Black Hat Bash - Bash Scripting for Hackers and Pentesters (Early Access) (Dolev Farhi, Nick Aleks)

If it's not available in your Kali machine, you can also download it directly

from APT:

$ apt-get install unix-privesc-check -y

Verify that you can run it successfully with the following command:

$ unix-privesc-check -h

unix-privesc-check ( http://pentestmonkey.net/tools/unix-privesc-check )

Usage: unix-privesc-check { standard | detailed }

"standard" mode: Speed-optimised check of lots of security settings.

--snip--

Assigning Aliases to Hacking Tools

Tools that are installed through third-party repositories such as GitHub

sometimes won’t have setup files that make running them easier. We can assign

these tools bash aliases as shorthand references so that we won’t need to enter the

full directory path every time we run them.

We can assign custom aliases using the following commands. These

commands will be written to our ~/.bashrc file, which will execute when we open

a new terminal session:

$ echo "alias wappalyzer='node /home/kali/tools/wappalyzer/src/drivers/npm/cli.js'" >> ~/.bashrc

$ echo "alias rustscan='/home/kali/tools/RustScan/target/release/rustscan'" >> ~/.bashrc

$ echo "alias gitjacker='/home/kali/bin/gitjacker'" >> ~/.bashrc

Wappalyzer, RustScan, and Gitjacker now have aliases.

N O T E

At this point, you should have a fully functioning bash hacking lab. Now would be a

good time to take a snapshot of your Kali virtual machine so you can restore it to this

clean state. It is a good idea to take snapshots regularly, especially whenever you

make significant configuration changes or deploy new tools to your virtual lab.

Summary

In this chapter, you built your hacking lab, which consists of a dedicated Kali

virtual machine running several intentionally vulnerable Docker containers and

hacking utilities. We also discussed managing your lab environment by tearing it

down, cleaning it up, and rebuilding it.

We’ll use this lab in all hands-on exercises moving forward. If you encounter

problems, we encourage you to keep an eye on the book’s GitHub repository

(https://github.com/dolevf/Black-Hat-Bash), where we maintain the source code

responsible for keeping your lab up to date. In the next chapter, you’ll make use of

these tools to perform reconnaissance and gather information about remote targets.