Tuesday, January 30, 2018

SNMP with Synology NAS

In a post from November I'd mentioned trying to get this to work and failing:

"Update (For the life of me, can't get this to work): http://blog.tafkas.net/2015"/01/15/monitoring-a-synology-diskstation-with-munin/
"

 Now I finally got it working. The key was to make sure that when the article says "Therefor create a file inside /etc/munin/plugin-conf.d/ folder with the name of the host (e.g. diskstation) containing two lines:" that I used the FQDN as returned from a ping. I finally got the pihole working with the Ubiquiti by setting the local LAN to use it directly and the router as secondary DNS, and added some entries to the pihole's /etc/hosts file to map to certain hosts with the domain (e.g. server.homenet). Then the file in /etc/munin/plugin-conf.d/ was named server.homenet and included the following two lines:

[snmp_server.HomeNet_*]
env.community secret_string

I also included the following in munin.conf:


[server.HomeNet]
    address 127.0.0.1
    use_node_name no

And made sure to restart munin-node and munin on the Munin server itself. 

Update: The same process can be followed for any device that supports SNMP, such as a router.

Wednesday, January 24, 2018

So much yet to learn

A recent pentest exposed to me in more full gory detail how much I still don't know about working in AD and various terminologies. For the first time in a while I was able to successfully capture and crack NetNTLMv2 hashes captured using Responder. However I was stymied by metasploit's psexec not working, until I stumbled across CrackMapExec and found that requests spawned with WMI work but psexec didn't. Then I slowly made my way to various systems and discovered that I don't know nearly enough what can actually be done with Domain Admin. I could even potentially use impersonization/delegation tokens for DAs but decided not to.

So now my priority goals going forward are two-fold:

1. Set up an Active Directory lab at home. There are plenty of guides available. Most likely it would be on my Thinkpad T460p, which was purchased almost specifically for this purpose. (Now if I can just get it to stop shutting off every time the battery wiggles inadvertently...) This gives it the element of portability.

2. Really practice with some VMs. Set up some sort of environment which requires heavy use of Metasploit and meterpreter to obtain elevated privileges/credentials/access/whatever. That way I won't flail around when encountering an AD environment.

Of course I'll also finish setting up the new EdgeRouter X courtesy of this guide: https://github.com/mjp66/Ubiquiti. I would never have managed the job without this document. The only things remaining are resolving some DNS issues, getting the Tor relay back up and running either on its own untrusted network or SSH-limited on the same home network, and changing the Edgerouter to use DNSMasq and getting the pihole to serve DNS requests instead.

 

Monday, January 22, 2018

Installing Veil Evasion in Kali Linux

This issue could be specific to this laptop model - which is an HP Elitebook 8460p, but if not I hope someone will find this information useful. If installing Veil from https://github.com/Veil-Framework/Veil-Evasion, you may encounter a problem after restarting the machine where X (window manager) just won't start. For reference, I use Gnome on Kali 2017.2. The problem is that the installation of Wine performed as part of the Veil install removes three critical packages:

libqt4-opengl-dev libglu1-mesa-dev libgl1-mesa-dev. An apt-get install of these should fix the issue. I would recommend adding these back after the Veil install has finished, or you'll need to boot into safe mode, bring up a network interface (for eth0 on a DHCP-enabled network you can plug in a network cable and start NetworkManager), and then install from there.