Debian 10 Desktop 2021

Una vez arrancamos el sistema, nos logueamos como root y modificamos los sources list.

nano /etc/apt/sources.list

Y agregamos:

deb http://deb.debian.org/debian buster main contrib deb http://deb.debian.org/debian buster main contrib non-free

Hacemos un update y upgrade del sistema.

apt-get update && apt-get upgrade

Instalacion software basico

Para continuar instalaremos el siguiente software como root.

apt-get install git lightdm i3-wm feh sudo unzip rofi p7zip-full rxvt-unicode gcc

Agregar nuestro usuario a sudo

nano /etc/sudoers

Y agregamos la linea:

nuestro_user ALL=(ALL:ALL) ALL

Instalando las VBOX Tools

En nuestra VM en Virtualbox deberemos hacer clic en Devices -> Insert Guest Additions... Una vez hecho, instalaremos las tools ejecutando los siguientes comandos como root.

apt-get install build-essential dkms linux-headers-$(uname -r)
sudo mkdir -p /mnt/cdrom
sudo mount /dev/cdrom /mnt/cdrom
sh ./VBoxLinuxAdditions.run 

Tuneando URXVT

RXVT-Unicode va a ser la terminal que vamos a usar en este tutorial, asi que para darle un poco de color vamos a crear el fichero ~/.Xdefaults logueados con nuestro usuario.

nano ~/.Xdefaults

Y le agregamos el contenido de abajo.

URxvt.transparent: true
URxvt.shading: 20
URxvt*termName: rxvt-256color
URxvt*xftAntialias: true
URxvt*background: #3f3f3f
URxvt*foreground: #dcdccc
URxvt*cursorColor: #aaaaaa
URxvt*colorUL: #669090
URxvt*underlineColor: #dfaf8f
URxvt*color0: #3f3f3f
URxvt*color1: #cc9393
URxvt*color2: #7f9f7f
URxvt*color3: #d0bf8f
URxvt*color4: #6ca0a3
URxvt*color5: #dc8cc3
URxvt*color6: #93e0e3
URxvt*color7: #dcdccc
URxvt*color8: #000000
URxvt*color9: #dca3a3
URxvt*color10: #bfebbf
URxvt*color11: #f0dfaf
URxvt*color12: #8cd0d3
URxvt*color13: #dc8cc3
URxvt*color14: #93e0e3
URxvt*color15: #ffffff
URxvt.scrollBar: false
URxvt*font: xft:Inconsolata:size=10

Instalar rofi

Rofi nos va a permitir lanzar programas.

https://github.com/davatorium/rofi-themes

Echamos un vistazo a los temas que hay, y cuando encontremos un tema que nos guste, nos lo descargamos y guardamos como config.rasi en el directorio ~/.config/rofi.

En nuestro caso usaremos el theme de arthur asi que ejecutaremos lo siguiente, como nuestro usuario:

mkdir -p ~/.config/rofi
cd ~/.config/rofi
wget https://raw.githubusercontent.com/davatorium/rofi-themes/master/Official%20Themes/arthur.rasi -O config.rasi

Instalar fuentes

Para el tema de la fuente e iconos usaremos la Nerd fonts.

Para instalarlas, ejecutaremos como root los siguientes comandos:

cd ~
wget https://github.com/ryanoasis/nerd-fonts/releases/download/v2.1.0/Hack.zip
mv Hack.zip /usr/local/share/fonts
cd /usr/local/share/fonts
unzip Hack.zip
rm Hack.zip

Instalar Polybar

Para instalar polybar primero instalamos los requisitos ejecutando como root los siguientes comandos:

mkdir -p ~/.config/polybar
apt install build-essential git cmake cmake-data pkg-config python3-sphinx libcairo2-dev libxcb1-dev libxcb-util0-dev libxcb-randr0-dev libxcb-composite0-dev python-xcbgen xcb-proto libxcb-image0-dev libxcb-ewmh-dev libxcb-icccm4-dev

Una vez instalado, ejecutamos los siguientes comandos tambien como root.

cd /opt
wget https://github.com/polybar/polybar/releases/download/3.5.2/polybar-3.5.2.tar.gz
tar -xf polybar-3.5.2.tar.gz
cd /opt/polybar
./build.sh

Y con esto ya lla tendriamos instalada. Ahora deberiamos agregar la siguiente configuracion al fichero: ~/.config/polybar/config

