Getting started on My Journey as Ethical Hacker

These are the list of resource, one will need to start a Penetration Testing Course..

Hello everyone, welcome to my Blog, This is Tchize Matias a confessed and Graduated Ethical Hacker turned into DevSecOps Engineer. If sort of thing even exist. I am writing this blog as mean to keep track of my journey into becoming a professional Ethical Hacker ..

This is week, I am sharing my journey as I am preparing myself to take the certification Exam for CEH v11 - Certification from EC-Council - https://www.eccouncil.org/train-certify/certified-ethical-hacker-ceh/ and Offensive Security https://www.coursera.org/articles/ethical-hacking-certifications 

Google Dorks - https://cdn-cybersecurity.att.com/blog-content/GoogleHackingCheatSheet.pdf

Google Cheat Sheet - https://sansorg.egnyte.com/dl/f4TCYNMgN6 

Also here a list of links for cheap sheet for more information on Google Dorks

• https://www.sans.org/posters/google-hacking-and-defense-cheat-sheet/
• https://gbhackers.com/latest-google-dorks-list/
• https://www.site24x7.com/tools.html
• https://gist.github.com/sundowndev/283efaddbcf896ab405488330d1bbc06
• https://www.exploit-db.com/google-hacking-database
• https://cheatsheet.haax.fr/open-source-intelligence-osint/dorks/google_dorks/

The links bellow will send you into a Ethical Hacking lab which will assist you in getting on initial setup 

 

• metasploitable3-ub1404upgraded download | SourceForge.net  
• Installing Metasploitable 3 for Windows 10 - rtmoran.org  
• GitHub - rapid7/metasploitable3: Metasploitable3 is a VM that is built from the ground up with a large amount of security vulnerabilities.  
• Download Metasploit: World's Most Used Penetration Testing Tool | Metasploit  
• Building a Virtualbox and VMware Windows 2008 R2 Metasploitable3 VM on Windows | by Sixty3 | Medium  
• Metasploitable3 VMware Workstation VM building – Cybersecurity Knowledge and Practice (wordpress.com) 
• metasploitable3-ub1404upgraded download | SourceForge.net  
• Metasploitable-3 | Anggi's Notes (anggipradana.com)  
• Setting Up a Vulnerable Target | Metasploit Documentation (rapid7.com)  
• HackerSploit Blog - Metasploitable 3 Installation Guide  
• https://www.kali.org/docs/general-use/kali-linux-sources-list-repositories/

How to Create a Ansible Lab on your Local Machine using Vagrant in 5 min using ChatGPT

This is an exciting experiment of mine as DevOps. As I am experimenting with the Tools available ... So, the quest is to "Vagrantfile which creates 3 instances of Centos 8 servers, each server shall be able to connect on the same network for easy communication"

Here is what we want to achieve:

- Build 3 servers to use Ansible

Jumped into via ChatGPT via Bing Copilot and created the following prompt.

"Hi Copilot, can you write a Vagrantfile which creates 3 instances of Centos 8 servers, each server shall be able to connect on the same network for easy communication, these instance serves are to be used as Ansible Lab environments comprised of one Ansible Tower and two deployments environments, please"

The output:

# -*- mode: ruby -*-
# vi: set ft=ruby :

Vagrant.configure("2") do |config|
  # Define the base box
  config.vm.box = "centos/8"

  # Ansible Tower Server
  config.vm.define "ansible_tower" do |ansible_tower|
    ansible_tower.vm.hostname = "ansible-tower"
    ansible_tower.vm.network "private_network", ip: "192.168.56.10"
  end

  # Deployment Environment 1
  config.vm.define "deploy_env1" do |deploy_env1|
    deploy_env1.vm.hostname = "deploy-env1"
    deploy_env1.vm.network "private_network", ip: "192.168.56.11"
  end

  # Deployment Environment 2
  config.vm.define "deploy_env2" do |deploy_env2|
    deploy_env2.vm.hostname = "deploy-env2"
    deploy_env2.vm.network "private_network", ip: "192.168.56.12"
  end

  # Provisioning with Ansible (Optional)
  # config.vm.provision "ansible" do |ansible|
  #   ansible.playbook = "playbook.yml"
  # end
end

Source code on Git Hub repository.

To use this Vagrantfile:

1. Install VirtualBox and Vagrant on your system.
2. Save the above code into a file named Vagrantfile.
3. Open a terminal and navigate to the directory containing the Vagrantfile.
4. Run vagrant up to create the VMs.

This Vagrantfile configures each CentOS 8 server with a static IP on a private network, allowing them to communicate with each other. You can uncomment and adjust the Ansible provisioning block to run your Ansible playbooks automatically.

You’ll have three CentOS 8 servers (server1, server2, and server3) along with an Ansible Tower instance (ansible-tower) for your lab environment. Adjust memory and CPU settings as needed based on your system resources.

