return chr( o )

# Cycle through the string
def cipher ( offset, text ):
    output=''
    for t in text:
        output += rotate( offset, t )
    return output

if __name__ == '__main__':
    try:
        # Max rotation offset
        max_off = CAP_MAX - CAP_MIN + 1
        offset = int( sys.argv[1] )
        # Get the offset from max (like if 27 is in and max is 25, you get 2)
        # Then set positive or negative
        offset = offset and (abs( offset ) - abs( max_off * int( offset / max_off ) )) * (offset / abs( offset )) or offset

        # Text is passed via args
        if len( sys.argv ) > 2:
            text = " ".join( sys.argv[2:] )
            eol = os.linesep

        # Or text is passed via pipe (./rot.py 13 < example.txt)
        elif not sys.stdin.isatty():
            text = "".join( sys.stdin.readlines() )
            eol = ''

        # No text!
        else:
            raise Exception( "Missing text!" )
        print( cipher( int( offset ), text ), end=eol )

    # Not a valid number or the like.
    except ValueError:
        print( "Invalid type." )
        exit( 1 )

    # Catch anything else because oops.
    except Exception as err:
        print( err )
        exit( 1 )


So saving this as rot.py, I can use it for stuff in the terminal:

./rot.py 13 This is a secret message

Or I can use it to decrypt a file:

./rot.py -13 < secret.txt

I tried to make it as flexible as possible. Decryption can be done by using a negative, or you could cipher it negatively, whatever makes you happy. My math for doing the offset is a bit of evil. The idea is to rotate no more than once around while preserving which way around it goes. There are most certainly better ways to do it, but I was feeling "artistic."

Sunday, February 10, 2019

Free Imaging Server for Deployment

Free is always nice. All businesses love the idea of cutting costs. Sometimes the free stuff can even offer more and better options. Will that be the case here? I don't know. What I do know is that at work we cut costs in almost any way imaginable and this is one way.

FOG Project

This is a very nice solution for the mass deployment and management of operating systems. It is compatible with Windows, Linux and Mac OSX, which is rather impressive. So let's get into a broad overview of the installation and features.

For setting up the server, it's fairly straight forward. I have had the best luck with CentOS, but we have also ran it on Ubuntu. When I tried doing another Ubuntu install when upgrading some things, various issues popped up. I would also recommend that when you create an /images folder for it to store the images that you make it a separate partition or hard drive. I had an issue with some folders using too much room and leaving the OS in an unbootable state and if I had the files separate, recovery would have been easier.

The setup also offers for the server to function as a DHCP and/or DNS server, so making a standalone for a deployment when the necessary server infrastructure might not be there is a good thing to have. This can let you create a quick and easy deployment environment with out too much work. There is also a way to set up multiple servers where others act as storage nodes, which can increase the deployment speed.

The IPXE boot menu for Fog offers a lot of options to customize it. You can change the colors and styles. You can also change the boot method after between options in GRUB or to boot to rEFInd.

There are the basic deploy and capture image options. You can also register a host, will take an inventory and allow for you to manage it in many ways. This can include changing the name, joining a domain, debugging, memory tests, hard drive checks, file recovery, reset local passwords, wake on lan, virus scanning, hard drive wiping, and snapins. It can also deal with printers, keep a login history, schedule powering off, auto-logouts, and this is all just some surface level overview.

There is an ability to group together computers for mass deployments and managing. I use it when setting up computer labs or any group that I could potentially need to install the same software on all of them.

The image management is fairly straight forward. Of course it resizes the partitions for you to take up all the space necessary.

Snapins are very useful. You can create Batch scripts, Bash scripts, Powershell scripts, VB scripts, and send out MSIs. You can essentially create a nice base image, then add extras or tweak with snapins.

After that, there are options for managing printers, printing out reports, and lots of settings you can tweak.

As a basic example of what I would normally do, let's assume I need to deploy an image for a computer lab. After registering each computer to Fog with a name and adding it in a group together, I would then deploy an image and have it join to the domain. After that is all set up, I would then deploy a snapin for the Lanschool MSI for the students. The teacher computer would be kept separate, but I can use snapins to install the Lanschool teacher console and any extra software. In cases where the installer is not an MSI, I would use a batch script with a Samba share that hosts the exe.

With all of those hots registered, I can then use the wake on lan feature to turn them on when needed to remote into them and work. I can also use snapins to deploy simple batch scripts to do various things (personally, I prefer to use PsExec for simple things).

It's a nice tool with lots of features and instructions how to do almost anything you could want.