;; _-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_
;;
;;          ____        __      __
;;         / __ \____  / /_  __/ /_  ____ ______
;;        / /_/ / __ \/ / / / / __ \/ __ `/ ___/
;;       / ____/ /_/ / / /_/ / /_/ / /_/ / /
;;      /_/    \____/_/\__, /_.___/\__,_/_/
;;                    /____/
;;
;; Created By Aditya Shakya @adi1090x
;;
;; _-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_

;; Global WM Settings

[global/wm]
margin-bottom = 5
margin-top = 5

;; _-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_

;; Bar Settings
[bar/main]
monitor =
monitor-fallback =
monitor-strict = false
override-redirect =false
top = true
fixed-center = true
width = 99%
height = 22
offset-x = 0
offset-y =0
background = ${color.alpha}
foreground = ${color.fg}
radius-top = 0.0
radius-bottom = 0.0
line-size = 2
line-color = ${color.shade5}
border-top-size = 6
border-color = ${color.alpha}
border-bottom-size = 6
padding-left= 1
padding-right= 1
module-margin-left = 0
module-margin-right = 0
font-5 = Material Design Icons:size=12
font-6 = Material Design Icons:size=10
font-0 = fixed:pixelsize=10;1
font-1 = unifont:fontformat=truetype:size=8:antialias=false;0
font-2 = siji:pixelsize=10;1
font-3 = Hack Nerd Font Mono:pixelsize=15;2
modules-left = sep workspaces sep
modules-center = date
modules-right = sep memory sep cpu sep ethernet
separator =
spacing = 0
dim-value = 1.0
wm-name =
locale =
tray-position = right
tray-detached = false
tray-maxsize = 16
tray-background = ${color.bg}
tray-underline = #bf616a
tray-foreground = #282828
tray-offset-x = 0
tray-offset-y = 0
tray-padding = 0
tray-scale = 1
enable-ipc = true
click-left =
click-middle =
click-right =
scroll-up =
scroll-down =
double-click-left =
double-click-middle =
double-click-right =
cursor-click =
cursor-scroll =
;; _-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_

;; Application Settings
[settings]
throttle-output = 5
throttle-output-for = 10
compositing-background = source
compositing-foreground = over
compositing-overline = over
compositing-underline = over
compositing-border = over
format-margin =0
pseudo-transparency = true

;; _-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_
;;
;;         ______      __
;;        / ____/___  / /___  __________
;;       / /   / __ \/ / __ \/ ___/ ___/
;;      / /___/ /_/ / / /_/ / /  (__  )
;;      \____/\____/_/\____/_/  /____/
;;
;; Created By Aditya Shakya @adi1090x
;;
;; _-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_

[color]
bg = #2E3440
bg2 = #3B4252
bg3 = #434C5E
bg4 = #4C566A
fg = #ECEFF4
fg-alt = #4C566A
alpha = #00000000
shade1 = #c5c8c6
shade2 = #d08870
shade3 = #81a1c1
shade4 = #ebcb8b
shade5 = #a3be8c
shade6 = #8fbcbb
shade7= #4c566a

;; _-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_
;;
;;          __  ___          __      __
;;         /  |/  /___  ____/ /_  __/ /__  _____
;;        / /|_/ / __ \/ __  / / / / / _ \/ ___/
;;       / /  / / /_/ / /_/ / /_/ / /  __(__  )
;;      /_/  /_/\____/\__,_/\__,_/_/\___/____/
;;
;; Created By Aditya Shakya @adi1090x
;;
;; _-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_

;; _-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_
[module/date]
type = internal/date
interval = 1.0
time =   %I:%M %p
time-alt =  %Y-%m-%d%
format = <label>
format-underline = #bf616a
format-background = ${color.bg}
format-padding = 1
label = %time%
;; _-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_
[module/memory]
type = internal/memory
interval = 5
format = <label>
format-prefix = 礪
format-background = ${color.bg}
format-underline = #bf616a
format-padding = 1
label = " %mb_used%"
;; _-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_
[module/cpu]
type = internal/cpu
format-background = ${color.bg}
format-underline = #bf616a
interval = 0.5
format = <label>
format-prefix = 菉
label = " %percentage%"
;; _-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_
[module/ethernet]
type = custom/script
interval = 3
format-prefix = 
exec = ~/.config/polybar/ethernet.sh
format-background = ${color.bg}
;format-foreground = ${color.fg}
format-underline = #bf616a

