Git-Mirrors/qubes-doc
1
0
Fork 0
mirror of https://github.com/QubesOS/qubes-doc.git synced 2025-01-29 15:53:29 -05:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' of git://github.com/Jeeppler/qubes-doc into Jeeppler-master

Browse Source
This commit is contained in:
Andrew David Wong 2016-06-27 11:49:05 -07:00
commit cb7246577f
No known key found for this signature in database
GPG Key ID: 8CE137352A019A17
7 changed files with 640 additions and 60 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

191
customization/dark-theme.md Normal file
View File

@ -0,0 +1,191 @@
---
layout: doc
title: Dark Theme in Dom0 and DomU
permalink: /doc/dark-theme/
---
Dark Theme in Dom0
==================
Dark KDE in Dom0
----------------
The following text describes how to change the default light theme to a dark theme. This is just an example, feel free to adjust the appearance to your taste.
The image below shows the default light theme after installation.
![begin light theme](/attachment/wiki/Dark-Theme/kde-fresh-installed-standard.png)
This is the result after applying the steps described here.
![end result dark theme](/attachment/wiki/Dark-Theme/kde-end-result.png)
1. Change `Workspace Appearance`
1. Open the `Workspace Appearance` window
Qubes Menu -> System Tools -> System Settings -> Workspace Appearance
![Workspace Appearance](/attachment/wiki/Dark-Theme/kde-app-appearance-menu-style.png)
2. Go to `Desktop Theme`
![Desktop Menu](/attachment/wiki/Dark-Theme/kde-appearance-settings-desktop-theme-oxygen.png)
3. Select `Oxygen` and `Apply` the change
2. (Optional) Remove blue glowing task items
![blue glowing task bar items](/attachment/wiki/Dark-Theme/kde-taskbar-blue-glowing-border.png)
1. Adjust Oxygen `Details`
Qubes Menu -> System Tools -> System Settings -> Workspace Appearance -> Desktop Theme -> Details (Tab)
2. Select `Oxygen`
3. Change `Theme Item -> Task Items` from `Oxygen Task Items` to `Air Task Items`
![Change Task items look](/attachment/wiki/Dark-Theme/kde-desktop-theme-details.png)
4. Apply changes
![task bar items blue glowing removed](/attachment/wiki/Dark-Theme/kde-taskbar-blue-glowing-removed.png)
3. Change `Application Appearance`
1. Open the `Application Appearance` window
Qubes Menu -> System Tools -> System Settings -> Application Appearance
2. Go to `Colors`
![colors tab](/attachment/wiki/Dark-Theme/kde-app-appearance-menu-colors.png)
3. Select `Obsidian Coast`
![set to Obsidian Coast](/attachment/wiki/Dark-Theme/kde-app-appearance-menu-colors-set.png)
4. Apply Changes
Qubes VM Manager should now look like the image below.
![result black Qubes Manager](/attachment/wiki/Dark-Theme/kde-black-qubes-manager.png)
**Note:** Chaning the `Window Decorations` from `Plastik for Qubes` will remove the border color and the VM name. The problem with `Plastik for Qubes` is, that it does not overwrite the background and text color for Minimize, Maximize and Close buttons. The three button are therefor hard to read.
Dark XCFE in Dom0
-----------------
The following text describes how to change the default light theme to a dark theme. This is just an example, feel free to adjust the appearance to your taste.
The image below shows the default light theme after installation.
![begin light theme](/attachment/wiki/Dark-Theme/xfce-fresh-installed.png)
This is the result after applying the steps described here.
![end result dark theme](/attachment/wiki/Dark-Theme/xfce-end-result.png)
1. Change Appearance
1. Open the `Appearance` dialog
Qubes Menu -> System Tools -> Appearance
![appearance dialog](/attachment/wiki/Dark-Theme/xfce-appearance-dialog.png)
2. Change Style to `Albatross`
**Note:** The black appearance theme `Xfce-dusk` makes the VM names in the `Qubes OS Manager` unreadable.
2. *(Optional)* Change Window Manager Style
1. Open the `Window Manager` dialog
Qubes Menu -> System Tools -> Appearance
![window manager dialog](/attachment/wiki/Dark-Theme/xfce-window-manager-theme.png)
2. Change the Theme in the `Style` Tab (e. g. Defcon-IV). All available themes work.
Dark App VM, Template VM, Standalone VM, HVM (Linux Gnome)
==========================================================
Almost all Qubes VM's are based on the Gnome desktop. Therefor the description below is focused on the Gnome Desktop Environment.
Using "Gnome-Tweak-Tool"
------------------------
The advantage of creating a dark themed Template VM is, that each AppVM which is derived from the Template VM will be dark themed by default.
**Note:** Gnome-Tweak-Tool crashes under Archlinux. A workaround is to assign the AppVM to another TemplateVM (Debian, Fedora) which has Gnome-Tweak-Tool installed. Start the AppVM and configure the settings. Shutdown the machine and switch the template VM back to Archlinux.
1. Start VM
**Note:** In case of App VM start the Template on which the AppVM is based on.
2. Install `Gnome-Tweak-Tool`
- Fedora
sudo dnf install gnome-tweak-tool
- Debian
sudo apt-get install gnome-tweak-tool
3. *(Only AppVM)* Stop template and start AppVM
4. Add `Gnome-Tweak-Tool` to the Application Menu
1. `Right-click` on VM entry in `Qubes VM Manager` select `Add/remove app shortcuts`
2. Select `Tweak Tool` and press the `>` button to add it
![Application Dialog](/attachment/wiki/Dark-Theme/dialog-add-gnome-tweak-tool.png)
5. Enable `Global Dark Theme`
1. *Debian only*
cd ~/.config/
mkdir gtk-3.0
cd gtk-3.0/
touch settings.ini
2. Start `Tweak Tool` from the VM application menu and set the `Global Dark Theme` switch to `on`
![Global Dark Theme enabled](/attachment/wiki/Dark-Theme/gnome-tweak-tool.png)
6. *(Optional)* Modify Firefox
**Note:** Firefox uses GTK style settings by default. This can create side effects such as unusable forms or search fields. There are two different ways to avoid this. Either by using a add-on or by overwriting the defaults.
- use the theme [GTK+ Dark Theme Global Fixes](https://userstyles.org/styles/111694/gtk-dark-theme-global-fixes) and the [Stylish](https://addons.mozilla.org/en-US/firefox/addon/stylish/) addon
- or add the following line to `/rw/config/rc.local`
sed -i.bak "s/Exec=firefox %u/Exec=bash -c 'GTK_THEME=Adwaita:light firefox %u'/g" /usr/share/applications/firefox.desktop
7. Restart VM or all application
Manually
--------
Manually works for Debian, Fedora and Archlinux.
1. Start VM
**Note:** In case of App VM start the Template on which the AppVM is based on.
2. Enable `Global Dark Theme`
cd ~/.config/
mkdir gtk-3.0
cd gtk-3.0/
touch settings.ini
add the following lines to `settings.ini`
[Settings]
gtk-application-prefer-dark-theme=1
3. follow step 6 and 7 in: Using `Gnome-Tweak-Tool`

