Skip to content

collinsbigomba/linux

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

20 Commits
images
images
 
 
README.md
README.md
 
 
searchsploit.png
searchsploit.png
 
 
searchsploit1.png
searchsploit1.png
 
 
searchsploit3.png
searchsploit3.png
 
 

Repository files navigation

linux

Objective

Skills Obtained

  • Searching for exploits using searchsploit
  • configuring ssh
  • Understanding the File Hierarchical System (FHS) which is very important to know in the linux world

Tools

  • openssh
  • openvpn
  • searchsploit

Steps

configuring ssh port 22

This enables users to remotly login from any machine that also has ssh on it or putty inorder to access the server

  • First install ssh on the server if its not installed

    -Start the ssh service with the command as follows

  • configure its configuration file (/etc/ssh/sshd.conf) inorder to make the connection successfull

    Add some parameters to improve the security of your server

  • PermitRootLogin no

  • passwordAuthentication no

  • change your ssh port number to a different one

  • pubkeyAuthentication yes inorder to enable key based authentication on your server

  • Generate the keys with the following command

  • Copy the public key to your server

  • start a basg shell with the following command

  • Add the private key in memory such that you wont be typing your password for every login but rather until the session is ended

  • Start ssh with the command as follows

  • ssh -p 22 192.168.2.3

configuring openvpn

  • First install openvpn on your machine if its not installed 'apt install openvpn'
  • Then google for 'vpnbook' and download the zipped folder on your machine based on the country your in
  • Unzip the folder
  • Get to your network settings under the vpn section and import the unzipped folder
  • Choose any file you want to use and then specify the username and password which are on the 'vpnbook website'

configuring searchsploit

  • searchsploit is a very good tool for pentesters because it enables you to search for exploits offline from the exploit database
  • Its a command-line search tool for the Exploit Database (Exploit-DB), which is maintained by Offensive Security. It allows users to search through a vast repository of exploits and shellcode for various vulnerabilities. This tool is particularly useful for penetration testers, security researchers, and ethical hackers who need quick access to public exploits for known vulnerabilities.
  • For more information, consult its man page

  • You can search for exploits by typing searcsploit with the name of the exploit youre looking for

  • Its also necessary to weekly update searchsploit

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published