Kali-Linux on Chromebook / Crostini (LXC/LXD linux container)

Intro

let me first state that this is not the normal intended use of containers.

In the normal use case containers are supposed to be ephemeral.

However, in this specific use case I want to use it as a light-weight virtual machine, and therefore I do want to keep it's state at all times. 

---

Objective: 

1. Running a Kali-Linux docker-container inside the Crostini LXC/LXD- Debian-container on a Chromebook. 
2. Keeping an up-to-date Kali-Linux image with any updates, pen-test-data, and changes made inside the active kali-Linux container so it is easy to create new and/or transport containers with all the latest changes and data. (back-up image with the current state of the current container)

Assumptions:

The Linux-container is active on your Chromebook

 

Setup Docker:

1. Update your Debian LXC/LXD container:
   
   sudo apt update && upgrade -y
   
   
2. Install dependencies:
   
   sudo apt install -y \
   apt-transport-https ca-certificates \
   curl gnupg2 software-properties-common
   
   
3. Import gpg-key:
   
   curl -fsSL https://download.docker.com/linux/debian/gpg | sudo apt-key add -
   
   (note: don't forget the "-" at the end of the line!)
   
   
4. Add the docker repo to the source list:
   
   sudo add-apt-repository \
   "deb [arch=amd64] https://download.docker.com/linux/debian \
   $(lsb_release -cs) stable"
   
   
5. Update the new resources:
   
   sudo apt update
   
   
6. Install the docker engine (community edition):
   
   sudo apt install -y docker-ce docker-ce-cli containerd.io
   
   
   

VPN Gateway VM in VirtualBox (with Kill Switch)

PDF - version

Setup:

• A Linux host PC (Ubuntu 18.04/20.04) Running an up-to-date Virtual Box.
• Guest: A headless Virtual server (Ubuntu 18.04/20.04)
• Valid VPN account with a 3rd party. (in my case: NordVPN)

Goal:

• Start the virtual machine (guest) headless as a service when booting the Host machine.
• The VM must be able to log in automatically as a service without manually providing account credentials 
• The VM uses a bridged network so it has a reachable IP on the LAN
• Using the VM-IP as a gateway for devices that need a VPN connection.
• No other outbound connection possible for devices using this gateway when the VPN-connection to NordVPN goes down, No internet connection is available.

Install Node.js from binaries on your Linux system

Of course, you can install Node from installer scripts or use the repository version from your distribution. But if you are like me and want to have full control of what version you want to use for your projects, the binary install is the way to go.
Alternatively, you could use the nvm (node version manager) to achieve the same.
But I like to keep things simple and clear. 

Step 1:

Download the version you want to use from the node website.
At the time of this writing, the version latest version file: node-v14.0.0-linux-x64.tar.xz

Step 2:

Extract the tar-file to the location of your liking. ( ~/node-v14.0.0)

Step 3:

Edit either your .bashrc or .profile file to add the path to your node-folder.
I prefer to use my .bashrc file as I add many other handy things in there, and distribute it to all my systems

edit ~/.bashrc 

and add the following lines

# ---------------------
# Node-js settings:
# ---------------------
export NODEJS_HOME=~/node-v14.0.0
export PATH=$PATH:$NODEJS_HOME/bin

Step 4:

Refresh .bashrc or .profile or simply exit terminal and open again

Step 5:

Test the version of node and npm

~$ node -v 
> v14.0.0

~$ npm -v 
> v6.14.4

OpenVPN on Chromebooks with ovpn-file

Although the network settings in chrome-O/S allow for VPN settings, it seems cumbersome to get a simple ovpn-file of a private VPN server to work on Chromebooks.

Somewhere on the net, I've found bits and bytes on this matter and found this way to work the best for my needs.

Let's say you have a VPN server set up somewhere on a VPS. In my case, it is running as a docker container on a droplet with Digital Ocean. On there I've created an ovpn-file named "laptop.ovpn". but it can be named any way you like of course.

How to connect to the VPN on a Chromebook?

1. open a shell screen (CTRL + ALT + T) to open Crosh terminal,
   and then type shell (+enter) to access a shell
2. at the prompt type: sudo stop shill  (+enter)
3. then:  sudo start shill BLACKLISTED_DEVICES=tun0 (+enter)
4. load ovpn file: sudo openvpn /path/to/ovpn-file/laptop.ovpn (+enter)

At this point, your network connection should be routed through your Private VPN server. 

