## Kali Linux Install or Updates Failing Due to Invalid Signature

After firing up an old Kali Linux VM and trying to update a software package, I discovered that Kali Linux would not install any new packages nor would it install the latest Operating System update.

I kept getting an error, Err1, and a HTTP 404 Not Found saying it was failing to fetch the packages or updates.

Below are screenshots of the first error I saw when running apt-get install sshpass.

## Apt-Get Update Error

I also got a different error when I tried to run apt-get update. This time the error references an invalid signature.

## Fix for Kali Linux Invalid Signature Error

### Important Notes:

1. The invalid signature in the error was ED444FF07D8D0BF6, we’ll only need the last part, 7D8D0BF6 for our command.
2. The key server reference is one I had found on an article on the internet but apparently there are other key servers you can reference as well.

To fix the Invalid Signature error, we’ll have to enter the following command. As of this writing, this command worked for me if entered verbatim.

EXAMPLE:
sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys $key WHAT I ACTUALLY RAN: root@kali:/etc/apt# apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 7D8D0BF6 Executing: /tmp/apt-key-gpghome.a5zcatYyQB/gpg.1.sh --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 7D8D0BF6 gpg: key ED444FF07D8D0BF6: 22 duplicate signatures removed gpg: key ED444FF07D8D0BF6: 223 signatures not checked due to missing keys gpg: key ED444FF07D8D0BF6: "Kali Linux Repository <devel@kali.org>" 238 new signatures gpg: Total number processed: 1 gpg: new signatures: 238 ## Video: Kali Linux Signature Error Fix ## Other Helpful Kali Linux References In the steps above I kind of gloss over some technical parts. One of those topics was Kali Linux repositories. I’m not an expert on it but know it was important part of troubleshooting and solving my problem. Basically knowing enough to know that was not my issue so I could rule it out. If you have questions about or just want to dive in to the topic of repositories follow the link below. The page addresses items people frequently get wrong as it can be a bit confusing. https://www.kali.org/docs/general-use/kali-linux-sources-list-repositories/ ## USB Wireless Issues Running Kali Linux on Virtual box / device descriptor read/64 error 71 ## Background I was running an older copy of Kali Linux using Virtual box and was not having very many issues connecting USB resources. I upgraded to Kali Linux 2017.3 Now I’m having all sorts of problems with the USB wireless card that I was not having before with all the same equipment. Now I’m seeing a message at boot up, “device descriptor read/64 error 71” and intermittently “device descriptor read error “-110” . Sorry, no screenshots. Looks like the errors are reporting an issue with the USB port not providing enough power. This is probably more Debian related or whichever Linux distros are using the same usbcore module from what I’ve read so far. Below are the troubleshooting steps I took that seem to have remedied my situation. Hope this helps someone. ### ************** UPDATE *************** ### I still recommend you do the steps described below anyway but there is another issue and I won’t take any credit for the solution but I’ll give you the link. It is a USB power issue. https://paulphilippov.com/articles/how-to-fix-device-not-accepting-address-error ## Adjust USB Power Management on the Host PC The first place we go is to the Windows PC that is hosting Virtual box and is providing the USB resource. Maybe Windows is managing power on the Wireless USB card and killing the connection to our Kali Linux instance. So on the Windows host PC. Go to > Device Manger > Network Adapters Mouse over network adapter and right click, select properties. Uncheck – “Allow the computer to turn off this device to save power.” Make sure that the Windows host PC is not managing the power on this device. Basically turning it off while Kali Linux is trying to use it. ## USB Power Mangement in Kali Linux Enter the two commands below to change the USB power management settings in the usbcore module : * Logged in as root: root@kali:~# echo -1 >/sys/module/usbcore/parameters/autosuspend root@kali:~# echo 1 >/sys/module/usbcore/parameters/use_both_schemes ## Installing Virtualbox Guest Additions on Kali Linux, When nothing goes right and how I fixed it. ## The Problem.. How it all started I’m getting various errors when installing Virtualbox Guest Additions on a Kali Linux VM. ## Troubleshooting Resources the Helped Below are the specific steps extracted from the command line history below which contains all of my troubleshooting session. I did fix it so if you follow along you can see my steps and the output from them. Hope this helps! ## Troubleshooting Steps 1. Copy to desktop copy of VBoxLinuxAdditions.run from Guest Additions CD 2. run chmod +x ./VBoxLinusAdditions.run on Desktop copy 3. Attempt to fix headers on recommendation by upgrading of Linux components using: # apt update -y && apt upgrade -y && ajpt dist-upgrade 4. Realize that last step didn’t fix issue and that specific issue header module is corrupt or missing. 5. Find out what header modules are available using: apt-cache search linux-headers 6. Selected and installed module using: apt-get install linux-headers-4.13.0-kali1-all-amd64 7. Run ./VBoxLinuxAdditions.run 8. Success ## Linux Command Line of Trial and Error w/ Fix root@kali:~# ./VBoxLinuxAdditions.run Verifying archive integrity... All good. Uncompressing VirtualBox 5.2.2 Guest Additions for Linux........ VirtualBox Guest Additions installer Removing installed version 5.2.2 of VirtualBox Guest Additions... Copying additional installer modules ... Installing additional modules ... VirtualBox Guest Additions: Building the VirtualBox Guest Additions kernel modules. This system is currently not set up to build kernel modules. Please install the Linux kernel "header" files matching the current kernel for adding new hardware support to the system. The distribution packages containing the headers are probably: linux-headers-amd64 linux-headers-4.13.0-kali1-amd64 VirtualBox Guest Additions: Starting. VirtualBox Guest Additions: Building the VirtualBox Guest Additions kernel modules. This system is currently not set up to build kernel modules. Please install the Linux kernel "header" files matching the current kernel for adding new hardware support to the system. The distribution packages containing the headers are probably: linux-headers-amd64 linux-headers-4.13.0-kali1-amd64 root@kali:~# clear root@kali:~# apt update -y && apt upgrade -y && ajpt dist-upgrade Get:2 https://packages.microsoft.com/repos/vscode stable InRelease [2,802 B] Get:1 http://mirrors.ocf.berkeley.edu/kali kali-rolling InRelease [30.5 kB] Get:3 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 Packages [15.6 MB] Get:4 https://packages.microsoft.com/repos/vscode stable/main amd64 Packages [33.4 kB] Get:5 http://mirrors.ocf.berkeley.edu/kali kali-rolling/non-free amd64 Packages [166 kB] Get:6 http://mirrors.ocf.berkeley.edu/kali kali-rolling/contrib amd64 Packages [113 kB] Fetched 16.0 MB in 4s (3,495 kB/s) Reading package lists... Done Building dependency tree Reading state information... Done 86 packages can be upgraded. Run 'apt list --upgradable' to see them. Reading package lists... Done Building dependency tree Reading state information... Done Calculating upgrade... Done The following packages were automatically installed and are no longer required: libarmadillo7 libxerces-c3.1 Use 'apt autoremove' to remove them. The following NEW packages will be installed: libarmadillo8 libconfig-inifiles-perl libxerces-c3.2 python-jwt The following packages will be upgraded: aircrack-ng cabextract cgpt console-setup console-setup-linux exim4-base exim4-config exim4-daemon-light flasm fontconfig fontconfig-config