In an earlier post I described how to setup Nessus on Backtrack 5:
http://insidetrust.blogspot.com/2011/05/easy-nessus-scan-for-beginner-with.html
For some reason, BT 5 R1 does not come with Nessus installed by default, but it's easy to download and install.
You will need to download Nessus from the following location:
http://www.tenable.com/products/nessus/select-your-operating-system
(I used the Debian 64 bit package)
Then install it with the following command:
dpkg -i Nessus-4.4.1-debian5_amd64.deb
Then you can simply follow the rest of the instructions in my original post.
Update - Of course, there is an easier way to do this ;o)
apt-get install nessus
Monday, 29 August 2011
Sunday, 28 August 2011
How good is your browser security?
So, if you are reading this blog, you are probably interested in IT security (or insecurity, otherwise you are in the wrong place).
Is your browser secure?
This is a great resource for testing browser security:
https://browsercheck.qualys.com/
Run the above test on each of the browsers on your system (IE, Firefox, Chrome etc)
If all is well you should get a screen which looks something like this:
If you get a red bar, you are not up-to-date, and probably not fully secure for browsing. If this is the case then I recommend you should to follow the on-screen instructions to get this fixed.
I would be interested to see how many people pass on the first attempt, and what measures others needed to take to get up-to-date.
For me, I run Backtrack 5 R1 (Linux), I needed to update Firefox, and the flash-plugin.
I have added explanations of how to upgrade to Firefox 6.x and also update the Flash plugin in my "Backtrack 5 R1 notes" at the following location:
http://insidetrust.blogspot.com/2011/08/backtrack-5-r1-some-things-fixed-some.html
I recommend anyone who is using Backtrack 5 R1 to apply the updates to help make their system more secure.
I also run chrome on this system, and my chrome status looks like this (Shockwave Flash 11.0 is currently pre-release)
Is your browser secure?
This is a great resource for testing browser security:
https://browsercheck.qualys.com/
Run the above test on each of the browsers on your system (IE, Firefox, Chrome etc)
If all is well you should get a screen which looks something like this:
If you get a red bar, you are not up-to-date, and probably not fully secure for browsing. If this is the case then I recommend you should to follow the on-screen instructions to get this fixed.
I would be interested to see how many people pass on the first attempt, and what measures others needed to take to get up-to-date.
For me, I run Backtrack 5 R1 (Linux), I needed to update Firefox, and the flash-plugin.
I have added explanations of how to upgrade to Firefox 6.x and also update the Flash plugin in my "Backtrack 5 R1 notes" at the following location:
http://insidetrust.blogspot.com/2011/08/backtrack-5-r1-some-things-fixed-some.html
I recommend anyone who is using Backtrack 5 R1 to apply the updates to help make their system more secure.
I also run chrome on this system, and my chrome status looks like this (Shockwave Flash 11.0 is currently pre-release)
Thursday, 25 August 2011
GIAC Web Application Penetration Tester (GWAPT)
I took and passed the GIAC Web Application Penetration Tester (GWAPT) exam today, so I thought I would write something about it (and the SANS course that supports it).
The SANS "Web Application Penetration Testing and Ethical Hacking" course coverage
I had taken the SANS "on-demand" online version of their Web Application Penetration Testing course. I felt the online version of the course is a great format, because it gives you plenty of time to absorb the material and experiment in your own time.
I had previously read the excellent book Web Application Hackers Handbook (which I would highly recommend, before considering the SANS course). There were a few key things on the SANS course that are not covered in that book (and vice versa)
On reflection, this course covers quite a lot of ground. It has the basics of various common attack vectors (such as SQL injection and XSS) but it goes beyond the norm in some areas (though some other attacks and detail seem to be missing).
