bannsec

Overview

You can add x11 to your incus containers to allow you to run GUI apps inside them. Caveats here:

This is assuming you're using :0 (X0) as your display
You may need to adjust permissions if you use a different uid/gid in your container
You may need to use xauth or modify xhost ("xhost +" will work but not recommended for long term)
The X0 socket is being added as abstract, meaning you won't actually see it if you list files in /tmp/.X11-unix. This is expected, and X11 should still function.

How to

Overview

Metasploitable3 by rapid7 is an environment built for testing metapsploit. Unfortunately, it hasn't been updated in many years and the default instructions on their page are wrong.

This walkthrough is based on Ubuntu 22.04, so subject to change.

Official page here: https://github.com/rapid7/metasploitable3

Steps

Step 1 -- Vagrant

Install vagrant. Follow the instructions on their page for the most up-to-date details for your distro:

This was VERY irritating to figure out. So here are the steps to create an installation usb for Windows manually.

Option 1 -- FAT32 + NTFS

Download the installation iso from Windows (https://www.microsoft.com/en-us/software-download/windows10ISO)
Prepare the usb drive
- sudo gparted (or cfdisk, whatever)
- Create partition table of GPT
- Create 2 partitions

fat32 partition of 1024MB with label BOOT (mark it bootable)

Need to uninstall the baked in nvidia drives and install nvidia drivers from the run file:

https://developer.nvidia.com/cuda-downloads?target_os=Linux&target_arch=x86_64&Distribution=WSL-Ubuntu&target_version=2.0&target_type=runfile_local

Don't install the driver (that'll be wsl passthru), just everything else

Install cublas? After my install of the runfile i didn't actually have this installed, so had to do it manually.

sudo apt install libcublas11

	$CimSession = New-CimSession -ComputerName 10.0.0.2

	$FilePath = 'C:\Windows\System32\notepad.exe'

	# PS_ModuleFile only implements GetInstance (versus EnumerateInstance) so this trick below will force a "Get" operation versus the default "Enumerate" operation.
	$PSModuleFileClass = Get-CimClass -Namespace ROOT/Microsoft/Windows/Powershellv3 -ClassName PS_ModuleFile -CimSession $CimSession
	$InMemoryModuleFileInstance = New-CimInstance -CimClass $PSModuleFileClass -Property @{ InstanceID= $FilePath } -ClientOnly
	$FileContents = Get-CimInstance -InputObject $InMemoryModuleFileInstance -CimSession $CimSession
	$FileLengthBytes = $FileContents.FileData[0..3]
	[Array]::Reverse($FileLengthBytes)

	# Alias to automatically forward in relevant display stuff.
	# docker-run -it --rm ubuntu:jammy
	alias docker-run="sudo docker run -e DISPLAY=$DISPLAY -v ${XAUTHORITY:-~/.Xauthority}:/xauth:ro -v /tmp/.X11-unix/:/tmp/.X11-unix -e XAUTHORITY=/xauth"

	# Bash function to help with running commands in the docker namespace
	# docker-nsenter mycontainer -n ss
	function docker-nsenter {
	PID=`sudo docker inspect $1 -f '{{.State.Pid}}'`
	shift
	sudo nsenter -t $PID $@

	#!/bin/bash
	sudo modprobe vmmon
	sudo modprobe vmnet
	sudo /usr/bin/vmware-networks --start

	import asyncio
	from concurrent.futures import ThreadPoolExecutor


	async def ainput(prompt: str = ''):
	with ThreadPoolExecutor(1, 'ainput') as executor:
	return (await asyncio.get_event_loop().run_in_executor(executor, input, prompt)).rstrip()

	# https://github.com/docker/cli/issues/1278
	Stop docker daemon (with your container)
	Modify hostconfig.json as you want
	Now you can start docker daemon and your container with updated ShmSize.

	Merges every other page, starting page 1 of A, page 1 of B, page 2 of A, page 2 of B, etc.

	pdftk A=A.pdf B=B.pdf shuffle A B output merged.pdf