fonts-noto-mono gdal-bin gdal-data glusterfs-common iproute2 iso-codes keyboard-configuration libaprutil1 libaprutil1-dbd-sqlite3 libaprutil1-ldap libc-bin libc-dev-bin libc-l10n libc6 libc6-dbg libc6-dev libdbd-sqlite3-perl libdevel-partialdump-perl libdevel-stacktrace-perl libfcgi-bin libfcgi0ldbl libfontconfig1 libgcab-1.0-0 libgdal20 libkeyutils1 libmailutils5 libmariadbclient18 libmysofa0 libopenmpt0 liborc-0.4-0 libsmbclient libtevent0 libwbclient0 libwebp6 libwebpdemux2 libwebpmux3 libwww-perl locales locales-all mailutils mailutils-common man-db mariadb-client-10.1 mariadb-client-core-10.1 mariadb-common mariadb-server-10.1 mariadb-server-core-10.1 metasploit-framework multiarch-support nano python-cairo python-construct python-cryptography python-gdal python-gi python-gobject python-samba python3-cairo python3-construct python3-cryptography python3-gi python3-gi-cairo python3-pyatspi samba samba-common samba-common-bin samba-dsdb-modules samba-libs samba-vfs-modules smbclient socat vboot-kernel-utils vboot-utils winexe xauth 86 upgraded, 4 newly installed, 0 to remove and 0 not upgraded. Need to get 173 MB/177 MB of archives. After this operation, 3,631 kB disk space will be freed. Get:1 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 libc-l10n all 2.25-2 [844 kB] Get:2 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 locales all 2.25-2 [3,287 kB] Get:3 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 locales-all amd64 2.25-2 [3,603 kB] Get:4 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 libc6 amd64 2.25-2 [2,727 kB] Get:5 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 libc-bin amd64 2.25-2 [788 kB] Get:6 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 libc6-dbg amd64 2.25-2 [9,365 kB] Get:7 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 libc-dev-bin amd64 2.25-2 [262 kB] Get:8 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 libc6-dev amd64 2.25-2 [2,431 kB] Get:9 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 man-db amd64 2.7.6.1-4 [1,047 kB] Get:10 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 console-setup-linux all 1.171 [982 kB] Get:11 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 console-setup all 1.171 [103 kB] Get:12 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 keyboard-configuration all 1.171 [401 kB] Get:13 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 fontconfig-config all 2.12.6-0.1 [304 kB] Get:14 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 libfontconfig1 amd64 2.12.6-0.1 [368 kB] Get:15 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 fontconfig amd64 2.12.6-0.1 [439 kB] Get:16 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 samba-vfs-modules amd64 2:4.7.3+dfsg-1 [402 kB] Get:17 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 samba-dsdb-modules amd64 2:4.7.3+dfsg-1 [342 kB] Get:18 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 samba amd64 2:4.7.3+dfsg-1 [954 kB] Get:19 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 samba-common-bin amd64 2:4.7.3+dfsg-1 [615 kB] Get:20 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 smbclient amd64 2:4.7.3+dfsg-1 [448 kB] Get:21 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 libsmbclient amd64 2:4.7.3+dfsg-1 [153 kB] Get:22 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 winexe amd64 1.1~20140107-0kali6+b3 [32.4 kB] Get:23 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 python-samba amd64 2:4.7.3+dfsg-1 [2,018 kB] Get:24 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 samba-libs amd64 2:4.7.3+dfsg-1 [5,402 kB] Get:25 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 libwbclient0 amd64 2:4.7.3+dfsg-1 [127 kB] Get:26 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 samba-common all 2:4.7.3+dfsg-1 [162 kB] Get:27 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 mariadb-common all 1:10.1.29-6 [28.2 kB] Get:28 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 mariadb-client-core-10.1 amd64 1:10.1.29-6 [4,764 kB] Get:29 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 libconfig-inifiles-perl all 2.94-1 [53.4 kB] Get:30 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 mariadb-server-10.1 amd64 1:10.1.29-6 [5,050 kB] Get:31 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 mariadb-client-10.1 amd64 1:10.1.29-6 [5,649 kB] Get:32 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 mariadb-server-core-10.1 amd64 1:10.1.29-6 [4,920 kB] Get:33 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 multiarch-support amd64 2.25-2 [204 kB] Get:34 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 nano amd64 2.9.0-1 [512 kB] Get:35 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 libkeyutils1 amd64 1.5.9-9.2 [12.9 kB] Get:36 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 aircrack-ng amd64 1:1.2-0~rc4-4 [2,722 kB] Get:37 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 cabextract amd64 1.6-1.1 [31.5 kB] Get:38 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 cgpt amd64 0~R63-10032.B-2 [30.3 kB] Get:39 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 exim4-config all 4.89-11 [317 kB] Get:40 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 exim4-base amd64 4.89-11 [1,093 kB] Get:41 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 exim4-daemon-light amd64 4.89-11 [546 kB] Get:42 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 flasm amd64 1.62-10 [90.2 kB] Get:43 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 gdal-data all 2.2.2+dfsg-2 [566 kB] Get:44 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 libarmadillo8 amd64 1:8.200.2+dfsg-1 [82.3 kB] Get:45 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 libmariadbclient18 amd64 1:10.1.29-6 [737 kB] Get:46 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 libwebp6 amd64 0.6.0-4 [254 kB] Get:47 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 libxerces-c3.2 amd64 3.2.0+debian-2 [863 kB] Get:48 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 libgdal20 amd64 2.2.2+dfsg-2+b3 [5,318 kB] Get:49 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 gdal-bin amd64 2.2.2+dfsg-2+b3 [373 kB] Get:50 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 python-jwt all 1.5.3+ds1-1 [18.4 kB] Get:51 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 glusterfs-common amd64 3.12.3-1 [5,188 kB] Get:52 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 iso-codes all 3.77-1 [2,398 kB] Get:53 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 libaprutil1-ldap amd64 1.6.1-1 [16.3 kB] Get:54 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 libaprutil1-dbd-sqlite3 amd64 1.6.1-1 [18.2 kB] Get:55 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 libaprutil1 amd64 1.6.1-1 [91.1 kB] Get:56 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 libdbd-sqlite3-perl amd64 1.55~04-1 [166 kB] Get:57 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 libdevel-partialdump-perl all 0.20-1 [15.3 kB] Get:58 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 libdevel-stacktrace-perl all 2.0300-1 [28.0 kB] Get:59 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 libfcgi-bin amd64 2.4.0-10 [12.4 kB] Get:60 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 libfcgi0ldbl amd64 2.4.0-10 [155 kB] Get:61 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 libgcab-1.0-0 amd64 0.7-5 [28.8 kB] Get:62 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 mailutils amd64 1:3.4-1 [581 kB] Get:63 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 libmailutils5 amd64 1:3.4-1 [873 kB] Get:64 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 mailutils-common all 1:3.4-1 [678 kB] Get:65 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 libmysofa0 amd64 0.6~dfsg0-2 [37.9 kB] Get:66 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 libopenmpt0 amd64 0.3.3-1 [572 kB] Get:67 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 liborc-0.4-0 amd64 1:0.4.28-1 [141 kB] Get:68 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 libwebpdemux2 amd64 0.6.0-4 [81.7 kB] Get:69 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 libwebpmux3 amd64 0.6.0-4 [91.8 kB] Get:70 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 libwww-perl all 6.29-1 [186 kB] Get:71 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 metasploit-framework amd64 4.16.19-0kali1 [88.8 MB] Get:72 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 python-gdal amd64 2.2.2+dfsg-2+b3 [755 kB] Get:73 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 python3-pyatspi all 2.26.0+dfsg-1 [34.6 kB] Get:74 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 vboot-kernel-utils amd64 0~R63-10032.B-2 [268 kB] Get:75 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 vboot-utils amd64 0~R63-10032.B-2 [121 kB] Get:76 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 xauth amd64 1:1.0.10-1 [40.3 kB] Fetched 173 MB in 23s (7,473 kB/s) apt-listchanges: Reading changelogs... Extracting templates from packages: 100% Preconfiguring packages ... (Reading database ... 