6
doc.md
View File

@ -67,6 +67,10 @@ Managing Operating Systems within Qubes
* [Templates: Ubuntu](/doc/templates/ubuntu/)
* [Templates: Whonix](/doc/whonix/)
* [How to Reinstall a TemplateVM](/doc/reinstall-template)
* [Pentesting](/doc/pentesting/)
* [Pentesting: BlackArch](/doc/pentesting/blackarch/)
* [Pentesting: Kali](/doc/pentesting/kali/)
* [Pentesting: PTF](/doc/pentesting/ptf/)
* [Installing and Using Windows-based AppVMs (Qubes R2 Beta 3 and later)](/doc/windows-appvms/)
* [Creating and Using HVM and Windows Domains (Qubes R2+)](/doc/hvm/)
* [Advanced options and troubleshooting of Qubes Tools for Windows (R3)](/doc/windows-tools-3/)
@ -143,6 +147,7 @@ Customization Guides
* [Installing XFCE in dom0](/doc/xfce/)
* [Installing i3 in dom0](/doc/i3/)
* [Language Localization](/doc/language-localization/)
* [Dark Theme in Dom0 and DomU](/doc/dark-theme/)
Troubleshooting
@ -232,3 +237,4 @@ Building
* [Building the Archlinux Template](/doc/building-archlinux-template/)

