pen testing / port forwarding guide?
47 views
Skip to first unread message
J.M. Porup
Jul 14, 2020, 11:54:43 AM7/14/20
to qubes...@googlegroups.com
hi,
Has anyone written a guide to setting up a Kali vm in Qubes for
pen testing?
I'm studying for the OSCP, and the Qubes firewall port forwarding
guide suggests a fragile and finicky setup that I'm reluctant to
rely on. Punching holes from sys-net to sys-firewall to vpn-vm to
an an appvm just to run `nc -nlvp 4444` seems... like a kludge, at
best.
Issue #4028 tracks this problem.
The alternatives seem to be 1) create a HVM with direct access
to hardware--no sys-net or firewall-vm--or 2) purchase a
dedicated laptop for this use case.
Any suggestions?
thanks,
jmp
--
J.M. Porup
www.JMPorup.com
Has anyone written a guide to setting up a Kali vm in Qubes for
pen testing?
I'm studying for the OSCP, and the Qubes firewall port forwarding
guide suggests a fragile and finicky setup that I'm reluctant to
rely on. Punching holes from sys-net to sys-firewall to vpn-vm to
an an appvm just to run `nc -nlvp 4444` seems... like a kludge, at
best.
Issue #4028 tracks this problem.
The alternatives seem to be 1) create a HVM with direct access
to hardware--no sys-net or firewall-vm--or 2) purchase a
dedicated laptop for this use case.
Any suggestions?
thanks,
jmp
--
J.M. Porup
www.JMPorup.com
m...@militant.dk
Jul 14, 2020, 4:17:00 PM7/14/20
to qubes-users
tirsdag den 14. juli 2020 kl. 17.54.43 UTC+2 skrev jm:
hi,
Has anyone written a guide to setting up a Kali vm in Qubes for
pen testing?
I have Kali rolling installed and happy using it for CTF gaming and small stuff. I love Qubes and Kali together, but for reverse shell, etc. Andrew Douma wrote en evaluation some time ago, and recommended not using Qubes for pentesting.
I'm studying for the OSCP, and the Qubes firewall port forwarding
guide suggests a fragile and finicky setup that I'm reluctant to
rely on. Punching holes from sys-net to sys-firewall to vpn-vm to
an an appvm just to run `nc -nlvp 4444` seems... like a kludge, at
best.
Issue #4028 tracks this problem.
The alternatives seem to be 1) create a HVM with direct access
to hardware--no sys-net or firewall-vm--or 2) purchase a
dedicated laptop for this use case.
Both suggestions are good, I believe.
Sincerely
Max
lik...@gmx.de
Jul 14, 2020, 4:52:33 PM7/14/20
to qubes...@googlegroups.com
https://gist.github.com/Joeviocoe/6c4dc0c283f6d6c5b1a3f5af8793292b
This one might also be useful:
https://gist.github.com/Joeviocoe/90ec9fd9a0769b4671a8ae9c87584187
Best. P.
ludwig jaffe
Jul 19, 2020, 1:52:37 PM7/19/20
to qubes-users
Feature Request:
Kali template VM with qubes-os secialities like cut&paste installed.
Cheers,
Ludwig
unman
Jul 20, 2020, 7:37:29 AM7/20/20
to qubes-users
Please scroll to the bottom of the message before you start typing. Or
reply inline.
It only takes you seconds, makes it much easier to follow threads, and
cumulatively saves your fellow users hours.
You can already build a kali template with the qubes-builder - or I
provide a pre-built one if you are uncertain about building your own
unman
Stefan Schlott
Jul 20, 2020, 10:49:53 AM7/20/20
to qubes...@googlegroups.com
On 2020-07-14 17:54, 'J.M. Porup' via qubes-users wrote:
> Has anyone written a guide to setting up a Kali vm in Qubes for
> pen testing?
I created a template based on the Debian template as described here:
> Has anyone written a guide to setting up a Kali vm in Qubes for
> pen testing?
https://www.qubes-os.org/doc/pentesting/kali/#kali-linux-templatevm-from-a-debian-template---1
> The alternatives seem to be 1) create a HVM with direct access
> to hardware--no sys-net or firewall-vm--or 2) purchase a
> dedicated laptop for this use case.
>
> Any suggestions?
Unfortunately, not all devices work, check
https://github.com/QubesOS/qubes-issues/issues/3778 for a list of tested
adapters.
If nothing helps: Shut down your network VM and attach your network
device directly to your Kali VM. For switching to and fro, you can
create a script in dom0.
Stefan.
Reply all
Reply to author
Forward
0 new messages