TheHarvester Linux Information gathering Tool

Ever you come in the situation where you want to send email to users of certain domain but you can't find any valid email addresses? theHarvester information gathering tool can help you.
theHarvester is a tool for gathering e-mail accounts, sub-domain names, virtual hosts, open ports/ banners, and employee names from different public sources (search engines, pgp key servers).
The sources supported are:

Google – emails, subdomains/hostnames
Google profiles – Employee names
Bing search – emails, subdomains/hostnames, virtual hosts
Pgp servers – emails, subdomains/hostnames
LinkedIn – Employee names
Exalead – emails, subdomain/hostnames

To get started, if theHarvester is not available in your Linux distribution, go and download it from here or check the latest version from here.

Migrate to download directory and extract the file

➜  ~   cd /home/james/Downloads
➜  ~  tar -xvzf  theHarvester-2.2a.tar.gz

Migrate to extracted directory and provide execute permission to the theHarvester.py

➜  ~   cd theHarvester-2.2a/
➜  ~  chmod 755 theHarvester.py

After getting in to that, simply run ./theHarvester.py , it will display version and other option that can be used with this tool with detailed description as seen on the diagram below,

To use the tool, use the following syntax

➜  ~ ./theHarvester.py -d [domainname] -l 300 -b [search engine name]

Example;

-The command below will search all email addresses, sub-domains,, virtual hosts found any where in google.

➜  ~ ./theHarvester.py -d facebook.com -l 300 -b google  

-The command below will search email address, sub-domains, virtual hosts etc of microsoft.com domain found in most search engines.

➜  ~ ./theHarvester.py -d microsoft.com -l 300 -b all 

If you are using KaliLinux, an Advanced Penetration Testing Linux distribution used for Penetration Testing, Ethical Hacking and network security assessments the tool comes pre-installed.

This tool is designed to help the penetration tester on an earlier stage; it is an effective, simple and easy to use, so don't abuse it, if you use it for hacking, hack ethically.

Enjoy!!

Bridging KVM guest machines

Kernel-based Virtual Machine (KVM) is a virtualization infrastructure for the Linux kernel that turns it into a hypervisor.Am using KVM to run virtual machines on my server, an alternative of kvm is virtualbox (which most of people are familiar with). When installing guest machines on host machine running kvm by default are assigned 192.168.122.0/0 IP address which is virtual address which are accessible only within the host machine, but not outside.
In this lab am going to show you how to bridge guest machines on kvm where will be accessible outside their host machine.This is archived by bridging them on host machine Ethernet interface and will be receiving dhcp from the router where the host machine is connected. Now lets start:

a. Start the kvm virtual manager

➜  ~   sudo virt-manager 

When booting one of my guest machine, by default it was assigned 192.168.122.122 ip address, see

Now lets configure it, so that will be receiving IP from dhcp server from the router.

b. Host machine configuration

Open host machine terminal and create the virtual bridge interface and add your physical on it, as below

➜  ~  sudo vim /etc/network/interfaces

The file should look as below

# interfaces(5) file used by ifup(8) and ifdown(8)

# Include files from /etc/network/interfaces.d:

source-directory /etc/network/interfaces.d



##########Bridge start#####

auto lo

iface lo inet loopback

auto eth0

iface eth0 inet manual

        up ifconfig $IFACE 0.0.0.0 up

        down ifconfig $IFACE down

auto br0
iface br0 inet static
bridge_ports eth0
bridge_fd 9
bridge_hello 2
bridge_maxage 12

address 192.168.0.100
netmask 255.255.255.0
network 192.168.0.0
broadcast 192.168.0.255
gateway 192.168.0.1
dns-nameservers 8.8.8.8
############Bridge end#######

Where i created an virtual interface named br0 and assigned it one of static ip in the range of my LAN ip.

Then, restart your network service

 ➜  ~  sudo /etc/init.d/networking restart

Note:
I have noticed some cases where restarting the network services is not taking effect, so you will have to restart the whole host machine.

So restart the host machine.

➜  ~  sudo reboot

c. Guest machine configuration

When the host machines comes up, start the virtual machine manager and go to specific guest machine where you want to bride it, Go to Edit ,Virtual Machine Details,Details and then click your virtual interface, as seen below

On source device select Specify shared device name and on bridge name type br0 and then save, as seen below

Your done, restart your guest machine and see if it will receive IP via dhcp.

