Re: [qubes-users] Re: pen testing / port forwarding guide?
On Sun, Jul 19, 2020 at 10:52:37AM -0700, ludwig jaffe wrote: > Feature Request: > > Kali template VM with qubes-os secialities like cut&paste installed. > > Cheers, > > Ludwig > > On Tuesday, July 14, 2020 at 3:54:43 PM UTC, jm wrote: > > > > hi, > > > > Has anyone written a guide to setting up a Kali vm in Qubes for > > pen testing? > > > > I'm studying for the OSCP, and the Qubes firewall port forwarding > > guide suggests a fragile and finicky setup that I'm reluctant to > > rely on. Punching holes from sys-net to sys-firewall to vpn-vm to > > an an appvm just to run `nc -nlvp ` seems... like a kludge, at > > best. > > > > Issue #4028 tracks this problem. > > > > The alternatives seem to be 1) create a HVM with direct access > > to hardware--no sys-net or firewall-vm--or 2) purchase a > > dedicated laptop for this use case. > > > > Any suggestions? > > > > thanks, > > > > jmp > > The convention here is not to top-post. Please scroll to the bottom of the message before you start typing. Or reply inline. It only takes you seconds, makes it much easier to follow threads, and cumulatively saves your fellow users hours. You can already build a kali template with the qubes-builder - or I provide a pre-built one if you are uncertain about building your own unman -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20200720113725.GB9057%40thirdeyesecurity.org.
[qubes-users] Re: pen testing / port forwarding guide?
Feature Request: Kali template VM with qubes-os secialities like cut&paste installed. Cheers, Ludwig On Tuesday, July 14, 2020 at 3:54:43 PM UTC, jm wrote: > > hi, > > Has anyone written a guide to setting up a Kali vm in Qubes for > pen testing? > > I'm studying for the OSCP, and the Qubes firewall port forwarding > guide suggests a fragile and finicky setup that I'm reluctant to > rely on. Punching holes from sys-net to sys-firewall to vpn-vm to > an an appvm just to run `nc -nlvp ` seems... like a kludge, at > best. > > Issue #4028 tracks this problem. > > The alternatives seem to be 1) create a HVM with direct access > to hardware--no sys-net or firewall-vm--or 2) purchase a > dedicated laptop for this use case. > > Any suggestions? > > thanks, > > jmp > > -- > J.M. Porup > www.JMPorup.com > > -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/1e0e7250-540e-4f62-a226-c82bc830b8e5o%40googlegroups.com.
[qubes-users] Re: pen testing / port forwarding guide?
On 2020-07-14 16:54, 'J.M. Porup' via qubes-users wrote: hi, Has anyone written a guide to setting up a Kali vm in Qubes for pen testing? I'm studying for the OSCP, and the Qubes firewall port forwarding guide suggests a fragile and finicky setup that I'm reluctant to rely on. Punching holes from sys-net to sys-firewall to vpn-vm to an an appvm just to run `nc -nlvp ` seems... like a kludge, at best. Issue #4028 tracks this problem. The alternatives seem to be 1) create a HVM with direct access to hardware--no sys-net or firewall-vm--or 2) purchase a dedicated laptop for this use case. Any suggestions? thanks, jmp I've been using this script for a long time for port forwarding: https://gist.github.com/Joeviocoe/6c4dc0c283f6d6c5b1a3f5af8793292b This one might also be useful: https://gist.github.com/Joeviocoe/90ec9fd9a0769b4671a8ae9c87584187 Best. P. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/2de40b8b-74ea-a933-cbc7-8869eee7b7ca%40gmx.de.
[qubes-users] Re: pen testing / port forwarding guide?
tirsdag den 14. juli 2020 kl. 17.54.43 UTC+2 skrev jm: > > hi, > > Has anyone written a guide to setting up a Kali vm in Qubes for > pen testing? > I have Kali rolling installed and happy using it for CTF gaming and small stuff. I love Qubes and Kali together, but for reverse shell, etc. Andrew Douma wrote en evaluation some time ago, and recommended not using Qubes for pentesting. https://medium.com/@securitystreak/living-with-qubes-os-r3-2-rc3-for-a-week-1a37e04c799e https://medium.com/@securitystreak/buying-a-professional-penetration-testing-laptop-for-2017-6cd21e65dc2 https://medium.com/hackernoon/the-2017-pentester-guide-to-windows-10-privacy-security-cf734c510b8d > I'm studying for the OSCP, and the Qubes firewall port forwarding > guide suggests a fragile and finicky setup that I'm reluctant to > rely on. Punching holes from sys-net to sys-firewall to vpn-vm to > an an appvm just to run `nc -nlvp ` seems... like a kludge, at > best. > > Issue #4028 tracks this problem. > > The alternatives seem to be 1) create a HVM with direct access > to hardware--no sys-net or firewall-vm--or 2) purchase a > dedicated laptop for this use case. > Both suggestions are good, I believe. Sincerely Max -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/8998a7df-2182-47f5-ad12-e69107a9bab2o%40googlegroups.com.