2. System Design
Athena OS is based on Arch Linux. At the beginning of the project, we started from an Arch Linux ISO and built Athena step by step, tailoring it with functional and non-functional requirements.
The steps involved for the creation of the base of Athena are shown. During the development phase, Athena has been built in two different ways:
- Direct: Arch Linux was used as base and built manually with only modules we need
- ISO: Arch Linux was used as base and built automatically with only modules we need. The automation has been reached by using Archiso
Create a Virtual Machine with at least 80 GB of disk space.
In case we are using VirtualBox, enable EFI by the Virtual Machine settings we create:
- Click on your Virtual Machine label of VirtualBox
- Click on Settings -> System -> Motherboard -> Enable EFI Don't enable 3D Acceleration on VirtualBox because bugged.
In case we are using VMware, create a new Virtual Machine by selecting I will install the operating system later.
Go to the VMware Virtual Machine folder we just created, edit the .vmx file by a text editor and add the following line on the 2nd row:
firmware = "efi"
Run the Virtual Machine and the screen will stop on some messages related EFI loading. Go above on Player menu -> Removable Devices -> CD/DVD (IDE) -> Settings -> Select the Arch Linux .iso. Then again, Player menu -> Removable Devices -> CD/DVD (IDE) -> Connect and wait some minutes and we should get the access to the EFI Boot Manager. Choose the 2nd voice EFI VMWare Virtual IDE CDROM Drive (IDE 1:0) and we get the Arch Boot Window for UEFI.
Furthermore, we can enable Accelerate 3D graphics by the Virtual Machine settings.
Get the list of disks and their size:
$ fdisk -l
Let's guess we get /dev/sda.
For setting the disk:
fdisk /dev/sda
Command (m for help): p
Command (m for help): g
Command (m for help): n
Partition number (1-128, default 1):
First sector (2048-xxxxxx, default 2048):
Last sector, +/- sectors or +/-size{K,M,G,T,P} (2048-xxxxx, default xxxxx): +500M
Command (m for help): t
Selected partition 1
Partition type or alias (type L to list all): 1
Changed type of partition 'Linux filesystem' to 'EFI System'.
Command (m for help): p
Command (m for help): n
Partition number (2-128, default 2):
First sector (xxx-xxxxxx, default xxx):
Last sector, +/- sectors or +/-size{K,M,G,T,P} (xxx-xxxxx, default xxxxx):
Command (m for help): t
Partition number (1-2, default 2):
Partition type or alias (type L to list all): 43
Changed type of partition 'Linux filesystem' to Linux LVM'.
Command (m for help): p
[Now we see two partitions: EFI System (/dev/sda1) and Linux LVM (/dev/sda2)]
Command (m for help): w
Now we wrote the changes. Here we will create two logical volumes: lv_root and lv_home but if you allocated not much space and want to avoid any disk space issues, create only one logical volume.
$ mkfs.fat -F32 /dev/sda1
$ pvcreate --dataalignment 1m /dev/sda2
$ vgcreate volgroup0 /dev/sda2
$ lvcreate -L 50GB volgroup0 -n lv_root
$ lvcreate -l 100%FREE volgroup0 -n lv_home
$ modprobe dm_mod
$ vgscan
$ vgchange -ay
$ mkfs.ext4 /dev/volgroup0/lv_root
$ mount /dev/volgroup0/lv_root /mnt
$ mkfs.ext4 /dev/volgroup0/lv_home
$ mkdir /mnt/home
$ mount /dev/volgroup0/lv_home /mnt/home
$ mkdir /mnt/etc
$ genfstab -U -p /mnt >> /mnt/etc/fstab
$ cat /mnt/etc/fstab #Check if there are no errors
We just set the partition. Now we must install Arch Linux that will be our base for Athena:
$ pacstrap -i /mnt base
$ arch-chroot /mnt
$ pacman -S linux linux-headers
OR
$ pacman -S linux-lts linux-lts-headers
OR install all of them. Let's guess to install linux and linux-headers:
$ pacman -S nano
$ pacman -S base-devel openssh
OpenSSH is optional. If you install it, be sure to run systemctl enable sshd after the installation.
$ pacman -S networkmanager wpa_supplicant wireless_tools netctl inetutils
$ pacman -S dialog
$ systemctl enable NetworkManager
$ pacman -S lvm2
$ nano /etc/mkinitcpio.conf
Scroll until the first uncommented HOOKS=(base udev autodetect modconf block filesystems keyboard fsck) and add lvm2 as:
HOOKS=(base udev autodetect modconf block lvm2 filesystems keyboard fsck). Note that, if btrfs will be used as filesystem, fsck hook can be removed because no needed (source: https://wiki.archlinux.org/title/Improving_performance/Boot_process#Filesystem_mounts).
