- 1电脑维护全攻略:让你的“战友”焕发新生
- 2大学生搜题软件,未来可期吗?
- 3【踩坑】修复Android Studio中的“module java.base does not open java.io to unnamed module”_module java.base does not "opens java.nio" to unna
- 4《实战》基于电商领域的词性提取及其决策树模型建模_电子商务词云图
- 5顺序查找算法(SequentialSearch)_sequential search
- 6HTML——动画效果:图片循环横向播放
- 7ros_Install _Kinetic_unable to locate package ros kinetic gmapping
- 8什么是模块化,怎么写一个好的C语言模块?通过标准库,开源库,驱动库学习_c语言模块化
- 9线性代数基础概念:矩阵_矩阵线性代数
- 10适用于Ubuntu的快速安装显卡驱动指南_ubuntu 驱动
ctf实战第一节:kali环境的熟悉:最新ZSH,初始化root密码,环境配置_kali ctf命令
赞
踩
最近国家要求各个部分重视网络安全生产
1、下载《Kali-Linux-2020.3-vmware-i386》最新版,自带ZSH
2、导入vmware15,之前版本报错,估计镜像是基于15做的
3、开机
4、默认只有kali用户密码kali
我想开root
kali@kali:~/Desktop$ sudo su
[sudo] password for kali:
root@kali:/home/kali/Desktop# passwd
New password:
Retype new password:
passwd: password updated successfully
root@kali:/home/kali/Desktop# exit
exit
允许超级用户登录,可以修改 /etc/ssh/sshd_config 配置文件,需将参数 PermitRootLogin 设为 yes
5、默认的是bash,切换zsh和sh看看效果
ali@kali:~/Desktop$ ls -al
total 8
drwxr-xr-x 2 kali kali 4096 Jul 27 13:31 .
drwxr-xr-x 14 kali kali 4096 Oct 1 05:14 ..
kali@kali:~/Desktop$ zsh
┌──(kali㉿kali)-[~/Desktop]
└─$ ls
┌──(kali㉿kali)-[~/Desktop]
└─$ bash
kali@kali:~/Desktop$ sh
$
$
如果您喜欢所看到的内容,可以通过执行将ZSH设置为默认值 (替换bash)chsh -s /bin/zsh
6、默认ssh关闭着呢
查看状态没打开
$ zsh
┌──(kali㉿kali)-[~/Desktop]
└─$ systemctl status ssh
● ssh.service - OpenBSD Secure Shell server
Loaded: loaded (/lib/systemd/system/ssh.service; disabled; vendor pre>
Active: inactive (dead)
Docs: man:sshd(8)
man:sshd_config(5)
┌──(kali㉿kali)-[~/Desktop]
└─$ ssh 3 ⨯
usage: ssh [-46AaCfGgKkMNnqsTtVvXxYy] [-B bind_interface]
[-b bind_address] [-c cipher_spec] [-D [bind_address:]port]
[-E log_file] [-e escape_char] [-F configfile] [-I pkcs11]
[-i identity_file] [-J [user@]host[:port]] [-L address]
[-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port]
[-Q query_option] [-R address] [-S ctl_path] [-W host:port]
[-w local_tun[:remote_tun]] destination [command]
┌──(kali㉿kali)-[~/Desktop]
└─$ systemctl start ssh 255 ⨯
┌──(kali㉿kali)-[~/Desktop]
└─$ systemctl status ssh
● ssh.service - OpenBSD Secure Shell server
Loaded: loaded (/lib/systemd/system/ssh.service; disabled; vendor pre>
Active: active (running) since Thu 2020-10-01 05:17:10 EDT; 5s ago
Docs: man:sshd(8)
man:sshd_config(5)
Process: 1195 ExecStartPre=/usr/sbin/sshd -t (code=exited, status=0/SU>
Main PID: 1196 (sshd)
Tasks: 1 (limit: 4713)
Memory: 2.0M
CGroup: /system.slice/ssh.service
└─1196 sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups
lines 1-11/11 (END)
执行命令 sudo systemctl enable ssh 可以设置 SSH 服务开机自启动