[module/workspaces]
type = internal/xworkspaces
pin-workspaces = false
enable-click = true
enable-scroll = true
label-active-foreground = ${color.fg}
label-active-underline = ${color.fg}
label-active-background = #bf616a
label-occupied-background = ${color.bg}
label-occupied-underline = #bf616a
label-urgent-foreground = ${color.bg}
label-urgent-background = ${color.shade4}
label-empty-background = ${color.bg}
label-empty-foreground = ${color.fg}

;; _-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_

[module/sep]
type = custom/text
content = "|"
content-background = ${color.alpha}
content-foreground = ${color.alpha}
content-padding = 0
prev = ""

;; _-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_
;;          __________  ______
;;         / ____/ __ \/ ____/
;;        / __/ / / / / /_
;;       / /___/ /_/ / __/
;;      /_____/\____/_/
;;
;; _-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_

Retocando ultimas configs

Por la parte de "polybar" queremos que se vea nuestra direccion IP de nuestra interfaz enp0s3, asi que creamos un script con nuestro usuario:

touch ~/.config/polybar/ethernet.sh

Con el siguiente contenido:

#!/bin/sh
echo "$(/usr/bin/ip a show enp0s3 | grep "inet " | awk '{print $2}')"

Y le damos permiso de ejecucion.

chmod +x ~/.config/polybar/ethernet.sh

Por la parte de i3 creamos el siguiente script con nuestro usuario.

touch ~/.config/i3/polybar.sh

Con el siguiente contenido:

#!/usr/bin/env sh
killall -q polybar
while pgrep -x polybar >/dev/null; do sleep 1; done
polybar main &

y le damos permiso de ejecucion.

chmod +x ~/.config/i3/polybar.sh

Por ultimo, modificas el fichero:

nano ~/.config/i3/config

Le agregamos las siguientes lineas:

default_border pixel 1
exec_always --no-startup-id ~/.config/i3/polybar.sh &
exec_always --no-startup-id feh --bg-scale ~/.config/i3/wall.png
bindsym $mod+d exec rofi -modi run -show run
bindsym $mod+Tab exec rofi -show window -show-icons

Hay que tener cuidado ya que ya existe un atajo con bindsym $mod+d, asi que habra que eliminar primero esa linea antes de agregar las anteriores.

Hecho esto, eliminamos las que tiene abajo:

bar {
    status_command i3status
}

Quedaria de la siguiente forma:

# This file has been auto-generated by i3-config-wizard(1).
# It will not be overwritten, so edit it as you like.
#
# Should you change your keyboard layout some time, delete
# this file and re-run i3-config-wizard(1).
#

# i3 config file (v4)
#
# Please see https://i3wm.org/docs/userguide.html for a complete reference!

default_orientation vertical #start in opposite orientation from your monitor
for_window [class=".*"] split toggle #toggles split at each new window


default_border pixel 1
exec_always --no-startup-id ~/.config/i3/polybar.sh &
exec_always --no-startup-id feh --bg-scale ~/.config/i3/wall.jpg
bindsym $mod+d exec exec rofi run -show drun -font 'Hack Nerd Font 12'
bindsym $mod+Tab exec rofi -show window -show-icons

set $mod Mod4

# Font for window titles. Will also be used by the bar unless a different font
# is used in the bar {} block below.
font pango:monospace 8

# This font is widely installed, provides lots of unicode glyphs, right-to-left
# text rendering and scalability on retina/hidpi displays (thanks to pango).
#font pango:DejaVu Sans Mono 8

# Before i3 v4.8, we used to recommend this one as the default:
# font -misc-fixed-medium-r-normal--13-120-75-75-C-70-iso10646-1
# The font above is very space-efficient, that is, it looks good, sharp and
# clear in small sizes. However, its unicode glyph coverage is limited, the old
# X core fonts rendering does not support right-to-left and this being a bitmap
# font, it doesn’t scale on retina/hidpi displays.

