Commit 5817e502 authored by Philip Linghammar's avatar Philip Linghammar
Browse files

Updates basics_of_linux.md 

Auto commit by GitBook Editor
parent 7264be94

basics_of_linux.md

+7 −21
Original line number Diff line number Diff line 


---



# Basics of linux



This is a huge chapter. I could divide it up in many subchapters but I like to have it all at one place so I can just do `ctr-f`, and search for whatever I am looking for.
@@ -975,22 +978,16 @@ route add default gw 192.168.55.1 


Remember that these routes will only be temporary.







#### Example - Man in the middle a host



It is often useful to man in the middle all traffic from a machine, to see what requests and stuff it does.



Let's say that the scenario is that the victim-machine is connected to the mitm-machine by ethernet cable. This can be either a physical cable or thought a virtual machine.







**Victim machine**



On the victim machine we don't have network-manager installed. And out `/etc/network/interfaces` has nothing in it except for:







```

auto lo

iface lo inet loopback
@@ -1032,7 +1029,6 @@ When we bring up the interface the routing table will automatically get populate 
```

root@deb64:~# ip r

192.168.150.0/24 dev ens3 proto kernel scope link src 192.168.150.2



```



**Add default gateway**
@@ -1053,8 +1049,6 @@ default via 192.168.150.1 dev ens3 


Now we are done setting up the victim machine.







**Attacking machine**



First we need to give our machine the ip-address of the default gateway, so that the victim will connect to the attacking machine.
@@ -1071,12 +1065,8 @@ iptables -t nat -A POSTROUTING -j ACCEPT 


This is all we have to do. If we now do a `curl icanhazip.com` from our victim machine, we can see the traffic flying by with tcpdump in our attacker-machine.







However, we might want to inspect the traffic in burp-suite, or some other proxy tool. In ordet to do that we can redirect specific traffic into our proxy with the help of our friend iptables.







```

iptables -t nat -A PREROUTING -i ens3 -s 192.168.150.2 -p tcp -m tcp --dport 443 -j REDIRECT --to-ports 8080

iptables -t nat -A PREROUTING -i ens3 -s 192.168.150.2 -p tcp -m tcp --dport 80  -j REDIRECT --to-ports 8080
@@ -1089,8 +1079,6 @@ Go to `Proxy > Options > Proxy Listeners > Edit > Binding > All interfaces` 


Go to: `Proxy > Options > Proxy Listeners > Edit > Request handling > Support invisible proxy`







Now if you do the following from the victim machine:



```
@@ -1099,8 +1087,6 @@ curl icanhazip.com 


You will see the request in burp suite.







### Wireless - wpa\_supplicant



So if you manage to disable networkManager you can connect to a wireless network using wpa\_supplicant instead. I think that is what NetworkManager actually uses underneith.