或者
/etc/init.d/ssh start
update-rc.d ssh enable
7、启动Apache服务器:
service apache2 start
netstat -an |more
可以看到有80端口
可以http://localhost/试一下
7其他附带:
添加普通用户
useradd -m -G sudo,video,audio,cdrom -s /bin/bash ssooking
把某个用户添加到组中: sudo usermod -a 用户名 -G 组名
递归更改目录/文件所属用户组: sudo chgrp 用户名 -R MyDocuments/
递归更改目录/文件拥有者:sudo chown 用户名 -R MyDocuments/
使用下列命令来停止服务:
service <servicename> stop
其中<servicename>代表我们希望停止的网络服务,例如:
service apache2 stop
使用下列命令来在开机时启用服务:
update-rc.d –f <servicename> defaults
其中<servicename>代表打算启动的网络服务,例如:
update-rc.d –f ssh defaults
MISC常用工具
Kali中集成了MISC中常用的工具(如wireshark binwalk等,自行研究使用方法)
RE常用工具
Kali中集成了edb,gdb等(类似windows中的ollydbg,自行研究使用方法)
PWN基本环境安装
1.python-pip的安装
kali集成了python2.7,但没有集成pip,需要在命令行输入 apt install python-pip -y
如下载缓慢可以按教程换一下apt软件源 点此查看
2.pwntools安装
在命令行输入 pip install pwntools
如下载缓慢可以按教程换一下pip源 点此查看
一键安装配置脚本
- #!/bin/bash
-
- echo ""
- echo "=========================================================================="
- echo "= Kali Auto Init Tool ="
- echo "= Powered by ssooking ="
- echo "= https://ssooking.github.io ="
- echo "=========================================================================="
-
- echo ""
- echo "[*] 即将自动对kali进行基本配置,建议你根据需要修改脚本。安装配置过程可能需要一会儿,并且由你的网速决定...."
- read -p "[*] 请按任意键继续...."
-
-
- echo "[+] 添加kali源"
- apt-key adv --recv ED444FF07D8D0BF6
- echo "deb http://http.kali.org/kali kali-rolling main non-free contrib" >> /etc/apt/sources.list
- echo "deb http://mirrors.ustc.edu.cn/kali kali-rolling main non-free contrib" >> /etc/apt/sources.list
- echo "deb http://mirrors.aliyun.com/debian stable main contrib non-free" >> /etc/apt/sources.list
- echo "[ok] 添加kali源成功!"
- echo ""
-
- echo "[+] 添加一个普通用户"
- read -p "请输入用户名: " username
- useradd -m -G sudo,video,audio,cdrom -s /bin/bash $username
- echo "请设置用户密码:"
- passwd $username
- echo "[ok] 添加普通用户成功!"
- echo ""
-
- # 安装内核头文件
- echo "[+] 安装内核头文件... "
- apt-get -y install linux-headers-$(uname -r)
- echo ""
- echo "[ok] 内核头文件安装成功!"
- echo ""
-
- # 解决kali启动时静音问题
- echo "[+] 安装 alsa-utils 解决kali启动时静音问题"
- apt-get -y install alsa-utils
- echo "[ok] 安装 alsa-utils 成功!"
- echo ""
-
- echo "[+] 添加PPPoE拨号连接功能"
- apt-get install pppoe pppoeconf
- echo "[ok] 安装PPPoE成功!"
- echo " >> 你可以使用 nm-connection-editor 命令管理pppoe连接"
- echo ""
-
- echo "[+] 添加VPN支持: PPTP IPsec/IKEv2 vpnc network-manager-ssh"
- apt-get -y install network-manager-pptp network-manager-pptp-gnome network-manager-strongswan network-manager-vpnc network-manager-vpnc-gnome network-manager-ssh
- echo "[ok] 成功添加vpn支持!"