# Use Mouse+$mod to drag floating windows to their wanted position
floating_modifier $mod

# start a terminal
bindsym $mod+Return exec urxvt

# kill focused window
bindsym $mod+Shift+q kill

# start dmenu (a program launcher)
# There also is the (new) i3-dmenu-desktop which only displays applications
# shipping a .desktop file. It is a wrapper around dmenu, so you need that
# installed.
# bindsym $mod+d exec --no-startup-id i3-dmenu-desktop

# change focus
bindsym $mod+j focus left
bindsym $mod+k focus down
bindsym $mod+l focus up
bindsym $mod+ntilde focus right

# alternatively, you can use the cursor keys:
bindsym $mod+Left focus left
bindsym $mod+Down focus down
bindsym $mod+Up focus up
bindsym $mod+Right focus right

# move focused window
bindsym $mod+Shift+j move left
bindsym $mod+Shift+k move down
bindsym $mod+Shift+l move up
bindsym $mod+Shift+ntilde move right

# alternatively, you can use the cursor keys:
bindsym $mod+Shift+Left move left
bindsym $mod+Shift+Down move down
bindsym $mod+Shift+Up move up
bindsym $mod+Shift+Right move right

# split in horizontal orientation
bindsym $mod+h split h

# split in vertical orientation
bindsym $mod+v split v

# enter fullscreen mode for the focused container
bindsym $mod+f fullscreen toggle

# change container layout (stacked, tabbed, toggle split)
bindsym $mod+s layout stacking
bindsym $mod+w layout tabbed
bindsym $mod+e layout toggle split

# toggle tiling / floating
bindsym $mod+Shift+space floating toggle

# change focus between tiling / floating windows
bindsym $mod+space focus mode_toggle

# focus the parent container
bindsym $mod+a focus parent

# focus the child container
#bindsym $mod+d focus child

# Define names for default workspaces for which we configure key bindings later on.
# We use variables to avoid repeating the names in multiple places.
set $ws1 "1"
set $ws2 "2"
set $ws3 "3"
set $ws4 "4"
set $ws5 "5"
set $ws6 "6"
set $ws7 "7"
set $ws8 "8"
set $ws9 "9"
set $ws10 "10"

# switch to workspace
bindsym $mod+1 workspace $ws1
bindsym $mod+2 workspace $ws2
bindsym $mod+3 workspace $ws3
bindsym $mod+4 workspace $ws4
bindsym $mod+5 workspace $ws5
bindsym $mod+6 workspace $ws6
bindsym $mod+7 workspace $ws7
bindsym $mod+8 workspace $ws8
bindsym $mod+9 workspace $ws9
bindsym $mod+0 workspace $ws10

# move focused container to workspace
bindsym $mod+Shift+1 move container to workspace $ws1
bindsym $mod+Shift+2 move container to workspace $ws2
bindsym $mod+Shift+3 move container to workspace $ws3
bindsym $mod+Shift+4 move container to workspace $ws4
bindsym $mod+Shift+5 move container to workspace $ws5
bindsym $mod+Shift+6 move container to workspace $ws6
bindsym $mod+Shift+7 move container to workspace $ws7
bindsym $mod+Shift+8 move container to workspace $ws8
bindsym $mod+Shift+9 move container to workspace $ws9
bindsym $mod+Shift+0 move container to workspace $ws10

# Color settings
set_from_resource $fg i3wm.color7 #f0f0f0
set_from_resource $ubg i3wm.color6 #f0f0f0
set_from_resource $fbg i3wm.color2 #f0f0f0

#class                  border  backgr. text    indicator       child_border
client.focused          $fbg    $fbg    $fg     $fbg            $fbg
client.focused_inactive $bg     $bg     $fg     $bg             $bg
client.unfocused        $ubg    $ubg    $fg     $ubg            $ubg
client.urgent           $bg     $bg     $fg     $bg             $bg
client.placeholder      $bg     $bg     $fg     $bg             $bg

client.background       $bg



# reload the configuration file
bindsym $mod+Shift+c reload
# restart i3 inplace (preserves your layout/session, can be used to upgrade i3)
bindsym $mod+Shift+r restart
# exit i3 (logs you out of your X session)
bindsym $mod+Shift+e exec "i3-nagbar -t warning -m 'You pressed the exit shortcut. Do you really want to exit i3? This will end your X session.' -B 'Yes, exit i3' 'i3-msg exit'"

# resize window (you can also use the mouse for that)
mode "resize" {
        # These bindings trigger as soon as you enter the resize mode

        # Pressing left will shrink the window’s width.
        # Pressing right will grow the window’s width.
        # Pressing up will shrink the window’s height.
        # Pressing down will grow the window’s height.
        bindsym j resize shrink width 10 px or 10 ppt
        bindsym k resize grow height 10 px or 10 ppt
        bindsym l resize shrink height 10 px or 10 ppt
        bindsym ntilde resize grow width 10 px or 10 ppt