Additionally to what is covered in the WAHH book, the SANS course covers subject areas such as:
Decomposition and basic analysis of Java applets and Flash objects
Understanding AJAX
Various tools for spidering, and Web app vulnerability scanning
Exploitation frameworks
Most notably, the SANS course covers the basics of a lot of different tools for web-app security testing, including:
Burpsuite, Webscarab, Paros, Dirbuster, Skipfish, W3af, Tamperdata, SQLinjectMe, Sqlmap, Grendel-scan, Nikto, Aura, SiteDigger, Wikto, Goolag Scanner, Maltego, Nmap, HTTPrint, OpenSSL, THC SSL Check, CeWL, SprAJAX, RatProxy, WebService Studio, WSDigger, WSFuzzer, Flare, HP SWFscan, SWFIntruder, JAD, Websecurify, XSS Me, GreaseMonkey, XSS Assistant, PostInterpreter, Absinthe, MonkeyFist, BeEF, Dursosploit, AttackAPI
This is a lot of coverage, though obviously in many cases we are talking about the bare minimum of one slide of notes per tool (you will need to do a lot of your own practice and research to get to know these tools properly).
Though I didn't feel the SANS audio track was as good as it could have been, the course notes and lab examples are good (if you complete them all a couple of times, and do some extra experimentation).
In addition, I did a lot of my own testing with the Web Security Dojo, and some Virtual Appliance UI research in my home lab - which I feel helped me a lot with understanding how to use some of the tools more effectively.
Notes for GWAPT test-takers
This is an open-book exam, which was a new thing for me. I would definitely recommend test-takers to study the SANS course thouroughly, and take there course material with them, because the exam sticks very closely to the SANS course material.
Also, make sure you know which information is in which section of the course material, i.e. know where you would find information on SQL injection syntax, or PHP functions, or HTTP response codes (as examples).
In terms of practice, the certification exam is similar to (but not as easy as) the example tests provided by GIAC. I would also recommend reading the course material a couple of times, completing all the course practicals, and doing extra practice with the tools, such as completing the Web Security Dojo (or Web Goat at the very least).
The SANS "Web Application Penetration Testing and Ethical Hacking" course coverage
I had taken the SANS "on-demand" online version of their Web Application Penetration Testing course. I felt the online version of the course is a great format, because it gives you plenty of time to absorb the material and experiment in your own time.
I had previously read the excellent book Web Application Hackers Handbook (which I would highly recommend, before considering the SANS course). There were a few key things on the SANS course that are not covered in that book (and vice versa)
Additionally to what is covered in the WAHH book, the SANS course covers subject areas such as:
Decomposition and basic analysis of Java applets and Flash objects
Understanding AJAX
Various tools for spidering, and Web app vulnerability scanning
Exploitation frameworks
Most notably, the SANS course covers the basics of a lot of different tools for web-app security testing, including:
Burpsuite, Webscarab, Paros, Dirbuster, Skipfish, W3af, Tamperdata, SQLinjectMe, Sqlmap, Grendel-scan, Nikto, Aura, SiteDigger, Wikto, Goolag Scanner, Maltego, Nmap, HTTPrint, OpenSSL, THC SSL Check, CeWL, SprAJAX, RatProxy, WebService Studio, WSDigger, WSFuzzer, Flare, HP SWFscan, SWFIntruder, JAD, Websecurify, XSS Me, GreaseMonkey, XSS Assistant, PostInterpreter, Absinthe, MonkeyFist, BeEF, Dursosploit, AttackAPI
This is a lot of coverage, though obviously in many cases we are talking about the bare minimum of one slide of notes per tool (you will need to do a lot of your own practice and research to get to know these tools properly).
Though I didn't feel the SANS audio track was as good as it could have been, the course notes and lab examples are good (if you complete them all a couple of times, and do some extra experimentation).
In addition, I did a lot of my own testing with the Web Security Dojo, and some Virtual Appliance UI research in my home lab - which I feel helped me a lot with understanding how to use some of the tools more effectively.
Notes for GWAPT test-takers
This is an open-book exam, which was a new thing for me. I would definitely recommend test-takers to study the SANS course thouroughly, and take there course material with them, because the exam sticks very closely to the SANS course material.
Also, make sure you know which information is in which section of the course material, i.e. know where you would find information on SQL injection syntax, or PHP functions, or HTTP response codes (as examples).