Monday, February 4, 2019

Windows 10 Sysprep Full Unattended Setup

At work I tend to deal with creating the image we use for distribution of our computers. Windows 10 was a rather unique challenge of anything that could go wrong, did. We use Windows 10 Professional. Here's just a quick list of versions:
  • 1609 - Works, but updates can get stuck, requires different UAC on a domain
  • 1703 - Skipped, updating to worked fine, requires same UAC settings same as 1609
  • 1709 - Skipped, updating sometimes broke the system files, UAC settings same as 1609
  • 1803 - Could not get to work, updating to it broke permissions making searching impossible unless you were a pre-existing admin
  • 1809 - Works, requires slightly different Unattend, works with domain settings and UAC used for Windows 7
(UAC settings need Admin Approval mode enabled and all Admins to run in Admin approval mode)

Common issues I ran into included:
  • Users logged in were unable to use search features
  • The very first login may appear okay, but any after that break
  • Warnings about running programs as an administrator (UAC settings in domain can fix this)
  • Unable to apply all group policies without numerous attempts
  • Creating the .clg file needed has only worked for me once
  • Enabling .NET 3.5 in Windows features
  • Shutdown not working correctly
Currently I am trying to only work on a 64 bit image, we're in the process of phasing out 32 bit. So now let's do a walk-through and with any luck someone will find this helpful, maybe even help me fix problems I've come across. I'll be doing the most recent at the time, 1809.
So the first and obvious step, install Windows 10. After installed and gets ready for setup, press Ctrl+Shift+F3. Get into Windows and get it started on updates. After that, you can install any software you need to. I personally try to install everything through Chocolatey, and I may include setting that up in another post.
So let's talk about enabling .NET 3.5. To do this, you need the Windows 10 installation disc in, and let's assume that it's the D drive (adjust to your needs). You then use the command:

DISM /Online /Enable-Feature /FeatureName:NetFx3 /All /LimitAccess /Source:D:\sources\sxs

After that, your .NET 3.5 should be enabled.

Now at this point, we should direct our attention to the unattend file. On another computer, install the Windows ADK (make sure the computer is the same architecture). From what I've read, some say to create an unattend using the install.wim on the iso, others say turn a blank Windows 10 installation to a wim and then use that. Both fail when creating the .clg file for it after a while of sitting there trying. One day after it said it failed, a .clg file magically appeared. Why or how, I don't know. Rather than walk anyone through the process, I'll just include the .wim and .clg file. If anyone knows why it fails making the .clg file, let me know.

WIM
CLG

So here's the bear minimum settings I found I needed to get the installation to go through. Keep in mind, it still flashes the setup for a moment, I think it's just because the network takes a minute to figure itself out. Open up Windows System Image Manager and create a new Unattend using the WIM file. Then add these settings at minimum:

  • amd64_Microsoft-Windows-Security-SPP_neutral -> Pass 3 Generalize
    • SkipRearm set to 1
  • amd64_Microsoft-Windows-Deployment_neutral -> Pass 4 Specialize
    • ExtendOSPartition
      • Extend set to true
    • Delete other options that appear
  • amd64_Microsoft-Windows-Shell-Setup_neutral -> Pass 4 Specialize
    • ComputerName set to *
    • Set your product key
    • Set your timezone
    • Do NOT put in anything for copy profile, that breaks the search feature for users setup after the installation
    • Delete all the other sub pieces that show.
  • amd64_Microsoft-Windows-International-Core_neutral -> Pass 7 oobe System
    • InputLocale set to 0409:00000409 for en-US
    • SystemLocale set to en-US
    • UILanguage set to en-US
    • UserLocale set to en-US
  • amd64_Microsoft-Windows-Deployment_neutral -> Pass 7 oobe System
    • AutoLogon should be set if you need any of that set with enabled to true and logoncount to 2
      • Set a password if you want it to autologon
    • FirstLogonCommands is where you are going to set any Post-SysPrep stuff that should supercede a logon, add as many as you need with whatever you need
    • Under OOBE you need all of these to skip the setup:
      • HideEULAPage true
      • HideLocalAccountScreen true
      • HideOEMRegistrationgScreen true
      • HideOnlineAccountScreens true
      • HideWirelessSetupInOOBE true
      • ProtectYourPC 2
    • UserAccounts needs at least the administrator password to skip past the login
      • You can either set the AdministratorPassword or right-click on LocalAccounts and create one if needed
After that is done, you should be ready to load what you need on the computer to create an image with and get that going. So let's talk about that.

First we need to copy over our unattend.xml file we so painstakingly made. I copy this to C:\. Now there is a cleanup we can do, using the SetupComplete.cmd that will get ran automatically after. So do that, we need to create the directory C:\Windows\Setups\Scripts. Then let's create a file called SetupComplete.cmd in that folder and open it with notepad. We need the following commands for a decent cleanup:

DEL /Q /F C:\Windows\System32\sysprep\unattend.xml
DEL /Q /F C:\Windows\panther\unattend.xml
DEL /Q /F C:\unattend.xml
DEL /Q /F C:\Windows\Setup\Scripts\SetupComplete.cmd

This will remove all the traces of our unattend file and then itself. With that being setup, we need to run the sysprep. So do this, just run the command:

"C:\windows\system32\sysprep\sysprep.exe" /generalize /oobe /reboot /unattend:c:\unattend.xml

Word of caution, this will reboot the computer, not shut it down. I've had to use reboot because shutdown does not shut down Windows properly, it hibernates. That means after you boot back up, it just drops you back where you were until you tell it to restart. At one point shutdown worked, but I had other issues around then and I think it was because I changed the shutdown procedure.