        # same bindings, but for the arrow keys
        bindsym Left resize shrink width 10 px or 10 ppt
        bindsym Down resize grow height 10 px or 10 ppt
        bindsym Up resize shrink height 10 px or 10 ppt
        bindsym Right resize grow width 10 px or 10 ppt

        # back to normal: Enter or Escape or $mod+r
        bindsym Return mode "default"
        bindsym Escape mode "default"
        bindsym $mod+r mode "default"
}

bindsym $mod+r mode "resize"

# Start i3bar to display a workspace bar (plus the system information i3status
# finds out, if available)

Wallpaper

Para configurar el wallpaper ejecutaremos:

wget https://images.hdqwalls.com/wallpapers/anime-girl-walk-in-abondon-city-4k-y5.jpg -O ~/.config/i3/wall.jpg

PENTESTING

El siguiente comando instalara varias herramientas que estan disponibles desde los repositorios de Debian.

apt-get install nmap dirb fcrackzip sqlmap medusa,hydra,curl
netdiscover tmux cewl gdb nikto crunch macchanger openssh-server nginx
python3-pip wireshark mousepad wfuzz tmux smbmap nbtscan exif golang gem2deb

Instalar stegcracker

Stegcracker nos permitira crackear contraseñas de imagenes que contienen ficheros usando stego y necesitan password para extraerlos.

Para instalarlo ejecutamos:

pip3 install stegcracker
mv ~/.local/bin/stegcracker /usr/local/bin

Instalar searchsploit

Searchsploit nos permitira buscar exploits, y tambien tendremos todos los exploits en local.

Para instalarlo ejecutamos:

sudo git clone https://github.com/offensive-security/exploitdb.git /opt/exploitdb
sudo ln -sf /opt/exploitdb/searchsploit /usr/local/bin/searchsploit

Diccionarios

Creamos la siguiente carpeta:

sudo mkdir /usr/share/wordlists

Descargamos los diccionarios en ella.

cd /usr/share/wordlists
sudo wget https://github.com/brannondorsey/naive-hashcat/releases/download/data/rockyou.txt
sudo git clone https://github.com/danielmiessler/SecLists.git

Gobuster

Ejecutamos los siguientes comandos para instalar gobuster.

cd /opt
wget https://github.com/OJ/gobuster/releases/download/v3.1.0/gobuster-linux-amd64.7z
7z x gobuster-linux-amd64.7z
mv /opt/gobuster-linux-amd64/gobuster /usr/bin

Metasploit

Ejecutamos los siguientes comandos para ejecutar metasploit.

curl https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-framework-wrappers/msfupdate.erb > msfinstall
chmod +x msfinstall
sudo ./msfinstall

Como nuestro usuario ejecutamos los siguientes comandos para verificar que todo funciona correctamete.

msfdbinit
msfconsole

HTTPROBE

Para instalar httprobe ejecutamos:

go get -u github.com/tomnomnom/httprobe
chown nuestrouser:nuestrouser /root/go/bin/httprobe
chmod +x /root/go/bin/httprobe
mv /root/go/bin/httprobe /usr/local/bin

Assetfinder

Para instalar assetfinder ejecutamos:

go get -u github.com/tomnomnom/assetfinder
chown nuestrouser:nuestrouser /root/go/bin/assetfinder
chmod +x /root/go/bin/assetfinder
mv /root/go/bin/assetfinder /usr/local/bin

Instalar wpscan

Para instalar wpscan ejecutamos:

gem install wpscan

Burp Suite

Para instalar Burp simplemente iremos a su web https://portswigger.net/burp/releases Seleccionaremos la version Community y se nos descargara un fichero .sh Lo ejecutamos y seguimos los pasos...

sudo sh ./burpscript.sh

Instalar John the Ripper

Para instalar john ejecutamos:

cd /opt
sudo git clone https://github.com/openwall/john
cd /opt/john/src
sudo apt-get install libssl-dev
./configure
make -s clean && make -sj4

Firefox Addons

En Firefox instalaremos los siguientes Addons:

cookie manager, foxyproxy, wappalyzer.

PYWAL

Nos descargamos Pywal desde la siguiente url:

https://github.com/dylanaraps/pywal

Para obtener la paleta ejecutamos:

wal -n -q -i "/ruta/imagen.jpg"

Para mantener el cambio despues de reiniciar, añadimos a .bashrc:

# Enable pywal at startup.
(cat ~/.cache/wal/sequences &)
# Alternative (blocks terminal for 0-3ms)
cat ~/.cache/wal/sequences