$ mkinitcpio -p linux
If you installed linux-lts instead of linux, run mkinitcpio -p linux-lts.
$ nano /etc/locale.gen
Uncomment en_US.UTF-8 UTF-8.
$ nano /etc/locale.conf
Add LANG=en_US.UTF-8.
$ locale-gen
$ passwd
Enter root password
$ useradd -m -g users -G wheel <your-username>
$ passwd <your-username>
Enter <your-username> password
$ pacman -S sudo
$ EDITOR=nano visudo
Scroll down and uncomment # %wheel ALL=(ALL) ALL and save the file.
Let's install GRUB as bootloader of our OS:
$ pacman -S grub dosfstools os-prober mtools
$ pacman -S efibootmgr #If you are using UEFI partition
$ mkdir /boot/EFI
$ mount /dev/sda1 /boot/EFI
$ grub-install --target=x86_64-efi --bootloader-id=grub_uefi --recheck # It works in case of UEFI partition
$ ls -l /boot/grub
Check if "locale" folder exists. If does not, mkdir /boot/grub/locale
$ cp /usr/share/locale/en\@quot/LC_MESSAGES/grub.mo /boot/grub/locale/en.mo #en is related to language
$ pacman -S intel-ucode # if you have AMD, install amd-ucode
$ grub-mkconfig -o /boot/grub/grub.cfg
$ exit
$ umount -a
$ reboot
If you are on VirtualBox, save a snapshot of the Virtual Machine. If you are on VMware Workstation Player, make a backup of the folder containing your Virtual Machine files.
We proceed to install the Swap partition and some drivers (e.g., NVIDIA)
$ su
Enter root password
$ cd /root
$ dd if=/dev/zero of=/swapfile bs=1M count=2048 status=progress
$ chmod 600 /swapfile
$ mkswap /swapfile
$ cp /etc/fstab /etc/fstab.bak
$ echo '/swapfile none swap sw 0 0' | tee -a /etc/fstab
$ cat /etc/fstab
# Check if the line is inserted correctly
$ free -m
$ mount -a
$ free -m
$ swapon -a
$ free -m
$ timedatectl set-timezone Europe/Zurich
$ systemctl enable systemd-timesyncd
$ hostnamectl set-hostname <your-hostname>
$ nano /etc/hosts
# Add:
127.0.0.1 localhost
127.0.1.1 <your-hostname>
$ pacman -S xorg-server # I don't install it
$ pacman -S nvidia # if we installed linux-lts package at the beginning, install nvidia-lts. If you don't have NVIDIA, install mesa package
$ pacman -S wget which git man-db man-pages
$ mandb # command to generate the search database for manpage entries.
# Check if unset MANPATH so that mandb could use the man_db.conf (check also the content of man_db.conf for checking what it contains)
Note that generally NVIDIA drivers don't work in VirtualBox and VMware Workstation Player environment. You cannot install drivers for the Host's Graphics Adapter in a Virtual Machine because GPU passthrough is not available on VM softwares. So you are always using a virtual graphics adapter and not the one installed on your host OS. The Virtual Machine does not see your GPU and uses its own Drivers when VMware Tools or VirtualBox Guest Additions are installed.
Now, let's install Virtual Machine tools. If we are working on WMware, install:
$ pacman -S open-vm-tools
$ systemctl enable vmtoolsd.service
$ systemctl enable vmware-vmblock-fuse.service
If we are working on VirtualBox:
$ pacman -S virtualbox-guest-utils xf86-video-vmware # You need both of them if you are using VirtualBox
$ systemctl enable vboxservice
Athena is based on GNOME as Desktop Environment because of the usage of particular GNOME extensions. The GNOME package will install also GDM display manager. As display protocol, we will use Wayland:
$ pacman -S gnome
$ pacman -S gnome-tweaks wayland
$ systemctl enable gdm # Enabling this, it allows the login window to appear at startup. GDM is the display manager of GNOME
$ reboot
For native installation of Athena where you can use NVIDIA drivers, you can follow these links for better integrating NVIDIA with Wayland:
- https://www.youtube.com/watch?v=_YtgszmnfN8
- https://www.youtube.com/watch?v=qmvWQlsFc38&ab_channel=babyWOGUE
Source: https://www.youtube.com/watch?v=DPLnBPM4DhI&ab_channel=LearnLinuxTV
wget https://github.com/Schneegans/Fly-Pie/releases/latest/download/[email protected]
gnome-extensions install [email protected]
Logout / Login since we are on Wayland.
gnome-extensions enable [email protected]
Test it by pressing CTRL+SPACE on the keyboard.