In terms of practice, the certification exam is similar to (but not as easy as) the example tests provided by GIAC. I would also recommend reading the course material a couple of times, completing all the course practicals, and doing extra practice with the tools, such as completing the Web Security Dojo (or Web Goat at the very least).
Tuesday, 23 August 2011
Backtrack 5 R1 - Some things fixed, some things broken + workarounds
Sometimes installing the latest releases is a good thing. You get to learn lots of new technology, and improve your understanding and troubleshooting skills at the same time.
However, there is a cost in time, tweaking and fixing things, and learning new ways to do the same things you used to do. Today Backtrack 5 R1 is only 3 days after release, so there are bound to be some issues.
Pluses and minuses
Some things seem to work a lot better (for example I had none of my usual issues with graphics drivers, that I often get during a Backtrack install)
However, some tools that were previously working fine seem to be broken (at least on the BT5 R1 KDE 64-bit version that I am currently looking at).
Problems I have seen so far (and workarounds/fixes):
Wireshark not working
Wireshark won't run - I got the following error:
wireshark: error while loading shared libraries: libwsutil.so.0: cannot open shared object file: No such file or director
The Backtrack development team are aware of this, and currently in the process of developing a fix.
Fix = Rebuild wireshark from source
Workaround = Copy the following files, which fixes the problem:
cp /usr/local/lib/libwsutil.so.1 /usr/lib/libwsutil.so.0
cp /usr/local/lib/libwiretap.so.1 /usr/lib/libwiretap.so.0
Nessus is missing
Fix = Follow the instructions to download and install it here:
http://insidetrust.blogspot.com/2011/08/setting-up-nessus-in-backtrack-5-r1.html
VMware Player not working
VMware Player will install, but not compile and run - with the following errors in "/tmp/vmware-root/setup-*.log":
This is pretty essential for my home lab - probably more an issue that VMware need to fix, to make VMware Player work with the latest Linux Kernel.
Workaround = Use Oracle VirtualBox
Download the "Ubuntu 10.04 LTS" version from here: http://www.virtualbox.org/wiki/Linux_Downloads
Run the following command to install it:
If you already have VMware VMs, make a copy of these, and for each - in VirtualBox, add new machines, and select the *.vmdk files when you come to add the disk.
This seems to work pretty well, and has more or less the same features as VMware Player.
Workaround2 = See comment from Anonymous below (untested at this time)
Grendel-scan not working
Grendel-scan throws the following Java exception:
Exception in thread "main" java.lang.UnsatisfiedLinkError: no swt-gtk-3349 or swt-gtk in swt.library.path, java.library.path or the jar file
TBD - I guess I can get along without this for a while.
Mozilla Firefox not up-to-date
Firefox is not the latest version (which could potentially be a security risk).
Fix = Run the firefox built-in updater (to upgrade to Firefox 6.x)
Installing flash player for Chrome and Firefox
Flash plugins are missing for Chrome and Firefox.
Workaround = Add the executable in the correct directories
First download the kits at the following locations:
http://labs.adobe.com/technologies/flashplatformruntimes/flashplayer11/
http://get.adobe.com/flashplayer/?no_redirect
Close both Chrome and Firefox and then do the following:
Restart the browsers and this should fix it
Crash issue
I did have an issue where I think it went into screen-save mode where the system seemed to go into a graphics-card test screen and completely lock-up (?! not sure on this one).
Not seen this since
Suspend to disk causes failure to boot
Yeah, this one is not much fun, seems persistent and I'm currently troubleshooting it... Hangs on red BT5 boot-loader screen.
Workaround = Not sure, I re-installed my system, and have not seen the issue since. Weird.
(I will add issues and workarounds as I find them in this post)
However, there is a cost in time, tweaking and fixing things, and learning new ways to do the same things you used to do. Today Backtrack 5 R1 is only 3 days after release, so there are bound to be some issues.
Pluses and minuses
Some things seem to work a lot better (for example I had none of my usual issues with graphics drivers, that I often get during a Backtrack install)
However, some tools that were previously working fine seem to be broken (at least on the BT5 R1 KDE 64-bit version that I am currently looking at).