- echo ""
-
-
- # Base Tool
- echo "[+] 安装一些必备系统工具:谷歌拼音输入法、垃圾清理工具、截图工具、快速启动工具、软件包管理工具等"
- apt-get -y install fcitx fcitx-googlepinyin flameshot bleachbit gdebi synaptic synapse catfish scrot vokoscreen chromium
- echo "[ok] 成功安装系统必备软件!"
- echo ""
-
- # Server Tools
- echo "[+] 安装服务器连接管理工具:remmina、filezilla"
- apt-get -y install remmina filezilla
- echo "[ok] 安装服务器连接管理工具成功!"
- echo ""
-
- # 美化
- echo "[+] 设置窗口按钮到左侧"
- gsettings set org.gnome.desktop.wm.preferences button-layout 'close,maximize,minimize:'
- echo "[ok] 设置窗口按钮到左侧成功!"
- echo ""
-
- echo "[+] 安装中文字体"
- apt-get -y install fonts-wqy-microhei fonts-wqy-zenhei
- echo "[ok] 安装中文字体成功!"
- echo ""
-
- echo "[+] 安装基本美化工具"
- apt-get -y install zsh screenfetch neofetch figlet peek
- #apt-get -y install cairo-dock
- echo "[ok] 安装成功!"
- echo ""
-
- echo "[+] 删除无用主题"
- cd /usr/share/themes/ && rm -rf Albatross Blackbird Bluebird HighContrast Greybird*
- echo "[ok] 删除成功!"
-
- # Security Tools
- echo "[+] 安装图形化十六进制编辑器bless"
- apt-get -y install bless
- echo "[ok] 安装成功!"
- echo ""
-
- echo "[+] 安装firewalld防火墙及iptables图形化管理工具gufw "
- apt-get -y install gufw firewalld firewall-applet
- #systemctl enable firewalld.service
- echo "[ok] 安装成功!"
- echo ""
-
- # Install sublime text 3
- echo "[+] 安装sublime text 3,速度可能会比较慢"
- wget -qO - https://download.sublimetext.com/sublimehq-pub.gpg | sudo apt-key add -
- sudo apt-get install apt-transport-https
- echo "deb https://download.sublimetext.com/ apt/stable/" | sudo tee /etc/apt/sources.list.d/sublime-text.list
- apt-get update
- apt-get install sublime-text
-
- echo "[+] 解决sublime-text 中文输入问题"
- git clone https://github.com/lyfeyaj/sublime-text-imfix.git
- cd sublime-text-imfix
- cp ./lib/libsublime-imfix.so /opt/sublime_text/ && cp ./src/subl /usr/bin/
- echo "[ok] 修复成功。输入subl命令启动sublime text即可输入中文!"
- echo ""
-
- # Install typora
- echo "[+] 安装 typora,速度可能会比较慢"
- sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys BA300B7755AFCFAE
- echo "deb http://typora.io linux/" | sudo tee /etc/apt/sources.list.d/typora.list
- sudo apt-get update -y
- sudo apt-get install typora
- echo ""
-
-
- echo "[+] 安装 node npm"
- wget https://npm.taobao.org/mirrors/node/v8.9.3/node-v8.9.3.tar.gz
- tar zxvf node-v8.9.3.tar.gz && mv node-v8.9.3-linux-x64 /opt
- ln -s /opt/node-v8.9.3-linux-x64/bin/node /usr/local/bin/node
- ln -s /opt/node-v8.9.3-linux-x64/bin/npm /usr/local/bin/npm
- rm ~/node-v8.9.3.tar.gz
- echo ""
-
- echo "[+] 清除垃圾 ......"
- apt-get clean && apt-get autoclean && apt-get autoremove -y
- echo "[+] Cleaning OK!"
-
- # Install oh-my-zsh
- # 普通用户就以普通权限安装
- apt-get install zsh
- echo "[+] Install oh-my-zsh"
- sh -c "$(curl -fsSL https://raw.github.com/robbyrussell/oh-my-zsh/master/tools/install.sh)"
- echo " Setting oh-my-zsh be the default terminal"
- chsh -s /bin/zsh
- echo ""
-
- neofetch
- echo "[OK] 所有任务完成!"