60
managing-os/kali.md
View File

@ -1,60 +0,0 @@
---
layout: doc
title: How to create a Kali Linux VM
permalink: /doc/kali/
---
How to Create a Kali Linux VM
=============================
This guide is being created to give guidance on ways in which you could implement Kali Pen-Testing distrubution within Qubes-OS.
There are multiple ways in which this can be achieved, for example you could create a HVM and use the ISO to install the system straight to that virtual machine.
Build Based on Debian Template
---
1 - Install debian-8 template (if not already installed)
2 - Clone debian-8 template
3 - Add kali repo to /etc/apt/sources.list:
* deb http://http.kali.org/kali kali-rolling main non-free contrib
4 - Find and add kali signing keys:
* gpg --keyserver hkp://keys.gnupg.net --recv-key 7D8D0BF6 (this is the key ID I found on Kali web site)
* gpg --list-keys --with-fingerprint 7D8D0BF6
* gpg --export --armor 7D8D0BF6 > kali.asc
* sudo apt-key add kali.asc
* sudo apt-key list
5 - sudo apt-get update
6 - sudo halt
7 - backup template (cloned...)
8 - sudo apt-get apt-get install kali-*** (or similar) --> installs fine but break the template X settings. As mentioned, X packaged need to be masked prior to this, I did not take the time to look-up how to do that...
9 - Create a appvm from the kali template and attach necessary devices.
Note:
If you do not want to modify the sources.list file and add the signing keys yourself, alternatively you can use KATOOLIN after cloning the Debian Template. Guide on how to use KATOOLIN - http://www.tecmint.com/install-kali-linux-tools-using-katoolin-on-ubuntu-debian/
Alternative Options to Kali
---
PenTester Framework (PTF)

30
managing-os/pentesting.md Normal file
View File

@ -0,0 +1,30 @@
---
layout: doc
title: Penetration Testing
permalink: /doc/pentesting/
---
**Legal notice:**
The usage of penetration testing tools outside your own laboratory environment requires the permission of the organization you attack. Penetration testing without such a permission can have legal consequences.
To avoid such legal conflicts please refer to the [EC-Council: Code of Ethics](https://www.eccouncil.org/Support/code-of-ethics).
Penetration Testing
===================
"A penetration test, informally pen test, is an attack on a computer system that looks for security weaknesses, potentially gaining access to the computer's features and data." (source [Penetration test](https://en.wikipedia.org/wiki/Penetration_test)).
Penetration Testing Distributions
---------------------------------
The following install instructions explain how to setup a penetration testing distribution within Qubes OS.
- [BlackArch](/doc/blackarch/)
- [Kali](/doc/kali/)
- [PenTester Framework (PTF)](/doc/ptf/)
Using Qubes OS to host a "hacking" laboratory
---------------------------------------------
Qubes OS is a hypervisor based operating system. Qubes OS can host various operating systems such as Linux, Unix or Windows and run them parallel. Qubes OS can therefor be used to host your own "hacking" laboratory.

94
managing-os/pentesting/blackarch.md Normal file
View File

@ -0,0 +1,94 @@
---
layout: doc
title: How to Create a BlackArch VM
permalink: /doc/blackarch/
---
**General Remainder:**
- The installation scripts and provided tools may have bugs, be vulnerable to Man in the Middle (MitM) attacks or other vulnerabilities.
- Adding additional repositories or tools for installing software extends your trust to those tool provider.
Please keep in mind that using such a VM or VM's based on the template for security and privacy critical tasks is not recommended.
How to Create a BlackArch VM
============================
[BlackArch](http://www.blackarch.org) Linux is an [Arch Linux](http://www.archlinux.org/)-based distribution for penetration testers and security researchers. The repository contains [1434](http://www.blackarch.org/tools.html) tools.
- List of [tools](http://www.blackarch.org/tools.html)
- [Installation Instructions](http://www.blackarch.org/downloads.html)
Create ArchLinux Based BlackArch Template
-----------------------------------------
1. Create ArchlLinux Template
- Follow the [Archlinux Template instructions](/doc/templates/archlinux/)
2. Update Template
sudo pacman -Syyu
3. Clone template
1. Via Qubes VM Manager
2. Via command line
qvm-clone archlinux blackarch
4. Install BlackArch repository
$ curl -O https://blackarch.org/strap.sh
# The SHA1 sum should match: 86eb4efb68918dbfdd1e22862a48fda20a8145ff
$ sha1sum strap.sh
# Set execute bit
$ chmod +x strap.sh
# Run strap.sh
$ sudo ./strap.sh
5. Install tools
- install all tools
sudo pacman -S blackarch
- or by category:
# list available categories
pacman -Sg | grep blackarch
# install category
sudo pacman -S blackarch-<category>
# example
sudo pacman -S blackarch-forensic
- or specific tool
# Search for tool
pacman -Ss <tool-name>
# Install tool
sudo pacman -S <tool-name>
# Example
pacman -Ss burpsuite
sudo pacman -S burpsuite
6. Create a AppVMs based on the `ptf` template
- (Optional) Attach necessary devices
Alternative Options to BlackArch
--------------------------------
- [Kali](/doc/kali/)
- [PenTester Framework (PTF)](/doc/ptf/)
- [Pentesting](/doc/pentesting/)