For accessing to the settings:
gnome-extensions prefs [email protected]
For exporting your custom settings, use:
dconf dump /org/gnome/shell/extensions/flypie/ > dconf-flypie.ini
For importing your custom settings, use:
dconf load /org/gnome/shell/extensions/flypie/ < dconf-flypie.ini
wget https://github.com/Schneegans/Burn-My-Windows/releases/latest/download/[email protected]
gnome-extensions install [email protected]
Logout / Login since we are on Wayland.
gnome-extensions enable [email protected]
Test it by opening and closing a window.
For accessing to the settings:
gnome-extensions prefs [email protected]
For exporting your custom settings, use:
dconf dump /org/gnome/shell/extensions/burn-my-windows/ > dconf-bmw.ini
For importing your custom settings, use:
dconf load /org/gnome/shell/extensions/burn-my-windows/ < dconf-bmw.ini
If you are using Alacritty, set your preferred terminal as default terminal by editing your /etc/bash.bashrc file and changing the line xterm*|rxvt*|Eterm|aterm|kterm|gnome* to add alacritty*, so we should have xterm*|rxvt*|Eterm|alacritty*|aterm|kterm|gnome*.
At the beginning of the project we used Alacritty but it is still not mature as expected and we moved to Hyper and GNOME Terminal. No need to set them as default terminal.
Athena uses mainly FISH shell. For setting FISH as default shell, we can type:
echo $(which fish) | sudo tee -a /etc/shells (maybe /bin/fish must be the first line among the shells)
chsh -s $(which fish)
rebootAnyway, setting immediately FISH as default shell is not good, because, since FISH and BASH have different parsing rules, if our default shell is FISH and we start an user session, /etc/profile, /etc/profile.d/*.sh and .bashrc scripts cannot be executed because fall in error because they are "sourced" by FISH rules and not BASH rules.
The equivalent of FISH for .bashrc is ~/.config/fish/config.fish. Edit the file ~/.config/fish/config.fish, creating it if it does not exist.
The main used font is JetBrains: https://www.jetbrains.com/lp/mono/#how-to-install
Change to Dark Theme the OS.
ISO approach consists of the creation of an ISO file we can use for installing the OS in a flexible manner. This method is based on the usage of Archiso. Please, read its documentation on how to set it. Refer to https://wiki.archlinux.org/title/archiso#Kernel for speeding up the build process.
Here we suppose we already set Archiso and we proceed to build our ISO.
We make our project folder by mkdir -p ~/athena-iso and inside of it we put archiso content as explained in the official documentation. We should have a tree directory similar to this:
athena-iso
└── archlive
├── airootfs
│ ├── etc
│ │ ├── hostname
│ │ ├── locale.conf
│ │ ├── localtime -> /usr/share/zoneinfo/UTC
│ │ ├── mkinitcpio.conf
│ │ ├── mkinitcpio.d
│ │ │ └── linux.preset
│ │ ├── modprobe.d
│ │ │ └── broadcom-wl.conf
│ │ ├── motd
│ │ ├── pacman.d
│ │ │ └── hooks
│ │ │ ├── 40-locale-gen.hook
│ │ │ ├── uncomment-mirrors.hook
│ │ │ └── zzzz99-remove-custom-hooks-from-airootfs.hook
│ │ ├── passwd
│ │ ├── resolv.conf -> /run/systemd/resolve/stub-resolv.conf
│ │ ├── shadow
│ │ ├── ssh
│ │ │ └── sshd_config
│ │ ├── systemd
│ │ │ ├── journald.conf.d
│ │ │ │ └── volatile-storage.conf
│ │ │ ├── logind.conf.d
│ │ │ │ └── do-not-suspend.conf
│ │ │ ├── network
│ │ │ │ ├── 20-ethernet.network
│ │ │ │ ├── 20-wlan.network
│ │ │ │ └── 20-wwan.network
│ │ │ ├── system
│ │ │ │ ├── choose-mirror.service
│ │ │ │ ├── cloud-init.target.wants
│ │ │ │ │ ├── cloud-config.service -> /usr/lib/systemd/system/cloud-config.service
│ │ │ │ │ ├── cloud-final.service -> /usr/lib/systemd/system/cloud-final.service
│ │ │ │ │ ├── cloud-init-local.service -> /usr/lib/systemd/system/cloud-init-local.service
│ │ │ │ │ └── cloud-init.service -> /usr/lib/systemd/system/cloud-init.service