Problems I have seen so far (and workarounds/fixes):
Wireshark not working
Wireshark won't run - I got the following error:
wireshark: error while loading shared libraries: libwsutil.so.0: cannot open shared object file: No such file or director
The Backtrack development team are aware of this, and currently in the process of developing a fix.
Fix = Rebuild wireshark from source
Workaround = Copy the following files, which fixes the problem:
cp /usr/local/lib/libwiretap.so.1 /usr/lib/libwiretap.so.0
Nessus is missing
Fix = Follow the instructions to download and install it here:
http://insidetrust.blogspot.com/2011/08/setting-up-nessus-in-backtrack-5-r1.html
VMware Player not working
VMware Player will install, but not compile and run - with the following errors in "/tmp/vmware-root/setup-*.log":
Failed to compile module vmmon
This is pretty essential for my home lab - probably more an issue that VMware need to fix, to make VMware Player work with the latest Linux Kernel.
Workaround = Use Oracle VirtualBox
Download the "Ubuntu 10.04 LTS" version from here: http://www.virtualbox.org/wiki/Linux_Downloads
Run the following command to install it:
dpkg -i virtualbox-4.1_4.1.2-73507~Ubuntu~lucid_amd64.deb
If you already have VMware VMs, make a copy of these, and for each - in VirtualBox, add new machines, and select the *.vmdk files when you come to add the disk.
This seems to work pretty well, and has more or less the same features as VMware Player.
(Guess which VM is the victim ;o)
Workaround2 = See comment from Anonymous below (untested at this time)
Grendel-scan not working
Grendel-scan throws the following Java exception:
TBD - I guess I can get along without this for a while.
Mozilla Firefox not up-to-date
Firefox is not the latest version (which could potentially be a security risk).
Fix = Run the firefox built-in updater (to upgrade to Firefox 6.x)
- In firefox, go to Help > About
- Click on "Check for updates"
- Click on "Apply updates"
- Follow the instructions (this will require a restart of firefox)
- Follow the instructions to update the version of no-script
Installing flash player for Chrome and Firefox
Flash plugins are missing for Chrome and Firefox.
Workaround = Add the executable in the correct directories
First download the kits at the following locations:
http://labs.adobe.com/technologies/flashplatformruntimes/flashplayer11/
http://get.adobe.com/flashplayer/?no_redirect
Close both Chrome and Firefox and then do the following:
cd ~/Download
tar xvfz flashplayer11_b2_install_lin_64_080811.tar.gz
chown root:root libflashplayer.so
chmod 0644 libflashplayer.so
cp -f libflashplayer.so /usr/lib/mozilla/plugins/
rm -rf libflashplayer.so
chmod 0644 libflashplayer.so
cp -f libflashplayer.so /usr/lib/mozilla/plugins/
rm -rf libflashplayer.so
tar xvfz install_flash_player_10_linux.tar.gz
mkdir ~/.mozilla/plugins
chown root:root libflashplayer.so
chmod 0644 libflashplayer.so
mv -f libflashplayer.so ~/.mozilla/plugins/
mkdir ~/.mozilla/plugins
chown root:root libflashplayer.so
chmod 0644 libflashplayer.so
mv -f libflashplayer.so ~/.mozilla/plugins/
Restart the browsers and this should fix it
Crash issue
I did have an issue where I think it went into screen-save mode where the system seemed to go into a graphics-card test screen and completely lock-up (?! not sure on this one).
Not seen this since
Suspend to disk causes failure to boot
Yeah, this one is not much fun, seems persistent and I'm currently troubleshooting it... Hangs on red BT5 boot-loader screen.
Workaround = Not sure, I re-installed my system, and have not seen the issue since. Weird.
(I will add issues and workarounds as I find them in this post)
Monday, 22 August 2011
Using Hydra to dictionary-attack web-based login forms
Hydra is a online password cracking tool which can be used to dictionary-attack various services by trying lists of user-names and passwords until a successful login is found. It is multi-threaded, and can be very fast, trying username/password combinations at a rate of thousands per minute.