Urban Terror 4.3 on Ubuntu 18.04 / amd64

The default installation of 64 bit version does not provide the extra's for running old 32Bit apps.

to enable this, you need to add it as follows: 

dpkg --add-architecture i386

sudo apt install --reinstall libsdl1.2debian




Optionally you might have to install the new quake engine too: download here

Join AVCHD.mts files without re-encoding into one m2ts-file

Camera: 

Canon LEGRIA HFR16


Goal: 

Join all the separate recordings from your memory card ("00001.MTS, 00002.MTS....") into one result file without re-encoding into another format so there won't be any deterioration of quality. 


I have been using all kinds of software to do this, but there is always something I didn't like. Mostly the time it would consume. 



The following 6 steps do the trick for me: 

1. Copy all the *.MTS files you want to combine into a folder. 
2. Open terminal screen (CTRL + T)
3. Execute at the prompt:
   
   cd /path 2 the folder with all the mts files/  (enter)
   
   ls >> combine.txt
4. Open an editor (I use Gedit) and replace all the newline characters (\n) with |
   (turn off wrap around too)
5. now insert the following at the beginning of the text:
   
   ffmpeg -i "
   
   and add the next line at the end of the text:
   
   " -c copy filename.m2ts
   
   save the file if you want to keep it for later use.
6. copy the whole text and paste it in the terminal screen, and execute.
   (sample with 10 mts files, but I've done it with 100+ files too without a problem)
   It should look like this:
   
   ffmpeg -i "concat:00000.MTS|00001.MTS|00002.MTS|00003.MTS|00004.MTS|00005.MTS|00006.MTS|00007.MTS|00008.MTS|00009.MTS|00010.MTS" -c copy filename.m2ts

Hope this helps.

Ubuntu 16.04.01LTS: Screenshot shortcut "prt sc" not working on my HP pavilion dv7

After upgrading to Ubuntu 16.04 LTS I've noticed that the normal screenshots shortcuts didn't work anymore. 

Normally: 

• (prt sc) Print Screen Take a screenshot 
• Alt + Print Screen Take a screenshot of Window
• Shift + Print Screen Take a screenshot of an area of screen. Use crosshair to drag and select an area.

However, it seems that I can do:

• fn + delete to take a screenshot
• fn + alt + delete to take a screenshot of the active Window
• fn + shift + delete to take a screenshot of a screen area. 

there might be an elegant solution to this problem, but hey, this works for me just fine, and maybe also for you. 

UEFI - Windows Product Key retrieval in Lunux

Trying to install a fresh copy of windows 8.1 or newer? or Install a copy as a virtual machine in your linux? 

On newer (win 8.1 + ) versions you won't find a sticker with the product key to install a fresh copy of windows on your machine. So you either have to retrieve it beforehand from your firmware using windows tools, or gather it after installing Linux on the drive. 

You have paid for this license and the Product key is in your UEFI firmware. You can retrieve this and write it into a text-file by typing the following command in a terminal screen.

sudo hexdump -s 56 -e ' "MSDM key: " /29 "%s\n" ' /sys/firmware/acpi/tables/MSDM > /home/[username]/filename.txt

Note: 
Usually your copy of windows is pre-installed on your original hardware, in case of disk-failure or disk-swap, you might need to download a fresh copy (.iso-file) from Microsoft. (this will only work if you download the correct version = same as your original version. otherwise your product key will not work) 

URL redirect/rewrite using the .htaccess file on Linux Servers. (redirect non-www-address to the www-address)

By default your website can be accessed with both www.example.com and example.com. Allowing both can confuse search engines, in fact, Google penalizes this (duplicated content).
You should restrict the access to either www.example.com or example.com. Some search engines may have already indexed your website under both addresses.

If you run your web-site on a Linux server, you can force this restricted behavior simply by adding the following code to your ".htaccess" file in the public_html folder of your web-ste.