Anyway, that's a rough guide for setting up a Sysprep of Windows 10 x64 version 1809 to install and skip past the setup. Hope it helps anyone having issues with this.

Monday, December 24, 2018

Preparing and Taking a Certification Test

Despite how many people hate it, we judge education and skills with standardized tests most of the time. As a result, most certification tests are standardized tests. Of course there are exceptions, but in most cases you will run into standardized tests. Personally, I've always had poor test taking skills. Despite this, I've passed all but one certification on the first try and the one I failed was in the beta phase anyway. So here's my advice on how to pass.

Now the first obvious thing to do is study. Today you have a huge selection of options to choose for studying. You can choose between instructor-taught courses to self-study. In my opinion, instructor taught courses are over priced and offer very little added benefit for anyone who is at least a hobbyist in the subject matter. That is not to say you shouldn't try it out, I just think most of them are fairly expensive for what you are getting and co-workers that use it do not seem to have any more of a leg up. Then of course there are books you can buy and study guides you can download.

I've done all of my certifications through CompTIA so far and I use the Certmaster tool. I find there are two main benefits. The first is that since it is made by the people that make the test, it covers almost all the material necessary. The second thing is they also word the questions in a similar manner, so it mentally prepares me to be able to read and understand the questions on the test. The wording of questions is the big thing, because I wonder if English is their first language or somewhere down the line a fifth of sixth.

Study guides and topic outlines are also useful to read over. They often can include things you can do your own research into. For me, this research leads to tools and techniques to actually try.

Actually trying the techniques, tools, and methods that you are studying is probably the best way to hammer the ideas into your head, coupled with an understanding of the practical application involved. Say you read about nmap and have never tried it before, simply do some googling and then try out the tool. In some instances, it's hard because you might not have access to the tool or program or have a setup to try the technique. In those cases, you may still have a way to set it up with some virtual machines or maybe find demos and screenshots online. Anything to further familiarize yourself with the content.

Books. I like having physical books. Problem is, they eventually go out of date. Make sure if you buy a book that it is a version that is useful to you. Check the publication date, any reviews, and any information that indicates that they are worth reading. Then make yourself a library. Knowledge is power.

Time. Take your time studying. Study a little bit every day.

Refresh earlier information as you go. Read acronyms as the words they represent. Take practice quizzes and try to answer without looking at the multiple choice answers. Try to teach others around you what you've learned, even if they yell at you to shut up or keep saying they have no idea what you're talking about.

So now you are prepared to take the test. How can you take a test any different to optimize your chances? The first thing is to go through the whole test, even questions you are not sure of. When you come across a question you are not sure of, first eliminate all the answers you know are wrong, then guess with the remainder. Make sure you pay attention as you go, as one question may have an answer for another question in it. I've had questions where after I eliminate all possibilities I know are wrong, I have one answer left which helped me answer another question by eliminating one of the two options I had narrowed it down to.

Okay, so you got through the test, and look! Still time on the clock. Do not end the exam yet, go back to the beginning and start over. More often than not, I find questions that when I'm on my second run, I look at the answer I picked and realize that I had misread the question. So go through and look for errors, look for answers other questions gave you, look to find what you did wrong.

Now you made it through again. Maybe there's still time on the clock. Use it. Go through again and again until that time runs out. Maybe you're just clicking next and not changing anything, but each time you go through you should be more certain of your answers than the next.

Times up, exam ended. You passed? Great! You failed, don't fret. If you do fail, even after all that work, try to keep all the questions you can remember. Go home, try to get the right answer. Go through all your study material with all the questions of that test in mind, then try again.

There's no magic method that will make you always pass, no perfect study material. You just have to be willing to try.

Tag Cloud

.NET (1) A+ (2) addon (2) Android (2) anonymous functions (1) application (5) arduino (1) artificial intelligence (1) bash (3) camera (1) certifications (3) comptia (4) css (1) customize (9) encryption (1) error (11) exploit (4) ftp (1) funny (2) gadget (3) games (2) GUI (2) hardware (7) haskell (6) help (3) HTML (1) imaging (2) irc (1) java (2) javascript (11) Linux (15) Mac (3) malware (1) math (4) network (6) perl (2) php (3) plugin (2) programming (14) python (10) radio (1) regex (2) security (13) sound (1) speakers (1) ssh (1) story (1) Techs from the Crypt (2) telnet (1) tools (9) troubleshooting (4) Ubuntu (4) Unix (2) virtualization (1) web design (4) Windows (8) wx (1)