Hydra can be used to attack many different services including IMAP, SMB, HTTP, VNC, MS-SQL MySQL, SMTP, SSH, and many more.
(Hydra is to online-cracking of passwords, what John The Ripper is to offline-cracking of password hashes)
Often, web-based login forms authenticate using the HTTP POST method, but judging from several blogs I have read on this subject, it sounds like some people have great difficulty in getting Hydra to work effectively in this situation.
I have had a great deal of success with hydra, so here I describe how to get Hydra working with web-based form logins.
This attack is not limited to websites, and I would argue that it is more suited for gaining login access to software products that have a web UI, for example in penetration tests.
This tool should not be used to attack websites or services where you do not have permission to do so. Use this for legitimate testing purposes only.
Some differences between online and off-line password cracking
There are significant differences between online and off-line password cracking.
With off-line cracking, you have the hashes on your system, they are static, and you can try dictionary, hybrid, and brute force attacks to you hearts content. You have as long as you want, and you can try many billions of attempts in a short space of time.
The attack success is purely dependent on password strength, verses processor-power and time (and few user-chosen passwords will be strong enough to last).
With online password attacks there are more issues to consider, such as; network bandwidth, account lockouts, tar-pitting, changing passwords, detection in logs and IDS.
Online attacks are more suited to relatively small and focused dictionary attacks rather than exhaustive brute-force.
A simple Hydra SSH example
Here is a simple example of running a Hydra attack against an SSH server.
This will attack the system 192.1.68.1.26, on port 22 with the SSH protocol, 10 threads at a time, and try all the combinations of usernames and passwords supplied in the files user.txt and pass.txt (+ empty passwords and passwords the same as the username)
This can take a while, so it is best to only use usernames you know exist, and a relatively small list of passwords (many thousands rather than many millions). This attack generally works very well for simple dictionary passwords.
Web-based login forms prerequisites
For web-based forms, you have to know much more information about the form you are attacking before you start the attack. Every web-based form is slightly different, different URLs and parameters, and different responses for success or failure.
You need to know:
For the parameters of the request, you can intercept and examine a normal login attempt with a web proxy (such as owasp-zap, webscarab or burpsuite) or use a browser plugin (such as tamperdata) or just look at the HTML form.
An example attack
The Web Security Dojo VM has various vulnerable applications that you can use to test these techniques. So looking at an example the w3af testing framework has a test login at the following location
http://192.168.1.69/w3af/bruteforce/form_login/
The important parts of the HTML form are:
<form name="input" action="dataReceptor.php" method="post">
Username:
<input type="text" name="user">
Password:
<input type="password" name="pass">
If we put in one wrong username and password combination we get:
Hydra can be used to attack many different services including IMAP, SMB, HTTP, VNC, MS-SQL MySQL, SMTP, SSH, and many more.
(Hydra is to online-cracking of passwords, what John The Ripper is to offline-cracking of password hashes)
Often, web-based login forms authenticate using the HTTP POST method, but judging from several blogs I have read on this subject, it sounds like some people have great difficulty in getting Hydra to work effectively in this situation.
I have had a great deal of success with hydra, so here I describe how to get Hydra working with web-based form logins.
This attack is not limited to websites, and I would argue that it is more suited for gaining login access to software products that have a web UI, for example in penetration tests.
This tool should not be used to attack websites or services where you do not have permission to do so. Use this for legitimate testing purposes only.
Some differences between online and off-line password cracking
There are significant differences between online and off-line password cracking.
With off-line cracking, you have the hashes on your system, they are static, and you can try dictionary, hybrid, and brute force attacks to you hearts content. You have as long as you want, and you can try many billions of attempts in a short space of time.
The attack success is purely dependent on password strength, verses processor-power and time (and few user-chosen passwords will be strong enough to last).
With online password attacks there are more issues to consider, such as; network bandwidth, account lockouts, tar-pitting, changing passwords, detection in logs and IDS.
Online attacks are more suited to relatively small and focused dictionary attacks rather than exhaustive brute-force.