200
managing-os/pentesting/kali.md Normal file
View File

@ -0,0 +1,200 @@
---
layout: doc
title: How to create a Kali Linux VM
permalink: /doc/kali/
---
**General Remainder:**
- The installation scripts and provided tools may have bugs, be vulnerable to Man in the Middle (MitM) attacks or other vulnerabilities.
- Adding additional repositories or tools for installing software extends your trust to those tool provider.
Please keep in mind that using such a VM or VM's based on the template for security and privacy critical tasks is not recommended.
How to Create a Kali Linux VM
=============================
This guide is being created to give guidance on ways in which you could create a [Kali Linux](https://www.kali.org/) penetration testing VM (Qube) in Qubes OS.
Kali Linux is the most widely used penetration testing Linux distribution.
There are multiple ways to create a Kali Linux VM. One way is to create a HVM and use the offical ISO to install the system or convert a [Virtual Image](https://www.offensive-security.com/kali-linux-vmware-virtualbox-image-download/). Another way is to clone the Qubes OS Debian image and turn it into a Kali Linux distribution.
Kali Linux HVM
--------------
1. Download the Kali installation DVD
2. Create a new HVM
3. Start the HVM with attached CD/DVD
qvm-start <hvm-name> --cdrom <vm-name>:/home/user/Downloads/<iso-name>.iso
Create Debian Based Kali Template
---------------------------------
1. *(Optional)* Install `debian-8` template (if not already installed)
2. Update your `debian-8` template
sudo apt-get update
sudo apt-get dist-upgrade
3. Clone `debian-8` template (two options)
1. Via Qubes VM Manager
![Clone Debian Template](/attachment/wiki/Kali/clone-kali.png)
2. Via command line
qvm-clone debian-8 kali
4. Start and upgrade the `kali` Template from Debian 8 to Debian 9
sudo sed -i 's/jessie/stretch/g' /etc/apt/sources.list
sudo sed -i 's/jessie/stretch/g' /etc/apt/sources.list.d/qubes-r3.list
sudo apt-get update
sudo apt-get dist-upgrade
sudo apt-get autoremove
**Note:** From now on there are two possible ways either doing everything manually or automatically with [Katoolin](https://github.com/LionSec/katoolin).
Katoolin is a script (written in Python) which helps you to install Kali tools.
5. *manually* - Add Kali Linux repositories
1. Add Kali Linux repositories to `/etc/apt/sources.list`
deb http://http.kali.org/kali kali-rolling main contrib non-free
deb http://repo.kali.org/kali kali-bleeding-edge main
2. Add kali signing key
- The signing key can be found here [Download Kali Linux Images Securely](https://www.kali.org/downloads/)
sudo apt-key adv --keyserver hkp://keys.gnupg.net --recv-keys 7D8D0BF6
sudo apt-get update
6. *katoolin* - Install Katoolin and add Kali Linux repositories
1. Install Katoolin
sudo apt-get install git
git clone https://github.com/LionSec/katoolin.git
sudo cp katoolin/katoolin.py /usr/bin/katoolin
sudo chmod +x /usr/bin/katoolin
rm -rf katoolin
2. Add Kali Linux repositories
- start katoolin
sudo katoolin
- select 'Add Kali repositories & Update'
1) Add Kali repositories & Update
2) View Categories
3) Install classicmenu indicator
4) Install Kali menu
5) Help
kat > 1
![Add Kali repositories and Update menu](/attachment/wiki/Kali/katoolin-add-update-repo-menu.png)
- select 'Add kali linux repositories'
1) Add kali linux repositories
2) Update
3) Remove all kali linux repositories
4) View the contents of sources.list file
What do you want to do ?> 1
![Add Kali repositories](/attachment/wiki/Kali/katoolin-add-repos-menu.png)
- update Kali repositories
1) Add kali linux repositories
2) Update
3) Remove all kali linux repositories
4) View the contents of sources.list file
What do you want to do ?> 2
- quit katoolin by pressing `CRTL` + `c` keys
What do you want to do ?> ^CShutdown requested...Goodbye...
7. Cleanup and update `kali` template
sudo apt-get dist-upgrade
sudo apt-get autoremove
8. Shutdown and trim `kali` template
- Shutdown `kali` template
sudo shutdown -h now
- In `dom0` console:
qvm-trim-template kali
9. Start image
10. *manually* - Install tools
**Warning:** `kali-linux` and `kali-linux-full` does currently not work properly. Please use `Katoolin` or `PTF`.
1. List available packages
sudo apt-cache search kali-linux
2. Select and install tools
- install base system
sudo apt-get install kali-linux
- or install all tools
sudo apt-get install kali-linux-full
- or select specific (example):
sudo apt-get install kali-linux-top10 kali-linux-web
11. *katoolin* - Install tools
1. View Categories
- start katoolin
sudo katoolin
- select `2) View Categories`
2. Select the categories/tools you want to install
- For more information on how to use Katoolin see [How to Auto Install All Kali Linux Tools Using “Katoolin” on Debian/Ubuntu](http://www.tecmint.com/install-kali-linux-tools-using-katoolin-on-ubuntu-debian/)
- **Note:** The `all` option does not work for `Information Gathering`, `Web Apps`, `Forensic Tools`, `Reverse Engineering` and `Extra`.
12. Create a AppVMs based on the `kali` template
- (Optional) Attach necessary devices
Alternative Options to Kali
---------------------------
- [BlackArch](/doc/blackarch/)
- [PenTester Framework (PTF)](/doc/ptf/)
- [Pentesting](/doc/pentesting/)