│ │ │ │ ├── dbus-org.freedesktop.ModemManager1.service -> /usr/lib/systemd/system/ModemManager.service
│ │ │ │ ├── dbus-org.freedesktop.network1.service -> /usr/lib/systemd/system/systemd-networkd.service
│ │ │ │ ├── dbus-org.freedesktop.resolve1.service -> /usr/lib/systemd/system/systemd-resolved.service
│ │ │ │ ├── etc-pacman.d-gnupg.mount
│ │ │ │ ├── [email protected]
│ │ │ │ │ └── autologin.conf
│ │ │ │ ├── livecd-alsa-unmuter.service
│ │ │ │ ├── livecd-talk.service
│ │ │ │ ├── multi-user.target.wants
│ │ │ │ │ ├── choose-mirror.service -> ../choose-mirror.service
│ │ │ │ │ ├── hv_fcopy_daemon.service -> /usr/lib/systemd/system/hv_fcopy_daemon.service
│ │ │ │ │ ├── hv_kvp_daemon.service -> /usr/lib/systemd/system/hv_kvp_daemon.service
│ │ │ │ │ ├── hv_vss_daemon.service -> /usr/lib/systemd/system/hv_vss_daemon.service
│ │ │ │ │ ├── iwd.service -> /usr/lib/systemd/system/iwd.service
│ │ │ │ │ ├── livecd-talk.service -> /etc/systemd/system/livecd-talk.service
│ │ │ │ │ ├── ModemManager.service -> /usr/lib/systemd/system/ModemManager.service
│ │ │ │ │ ├── pacman-init.service -> ../pacman-init.service
│ │ │ │ │ ├── qemu-guest-agent.service -> /usr/lib/systemd/system/qemu-guest-agent.service
│ │ │ │ │ ├── reflector.service -> /usr/lib/systemd/system/reflector.service
│ │ │ │ │ ├── sshd.service -> /usr/lib/systemd/system/sshd.service
│ │ │ │ │ ├── systemd-networkd.service -> /usr/lib/systemd/system/systemd-networkd.service
│ │ │ │ │ ├── systemd-resolved.service -> /usr/lib/systemd/system/systemd-resolved.service
│ │ │ │ │ ├── vboxservice.service -> /usr/lib/systemd/system/vboxservice.service
│ │ │ │ │ ├── vmtoolsd.service -> /usr/lib/systemd/system/vmtoolsd.service
│ │ │ │ │ └── vmware-vmblock-fuse.service -> /usr/lib/systemd/system/vmware-vmblock-fuse.service
│ │ │ │ ├── network-online.target.wants
│ │ │ │ │ └── systemd-networkd-wait-online.service -> /usr/lib/systemd/system/systemd-networkd-wait-online.service
│ │ │ │ ├── pacman-init.service
│ │ │ │ ├── reflector.service.d
│ │ │ │ │ └── archiso.conf
│ │ │ │ ├── sockets.target.wants
│ │ │ │ │ └── systemd-networkd.socket -> /usr/lib/systemd/system/systemd-networkd.socket
│ │ │ │ ├── sound.target.wants
│ │ │ │ │ └── livecd-alsa-unmuter.service -> ../livecd-alsa-unmuter.service
│ │ │ │ └── systemd-networkd-wait-online.service.d
│ │ │ │ └── wait-for-only-one-interface.conf
│ │ │ └── system-generators
│ │ │ └── systemd-gpt-auto-generator -> /dev/null
│ │ └── xdg
│ │ └── reflector
│ │ └── reflector.conf
│ ├── root
│ └── usr
│ └── local
│ ├── bin
│ │ ├── choose-mirror
│ │ ├── Installation_guide
│ │ └── livecd-sound
│ └── share
│ └── livecd-sound
│ └── asound.conf.in
├── bootstrap_packages.x86_64
├── efiboot
│ └── loader
│ ├── entries
│ │ ├── 01-archiso-x86_64-linux.conf
│ │ ├── 02-archiso-x86_64-speech-linux.conf
│ │ ├── 03-archiso-x86_64-ram-linux.conf
│ │ └── 04-archiso-x86_64-ram-speech-linux.conf
│ └── loader.conf
├── grub
│ └── grub.cfg
├── packages.x86_64
├── pacman.conf
├── profiledef.sh
└── syslinux
├── archiso_head.cfg
├── archiso_pxe.cfg
├── archiso_pxe-linux.cfg
├── archiso_sys.cfg
├── archiso_sys-linux.cfg
├── archiso_tail.cfg
├── splash.png
└── syslinux.cfg
The airootfs directory is used as the starting point for the root directory (/) of the live system on the image. All its contents will be copied over to the working directory before packages are installed.
Place any custom files and/or directories in the desired location under airootfs/. For example, if the user has a set of iptables scripts on its current system to be used on its live image, copy them over as such:
$ cp -r /etc/iptables archlive/airootfs/etc
Similarly, some care is required for special configuration files that reside somewhere down the hierarchy. Missing parts of the directory structure can be simply created with mkdir.