A simple Hydra SSH example
Here is a simple example of running a Hydra attack against an SSH server.
hydra 192.168.1.26 ssh2 -s 22 -P pass.txt -L users.txt -e ns -t 10
This will attack the system 192.1.68.1.26, on port 22 with the SSH protocol, 10 threads at a time, and try all the combinations of usernames and passwords supplied in the files user.txt and pass.txt (+ empty passwords and passwords the same as the username)
This can take a while, so it is best to only use usernames you know exist, and a relatively small list of passwords (many thousands rather than many millions). This attack generally works very well for simple dictionary passwords.
Web-based login forms prerequisites
For web-based forms, you have to know much more information about the form you are attacking before you start the attack. Every web-based form is slightly different, different URLs and parameters, and different responses for success or failure.
You need to know:
- The hostname/IP and URL
- Whether it is a HTTPS or HTTP service
- Whether the form supports GET or POST (or both)
- The parameters of the request
- The difference in response between success and failure
- Whether any session cookies are required to be set or maintained
- What lockout features and thresholds are enabled (if any)
For the parameters of the request, you can intercept and examine a normal login attempt with a web proxy (such as owasp-zap, webscarab or burpsuite) or use a browser plugin (such as tamperdata) or just look at the HTML form.
An example attack
The Web Security Dojo VM has various vulnerable applications that you can use to test these techniques. So looking at an example the w3af testing framework has a test login at the following location
http://192.168.1.69/w3af/bruteforce/form_login/
The important parts of the HTML form are:
<form name="input" action="dataReceptor.php" method="post">
Username:
<input type="text" name="user">
Password:
<input type="password" name="pass">
If we put in one wrong username and password combination we get:
Sunday, 21 August 2011
A few other tips for Backtrack 5 graphics drivers issues, and software installs
Having rebuilt my main BT5 laptop again today, here are some tips I can share for anyone else who has the same needs (and to hopefully this will help make it quicker for me if I want to rebuild the same setup again)
I already made some suggestions for my Desktop system (when I installed that with Backtrack 5) but that covered Nvidia graphics drivers, and other software installs:
http://insidetrust.blogspot.com/2011/05/overcoming-problems-installing.html
I'm currently using BT5 KDE 64-bit on a Dell Inspiron 17R 7010 - This has a nice big screen, which is useful for virtual hosts etc...
Anyway, the reason for the rebuild was that; initially a kernel update (2.6.39.4) stopped various packages from working. So I thought I would try out BT5 R1 KDE 64-bit, but then after an abortive install of R1, I've gone back to my previous stable setup (I haven't got to the bottom of the kernel and R1 issues yet, maybe more on that next time)
So, after a standard install of BT5...
Intel graphics drivers
My laptop has Intel graphics drivers and initially "startx" would result in a black screen, and lockup with no errors. I got a solution previously speaking to some of the folks on the #backtrack-linux IRC channel a while back (I couldn't remember it exactly, but I figured it out for myself this time, but thanks to a_landim_xhkl and _ope_ for the original feedback).
A basic way to get the Intel graphics driver working is to reconfigure /boot/grub/grub.cfg , but this needs to be done via the template files and grub config builder.
You need to edit the file /etc/default/grub and added the Intel option (back it up first)
... then edit the following line adding the options in red:
GRUB_CMDLINE_LINUX="text splash vga=791 i915.modeset=1"
Then rebuild the grub config and reboot:
The BT5 KDE 64-bit gotcha
We're not out of the woods yet for KDE, but this one has been mentioned over and over in various places - this is the known issue where KDE crashes out after the first Chinese symbol on the red starting screen.
If you are using BT5 KDE 64-bit you will likely need to do the following before you can run startx
rm /root/.kde/cache-root/icon-cache.kcache
rm /root/.kde/cache-root/plasma_theme_Volatile.kcache
rm /root/.kde/cache-bt/icon-cache.kcache
rm /root/.kde/cache-bt/plasma_theme_Volatile.kcache
rm -rf /var/tmp/kdecache-root
After that KDE starts fine, now to install some extra stuff...