327440 files and directories currently installed.) Preparing to unpack .../libc-l10n_2.25-2_all.deb ... Unpacking libc-l10n (2.25-2) over (2.24-17) ... Preparing to unpack .../locales_2.25-2_all.deb ... Unpacking locales (2.25-2) over (2.24-17) ... Preparing to unpack .../locales-all_2.25-2_amd64.deb ... Unpacking locales-all (2.25-2) over (2.24-17) ... Preparing to unpack .../libc6_2.25-2_amd64.deb ... Checking for services that may need to be restarted... Checking init scripts... Unpacking libc6:amd64 (2.25-2) over (2.24-17) ... Setting up libc6:amd64 (2.25-2) ... Checking for services that may need to be restarted... Checking init scripts... Restarting services possibly affected by the upgrade: cron: restarting...done. Services restarted successfully. (Reading database ... 327440 files and directories currently installed.) Preparing to unpack .../libc-bin_2.25-2_amd64.deb ... Unpacking libc-bin (2.25-2) over (2.24-17) ... Setting up libc-bin (2.25-2) ... (Reading database ... 327440 files and directories currently installed.) Preparing to unpack .../00-libc6-dbg_2.25-2_amd64.deb ... Unpacking libc6-dbg:amd64 (2.25-2) over (2.24-17) ... Preparing to unpack .../01-libc-dev-bin_2.25-2_amd64.deb ... Unpacking libc-dev-bin (2.25-2) over (2.24-17) ... Preparing to unpack .../02-libc6-dev_2.25-2_amd64.deb ... Unpacking libc6-dev:amd64 (2.25-2) over (2.24-17) ... Preparing to unpack .../03-man-db_2.7.6.1-4_amd64.deb ... Unpacking man-db (2.7.6.1-4) over (2.7.6.1-2) ... Preparing to unpack .../04-console-setup-linux_1.171_all.deb ... Unpacking console-setup-linux (1.171) over (1.170) ... Preparing to unpack .../05-console-setup_1.171_all.deb ... Unpacking console-setup (1.171) over (1.170) ... Preparing to unpack .../06-keyboard-configuration_1.171_all.deb ... Unpacking keyboard-configuration (1.171) over (1.170) ... Preparing to unpack .../07-fontconfig-config_2.12.6-0.1_all.deb ... Unpacking fontconfig-config (2.12.6-0.1) over (2.12.3-0.2) ... Preparing to unpack .../08-libfontconfig1_2.12.6-0.1_amd64.deb ... Unpacking libfontconfig1:amd64 (2.12.6-0.1) over (2.12.3-0.2) ... Preparing to unpack .../09-fontconfig_2.12.6-0.1_amd64.deb ... Unpacking fontconfig (2.12.6-0.1) over (2.12.3-0.2) ... Preparing to unpack .../10-libtevent0_0.9.34-1_amd64.deb ... Unpacking libtevent0:amd64 (0.9.34-1) over (0.9.33-2) ... Preparing to unpack .../11-samba-vfs-modules_2%3a4.7.3+dfsg-1_amd64.deb ... Unpacking samba-vfs-modules (2:4.7.3+dfsg-1) over (2:4.7.1+dfsg-2) ... Preparing to unpack .../12-samba-dsdb-modules_2%3a4.7.3+dfsg-1_amd64.deb ... Unpacking samba-dsdb-modules (2:4.7.3+dfsg-1) over (2:4.7.1+dfsg-2) ... Preparing to unpack .../13-samba_2%3a4.7.3+dfsg-1_amd64.deb ... Unpacking samba (2:4.7.3+dfsg-1) over (2:4.7.1+dfsg-2) ... Preparing to unpack .../14-samba-common-bin_2%3a4.7.3+dfsg-1_amd64.deb ... Unpacking samba-common-bin (2:4.7.3+dfsg-1) over (2:4.7.1+dfsg-2) ... Preparing to unpack .../15-smbclient_2%3a4.7.3+dfsg-1_amd64.deb ... Unpacking smbclient (2:4.7.3+dfsg-1) over (2:4.7.1+dfsg-2) ... Preparing to unpack .../16-libsmbclient_2%3a4.7.3+dfsg-1_amd64.deb ... Unpacking libsmbclient:amd64 (2:4.7.3+dfsg-1) over (2:4.7.1+dfsg-2) ... Preparing to unpack .../17-winexe_1.1~20140107-0kali6+b3_amd64.deb ... Unpacking winexe (1.1~20140107-0kali6+b3) over (1.1~20140107-0kali6+b2) ... Preparing to unpack .../18-python-samba_2%3a4.7.3+dfsg-1_amd64.deb ... Unpacking python-samba (2:4.7.3+dfsg-1) over (2:4.7.1+dfsg-2) ... Preparing to unpack .../19-samba-libs_2%3a4.7.3+dfsg-1_amd64.deb ... Unpacking samba-libs:amd64 (2:4.7.3+dfsg-1) over (2:4.7.1+dfsg-2) ... Preparing to unpack .../20-libwbclient0_2%3a4.7.3+dfsg-1_amd64.deb ... Unpacking libwbclient0:amd64 (2:4.7.3+dfsg-1) over (2:4.7.1+dfsg-2) ... Preparing to unpack .../21-samba-common_2%3a4.7.3+dfsg-1_all.deb ... Unpacking samba-common (2:4.7.3+dfsg-1) over (2:4.7.1+dfsg-2) ... Preparing to unpack .../22-mariadb-common_1%3a10.1.29-6_all.deb ... Unpacking mariadb-common (1:10.1.29-6) over (10.1.26-1) ... Preparing to unpack .../23-mariadb-client-core-10.1_1%3a10.1.29-6_amd64.deb ... Unpacking mariadb-client-core-10.1 (1:10.1.29-6) over (10.1.26-1) ... Selecting previously unselected package libconfig-inifiles-perl. Preparing to unpack .../24-libconfig-inifiles-perl_2.94-1_all.deb ... Unpacking libconfig-inifiles-perl (2.94-1) ... Setting up mariadb-common (1:10.1.29-6) ... (Reading database ... 327475 files and directories currently installed.) Preparing to unpack .../00-mariadb-server-10.1_1%3a10.1.29-6_amd64.deb ... /var/lib/mysql: found previous version 10.1 Unpacking mariadb-server-10.1 (1:10.1.29-6) over (10.1.26-1) ... Preparing to unpack .../01-mariadb-client-10.1_1%3a10.1.29-6_amd64.deb ... Unpacking mariadb-client-10.1 (1:10.1.29-6) over (10.1.26-1) ... Preparing to unpack .../02-mariadb-server-core-10.1_1%3a10.1.29-6_amd64.deb ... Unpacking mariadb-server-core-10.1 (1:10.1.29-6) over (10.1.26-1) ... Preparing to unpack .../03-iproute2_4.9.0-2.1_amd64.deb ... Unpacking iproute2 (4.9.0-2.1) over (4.9.0-2) ... Preparing to unpack .../04-socat_1.7.3.2-2_amd64.deb ... Unpacking socat (1.7.3.2-2) over (1.7.3.2-1) ... Preparing to unpack .../05-multiarch-support_2.25-2_amd64.deb ... Unpacking multiarch-support (2.25-2) over (2.24-17) ... Preparing to unpack .../06-nano_2.9.0-1_amd64.deb ... Unpacking nano (2.9.0-1) over (2.8.7-1) ... Preparing to unpack .../07-libkeyutils1_1.5.9-9.2_amd64.deb ... Unpacking libkeyutils1:amd64 (1.5.9-9.2) over (1.5.9-9) ... Preparing to unpack .../08-aircrack-ng_1%3a1.2-0~rc4-4_amd64.deb ... Unpacking aircrack-ng (1:1.2-0~rc4-4) over (1:1.2-0~rc4-2) ... Preparing to unpack .../09-cabextract_1.6-1.1_amd64.deb ... Unpacking cabextract (1.6-1.1) over (1.6-1+b1) ... Preparing to unpack .../10-cgpt_0~R63-10032.B-2_amd64.deb ... Unpacking cgpt (0~R63-10032.B-2) over (0~R52-8350.B-2) ... Preparing to unpack .../11-exim4-config_4.89-11_all.deb ... Unpacking exim4-config (4.89-11) over (4.89-7) ... Preparing to unpack .../12-exim4-base_4.89-11_amd64.deb ... Unpacking exim4-base (4.89-11) over (4.89-7) ... Preparing to unpack .../13-exim4-daemon-light_4.89-11_amd64.deb ... Unpacking exim4-daemon-light (4.89-11) over (4.89-7) ... Preparing to unpack .../14-flasm_1.62-10_amd64.deb ... Unpacking flasm (1.62-10) over (1.62-8) ... Preparing to unpack .../15-fonts-noto-mono_20171026-2_all.deb ... Unpacking fonts-noto-mono (20171026-2) over (20161116-1) ... Preparing to unpack .../16-gdal-data_2.2.2+dfsg-2_all.deb ... Unpacking gdal-data (2.2.2+dfsg-2) over (2.2.2+dfsg-1) ... Selecting previously unselected package libarmadillo8. Preparing to unpack .../17-libarmadillo8_1%3a8.200.2+dfsg-1_amd64.deb ... Unpacking libarmadillo8 (1:8.200.2+dfsg-1) ... Preparing to unpack .../18-libmariadbclient18_1%3a10.1.29-6_amd64.deb ... Unpacking libmariadbclient18:amd64 (1:10.1.29-6) over (10.1.26-1) ... Preparing to unpack .../19-libwebp6_0.6.0-4_amd64.deb ... Unpacking libwebp6:amd64 (0.6.0-4) over (0.6.0-3) ... Selecting previously unselected package libxerces-c3.2:amd64. Preparing to unpack .../20-libxerces-c3.2_3.2.0+debian-2_amd64.deb ... Unpacking libxerces-c3.2:amd64 (3.2.0+debian-2) ... Preparing to unpack .../21-libgdal20_2.2.2+dfsg-2+b3_amd64.deb ... Unpacking libgdal20 (2.2.2+dfsg-2+b3) over (2.2.2+dfsg-1) ... Preparing to unpack .../22-gdal-bin_2.2.2+dfsg-2+b3_amd64.deb ... Unpacking gdal-bin (2.2.2+dfsg-2+b3) over (2.2.2+dfsg-1) ... Selecting previously unselected package python-jwt. Preparing to unpack .../23-python-jwt_1.5.3+ds1-1_all.deb ... Unpacking python-jwt (1.5.3+ds1-1) ... Preparing to unpack .../24-glusterfs-common_3.12.3-1_amd64.deb ... Unpacking glusterfs-common (3.12.3-1) over (3.12.2-2) ... Preparing to unpack .../25-iso-codes_3.77-1_all.deb ... Unpacking iso-codes (3.77-1) over (3.76-1) ... Preparing to unpack .../26-libaprutil1-ldap_1.6.1-1_amd64.deb ... Unpacking libaprutil1-ldap:amd64 (1.6.1-1) over (1.6.0-2) ... Preparing to unpack .../27-libaprutil1-dbd-sqlite3_1.6.1-1_amd64.deb ... Unpacking libaprutil1-dbd-sqlite3:amd64 (1.6.1-1) over (1.6.0-2) ... Preparing to unpack .../28-libaprutil1_1.6.1-1_amd64.deb ... Unpacking libaprutil1:amd64 (1.6.1-1) over (1.6.0-2) ... Preparing to unpack .../29-libdbd-sqlite3-perl_1.55~04-1_amd64.deb ... Unpacking libdbd-sqlite3-perl (1.55~04-1) over (1.54-2) ... Preparing to unpack .../30-libdevel-partialdump-perl_0.20-1_all.deb ... Unpacking libdevel-partialdump-perl (0.20-1) over (0.18-2) ... Preparing to unpack .../31-libdevel-stacktrace-perl_2.0300-1_all.deb ... Unpacking libdevel-stacktrace-perl (2.0300-1) over (2.0200-1) ... Preparing to unpack .../32-libfcgi-bin_2.4.0-10_amd64.deb ... Unpacking libfcgi-bin (2.4.0-10) over (2.4.0-8.4+b1) ... Preparing to unpack .../33-libfcgi0ldbl_2.4.0-10_amd64.deb ... Unpacking libfcgi0ldbl:amd64 (2.4.0-10) over (2.4.0-8.4+b1) ... Preparing to unpack .../34-libgcab-1.0-0_0.7-5_amd64.deb ... Unpacking libgcab-1.0-0:amd64 (0.7-5) over (0.7-4) ... Preparing to unpack .../35-mailutils_1%3a3.4-1_amd64.deb ... Unpacking mailutils (1:3.4-1) over (1:3.2-1) ... Preparing to unpack .../36-libmailutils5_1%3a3.4-1_amd64.deb ... Unpacking libmailutils5:amd64 (1:3.4-1) over (1:3.2-1) ... Preparing to unpack .../37-mailutils-common_1%3a3.4-1_all.deb ... Unpacking mailutils-common (1:3.4-1) over (1:3.2-1) ... Preparing to unpack .../38-libmysofa0_0.6~dfsg0-2_amd64.deb ... Unpacking libmysofa0:amd64 (0.6~dfsg0-2) over (0.6~dfsg0-1) ... Preparing to unpack .../39-libopenmpt0_0.3.3-1_amd64.deb ... Unpacking libopenmpt0:amd64 (0.3.3-1) over (0.3.2-1) ... Preparing to unpack .../40-liborc-0.4-0_1%3a0.4.28-1_amd64.deb ... Unpacking liborc-0.4-0:amd64 (1:0.4.28-1) over (1:0.4.27-1) ... Preparing to unpack .../41-libwebpdemux2_0.6.0-4_amd64.deb ... Unpacking libwebpdemux2:amd64 (0.6.0-4) over (0.6.0-3) ... Preparing to unpack .../42-libwebpmux3_0.6.0-4_amd64.deb ... Unpacking libwebpmux3:amd64 (0.6.0-4) over (0.6.0-3) ... Preparing to unpack .../43-libwww-perl_6.29-1_all.deb ... Unpacking libwww-perl (6.29-1) over (6.27-1) ... Preparing to unpack .../44-metasploit-framework_4.16.19-0kali1_amd64.deb ... Unpacking metasploit-framework (4.16.19-0kali1) over (4.16.18-0kali1) ... Preparing to unpack .../45-python-cairo_1.15.4-2_amd64.deb ... Unpacking python-cairo:amd64 (1.15.4-2) over (1.8.8-2.2) ... Preparing to unpack .../46-python-construct_2.8.16-0.1_all.deb ... Unpacking python-construct (2.8.16-0.1) over (2.8.8+really2.5.2-0.1) ... Preparing to unpack .../47-python-cryptography_2.1.3-3_amd64.deb ... Unpacking python-cryptography (2.1.3-3) over (1.9-1) ... Preparing to unpack .../48-python-gdal_2.2.2+dfsg-2+b3_amd64.deb ... Unpacking python-gdal (2.2.2+dfsg-2+b3) over (2.2.2+dfsg-1) ... Preparing to unpack .../49-python-gi_3.26.1-1_amd64.deb ... Unpacking python-gi (3.26.1-1) over (3.24.1-6) ... Preparing to unpack .../50-python-gobject_3.26.1-1_all.deb ... Unpacking python-gobject (3.26.1-1) over (3.24.1-6) ... Preparing to unpack .../51-python3-cairo_1.15.4-2_amd64.deb ... Unpacking python3-cairo:amd64 (1.15.4-2) over (1.10.0+dfsg-5+b3) ... Preparing to unpack .../52-python3-construct_2.8.16-0.1_all.deb ... Unpacking python3-construct (2.8.16-0.1) over (2.8.8+really2.5.2-0.1) ... Preparing to unpack .../53-python3-cryptography_2.1.3-3_amd64.deb ... Unpacking python3-cryptography (2.1.3-3) over (1.9-1) ... Preparing to unpack .../54-python3-gi-cairo_3.26.1-1_amd64.deb ... Unpacking python3-gi-cairo (3.26.1-1) over (3.24.1-6) ... Preparing to unpack .../55-python3-gi_3.26.1-1_amd64.deb ... Unpacking python3-gi (3.26.1-1) over (3.24.1-6) ... Preparing to unpack .../56-python3-pyatspi_2.26.0+dfsg-1_all.deb ... Unpacking python3-pyatspi (2.26.0+dfsg-1) over (2.24.0+dfsg-1) ... Preparing to unpack .../57-vboot-kernel-utils_0~R63-10032.B-2_amd64.deb ... Unpacking vboot-kernel-utils (0~R63-10032.B-2) over (0~R52-8350.B-2) ... Preparing to unpack .../58-vboot-utils_0~R63-10032.B-2_amd64.deb ... Unpacking vboot-utils (0~R63-10032.B-2) over (0~R52-8350.B-2) ... Preparing to unpack .../59-xauth_1%3a1.0.10-1_amd64.deb ... Unpacking xauth (1:1.0.10-1) over (1:1.0.9-1+b2) ... Setting up python3-cryptography (2.1.3-3) ... Setting up keyboard-configuration (1.171) ... Setting up libwbclient0:amd64 (2:4.7.3+dfsg-1) ... Setting up fontconfig-config (2.12.6-0.1) ... Setting up libc6-dbg:amd64 (2.25-2) ... Setting up libconfig-inifiles-perl (2.94-1) ... Setting up mariadb-server-core-10.1 (1:10.1.29-6) ... Setting up libdbd-sqlite3-perl (1.55~04-1) ... Setting up exim4-config (4.89-11) ... Processing triggers for mime-support (3.60) ... Setting up flasm (1.62-10) ... Setting up libfcgi0ldbl:amd64 (2.4.0-10) ... Setting up iso-codes (3.77-1) ... Setting up libopenmpt0:amd64 (0.3.3-1) ... Setting up socat (1.7.3.2-2) ... Setting up mariadb-client-core-10.1 (1:10.1.29-6) ... Setting up multiarch-support (2.25-2) ... Setting up libdevel-stacktrace-perl (2.0300-1) ... Setting up libgcab-1.0-0:amd64 (0.7-5) ... Setting up vboot-kernel-utils (0~R63-10032.B-2) ... Setting up aircrack-ng (1:1.2-0~rc4-4) ... Processing triggers for menu (2.1.47+b1) ... Setting up samba-common (2:4.7.3+dfsg-1) ... Setting up cgpt (0~R63-10032.B-2) ... Setting up libmariadbclient18:amd64 (1:10.1.29-6) ... Processing triggers for sgml-base (1.29) ... Setting up python3-gi (3.26.1-1) ... Setting up exim4-base (4.89-11) ... Setting up python3-construct (2.8.16-0.1) ... Setting up iproute2 (4.9.0-2.1) ... Setting up python-jwt (1.5.3+ds1-1) ... Setting up libdevel-partialdump-perl (0.20-1) ... Setting up fonts-noto-mono (20171026-2) ... Setting up xauth (1:1.0.10-1) ... Setting up libarmadillo8 (1:8.200.2+dfsg-1) ... Setting up gdal-data (2.2.2+dfsg-2) ... Setting up libtevent0:amd64 (0.9.34-1) ... Setting up nano (2.9.0-1) ... Installing new version of config file /etc/nanorc ... Setting up cabextract (1.6-1.1) ... Setting up python-gi (3.26.1-1) ... Processing triggers for libc-bin (2.25-2) ... Setting up libaprutil1:amd64 (1.6.1-1) ... Setting up libc-l10n (2.25-2) ... Processing triggers for systemd (235-3) ... Setting up python-cryptography (2.1.3-3) ... Setting up python-cairo:amd64 (1.15.4-2) ... Setting up vboot-utils (0~R63-10032.B-2) ... Setting up man-db (2.7.6.1-4) ... Updating database of manual pages ... Setting up libfcgi-bin (2.4.0-10) ... Setting up python3-cairo:amd64 (1.15.4-2) ... Setting up libc-dev-bin (2.25-2) ... Setting up exim4-daemon-light (4.89-11) ... Setting up liborc-0.4-0:amd64 (1:0.4.28-1) ... Setting up libkeyutils1:amd64 (1.5.9-9.2) ... Setting up console-setup-linux (1.171) ... Setting up metasploit-framework (4.16.19-0kali1) ... Setting up libc6-dev:amd64 (2.25-2) ... Setting up python-construct (2.8.16-0.1) ... Setting up locales (2.25-2) ... Installing new version of config file /etc/locale.alias ... Generating locales (this might take a while)... Generation complete. Setting