119
managing-os/pentesting/ptf.md Normal file
View File

@ -0,0 +1,119 @@
---
layout: doc
title: How to create Penetration Testers Framework (PTF) VM
permalink: /doc/ptf/
---
**General Remainder:**
- The installation scripts and provided tools may have bugs, be vulnerable to Man in the Middle (MitM) attacks or other vulnerabilities.
- Adding additional repositories or tools for installing software extends your trust to those tool provider.
Please keep in mind that using such a VM or VM's based on the template for security and privacy critical tasks is not recommended.
How to create Penetration Testers Framework (PTF) VM
====================================================
"The PenTesters Framework (PTF) is a Python script designed for Debian/Ubuntu/ArchLinux based distributions to create a similar and familiar distribution for Penetration Testing.
PTF attempts to install all of your penetration testing tools (latest and greatest), compile them, build them, and make it so that you can install/update your distribution on any machine." (source [PTF Readme](https://github.com/trustedsec/ptf/blob/master/README.md))
**Note** PTF works on Debian testing as well as on Debian 8. PTF itself works with Debian 8, but the software tools will have missing dependencies. Metasploit for examples requires a newer Ruby version than Debian 8 has in the repositories. Therefor the best way to install PTF is by upgrading a Debian 8 into Debian testing with additional Kali repositories. Instead of installing the tools from Kali, PTF will install and update the newest tools.
Create Debian Based Penetration Testers Framework (PTF) Template
----------------------------------------------------------------
1. Create PTF template
1. Follow [Create Debian Based Kali Template](/doc/kali/) till step 7.
2. (Optional) Rename the cloned template to `ptf`
2. Download PTF
sudo apt-get install git
cd /opt
sudo git clone https://github.com/trustedsec/ptf.git
- (Optional) Configure PTF
1. Go to configuration directory
cd /opt/ptf/config
2. Edit the configuration file
for example by using vim:
sudo vim ptf.config
the configuration options are described in the `ptf.config` file
3. Install PTF
cd /opt/ptf
sudo ./ptf
**Note:** the config file has to be in the same directory as the executable. It is not
possible to do sudo ptf/ptf
PTF will put itself into `/usr/local/bin/ptf`. You can use `ptf` from now on.
4. Install/Update modules (tools)
1. Start PTF
sudo ptf
![PTF start banner](/attachment/wiki/PTF/ptf-banner.png)
2. Show available modules (tools)
ptf> show modules
3. Install/Update modules (all/)
- Install/Update all tools
ptf> use modules/install_update_all
- or by category Install/Update
ptf> use modules/code-audit/install_update_all
- or individually (example Metasploit)
1. Search for module
ptf> search metasploit
[*] Search results below:
modules/exploitation/metasploit
2. Use module
ptf> use modules/exploitation/metasploit
ptf:(modules/exploitation/metasploit)>
3. Install module
ptf:(modules/exploitation/metasploit)>install
4. Run Metasploit
ptf:(modules/exploitation/metasploit)>exit
ptf> quit
[*] Exiting PTF - the easy pentest platform creation framework.
sudo msfconsole
5. Create a AppVMs based on the `ptf` template
- (Optional) Attach necessary devices
Alternative Options to PTF
--------------------------
- [BlackArch](/doc/blackarch/)
- [Kali](/doc/kali/)
- [Pentesting](/doc/pentesting/)