To add a file to the root's home directory, place it in archlive/airootfs/root/. To add a file to all other users home directories, place it in archlive/airootfs/etc/skel/.
Note: Custom files that conflict with those provided by packages will be overwritten unless a package specifies them as backup files in its PKGBUILD file.
By default, permissions will be set as 644 for files and 755 for directories. All of them will be owned by the root user. To set different permissions or ownership for specific files and/or folders, use the file_permissions associative array in profiledef.sh.
Custom files can be added inside the ISO in two ways: by making a remote or local repository or putting them directly inside the airootfs tree.
Summarizing, we can modify directly the files inside airootfs directory that corresponds to our future system root, and we can add packages we would like to install on our Athena OS by specifying them inside athena-iso/archlive/packages.x86_64 file. Furthermore, if some of our files in airootfs need particular permissions, we can add them inside athena-iso/archlive/profiledef.sh file.
About systemd services, for enabling them after the installation, you can already insert them in the ISO in this way:
sudo rm -rf $ARCHLIVE/airootfs/etc/systemd/system/multi-user.target.wants/NetworkManager.service
sudo rm -rf $ARCHLIVE/airootfs/etc/systemd/system/systemd-timesyncd.service
sudo rm -rf $ARCHLIVE/airootfs/etc/systemd/system/display-manager.service
sudo ln -s /usr/lib/systemd/system/NetworkManager.service $ARCHLIVE/airootfs/etc/systemd/system/multi-user.target.wants/NetworkManager.service
sudo ln -s /usr/lib/systemd/system/systemd-timesyncd.service $ARCHLIVE/airootfs/etc/systemd/system/systemd-timesyncd.service
sudo ln -s /usr/lib/systemd/system/gdm.service $ARCHLIVE/airootfs/etc/systemd/system/display-manager.service
sudo ln -s /usr/lib/systemd/system/multi-user.target.wants/vboxservice.service $ARCHLIVE/airootfs/etc/systemd/system/vboxservice.service
sudo ln -s /usr/lib/systemd/system/multi-user.target.wants/vmtoolsd.service $ARCHLIVE/airootfs/etc/systemd/system/vmtoolsd.service
sudo ln -s /usr/lib/systemd/system/multi-user.target.wants/vmware-vmblock-fuse.service $ARCHLIVE/airootfs/etc/systemd/system/vmware-vmblock-fuse.service
Another important topic is related to Users and Groups as specified in https://wiki.archlinux.org/title/archiso#Installation
Note that in the guide, in etc/passwd, /bin/zsh is used as shell, and if ZSH is not installed because the user wants to use another shell, for example BASH, change it to /bin/bash or other shells will be installed in the ISO, otherwise the user will get authentication failure. etc/passwd must be like:
root:x:0:0:root:/root:/bin/bash
liveuser:x:1000:1000::/home/liveuser:/usr/bin/bash
On the ISO, if we are using GDM as Display Manager, for autologin it is important to create /path/to/airootfs/etc/gdm/custom.conf file with the following content:
[daemon]
AutomaticLoginEnable=True
AutomaticLogin=liveuser
where liveuser is our Live User account. For removing automatically that line after the installation of the target system (because the liveuser won't exist anymore), the command sed -i '/^AutomaticLogin=liveuser/d' /etc/gdm/custom.conf has been implemented inside of shellprocess-before.conf that will be executed by Calamares Installer.
Furthermore, there will be aspects the user want to be run at the first login after the system installation. For example, since dconf command cannot be run in chrooted environment, the user can create a run-once.sh script placed in airootfs/etc/profile.d folder. Then, give root executable permission on archiso/profiledef.sh file.
The content of run-once.sh checks for a flag file in the home folder of the current user and, if this flag file exists, then execute the customized commands and delete this flag file; if this flag file does not exist, the commands inside run-once.sh are not executed. In this way, the user executes these commands only at the first boot of a user. This case does not manages case when the network connection is down and when, on VMs, the wired connection is connected well but the Host machine does not. For managing a working network connection, refer to https://wiki.archlinux.org/title/NetworkManager#Network_services_with_NetworkManager_dispatcher
Note: this method works because I'm using NetworkManager. If I used other network services, the directory where to place the script was different.
Remember to set always the repositories you need in the host environment, as BlackArch and Chaotic repositories. In this way, you can directly install keyrings and mirrorlist on the ISO by inserting in package.x86_64 the following packages: blackarch-keyring, blackarch-mirrorlist, chaotic-keyring and chaotic-mirrorlist.
When we finished to set everything, we can type mkarchiso ~/athena-iso/archlive for making our ISO. This process will create the work directory that contains all the temporary files needed for making our ISO, and out directory that will contain our final ISO file.