up libmysofa0:amd64 (0.6~dfsg0-2) ... Setting up libxerces-c3.2:amd64 (3.2.0+debian-2) ... Setting up mailutils-common (1:3.4-1) ... Setting up libwww-perl (6.29-1) ... Setting up libaprutil1-ldap:amd64 (1.6.1-1) ... Setting up libwebp6:amd64 (0.6.0-4) ... Setting up libmailutils5:amd64 (1:3.4-1) ... Setting up console-setup (1.171) ... Setting up libfontconfig1:amd64 (2.12.6-0.1) ... Setting up mariadb-client-10.1 (1:10.1.29-6) ... Setting up samba-libs:amd64 (2:4.7.3+dfsg-1) ... Setting up samba-vfs-modules (2:4.7.3+dfsg-1) ... Setting up python3-pyatspi (2.26.0+dfsg-1) ... Setting up libaprutil1-dbd-sqlite3:amd64 (1.6.1-1) ... Setting up python-gobject (3.26.1-1) ... Setting up glusterfs-common (3.12.3-1) ... Setting up libgdal20 (2.2.2+dfsg-2+b3) ... Setting up python-samba (2:4.7.3+dfsg-1) ... Setting up winexe (1.1~20140107-0kali6+b3) ... Setting up python3-gi-cairo (3.26.1-1) ... Setting up mailutils (1:3.4-1) ... Setting up libsmbclient:amd64 (2:4.7.3+dfsg-1) ... Setting up python-gdal (2.2.2+dfsg-2+b3) ... Setting up smbclient (2:4.7.3+dfsg-1) ... Setting up locales-all (2.25-2) ... Setting up libwebpmux3:amd64 (0.6.0-4) ... Setting up libwebpdemux2:amd64 (0.6.0-4) ... Setting up samba-common-bin (2:4.7.3+dfsg-1) ... Setting up mariadb-server-10.1 (1:10.1.29-6) ... mariadb.service is a disabled or a static unit, not starting it. Setting up gdal-bin (2.2.2+dfsg-2+b3) ... Setting up samba-dsdb-modules (2:4.7.3+dfsg-1) ... Setting up fontconfig (2.12.6-0.1) ... Regenerating fonts cache... done. Setting up samba (2:4.7.3+dfsg-1) ... Samba is not being run as an AD Domain Controller. Please ignore the following error about deb-systemd-helper not finding samba-ad-dc.service. Processing triggers for libc-bin (2.25-2) ... Processing triggers for menu (2.1.47+b1) ... bash: ajpt: command not found root@kali:~# ./VBoxLinuxAdditions.run Verifying archive integrity... All good. Uncompressing VirtualBox 5.2.2 Guest Additions for Linux........ VirtualBox Guest Additions installer Removing installed version 5.2.2 of VirtualBox Guest Additions... Copying additional installer modules ... Installing additional modules ... VirtualBox Guest Additions: Building the VirtualBox Guest Additions kernel modules. This system is currently not set up to build kernel modules. Please install the Linux kernel "header" files matching the current kernel for adding new hardware support to the system. The distribution packages containing the headers are probably: linux-headers-amd64 linux-headers-4.13.0-kali1-amd64 VirtualBox Guest Additions: Starting. VirtualBox Guest Additions: Building the VirtualBox Guest Additions kernel modules. This system is currently not set up to build kernel modules. Please install the Linux kernel "header" files matching the current kernel for adding new hardware support to the system. The distribution packages containing the headers are probably: linux-headers-amd64 linux-headers-4.13.0-kali1-amd64 root@kali:~# apt -get linux-headers-4.13.0-kali-amd64 E: Command line option 'g' [from -get] is not understood in combination with the other options. root@kali:~# apt-get install linux-headers-4.13.0-kali-amd64 Reading package lists... Done Building dependency tree Reading state information... Done E: Unable to locate package linux-headers-4.13.0-kali-amd64 E: Couldn't find any package by glob 'linux-headers-4.13.0-kali-amd64' E: Couldn't find any package by regex 'linux-headers-4.13.0-kali-amd64' root@kali:~# apt-get search linux-headers E: Invalid operation search root@kali:~# apt-cache search linux-headers aufs-dkms - DKMS files to build and install aufs linux-headers-4.13.0-kali1-all - All header files for Linux 4.13 (meta-package) linux-headers-4.13.0-kali1-all-amd64 - All header files for Linux 4.13 (meta-package) linux-headers-4.13.0-kali1-amd64 - Header files for Linux 4.13.0-kali1-amd64 linux-headers-4.13.0-kali1-common - Common header files for Linux 4.13.0-kali1 linux-headers-amd64 - Header files for Linux amd64 configuration (meta-package) linux-libc-dev-alpha-cross - Linux Kernel Headers for development (for cross-compiling) linux-libc-dev-arm64-cross - Linux Kernel Headers for development (for cross-compiling) linux-libc-dev-armel-cross - Linux Kernel Headers for development (for cross-compiling) linux-libc-dev-armhf-cross - Linux Kernel Headers for development (for cross-compiling) linux-libc-dev-hppa-cross - Linux Kernel Headers for development (for cross-compiling) linux-libc-dev-m68k-cross - Linux Kernel Headers for development (for cross-compiling) linux-libc-dev-mips-cross - Linux Kernel Headers for development (for cross-compiling) linux-libc-dev-mips64-cross - Linux Kernel Headers for development (for cross-compiling) linux-libc-dev-mips64el-cross - Linux Kernel Headers for development (for cross-compiling) linux-libc-dev-mips64r6-cross - Linux Kernel Headers for development (for cross-compiling) linux-libc-dev-mips64r6el-cross - Linux Kernel Headers for development (for cross-compiling) linux-libc-dev-mipsel-cross - Linux Kernel Headers for development (for cross-compiling) linux-libc-dev-mipsn32-cross - Linux Kernel Headers for development (for cross-compiling) linux-libc-dev-mipsn32el-cross - Linux Kernel Headers for development (for cross-compiling) linux-libc-dev-mipsn32r6-cross - Linux Kernel Headers for development (for cross-compiling) linux-libc-dev-mipsn32r6el-cross - Linux Kernel Headers for development (for cross-compiling) linux-libc-dev-mipsr6-cross - Linux Kernel Headers for development (for cross-compiling) linux-libc-dev-mipsr6el-cross - Linux Kernel Headers for development (for cross-compiling) linux-libc-dev-powerpc-cross - Linux Kernel Headers for development (for cross-compiling) linux-libc-dev-powerpcspe-cross - Linux Kernel Headers for development (for cross-compiling) linux-libc-dev-ppc64-cross - Linux Kernel Headers for development (for cross-compiling) linux-libc-dev-ppc64el-cross - Linux Kernel Headers for development (for cross-compiling) linux-libc-dev-s390x-cross - Linux Kernel Headers for development (for cross-compiling) linux-libc-dev-sh4-cross - Linux Kernel Headers for development (for cross-compiling) linux-libc-dev-sparc64-cross - Linux Kernel Headers for development (for cross-compiling) root@kali:~# apt-get install linux-headers-4.13.0-kali1-all-amd64 Reading package lists... Done Building dependency tree Reading state information... Done The following packages were automatically installed and are no longer required: libarmadillo7 libxerces-c3.1 Use 'apt autoremove' to remove them. The following additional packages will be installed: cpp-6 gcc-6 linux-compiler-gcc-6-x86 linux-headers-4.13.0-kali1-amd64 linux-headers-4.13.0-kali1-common linux-kbuild-4.13 Suggested packages: gcc-6-locales gcc-6-multilib gcc-6-doc libgcc1-dbg libgomp1-dbg libitm1-dbg libatomic1-dbg libasan3-dbg liblsan0-dbg libtsan0-dbg libubsan0-dbg libcilkrts5-dbg libmpx2-dbg libquadmath0-dbg The following NEW packages will be installed: cpp-6 gcc-6 linux-compiler-gcc-6-x86 linux-headers-4.13.0-kali1-all-amd64 linux-headers-4.13.0-kali1-amd64 linux-headers-4.13.0-kali1-common linux-kbuild-4.13 0 upgraded, 7 newly installed, 0 to remove and 0 not upgraded. Need to get 23.0 MB of archives. After this operation, 101 MB of additional disk space will be used. Do you want to continue? [Y/n] y Get:1 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 cpp-6 amd64 6.4.0-10 [6,354 kB] Get:2 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 gcc-6 amd64 6.4.0-10 [6,718 kB] Get:3 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 linux-compiler-gcc-6-x86 amd64 4.13.13-1kali1 [496 kB] Get:4 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 linux-headers-4.13.0-kali1-common all 4.13.13-1kali1 [7,756 kB] Get:5 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 linux-kbuild-4.13 amd64 4.13.13-1kali1 [693 kB] Get:6 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 linux-headers-4.13.0-kali1-amd64 amd64 4.13.13-1kali1 [463 kB] Get:7 http://mirrors.ocf.berkeley.edu/kali kali-rolling/main amd64 linux-headers-4.13.0-kali1-all-amd64 amd64 4.13.13-1kali1 [496 kB] Fetched 23.0 MB in 3s (6,388 kB/s) Selecting previously unselected package cpp-6. (Reading database ... 