See, it receive 192.168.0. 10 which is my dhcp range.

Hope it help someone.

How to connect devices running on GNS3 to Internet in Ubuntu/Deepin

Hello everyone, you may came in a situation where you will need to connect devices running on visualization environment like GNS3 to Internet, here are steps.

i. Launch gns3 on command line

➜  ~  sudo gns3

ii. Add devices
For this lab, am going to use one router Cisco router 7200 and Cloud which will be connecting gns3 devices to Internet via my laptop which is connected to Internet using Ethernet cable connected to router .

iii. Cabling and bridging Cloud to the to my Ethernet interface.

Right-click on Cloud and select configure, then add etho (which is interface of my laptop as generic interface of the cloud) and then Appy and save.

Now connect interface of the router to this generic interface of the cloud.

Now power on the router for further configuration.

iv. Router Configuration
Now login to the router for configuration

➜  ~  telnet 127.0.0.1 2001
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
Connected to Dynamips VM "R1" (ID 1, type c7200) - Console port
Press ENTER to get the prompt.
ROMMON emulation microcode.

 a. Configure interface
Configure the interface to obtain IP address via dhcp of my public router (you may assign static IP also if you prefer).

R1#show ip interface brief Interface              IP-Address      OK? Method Status                Protocol
FastEthernet0/0        unassigned      YES unset  administratively down down  
R1#
R1#config tEnter configuration commands, one per line.  End with CNTL/Z.
R1(config)#interface fastEthernet 0/0R1(config-if)#ip address dhcp
R1(config-if)#no shutdown
R1(config-if)#
R1(config-if)#

*Oct  8 13:06:28.963: %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up
*Oct  8 13:06:29.963: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up
R1(config-if)#
*Oct  8 13:06:37.907: %DHCP-6-ADDRESS_ASSIGN: Interface FastEthernet0/0 assigned DHCP address 192.168.0.17, mask 255.255.255.0, hostname R1

R1(config-if)#

As you can see the interface is assigned 192.168.0.17 IP from the router dhcp

b. Configure default gateway

R1(config-if)#exit
R1(config)#ip route 0.0.0.0 0.0.0.0 192.168.0.1

Now you are able to access the internet from the router

R1#ping 8.8.8.8 

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 160/169/196 ms
R1#

c. Further config to enable users to login to the router remotely, configure passwords and also dns configuration.

Dns configuration

R1(config)#ip domain lookup
R1(config)#ip name-server 8.8.8.8 8.8.4.4

Configure password to allow remote login

R1(config)#line console 0
R1(config-line)#transport preferred none
R1(config)#line vty 0 4
R1(config-line)#transport preferred none 

R1(config)#username admin secret admin@2015
R1(config)#enable secret admin@2015
R1(config)#service password-encryption 

R1(config)#aaa new-model
R1(config)#aaa authentication login default local
R1(config)#aaa authentication enable default enable

      R1(config)#exit

      R1#wr

Ping google.com to test DNS

R1#ping google.com
Translating "google.com"...domain server (192.168.0.1) [OK]
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 41.220.141.187, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/16/28 ms
R1#

Now your good, the router is online, and anyone within your network can login.

Enjoy!!!!!.

Smokeping Configuration in Ubuntu 14.04

SmokePing is a deluxe latency measurement tool. It can measure, store and display latency, latency distribution and packet loss. SmokePing uses RRDtool to maintain a longterm data-store and to draw pretty graphs, giving up to the minute information on the state of each network connection. In this lab am going to show to configure smokeping to monitor latency for your network. Below are steps;


i. Prerequisite
This installation will require web service to be installed, for me am going to use Apache,but also it will need mail service for sending the email am going to use sendmail, run the following command to install web and mail service

$ sudo apt-get update
$ sudo apt-get install apache2
$ sudo apt-get install sendmail

ii. Install Smokeping

$ sudo -s
#
# apt-get install smokeping

For Ubuntu 14.04: you need to install a symlink to the apache2 config

# ln -s /etc/smokeping/apache2.conf /etc/apache2/conf-available/smokeping.conf
# a2enconf smokeping

Also, the CGI module needs to be enabled in Apache:

# a2enmod cgi

Finally, reload the Apache configuration:

# service apache2 reload

Then point your web browser at

http://X.X.X.X/smokeping/smokeping.cgi

where X.X.X.X is your server IP


iii. Initial Configuration

# cd /etc/smokeping/config.d
# ls -l
Output:
total 40K
drwxr-xr-x 2 root root 4.0K Oct  1 13:12 .
drwxr-xr-x 3 root root 4.0K Oct  1 13:12 ..
-rw-r--r-- 1 root root  177 Jan 28  2014 Alerts
-rw-r--r-- 1 root root  237 Jan 28  2014 Database
-rw-r--r-- 1 root root  489 Jan 28  2014 General
-rw-r--r-- 1 root root  225 Jan 28  2014 pathnames
-rw-r--r-- 1 root root  876 Jan 28  2014 Presentation
-rw-r--r-- 1 root root   50 Jan 28  2014 Probes
-rw-r--r-- 1 root root  147 Jan 28  2014 Slaves
-rw-r--r-- 1 root root  380 Jan 28  2014 Targets

The files that you'll need to change, at a minimum, are:
-Alerts
-General
-Probes
-Targets

a. Now open the General file with your favoirite editor (note the first capital letter)

# vim General

Change the following lines;

owner    = NOC
contact  = sysadmin@localhost
mailhost = localhost
cgiurl   = http://localhost/smokeping.cgi
# specify this to get syslog logging
syslogfacility = local5

Save the file and exit. Now let's restart the Smokeping service to verify that no mistakes have been made before going any further:

# service smokeping restart

b. Now open the Alerts file (note the first capital letter)

# vi Alerts

 
Change the following lines:

to = root@localhost
from = smokeping-alert@localhost

Save the file and exit. Restart Smokeping:

# service smokeping reload

Note: When you do some changes there is not need of restarting smokeping, just reload it for it to see configuration.


iv. Configuring monitoring of devices
For device configuration, most of configuration is done on
/etc/smokeping/config.d/Targets file.


As an example am going to configure some few devices where am going to have two groups Local devices and Public Servers,

# vi /etc/smokeping/config.d/Targets

Add the following to creates two groups:

+ LocalDevices
menu = LocalDevices
title = Local Network Devices

+ PublicServers
menu = PublicServers
title = PublicServers

Then add devices on those two groups :

+ LocalDevices
menu = LocalDevices
title = Local Network Devices

++MyGateway
menu = Gateway
title = Gateway
host = 192.168.0.1

++PrintServer
menu = PServer
title = PServer
host = 192.168.0.41

+ PublicServers
menu = PublicServers
title = PublicServers

++Google
menu = Google
title = Google
host = google.com

++Yahoo
menu = Yahoo
title = Yahoo
host = yahoo.com

++Facebook
menu = Facebook
title = Facebook
host = facebook.com

Finally the file will look like below:

*** Targets ***

probe = FPing

menu = Top
title = Network Latency Grapher
remark = Welcome to the SmokePing website of JARASYOLA Company. \
         Here you will learn all about the latency of our network.

+ Local
menu = Local
title = Local Network
#parents = owner:/Test/James location:/

#************************
# Local device monitoring
#************************

++ LocalMachine

menu = Local Machine
title = NOCServer
host = localhost
#alerts = someloss

+ LocalDevices
menu = LocalDevices
title = Local Network Devices

++MyGateway
menu = Gateway
title = Gateway
host = 192.168.0.1

++PrintServer
menu = PServer
title = PServer
host = 192.168.0.41

#**************************
#Public Server Monitoring
#**************************

+ PublicServers
menu = PublicServers
title = PublicServers

++Google
menu = Google
title = Google
host = google.com

++Yahoo
menu = Yahoo
title = Yahoo
host = yahoo.com

++Facebook
menu = Facebook
title = Facebook
host = facebook.com

OK. Let's see if we can get Smokeping to stop and start with the changes we have made, so far. Save and exit from the Targets file. Now try doing:

# service smokeping reload

If you see error messages, then read them closely and try to correct the problem in the Targets file. In addition, Smokeping is now sending log message to the file /var/log/syslog. You can view what Smokeping is saying by typing:

# tail /var/log/syslog

If you want to see all smokeping related messages in the file /var/log/syslog you can do this:

# grep smokeping /var/log/syslog

If there are no errors you can view the results of your changes by going to:

http://X.X.X.X/smokeping/smokeping.cgi

where X.X.X.X is your server IP


Your graph will look good as below;

From there you can add more devices and monitor their latency, i will explain more advanced features of smokeping on part two of this lab.

Happy monitoring.!!!