At the end of the ISO creation, execute sudo pacman -Scc in order to clean /var/cache/pkg folder. Do the same process also on the target machine when the installation of the operating system ends.
All the third-party tools and environment customization manually implemented in the Direct Approach are automatically implemented in the ISO Approach.
The content of airootfs and the other files mentioned here are stored in https://github.com/Athena-OS/athena-iso repository, so feel free to give a look on how they are built.
Athena OS consists in several customizations with the purpose to make comfortable the user. Some of them are key features of the user environment because are needed for reaching the objective of the project: making the user closer to the security and hacking resources.
PenTOXIC Menu is born for organizing in pretty manner all main security tools you need to start your hacking activity. It consists in two levels:
- 1st level containing the several hacking categories as submenu, plus Firefox browser and Code OSS as editor
- 2nd level consisting in the hacking tools deployed for each category
In details:
| Information Gathering | Dmitry | Nmap | Spiderfoot | TheHarvester | enum4linux | wafw00f | Fierce |
|---|---|---|---|---|---|---|---|
| Vulnerability Analysis | Legion | Nikto | unix-privesc-check | ||||
| Web Application Analysis | WPScan | Burpsuite | dirb | dirbuster | ffuf | Wfuzz | sqlmap |
| Password Attacks | John | Hashcat | Hydra | CEWL | CRUNCH | RSMangler | Medusa |
| Sniffing | mitmproxy | Responder | Wireshark | ||||
| Wireless Testing | Aircrack-ng | Kismet | Reaver | Wifite | Fern Wifi Cracker | Spooftooph | |
| Reverse Engineering | NASM | Radare2 | |||||
| Exploitation | SearchSploit | Metasploit | SEToolkit | ||||
| Post Exploitation | PowerSploit | Mimikatz | evil-winrm | proxychains-ng | weevely |
The installation commands for tools in PenTOXIC menu, sorted for category, are:
| Category | Command |
|---|---|
| Information Gathering | sudo pacman -S dmitry nmap spiderfoot theharvester enum4linux wafw00f fierce |
| Vulnerability Analysis | sudo pacman -S legion nikto unix-privesc-check |
| Web Application Analysis | sudo pacman -S wpscan burpsuite dirb dirbuster ffuf wfuzz sqlmap |
| Password Attacks | sudo pacman -S john hashcat hydra cewl crunch rsmangler medusa |
| Sniffing | sudo pacman -S mitmproxy responder wireshark-qt |
| Wireless Attacks | sudo pacman -S aircrack-ng kismet reaver wifite fern-wifi-cracker spooftooph |
| Reverse Engineering | sudo pacman -S nasm radare2 ghidra edb |
| Exploitation | sudo pacman -S exploitdb metasploit set |
| Post Exploitation | sudo pacman -S powersploit mimikatz evil-winrm powersploit proxychains-ng weevely |
PWNage Menu allows you to access quickly to the main hacking platforms for learning purposes and to join the main Discord InfoSec Communities:
- 1st shell deploys all quick links to the main hacking platforms
- 2nd shell can be accessed by the Discurity icon on top where the user has the opportunity to join several Discord InfoSec servers or open Discord App.ù
Cannot you wait for opening browser and accessing to Hack The Box website? Athena gives you the possibility to play Hack The Box machines directly on your Operating System environment in a quick and comfortable manner. Athena offers:
- Connect/Disconnect to/from Hack The Box VPN servers
- Play any active free machine you wish
- Reset the active machine
- Stop any active machine
- Submit a flag and write a review about your hacking experience!
- ... and of course you can access to the Hack The Box website in one click
Firefox ESR has been modified in order to integrate at the installation time the addons you need for your web application pentesting activity. The preinstalled addons are:
- Cookie Quick Manager
- Dark Reader
- FoxyProxy Standard
- HacKontext
- HTTPS Everywhere
- Privacy
- uBlock Origin
- Wappalyzer
These extensions have been added by default on Firefox by importing $HOME/.mozilla/firefox-esr folder containing the installed extensions to the target Athena system.
Payload to Dock keeps the access to the most famous payload repositories. It allows you to get the latest version of payloads and accessing their path directly by the shell. It shows:
They are stored in /usr/share/payloads.
The Dock contains also links to Mimikatz and Powersploit.