327473 files and directories currently installed.) Preparing to unpack .../0-cpp-6_6.4.0-10_amd64.deb ... Unpacking cpp-6 (6.4.0-10) ... Selecting previously unselected package gcc-6. Preparing to unpack .../1-gcc-6_6.4.0-10_amd64.deb ... Unpacking gcc-6 (6.4.0-10) ... Selecting previously unselected package linux-compiler-gcc-6-x86. Preparing to unpack .../2-linux-compiler-gcc-6-x86_4.13.13-1kali1_amd64.deb ... Unpacking linux-compiler-gcc-6-x86 (4.13.13-1kali1) ... Selecting previously unselected package linux-headers-4.13.0-kali1-common. Preparing to unpack .../3-linux-headers-4.13.0-kali1-common_4.13.13-1kali1_all.deb ... Unpacking linux-headers-4.13.0-kali1-common (4.13.13-1kali1) ... Selecting previously unselected package linux-kbuild-4.13. Preparing to unpack .../4-linux-kbuild-4.13_4.13.13-1kali1_amd64.deb ... Unpacking linux-kbuild-4.13 (4.13.13-1kali1) ... Selecting previously unselected package linux-headers-4.13.0-kali1-amd64. Preparing to unpack .../5-linux-headers-4.13.0-kali1-amd64_4.13.13-1kali1_amd64.deb ... Unpacking linux-headers-4.13.0-kali1-amd64 (4.13.13-1kali1) ... Selecting previously unselected package linux-headers-4.13.0-kali1-all-amd64. Preparing to unpack .../6-linux-headers-4.13.0-kali1-all-amd64_4.13.13-1kali1_amd64.deb ... Unpacking linux-headers-4.13.0-kali1-all-amd64 (4.13.13-1kali1) ... Setting up linux-kbuild-4.13 (4.13.13-1kali1) ... Setting up linux-headers-4.13.0-kali1-common (4.13.13-1kali1) ... Processing triggers for man-db (2.7.6.1-4) ... Setting up cpp-6 (6.4.0-10) ... Setting up gcc-6 (6.4.0-10) ... Setting up linux-compiler-gcc-6-x86 (4.13.13-1kali1) ... Setting up linux-headers-4.13.0-kali1-amd64 (4.13.13-1kali1) ... Setting up linux-headers-4.13.0-kali1-all-amd64 (4.13.13-1kali1) ... root@kali:~# ./VBoxLinuxAdditions.run Verifying archive integrity... All good. Uncompressing VirtualBox 5.2.2 Guest Additions for Linux........ VirtualBox Guest Additions installer Removing installed version 5.2.2 of VirtualBox Guest Additions... Copying additional installer modules ... Installing additional modules ... VirtualBox Guest Additions: Building the VirtualBox Guest Additions kernel modules. VirtualBox Guest Additions: Starting. root@kali:~#  ## Catching Bad Guys using Web Server Logs & HTTP 404 Errors! ## What is a HTTP 404 Error? Hypertext Transport Protocol (HTTP) is the layer that webpage data is transmitted to your web browser that renders it on your computer screen. HTTP also works on the client server model. The client, your web browser, requests a file from a web server via a URL. This page has a URL that brought you here. If logging is enabled on your web server you will have a record of all HTTP requests to review. Try here is you need help configuring logging on IIS Server. If a clients HTTP request was successful, the server returns the data and a “200” code that means OK. If a clients HTTP request fails because the file you requested is missing, the server sends back a HTTP 404 error meaning “Not Found”. ## Hackers, Recon and the HTTP 404 Error! 404 NOT FOUND pages in your web server logs are often the earliest signs of surveillance, foot printing or reconnaissance. I guarantee you that unless your attacker has inside knowledge of the target, any recon attempts using HTTP will most likely be generating some 404 errors. You can’t avoid it as it is a byproduct of the enumeration process. ## Video: Enumeration by HackerSploit ## Early Recon Detection Early recon detection along with early blocking actions can be a game changer in the never ending game of digital tag where you really don’t want to be it. If you you’re doing this for a living and take the topic more seriously, I would use the word, countersurveillance, to describe what we need. Who is coming at us, where are they coming from and how can we mitigate risk? ## Log Files & Free Analysis Tools For this example I’m going to focus on Microsoft IIS web server logs as that is what I have handy. Notice the naming of the log files in the screenshot below. They contain the start date of each log. Example: u_ex220916.log. In this example, the logs are created, one per day. The server can be configured to make the logs run for a week or even for a month. I prefer smaller files. ## NotePad++ for Reviewing Log Files Most of the time I just use Notepad++ to review logs file on a daily or weekly basis. Notepad++ does a great job of searching all open files. All I do is run a search across all open files for ” 404 “. Make sure to leave a space character on each side for this to work correctly. ## CTRL+F to Find our 404’s With Notepad++ opening all of our files, we’ll user CTRL+F to open the Find dialog window. Type in ” 404 ” ## Actual Recon 404 Errors from IIS Log ## Where are the 404s? Most of the log entries are very long and difficult to display online. This 2nd screenshot shows where the actual 404 error is on each line in the server log. It is towards the end of each line. ## Log Parser 2.2 Log Parser 2.2 is what I use for parsing larger amounts of log IIS log files. Log Parser lets you use SQL like commands to query the data which can be output to CSV files. Download Log Parser 2.2 here. I’ll be coming back to add some log parser query examples as soon as I can get them from my work notes. C:\temp\logs\logparser "select * from u_ex180131.log" -o:datagrid After running this command log parser will open with your log data. You can copy it out to excel where you can do your analysis. Also, I came across this page for a freeware OLEDB extension that says you can use it to query any OLEDB datasource which log parser doesn’t support natively. http://gluegood.blogspot.com/2008/04/freeware-logparseroledb.html ## Video: How to Use Log Parser 2.2 ## Countersurveillance and SiteSpy Now that I’ve covered how to find recon attempts in a log file using Notepad++ and Log Parser, I’ll share my personal “Ace in the hole”, SiteSpy. SiteSpy is an application monitor I originally developed back in 2002 by accident when I was teaching web programming at Modesto Institute of Technology (MIT). SiteSpy takes advantage of some existing Microsoft technologies, by running a monitor in the same memory space as the web application. SiteSpy sniffs out the session connections in real-time and displays them in a webpage that is refreshed frequently. Items of interest bubble up to the top for review. Bot traffic can be filtered to increase recon sensitivity. It works well but is not 100% effective. ## SiteSpy Recon Detection Example This is a probing event I caught was using the IP, bypassing DNS while probing for non-existent file called “/admin/config.php” all the way from Ramallah Palestine. SiteSpy showed me a hit on the 404 page after they got the initial 404 error. Otherwise, I would not had seen it until much later. I was able to update the firewall within minutes, denying them time and space to do more recon or an actual attack from that IP range for now. ## In Conclusion You don’t need a lot of fancy Cybersecurity tools to do a little blue teaming. Just Notepad++ and the desire to learn. The most important thing when reviewing a web application’s log files is to first know the application and all possible URL patterns. Once you have established normal patterns, you can more easily find things that seem out of place. Hope this helps someone! Regards, Cyber Abyss ## Create a Robots.txt Honeypot Cyber Counterintelligence Tool ## What is the Robots.txt File? The Robots.txt is just a simple text file meant to be consumed by search engines and web crawlers containing structured text that explains rules for crawling your website. In theory, the Search Engines are supposed to