Setup VNC Server in BT5 r3 KDE

1. Install vncserver – ‘apt-get install vnc4server’
2. Run – ‘vncserver’
3. Setup 8-character password
4. Edit xstartup – ‘vi ~/.vnc/xstartup’
5. Comment out entire file
6. Append the following three lines to the file:
   • export XKL_XMODMAP_DISABLE=1
   • exec ck-launch-session startkde
   • exec pcmanfm –desktop
7. Run – ‘vncserver -kill :1’
8. Run – ‘vncserver’

You then just need to install the free VNC Viewer on the client machine and make sure to add ‘:5901’ to the end of the IP address of your new vncserver.

VxWorks Debugging with BT5r3

I had to make a few modifications to the code referenced here in order to get it running in Backtrack 5 r3.

Download and extract the tarball

1. Download the tarball, extract to an easy to locate directory (e.g., /pentest/forensics/vxworks/).
2. Navigate to the directory and extract the files (‘tar zxvf filename.tar.gz’)

In the vxworks_mem_search.rb file, make sure the that you put the entire location to the vxworks_collide file in line 4, e.g.,

• require ‘/dir/dir/…/vxworks_collide’

To help with encoding issues, place the following at the beginning of the file

• # encoding: UTF-8

And then at the line where the file is reading the memory_data (“memory_data = File.read(input_file)”) add the following right after the closing parenthesis:

• .force_encoding(“ISO-8859-1”).encode(“utf-8”, replace: nil)

Save the file.

Run the file with the following command:

• ruby vmworks_mem_search.rb lookup.txt dump.mem (where dump.mem is the memory dumped using the corresponding metasploit exploit module)