Happy Ansible-ing! 🚀

Next - 

To test the Ansible connection to the three CentOS 8 servers you've set up, you can use a simple Ansible playbook that employs the ping module. This module is specifically designed for connection testing and doesn't actually send ICMP pings but attempts an SSH connection and returns pong on success.

Here's an example playbook, test_connection.yml, that you can use:

yaml
---
- name: Test Ansible Connection to Servers
  hosts: all
  gather_facts: no

  tasks:
    - name: Test connectivity with ping module
      ansible.builtin.ping:

Before running the playbook, ensure you have an inventory file (inventory.ini or your preferred name) that lists the IPs or hostnames of your servers under a group [servers] or individually. Here's an example:

javascript
[servers]
192.168.56.10 ansible_user=your_username ansible_ssh_private_key_file=/path/to/private_key
192.168.56.11 ansible_user=your_username ansible_ssh_private_key_file=/path/to/private_key
192.168.56.12 ansible_user=your_username ansible_ssh_private_key_file=/path/to/private_key

Replace your_username and /path/to/private_key with the appropriate user and SSH key path for your setup.

To run the playbook and test the connection to all servers in your inventory, use the following command:

bash
ansible-playbook -i inventory.ini test_connection.yml

This command will attempt to connect to each server listed in inventory.ini and report back whether the connection was successful.
....

Nice !! Now, let us push this code further ..  I have tested the script on my machine and Made all 3 instances up and running.  Further improved the code and stored in Github source code here

Here the code on VisualCode:

Continue on  part 2

🌐 Sourcesmedium.com - How to Create Multiple Virtual Machines Using Vagrant Tool

stackoverflow.com - Two Operating Systems in a single Vagrantfile

Building a Vagrant Box: From Scratch to Sharing

Building a Vagrant Box: From Scratch to Sharing

Vagrant streamlines the creation and management of virtual machines, making it a valuable tool for IT engineers. This guide walks you through building a customized Vagrant box, step-by-step, from creating the virtual machine to sharing it with others.

Prerequisites:

• Vagrant: Download and install Vagrant from the official website https://developer.hashicorp.com/vagrant/install.
• VirtualBox: Download and install a virtualization software like VirtualBox https://www.virtualbox.org/wiki/Downloads.
• Basic Linux knowledge: Familiarity with the command line and basic Linux administration tasks is recommended.

Step 1: Setting Up the Virtual Machine

1. Create a new virtual machine: Open VirtualBox and click "New." Choose the desired operating system (e.g., Ubuntu) and version. Allocate memory (e.g., 2048 MB) and storage space (e.g., 40 GB) for the virtual machine.

2. Configure shared folder: Right-click on the newly created VM and select "Settings > Shared Folders." Add a shared folder, specifying the host path (e.g., your project directory) and the guest path (e.g., /vagrant).

Step 2: Provisioning the Virtual Machine with Vagrant

1. Initialize Vagrant: In your project directory (containing the shared folder), open a terminal and run vagrant init to initialize a Vagrantfile.

2. Configure the Vagrantfile: Open the Vagrantfile in a text editor and customize the following sections:

Ruby

# -*- mode: ruby -*-
# vi: set ft=ruby :

VAGRANTFILE_API_VERSION = "2"

# Provider configuration
Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
  config.vm.box = "ubuntu/focal64" # Replace with the desired box name and version

  # Shared folder configuration
  config.vm.synced_folder ".", "/vagrant"

  # Update packages & install essential tools
  config.vm.provision "shell", inline: <<-SHELL
    sudo apt-get update -y
    sudo apt-get upgrade -y
    sudo apt-get install -y essential curl unzip rsync
  SHELL
end

Explanation:

• VAGRANTFILE_API_VERSION: Specifies the Vagrantfile API version.
• config.vm.box: Sets the base box image to use.
• config.vm.synced_folder: Configures the shared folder between the host and guest machines.
• config.vm.provision: Defines provisioning scripts to run inside the virtual machine.

Step 3: Building the Vagrant Box

1. Provision the VM: Run vagrant up in the terminal. This will download the base box, configure the virtual machine, and execute the provisioning scripts.

2. Install additional software: Inside the virtual machine (accessible using vagrant ssh), install any additional software you need for your specific use case.

3. Clean up the VM: Once the VM is configured, run sudo apt-get autoremove -y to remove unnecessary packages and free up disk space.

4. Package the VM: Run vagrant package to create a compressed .box file containing the customized virtual machine.

Step 4: Sharing the Vagrant Box (Optional)

1. Upload the .box file: Upload the .box file to a platform like Vagrant Cloud https://app.vagrantup.com/ or your private repository.

2. Share the Vagrantfile: Share the Vagrantfile along with the .box file for others to easily provision the virtual machine.

Congratulations! You've successfully built and packaged a customized Vagrant box, ready to be used for your development or testing needs. 

By following these steps and customizing the configurations, you can create Vagrant boxes tailored to your specific requirements.