Archive

Archive for October, 2012

Setup VNC Server in BT5 r3 KDE

October 30, 2012 Leave a comment
  1. Install vncserver – ‘apt-get install vnc4server’
  2. Run – ‘vncserver’
  3. Setup 8-character password
  4. Edit xstartup – ‘vi ~/.vnc/xstartup’
  5. Comment out entire file
  6. Append the following three lines to the file:
    • export XKL_XMODMAP_DISABLE=1
    • exec ck-launch-session startkde
    • exec pcmanfm –desktop
  7. Run – ‘vncserver -kill :1’
  8. Run – ‘vncserver’

You then just need to install the free VNC Viewer on the client machine and make sure to add ‘:5901’ to the end of the IP address of your new vncserver.

Advertisements

VxWorks Debugging with BT5r3

October 24, 2012 Leave a comment

I had to make a few modifications to the code referenced here in order to get it running in Backtrack 5 r3.

Download and extract the tarball

  1. Download the tarball, extract to an easy to locate directory (e.g., /pentest/forensics/vxworks/).
  2. Navigate to the directory and extract the files (‘tar zxvf filename.tar.gz’)

In the vxworks_mem_search.rb file, make sure the that you put the entire location to the vxworks_collide file in line 4, e.g.,

  • require ‘/dir/dir/…/vxworks_collide’

To help with encoding issues, place the following at the beginning of the file

  • # encoding: UTF-8

And then at the line where the file is reading the memory_data (“memory_data = File.read(input_file)”) add the following right after the closing parenthesis:

  • .force_encoding(“ISO-8859-1”).encode(“utf-8”, replace: nil)

Save the file.

Run the file with the following command:

  • ruby vmworks_mem_search.rb lookup.txt dump.mem (where dump.mem is the memory dumped using the corresponding metasploit exploit module)