Installing and running VMware Player
Download VMware Player
http://downloads.vmware.com/d/details/player_314/ZGp0YnR0KnRiZGh0QA==
Then you need the kernel sources in order to install and run VMware Player. Run the following (and go do something else while it does it's thing)
prepare-kernel-sources
Then run the install, and this should work fine
./VMware-Player-3.1.4-385536.x86_64.bundle
Installing and running Google Chrome
Download the latest 64 bit Google Chrome build and then do:
You may get a complaint about running this as root, so either create an account for browsing, or start the browser with the following command
/opt/google/chrome/google-chrome %U --user-data-dir
(I've seen some ridiculously complex suggested ways of doing this, such as hex-editing binaries, the above seems like the easiest by far)
You can either run this from the command line, or easier still, change the shortcut command to the above. This works very well as of Chrome version 13.0.782.215.
I already made some suggestions for my Desktop system (when I installed that with Backtrack 5) but that covered Nvidia graphics drivers, and other software installs:
http://insidetrust.blogspot.com/2011/05/overcoming-problems-installing.html
I'm currently using BT5 KDE 64-bit on a Dell Inspiron 17R 7010 - This has a nice big screen, which is useful for virtual hosts etc...
Anyway, the reason for the rebuild was that; initially a kernel update (2.6.39.4) stopped various packages from working. So I thought I would try out BT5 R1 KDE 64-bit, but then after an abortive install of R1, I've gone back to my previous stable setup (I haven't got to the bottom of the kernel and R1 issues yet, maybe more on that next time)
So, after a standard install of BT5...
Intel graphics drivers
My laptop has Intel graphics drivers and initially "startx" would result in a black screen, and lockup with no errors. I got a solution previously speaking to some of the folks on the #backtrack-linux IRC channel a while back (I couldn't remember it exactly, but I figured it out for myself this time, but thanks to a_landim_xhkl and _ope_ for the original feedback).
A basic way to get the Intel graphics driver working is to reconfigure /boot/grub/grub.cfg , but this needs to be done via the template files and grub config builder.
You need to edit the file /etc/default/grub and added the Intel option (back it up first)
cp /etc/default/grub /etc/default/grub.old
... then edit the following line adding the options in red:
GRUB_CMDLINE_LINUX="text splash vga=791 i915.modeset=1"
Then rebuild the grub config and reboot:
grub-mkconfig -o /boot/grub/grub.cfg
init 6
The BT5 KDE 64-bit gotcha
We're not out of the woods yet for KDE, but this one has been mentioned over and over in various places - this is the known issue where KDE crashes out after the first Chinese symbol on the red starting screen.
If you are using BT5 KDE 64-bit you will likely need to do the following before you can run startx
rm /root/.kde/cache-root/icon-cache.kcache
rm /root/.kde/cache-root/plasma_theme_Volatile.kcache
rm /root/.kde/cache-bt/icon-cache.kcache
rm /root/.kde/cache-bt/plasma_theme_Volatile.kcache
rm -rf /var/tmp/kdecache-root
After that KDE starts fine, now to install some extra stuff...
Installing and running VMware Player
Download VMware Player
http://downloads.vmware.com/d/details/player_314/ZGp0YnR0KnRiZGh0QA==
Then you need the kernel sources in order to install and run VMware Player. Run the following (and go do something else while it does it's thing)
prepare-kernel-sources
Then run the install, and this should work fine
./VMware-Player-3.1.4-385536.x86_64.bundle
Installing and running Google Chrome
Download the latest 64 bit Google Chrome build and then do:
dpkg -i ./google-chrome-stable_current_amd64.deb
You may get a complaint about running this as root, so either create an account for browsing, or start the browser with the following command
/opt/google/chrome/google-chrome %U --user-data-dir
(I've seen some ridiculously complex suggested ways of doing this, such as hex-editing binaries, the above seems like the easiest by far)
You can either run this from the command line, or easier still, change the shortcut command to the above. This works very well as of Chrome version 13.0.782.215.
Subscribe to:
Posts (Atom)