Archive for August, 2023

flameshot: FOSS tool for screenshotting

Wednesday, August 9th, 2023

One thing I love about courses is that you usually come across some software you haven’t known before.

I recently enrolled in the HTB Academy course and in the learning module, they mention flameshot – a tool for screenshotting.

Great, another one? What’s so special about it? In MacOS, command+shift+4 usually works pretty well so what else do you need?

Ah, flameshot has included capabilities to add highlight areas, circle areas, add text etc. This can save you a lot of time because you will not have to save the file, then edit it again with some other tool. Directly edit the screenshot in flameshot, annotate it and paste it into your documentation tool (Joplin, cherrytree or even OneNote if you must).

On Kali Linux, flameshot can be installed via ‘sudo apt-get install flameshot’

The software’s homepage contains some useful Q&A if you run into distro-specific problems:
https://flameshot.org/

Kali Linux: Capture terminal sessions with ‘script’

Wednesday, August 9th, 2023

‘script’ is mentioned on different blogs and and pages but I couldn’t get it to run until I came across this blog post by Ken Hess: https://www.redhat.com/sysadmin/linux-script-command

It’s fairly simple…. run ‘script -O <name_of_a_file> to start, you will get ‘Script started, output log file….’

Press Ctrl+d when you’re done and you will get a confirmation ‘Script done’

You can view the saved file using cat.

Where I ithought it doesn’t work is that the output file looks exactly like the terminal. You almost have to look very hard to a line like ‘Script started ….’ But work it does. And it can be a real time and life-saver for documentation.

Kali Linux: history with date & time

Wednesday, August 9th, 2023

In the Linux basic module of OSCP, you’re asked to configure your shell in a way that the history commands always displays the date and the time when the command was run.

Such information is valuable as evidence so this configuration tweak is well worth it.

If you’re the impatient type you might turn to some search engines for some quick results and you will definitely get a lot of hits. None of which work.

Why? All (most, at least) are written for the bash shell.

However, nowadays (2023) the default shell in Kali Linux is zsh.

See for yourself: run ‘echo $SHELL’ in your terminal.

Similar to the bash shell with a ~/.bashrc file, there is a ~/.zshrc file. Open the file with less and search for ‘history’ cat | grep the file and you will that there is an alias defined for history: ‘history 0’ (the numbers modifies the returned history lines).

In many posts, the fc is referenced, including the -E switch – most of the mentioned switches do not work as outlined in the posts.

Finally, I came across the -li switch which not only works (as in ‘does not return “bad option”‘). And this option actually returns the date/time info of commands run in zsh.

What does that mean for you?

Simply add another alias at the end of the .zshrc file:

alias history=’fc -li 0′
(that’s a zero. if you don’t add it, the history command will only return the 16 latest entries in the history file)

Now you can move on to the next task in the OSCP course.