The customization of this dock leverage on the .desktop files that should contain a similar configuration (here Mimikatz example):
[Desktop Entry]
Type=Application
Encoding=UTF-8
Name=Mimikatz
Comment=Mimikatz
Icon=/usr/share/icons/hicolor/128x128/apps/kali-mimikatz-128x128.png
Exec=gnome-terminal -- fish -c "if test -d /usr/share/windows/mimikatz;cd /usr/share/windows/mimikatz;bash;else;echo \"Mimikatz is not installed. I'm retrieving it for you...\";sudo pacman -S mimikatz;cd /usr/share/windows/mimikatz;bash;end;"
Terminal=false
Categories=Tags;Describing;Application
These .desktop files must be stored in /home/cybee/.local/share/applications (for the current user) or /usr/share/applications folder (for all the users). Then logout and login for applying the changes. At the end, access to the dock bar, click on "Show Applications" icon, search your Desktop Entry, right-click and "Pin to dash".
BlackArch Linux is an Arch Linux-based penetration testing distribution for penetration testers and security researchers. Its repository contains 2800+ tools, classified for categories. You can install tools individually or in groups according to the categories they belong. BlackArch Repository is compatible with only Arch-based distributions as Athena OS.
On Athena OS, the installation of BlackArch Repository occurs by the usage of strap.sh file as described on the official documentation: https://blackarch.org/downloads.html in the section Installing on top of ArchLinux. At the time of Athena ISO creation, this script is placed in airootfs/usr/local/bin/ folder and it is run with Calamares Installer by shellprocess-<before|final>.conf file. strap.sh stores blackarch.gpg, blackarch-trusted and blackarch-revoked files in /usr/share/pacman/keyrings folder, enable Multilib repository and add BlackArch server repository in /etc/pacman.conf file and then execute pacman-key --init and pacman-key --populate. In this manner, all the keys inside /usr/share/pacman/keyrings are installed and trusted correctly.
Note: Multilib needs to be enabled because it is generally used to run 32-bit applications on a 64-bit system, and some security tools on BlackArch belong to this category. In general, this is often useful when running older games or really anything else that is meant for 32-bit systems. Enabling support for multilib is a relatively common operation for many Arch Linux users. It is also relatively easy as far as Arch goes. For enabling it manually, in /etc/pacman.conf uncomment these two lines:
#[multilib]
#Include = /etc/pacman.d/mirrorlist
and run sudo pacman -Syyu.
BlackArch hacking tools can be installed in several ways. The user can install a single tool, or categories or all the tools.
For installing a single tool, just execute sudo pacman -S <tool-name>.
For installing a category, execute sudo pacman -S <category-name>. There are several categories you can install:
- blackarch-anti-forensic
- blackarch-automation
- blackarch-automobile
- blackarch-backdoor
- blackarch-binary
- blackarch-bluetooth
- blackarch-code-audit
- blackarch-config
- blackarch-cracker
- blackarch-crypto
- blackarch-database
- blackarch-debugger
- blackarch-decompiler
- blackarch-defensive
- blackarch-disassembler
- blackarch-dos
- blackarch-drone
- blackarch-exploitation
- blackarch-fingerprint
- blackarch-firmware
- blackarch-forensic
- blackarch-fuzzer
- blackarch-gpu
- blackarch-hardware
- blackarch-honeypot
- blackarch-ids
- blackarch-keylogger
- blackarch-malware
- blackarch-misc
- blackarch-mobile
- blackarch-networking
- blackarch-nfc
- blackarch-packer
- blackarch-proxy
- blackarch-radio
- blackarch-recon
- blackarch-reversing
- blackarch-scanner
- blackarch-sniffer
- blackarch-social
- blackarch-spoof
- blackarch-stego
- blackarch-tunnel
- blackarch-unpacker
- blackarch-voip
- blackarch-webapp
- blackarch-windows
- blackarch-wireless
For installing all hacking tools, execute sudo pacman -S blackarch.
In Athena OS, three shells are mainly used: BASH, FISH and PowerShell. For BASH and FISH, the same prompt pattern has been used.
BASH command is used on PenTOXIC menu for preventing the terminal closing when a tool is run. .bashrc (or /etc/bash.bashrc for root user) has been edited by changing PS1 variable as follows:
PS1="\e[34m\]┌──[HQ🚀\e[32m\]$(ip -4 addr | grep -v '127.0.0.1' | grep -v 'secondary' | grep -oP '(?<=inet\s)\d+(\.\d+){3}')⚔️ \u\e[34m\]]\e[0m\]\e[34m\]\n└──╼[👾]\[\e[36m\]\W $ \[\e[0m\]"NOTE: the output colors could be affected by the current terminal theme. Furthermore, after \n, \[ characters have been used for wrapping the entire string for color: \[\e[36m\] and \[\e[0m\]. If this wrapping is not implemented, \n causes the shell to counts additional invisible character: https://superuser.com/questions/382456/why-does-this-bash-prompt-sometimes-keep-part-of-previous-commands-when-scrollin
For getting emoticons to be placed on PS1, refer to: https://emojipedia.org/ (here alien, war, rocket, space have been searched).