Options +FollowSymLinks
RewriteEngine on
RewriteCond %{HTTP_HOST} ^example.com [NC]
RewriteRule ^(.*)$ http://www.example.com/$1 [L,R=301]

eID-Software in 5 steps on Ubuntu 12.04 Lts, 14.04 Lts, 15.04

Card Reader: ACR38 usb:
(But any generic card reader should work)

In Belgium, the eID (Electronic ID card) is widely used to sign-on into many governmental services. (ex. Fedict, Student@work, beConnected, eBirth, myBelgium, TaxonWeb, Horeca@work, MyPension, eBox ...)

Installing an eID card-reader in Linux is not as strait forward as it could be.

I've used the following procedure to install it on Ubuntu 12.04 LTS & 14.04 LTS and on Crouton version of 14.04 LTS of my Chromebook.


I will explain in 5 steps how to get your ACR38 eID card reader working in Linux.
(For Ubuntu 12.04, 14.04 & 15.04, but probably works on other Debian based distro's as well )

Re-size VirtualBox Disk-Images

The native disk-file format for VirtualBox is .vdi, but VirtualBox is fully operational with other file formats as well.  ( .vdmk .vhd .ovf .ova .vdi ...)

However, if you need to re-size your virtual disk image, you might need to convert your file. To my knowledge, currently the re-size function within VirtualBox image manager works best with .vdi images.

In my case I was using a vmWare image of Windows 7 on my Ubuntu 12.04 / 14.04 LTS host, so I cloned my disk first to .vdi before re-sizing.

Unknown username "whoopsie" in message bus configuration file (Crouton)

For some time I had this notification "Unknown username 'whoopsie' in message bus configuration file" coming up when I started my Ubuntu-server on my Chromebook via crouton. It seemed not to do anything wrong but hey, I hate to see error messages popping up on the screen and not knowing what it really means.

In my search I've learned that the user 'whoopsie'  is being used for the error reporting daemon in Ubuntu.

System Description:

Toshiba Chromebook 2:

Intel® Celeron® Processor N2840

Intel® HD Graphics

4GB DDR3 1600MHz 

16GB solid state flash memory (eMMC)

13.3" widescreen FHD TruBrite® LED Backlit Display (1920x1080)

Stereo speakers tuned by Skullcandy

Dual array microphone,HD webcam

Intel® Dual Band Wireless-AC 7260 Plus Bluetooth 4.0

Lithium Polymer (44Wh, 3-Cell) up to 9hrs

HDMI® output port

1-USB (2.0) port,1-USB (3.0) port

SD Card Reader + SanDisk Extreme Pro 64GB (95Mb/sec)

Skype 4.3 on Chromebook & Crouton-Ubuntu 14.04

To install Skype on your chrome book & crouton - Ubuntu 14.04 LTS, you need to make sure you have added the i386 architecture, (yes I know, a shame Skype hasn't been updated to 64 bit Linux systems) and also enabled the canonical partner repositories in your settings. 

Or to make it simple, type the following command-line instructions in a terminal session. 
(CTRL + ALT + T to start a terminal session)

sudo dpkg –add-architecture i386
sudo apt-get update
sudo add-apt-repository “deb http://archive.canonical.com/ $(lsb_release -sc) partner”
sudo apt-get update 
sudo apt-get install skype 


Enjoy skype with crouton/Ubuntu on your Chrome book. 




Tested on Toshiba Chromebook 2 | Development mode, and Crouton/Ubuntu 14.04.03 LTS.

Extract the audio stream from YouTube videos

If you want to extract the audio stream from a video, you can do that with a series of software free and not free, but I prefer to use ffmpeg at the command line. It is very quick and simple.

Beware some video's have multiple audio files. Using the correct demuxing procedure is in order.

In this article I assume you want to extract audio from YouTube Video's with one audio stream

• Open a terminal screen. (Ctrl+T in Ubuntu) 

• type: ffmpeg -i inputfile.mp4 -vn -ab 256 outputfile.mp3

for more information visit the FFmpeg site

Spliting a Flac (audio) file via Command line

If you have a flac-file that contains multiple songs, you might want to separate each track into a separate file. Nothing is holding you back to do that manually, however, doing it automatically seems a better way.

Normally flac files comes with a cue-file (*.cue) that contains the information where to cut the flac-file to extract each track. 

To do this quick and clean at the command line, you'll need to install the following packages "cuetools, shntool & flac" by typing this command at the command line:

sudo apt-get install cuetools shntool flac

To split the flac audio file (*.flac) type:

cuebreakpoints file.cue | shnsplit -o flac file.flac

• "shnsplit" is used to split tracks,
• "cuebreakpoints" reads the break-points from the *.cue-file 
• With the pipe command "|" we feed this information into the "shnsplit" command.