honor the Robot.txt rules and not scan any URLs in the Robots.txt file if told not to. Robots.txt was supposed to help avoid overloading websites with requests. According to Google, it is not a mechanism for keeping a webpage out of Google Search results. If you really want to keep a web page out of Google you should try adding a noindex tag reference or password-protect the page. With a Robots.txt file, you can create rules for user agents specifying what directories they can access or disallow them all. It all sounds OK in principal but on the internet, nobody really plays by the rules. In fact, the Robots.txt file is one of the first places a bad guy might look for information on how your website is structured. Too many websites make the mistake of using the Robot.txt file without giving thought to the fact they might be rewarding possible OSINT or hacking reconnaissance efforts at the same time. ## A Look at Amazon.com’s Robots.txt File If we take a quick look a big website like Amamzon.com to see what their Robots.txt file looks like all we have to do is load up this URL. https://www.amazon.com/robots.txt What files or directories does Amazon tell the Google search engine not to crawl or index? It looks like account access login and email a friend features are off limits so these are the first places a hacker will be looking. ## More Sample Robots.txt files from Google # Example 1: Block only Googlebot User-agent: Googlebot Disallow: / # Example 2: Block Googlebot and Adsbot User-agent: Googlebot User-agent: AdsBot-Google Disallow: / # Example 3: Block all but AdsBot crawlers User-agent: *, Disallow: / You can find more detailed information on how to make more complex robots.txt files over on the Google Search Central area for developers. ## What is Counterintelligence? Counterintelligence typically describes an activity aimed at protecting an agency’s intelligence program from an opposition’s intelligence service. More specifically Information collection activities related to preventing espionagesabotageassassinations or other intelligence activities conducted by, for, or on behalf of foreign powers, organizations or persons. In terms of this blog post, we’ll use a Honeypot based approach to see who is using looking at the Robots.txt file and scanning folders we’ve asked them not to and record information about the HTTP call for later review and analysis. ## A Real World Robots.txt Based HoneyPot Example Using the Robots.txt file as part of a honeypot system, we will broadcast a list of honeypot folders we don’t want search engines to index, but in this case, it will be a list of folders pointing to honeypot pages. Having a honeypot / data collection service running in these folders allows you to see who is using the Robots.txt file to scan your web server thus tipping you off that OSINT footprinting activity on your webserver or domain names may be taking place. These folders have a Disallow rule but contain honeypot code to collect information about the HTTP calls made against them and in some cases to redirect the user-agent somewhere else. ## A Sample Honeypot Robots.txt File A Sample Robots.txt file where we are telling all user-agents to stay away from our admin, wordpress and api folders. # All other directories on the site are allowed by default User-agent: * Disallow: /admin/ Disallow: /wordpress/ Disallow: /api/  The Robots.txt file I’m discussing in this post was collected from the online classifieds website, FinditClassifieds.com. If you try to hit any of the URLs found in the Robots.txt file, you’ll be redirected to a Rick Roll video on YouTube.com. IP address data is collected in a log for a more detailed review. Each one of these honeypot URLs do a little something different. The first honeypot URL replies with something naughty, the second logs it as a scan and the third URL is the Rick Roll redirect. Depending on the honeypot page, you can collect data from the user-agent and log it before you redirect them off to the Land of Oz. Using a tool that was originally created to be helpful that ended up becoming dangerous can now be a double agent if you set it up correctly. Hoping this helps someone on their InfoSec journey. ~Cyber Abyss ## Improve Your Developer Skills by Reading Bug Bounty Reports I’m a professional software developer who likes to dabble in hacking. I recently started spending time seeking out information security enthusiasts and hacking professionals who publish reports on their bug bounty work. If you’re not familiar with bug bounties, the simplest explanation is someone putting up a prize or bounty for bugs found on a specific application / website. Most of the time, bug bounties are official events where you register and are given guidelines in order to collect the bounty and that typically includes a good write up or report on how your discovered and exploited the bug and what type of bug it would be classifieds in to, like a “reflected XSS” cross-site scripting bug. I’m going to use this bug discovery report from Vedant Tekale also known as “@Vegeta” on Twitter as an excellent bug bounty type of report where you can see the steps a hacker / attacker or bug bounty hunter would take to see if your website has a vulnerability that can be exploited. As a software developer interested in creating secure applications for our users, we should always be aware of what tactics and techniques a bad actor might use against the products and features we are building. Vedant’s write up is basically a step by step of what hackers would be looking for. First, look for bugs like XSS, open redirect, server-side request forgery (SSRF), Insecure direct object references (IDOR) but they found nothing. With persistence, Vedant kept at it and found a bug in the password reset functionality where the password was reset feature was resetting the password to a brand new password on every forgot password attempt. Also, rate limiting seemed to be missing as 88 password reset attempts went unchallenged so we guessing there was no rate limiting at all. As a developer with a focus on security, I highly recommend adding reading bug bounty reports to your professional reading list. It will be a big eye opener for you if you’ve never tried hacking a web application before. I’m on day 5 of chemo treatment for skin cancer and I think this is all I have in the tank tonight but I’m glad I got this blog post out before I have to put another round of chemo on my face for the night. It’s not pleasant. :-\ Hope this helps somebody. 😉 ~CyberAbyss ## How to Hide Executable Code in a Text File using Cloaking and Alternative Data Streams ## Hacker Basics: How to Hide an Executable File Inside and Text File Did you know that hackers can hide an executable file inside of a text file using a technique that uses something called data streams to trick a computer system from seeing text and or executable written in an alternate data stream inside a common text file. I was pretty impressed the first time I watched someone demonstrate this. I was like, NO WAY! I really thought that this was some wizard level hacker stuff. I’m no wizard level hacker, although I aspire to be, but I should be good enough to show you how to embed a simple calculator app inside a text file using an alternate data stream. A big thank you to Cyber Security Expert, Malcolm Shore who presented a similar example in his Cyber Security Foundation online course I recently completed. ## How Do Alternate Data Streams Work? Way back in the old Wild West days when we had the DOS operating system, files used to be simple strings of data. Files are read btye by byte. Later, in the NTFS file system, files are complex structures. NTFS files at a minimum contain a section called$Data where data is read by an application. $Data is the Data Stream. Files may have many other sections or streams other than just the$Data section. This is what we call “Alternate Streams”.

