Jul 272012
 

Glastopf is a web application honeypot which emulates thousands of vulnerabilities to gather data from attacks targeting web applications.  The principle behind it is very simple:  Reply the correct response to the attacker exploiting the web application.

This article is mostly to cover the installation, setup, usage, etc

Installation

Continue reading »

Jul 132012
 

Credit where credit is due….The bulk of this article was obtained from the excellent article located here: http://www.xors.me/?p=4458

I found the original article and then modified it to fit my operating system and environment.  It has been modified to work with Backtrack Linux installation using native virtualbox-4.1 installation

Background

To provide some background, Cuckoo Sandbox performs automated malware analysis using system virtualization technologies.  At a high level, Cuckoo executes Python scripts, which then spawn a VirtualBox Virtual Machines (VM) environment running a Guest OS (ie. Windows XP), to execute and analyze malware code in a controlled environment. Once the Guest OS launches, VirtualBox uses local shares to access Python scripts located on the Host OS (ie. Ubuntu/Backtrack).  Python therefore needs to be installed on both the Guest and Host OS environments for this product to work.  Within the Guest OS, youwill also need vulnerable applications to help analyze code, by forcing malware binary or malicious URLs execution.  As the installation documentation provided with Cuckoo Sandbox is missing a few requirements, this post will show a user how to perform a functional install of Cuckoo Sandbox.

A link to the original video is below in avi format.

cuckoo sandbox working under a normal user account

Continue reading »

Jul 112012
 

One of my computers starting having a segmentation fault whenever I would try to run VirtualBox.  Looking into this further I found this error message when running virtualbox with strace command:

write(2, "VirtualBox: Error -10 in SUPR3Ha"..., 44VirtualBox: Error -10 in SUPR3HardenedMain!
) = 44
write(2, "VirtualBox: ", 12VirtualBox: )            = 12
write(2, "Effective UID is not root (euid="..., 65Effective UID is not root (euid=1001 egid=1001 uid=1001 gid=1001)) = 65
write(2, "\n", 1
)                       = 1
write(2, "\nVirtualBox: Tip! It may help to"..., 55
VirtualBox: Tip! It may help to reinstall VirtualBox.
) = 55
setresgid(1001, 1001, 1001)             = 0
setresuid(1001, 1001, 1001)             = 0
getresuid([1001], [1001], [1001])       = 0
getresgid([1001], [1001], [1001])       = 0
capset(0x19980330, 0, {CAP_NET_RAW, CAP_NET_RAW, 0}) = -1 EPERM (Operation not permitted)
clone(child_stack=0, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x7fd9d6a9c9f0) = 4340
exit_group(1)                           = ?
user@HOST:~$ <html><b>Effective UID is not root (euid=1001 egid=1001 uid=1001 gid=1001) (rc=-10)</b><br/><br/>Please try reinstalling VirtualBox.</html>

What I found the problem had ended up being was:

Continue reading »

Dec 122011
 

So, I use linux exclusively….for everything except my photography post-processing.  I don’t care about the rants and raves people give me about gimp, my workflow has included photoshop since Photoshop v3.0 (like mid-1990’s), and its just too hard to switch…..so I keep one windows machine around just to do photoshop tasks.

Now that I have my fluxbox bliss on my 16GB Quad-core machine dual booting with the factory Windows 7….I thought it would be nice to be able to run windows 7 inside of Linux.  In the past, I always did the “virtualbox from new installation”.  Its kind of a pain in the ass and a huge waste of disk space.

Doing some quick research, I found several articles on booting the physically installed windows in virtualbox and after many trials and errors, I found a simple solution that works.

Here is how I set it up…..

Continue reading »

Apr 282011
 

I use virtualbox a lot and have for years.  One of the things I can never remember is how to clone a vdi disk image.  I sometimes need to quickly deploy a testing environment, say 3 – 10 identical base machines, and this script makes it really quick and easy.  Enjoy….

#!/bin/bash
# Written by Ed Wiget
# This script is very simple, you simply enter the full path of a virtualbox
# disk to clone and then the full path of the virtualbox disk you are cloning
# to.
vboxmanage=`which VBoxManage`
clonecmd=clonehd
echo "Please enter the full path of the virtualbox disk to clone from..."
echo "i.e. /home/mydir/./VirtualBox\ VMs/Arch\ MooseFS\ Master\ Testing/Arch\ MooseFS\ Master\ Testing.vdi"
read sourcevdi
echo "Please enter the full path of the virtuablx disk to clone to..."
echo "i.e. /home/mydir/./VirtualBox\ VMs/Arch\ MooseFS\ Master\ Testing/Arch\ MooseFS\ Master\ Testing2.vdi"
read destinationvdi
echo "Now cloning ${sourcevdi} to ${destinationvdi}"
echo ""
echo "The full command is...."
echo "${vboxmanage} ${clonecmd} ${sourcevdi} ${destinationvdi}"
${vboxmanage} ${clonecmd} ${sourcevdi} ${destinationvdi}
echo "done"