Thanks to Danilo Dellaquila that provided this tip.

gSheets: Absolute and Relative references Toggle (F4)

Changing formula's from relative to absolute addressing by add the $(dollar)sign can be a painful task if you do it manually. Using the Smart toggle feature within gSheets can offer you some relief. (F4)

Example: 

[=D4*C4]

Place cursor near D4 in the formule [=|D4*C4] and hit F4. 

Repeatedly hitting the F4 key will show you in sequence the following options.

[=D4*C4] , [=$D$4*C4] , [=D$4*C4] , [=$D4*C4] , [=D4*C4].....

The same will happen if you position the cursor near C4

Moving around and selecting cells in Google Sheets

Moving around in Google Sheets:

CTRL+HOME {Moves the cursor to the first cell in the worksheet (upper left corner)}

CTRL + END {Moves the cursor to the right lower corner of the worksheet}

CTRL + ⇨ {Moves the cursor to the most right cell containing data within an active range}

CTRL + ⇦ {Moves the cursor to the most left cell containing data within an active range}

CTRL + ⇧ {Moves the cursor to the first row within an active range containing data}

CTRL + ⇩ {Moves the cursor to the last row within an active range containing data}

Selecting cells in Google Sheets:

Basically the same movements as above but with addition of the Shift key, the cell within the cursor displacements are selected.

CTRL + SHIFT + ⇨ {Select all cells from start point to the most right column of the active range, additional strokes will select to next block of data or most right cell of the worksheet}

CTRL + SHIFT + ⇦ { If already selected, the reverse of prior action, If nothing selected and positioned right of the most left column, all cells between current cell and most left column will be selected}

CTRL + SHIFT + ⇩ {Select all the rows down up to the last row of an active range, additional stroke(s) select to the bottom of the worksheet, or next range of data if available}

CTRL + SHIFT + ⇧{If already rows selected in an active range, it will deselect prior selection and possibly select previous unselected rows above the first selection all the way to the top row of the active range; if nothing was selected yet, it will select all the rows above the current position in an active range, additional strokes will select to the top of the worksheet or last row of any ranges above the current one} 

*.OGV to *.AVI with mencoder

if you want to convert your screen recordings (*.ogv) to (*.avi), you can use ffmpeg to do the job. .. but since my version resulted a garbled up quality (seems to be a known bug ) , I resorted to mencoder .

Here is how.

mencoder input-file.ogv -ovc lavc -oac mp3lame -o output-file.avi

Synchronize Google contacts with Evolution while using 2 Step authentication

Once you start using 2 step authentication in your Google account, it becomes a little bit more complicated to have the different services in Evolution to talk to your account. (see procedure at google) Emails and Calendar is straightforward (using the generated passcode from the google site. 

For your address book you can't add or change your password within Evolution. But no worries, the following workaround is not that hard. 

1. open "passwords and keys" in the Ubuntu applications menu
2. open the Passwords tab
3. find the google:// entries for your google contacts
4. open that entry or entries and expand the password dropdown at the bottom
5. reset or enter your new password (generated by Google for the 2 step authentication)
   

Dynamically change screen resolution in Virtual Box for Linux host/guests.

If you install a new virtual Ubuntu machine (guest), in a Ubuntu system (host), by default the screen resolution is fixed to either 640x480; 800x600 or 1024x768.

You might want to change that to a system where the guest screen resolution is dynamically adjusted to the size of your window.

To do that you need to change some settings and make sure you have installed the guest additions correctly.


Procedure:

1. Turn off 3D Acceleration in the VM settings
   
   
2. Open Terminal screen and run these commands:
   
   

   sudo apt-get update  
   sudo apt-get upgrade  
   sudo apt-get install dkms  
   sudo apt-get install build-essential
   
   

3. From the Devices menu, select "install the Guest Additions (Host-D)".
   Normally the auto-run application will start to install the guest additions. If not, a new CDROM will appear on the desktop / file manager. Open the device and (Rightclick) start Autorun.
   
4. Restart the virtual machine
   
5. Now if you resize the window or choose Full Screen mode, it will resize the desktop screen resolution properly.