The virtual machine used for the Security Summer School is configured with all tools required.

Kali Linux is a Debian-based distribution the comes with a handful of helpful security tools used for Penetration Testing, Forensics and/or Reverse Engineering.

The VM can be downloaded in OVA format from https://repository.grid.pub.ro/cs/hexcellents/sss/. Use your curs.pub.ro LDAP credentials to authenticate.

The credentials used to login on the Kali Linux virtual machine are:

• username: root
• password: toor

• 64-bit OS
• 2 GB RAM
• 30 GB HDD space

If your physical machine is low on resources (or you simply don't want to live inside the Kali VM, e.g. login in its browser), one thing that might help is running the VM in the background with no graphical interface and simply connect to it via SSH from a host terminal.

The ssh deamon is already active inside the VM and a port forwarding rule has been implemented on port 2222:

$ ssh -p 2222 root@localhost

To get rid of the graphical interface, configure the machine to boot in runlevel 3, by making the following change in /etc/default/grub:

# GRUB_CMDLINE_LINUX_DEFAULT="quiet"
GRUB_CMDLINE_LINUX_DEFAULT="quiet 3"

Then run:

# update-grub

Finally, reboot the machine (or run telinit 3 to switch to runlevel 3).

To start the machine headless (i.e. no graphical window showing the VM) in Virtual Box, you can either use the “Start” options from the virtualbox graphical application, or:

$ VBoxManage startvm <vm-name> --type headless

Where <vm-name> is the actual name of the VM which you can determine by running:

$ VBoxManage list vms

It is Virtual Box vm using Debian 32 bit (at this point Jessie 8.1).

Download using HTTP from https://repository.grid.pub.ro/cs/hexcellents/sss/

• username: student
• password: student

The student user may issue sudo su to get a root prompt, no password required.

• 512 MB RAM
• 16 GB HDD space
• interface eth0 for Internet access (NAT)
• interface eth1 for local access through SSH (host-only)

• Debian GNU/Linux 8.1 “Jessie”
• Xfce
• Linux kernel 3.16

Install and configure packages

apt-get install sudo
apt-get install vim
cp /usr/share/vim/vim*/vimrc_example.vim /etc/vim/vimrc
update-alternatives --config editor
visudo
sudo apt-get install tcpdump gawk git gitk git-gui wget curl htop netcat nmap wireshark openssh-server gzip bzip2 zip unzip unrar-free p7zip lzma xz-utils subversion mercurial sed less bless hexedit elfutils vim strace finger tree pciutils usbutils lsof bash-completion pwgen host gdb valgrind ctags expect python emacs iotop ltrace
sudo apt-get install iotop nasm apt-file lynx ncftp ldap-utils mailutils net-tools ethtool screen tmux dtach filezilla
sudo apt-get install radare2 radare2-plugins
sudo dpkg-reconfigure wireshark-common && sudo usermod -a -G wireshark $USER

Configure Git

git config --global user.name 'SSS Student'
git config --global user.email 'sss@security.cs.pub.ro'
git config --global color.ui aut

Create Desktop shortcut for Sublime Text 2

Install and configure metasploit: http://www.pkdavies.co.uk/156-debian-7-metasploit-setup.html

sudo apt-get install build-essential libreadline-dev libssl-dev libpq5 libpq-dev libreadline5 libsqlite3-dev libpcap-dev openjdk-7-jre subversion git-core autoconf postgresql pgadmin3 curl zlib1g-dev libxml2-dev libxslt1-dev libyaml-dev ruby ruby-dev

sudo chmod o+r /var/lib/gems/2.1.0/gems/robots-0.10.1/lib/robots.rb

add MSF path to PATH

Install and configure IDA

wget https://out7.hex-rays.com/files/idademo68_linux.tgz

Create Desktop shortcut for IDA

• PEDA: https://github.com/longld/peda

The Windows 7 virtual machine comes with a handful of helpful security tools used for binary inspection, forensics and reverse engineering.

The VM can be downloaded in OVA format from https://repository.grid.pub.ro/cs/hexcellents/sss/; the file is SSS - Windows 7 32 bit.ova. Use your curs.pub.ro LDAP credentials to authenticate.

• username: student
• password: student

• 32-bit OS
• 2GB RAM
• 20 GB HDD space

It is Virtual Box vm using Ubuntu 64 bit.

The VM can be downloaded in OVA format from https://repository.grid.pub.ro/cs/hexcellents/sss/. Use your curs.pub.ro LDAP credentials to authenticate.

The credentials used to login on the Ubuntu virtual machine are:

• username: virtual
• password: virtual

• 64-bit OS
• 2 GB RAM
• 30 GB HDD space