THIS IS IMPORTANT: Windows only recognizes data in the \$Data section so any data we put in an alternate data stream is not read by the Windows Operating System. We cloak data we want to hide in an alternate data stream. That’s the basics of how this works.

The data we are hiding could be a malicious malware payload or encrypted espionage message for our spy ring but in this example, it is just the simple calc.exe file you can find on any Windows PC for the last 20+ years.

## Creating an Alternate Data Stream in a Text File

The screenshot below shows the three (3) files we’ll be using in this demonstration.

• Simple text file with some string data.
• calc.exe application or executable binary file
• Secret text file with some string data

We can see the size of the text file is just 1 KB and the calc.exe file is 897 KB.

If we open the text-data.txt file with Notepad we’ll see just a simple line of text and the same with the secret-data.txt file.

To hide our secret message inside the the text data file, we’ll use this command line command.

C:\text\>type secret-data.txt > text-data.text:hidden.text

## Screenshot of Alternate Data Stream: Insert Hidden Text

Below is a screenshot of the command line command “type” that we used in this example to insert our secret-data.txt file into an Alternate Data Stream inside of another text file.

If we type the command “more” we can look for the secret message.

The screenshot below shows the text file that contains our hidden text being opened in Notepad where we can’t see the hidden text we saved to the file. If we type the command line command below, we can read the hidden text we wrote to our Alternate Data Stream by keying in on the specific data stream.

c:\test>more < text-data.txt:hidden:text

## Hiding an Executable Inside a Text File

Hiding an executable file inside a text file using the exact same Alternate Data Stream technique we just used in the the Secret text file example above but this time we’ll simply replace the Secret text file with the Windows Calculator application executable file.

The screenshot below shows the command line command to save the calc.exe file in an Alternate Data Stream in side our target text file.

Notice this time, the Alternate Data Stream is named “mycalc.exe”. Don’t get to hung up on this, it is just a name that is basically meta data that is saved with the data that we can use to filter the data we get out of the file. I hope that makes sense.

Important to note at this point that the file sizes didn’t change when we inserted the calc.exe file. It is still showing 52KB.

## How to Execute a File Saved in an Alternate Data Stream

To execute a file you’ve stored in an Alternate Data Stream, we’ll need to use the wmic command as is done in the following example.

c:\test>wmic process call "c:\test\text-data.txt:mycalc.exe"

As you can see from the working example above, I was able to embed the calc.exe file inside as well as text file and a secret message.

If the data is text we just need to indicate which stream we saved the data in to retrieve it.

If the data we hid was an executable file, we’ll need to use the Windows “wmic” command line command to call the executable from inside the text file by keying in on the Alternate Data Stream name.

In summary, the technique is crazy easy to pull off without any 3rd party hacking tools. It just requires a little Windows Operating System inside knowledge but is something every good hacker should know.

I hope this helped somebody!
~Cyber Abyss

## How to Transfer Files from Windows PC to Linux Server Using Putty’s PSCP Command

Many blogs and web applications are being hosted on cloud based web servers. Of those web servers, many are running some flavor of the Linux operating system (OS).

If you’re a Windows PC user who is using a Linux web server for your online project then you have unique challenge that comes with being a dual OS user.

How will we transfer our files from our Windows development PC to our Linux cloud hosted blog or web app? Enter Putty and the PSCP command line tool!

## What is Putty?

Putty is a Client application that handles connections to remote computers via the Telnet, SFTP and SSH protocols.

## What is PSCP?

PSCP is a command line application that is typically included in the Putty installation. PSCP transfers files between two computers from the Windows command line as long as firewalls allow the traffic on the designated ports for each type of traffic.

## Transferring Files with PSCP from the Command Line

If you’ve installed Putty in the default directory, it will be here.

C:\Program Files\PuTTY

Open a Windows command line by clicking on the Windows start menu icon then entering “cmd” in the search field then find and click on the cmd icon.

Navigate to the Putty Directory by entering the command below.

C:\>CD c:\Program Files\Putty

Let’s look at an example PSCP command to transfer a file from a Windows PC to a Linux cloud web server with a fake user named root, IP of 45.99.99.99 and a target folder of /var/www/html

### PSCP Command Line Example:

c:\>C:\Program Files\Putty\pscp c:\temp\sample.txt root@45.99.99.99:/var/www./html

## Copying Files from Linux Web Server to Window PC

C:\Program Files\PuTTY>pscp root@45.99.99.99:/var/log/apache2/access.* c:\temp
>root@45.99.99.99's password: [Enter Your Password]

That’s all you should need to know about connecting to a Linux cloud based web server from a Windows PC using the Putty SSH client.

Hope this helps you on your Cyber journey!

~Cyber Abyss

## Google Dorking Commands! Search Google for Hidden Files on the Web!

Let me start by saying the title might be a little off, as the files are not technically hidden as much as they are obscure.

While most of us would consider ourselves pretty good Googler searchers these days but the truth is, there is so much more to Google searching than meets the eye.

Yes, I said it Google Dorking and it’s not what you might think. Sounds dirty, right? It’s not just me. LOL

Entering Google Dorking Commands also known as Google hacking is about searching Google in a way that filters and brings all sorts or OSINT and InfoSec goodies floating to the top.

## Think Before You Dork!!!

Although the information my be available on Google, it does not mean you can use that information to try and hack or gain unauthorized access to a system or individual computer.

Hacking is illegal, don’t do it, don’t talk about it.

With that being said, please be careful, be responsible and please enjoy these Google Dorking Examples for educational purposes.

## What Kind of Trouble Can You Get into with the Info in this Article?

Using the Google Dorks commands on this page I was able to find this open camera in down town Tehran, Iran. This all started in May of 2021. See screenshots below.

Again, be careful what you Dork and where you go. A visit to this camera got me a reverse probe XSS attack from Iranian Intelligence. That was fun!

### Google Dorking Commands for user names and password in log files

Below are popular Google Dorks I’ve collected but there may be more out there so my advice is to never stop looking.

You can also find more Dorks on popular hacking website like the Google Hacking Database (GHD).

allintext:username filetype:log

### Open FTP Servers

intitle:"index of" inurl:ftp

### Open Web Cams

Intitle:"webcamXP 5"

inurl:view/index.shtml 

db_password filetype:env

### Git-hub Resources

filetype:inc php -site:github.com -site:sourceforge.net

### PHP Variables

filetype:php "Notice: Undefined variable: data in" -forum

### Server Configuration Files

intitle:"WAMPSERVER homepage" "Server Configuration" "Apache Version"

### Nessus Scan Reports

intitle:"report" ("qualys"|"acunetix"|"nessus"|"netsparker"|"nmap") filetype:pdf

### Networking Excel Xls Files

ext:xls netoworking

### FrontPage Servers w/ Admin Info

"#-Frontpage-" inurl:administrators.pwd

### Unprotected Cameras

inurl:view/index.shtml

Username password site:com filetype:txt DomainName.com

### Domains and Subdomains

site:*.site.com -www
site:*.*.site.com -www
site:*.*.*.site.com -www

## Google Dorking Video by Null Byte

Hope this helps somebody!
~Cyber Abyss

## VBScript WMI: How to Get Computer Serial Number from Local or Remote Windows PC

This Windows WMI script using VBScript, retrieves the serial number of the local or networked computer.

To use this code, copy it in to a text file and save it with a .vbs file extension for VBScript. Once you have the .vbs file, double click on it and you should get a message box with the names of the logged in user on the specified Windows PC on your network.

## Windows WMI VBScript

Function GetComputerSerialNumber(strComputer)
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")

Set colComputer = objWMIService.ExecQuery _
("SELECT * FROM Win32_ComputerSystemProduct",,48)

For Each objComputer in colComputer
GetComputerSerialNumber = objComputer.IdentifyingNumber
Next

End Function

'strComputer = "XPS1234"
strComputer = "."

' Pass a . to run this on your own PC or add a string value for another on your network
call msgbox(GetComputerSerialNumber(strComputer))