If other kind of icons are needed: https://levelup.gitconnected.com/how-to-customize-your-command-prompt-and-icons-in-your-terminal-f88ea15a5d58
The following lines have been saved in ~/.config/fish/functions/fish_prompt.fish file in order to edit the shell prompt in the following way (source https://fishshell.com/docs/current/tutorial.html#prompt):
function fish_prompt
set_color 123e7c
echo -n "┌──[HQ🚀"
set_color ff00d7
echo -n "$(ip -4 addr | grep -v '127.0.0.1' | grep -v 'secondary' | grep -oP '(?<=inet\s)\d+(\.\d+){3}')"
echo -n "⚔️ $USER"
set_color 123e7c
echo -n "]"
set_color 123e7c
echo -n "└──╼[👾]"
set_color 00ffff
echo (pwd) '$' (set_color normal)
endAfter saving it, the shell will wait for something. Just close it.
For different colors, refer to: https://en.wikipedia.org/wiki/ANSI_escape_code#8-bit and pass the mouse over the colors for getting the HEX code, for example:
set_color ff8700 -> Orange
set_color 00ff00 -> Green
set_color 00ffff -> Cyan
set_color ff00d7 -> Purple
set_color 123e7c -> Dark Blue
Furthermore, for keeping FISH as shell even if in the terminal we open new tabs and preventing that it switches to BASH, add the following code at the end of .bashrc and delete each alias ps in your .bashrc or .bash_aliases file for avoding conflicting errors:
if [[ $(ps --no-header --pid=$PPID --format=comm) != "fish" && -z ${BASH_EXECUTION_STRING} ]]
then
exec fish
fi
Source: https://wiki.archlinux.org/title/fish#Modify_.bashrc_to_drop_into_fish
It is needed to edit the prompt() function. For first,
mkdir /home/cybee/.config/powershell
nano /home/cybee/.config/powershell/Microsoft.PowerShell_profile.ps1
In this file, save the following code:
function prompt()
{
$ESC=$([char]27)
"$ESC[32m┌──L3ts D0 1t $(whoami)💣$ESC[00m$($executionContext.SessionState.Path.CurrentLocation)$("`r`n$ESC[31m└──╼Weaponizing PowerShell...🚀>$ESC[00m" * ($nestedPromptLevel + 1)) ";
}The following configuration has been used on VIM: https://github.com/amix/vimrc
Settings of Neofetch can be accessed on .config/neofetch/config.conf. You can change the shown ASCII logo and the output system information. For example, for changing logo, open config.conf file and search for ascii_distro. There, the user can change its value with one of the list above that file section.
In Athena, Neofetch, in synergy with lolcat, is implemented inside $HOME/.config/fish/config.fish file as neofetch | lolcat`.
Tmux is implemented with several plugins retrieved from https://github.com/wfxr/tmux-power. Tmux Plugin Manager is used to manage the plugins.
On Athena, tmux themes are set according to the chosen theme at the installation time.
Bfetch is implemented with several textarts. Some examples of output can be seen here: https://asciinema.org/a/381349
In Athena, backgrounds are usually stored in /usr/share/backgrounds/default folder.
The user can change a background desktop also by CLI:
GS_BACKEND=dconf gsettings set org.gnome.desktop.background picture-uri-dark .local/share/backgrounds/neon_circle.jpg
Note: if you are using a dark theme on GNOME, use picture-uri-dark argument. If you are usng a light theme, use picture-uri argument.
For changing Login Screen background in GDM, you can refer to:
Indeed, the file containing information about the Login background is gnome-shell-theme.gresource. The user can create a backup file of it, and create a new one as described in https://wiki.archlinux.org/title/GDM#Login_screen_background_image
During this creation, in lockDialogGroup, remember to set background-size: as cover;;
When the user created this file, it should place it in /usr/share/gnome-shell. Keep the backup file because this operation can break the Login Screen if the user didn't do it well. If it occurs, on the black screen after the reboot, press ALT+F1 or ALT+F2 or ALT+Fx (where x is another number) to call the terminal, enter as root and restore the backup file.
On Athena a new gresource file has been used for changing the Login Screen and for setting a transparent Top Bar. During the creation of Athena, this new gresource file has been placed in airootfs/usr/share/gnome-shell as .gresourcenew. Then, the replacing with the old file is performed by Calamares Installer by shellprocess-<before|final>.conf file.
During the ISO creation, it is possible to retrieve packages only from local or remote repositories accessible by pacman.
If the user needs to install custom packages at ISO creation process, it can create a custom local or remote repository.
Both of the methods require the creation of an environment where placing all files the package creation process needs. The user can create a directory named athena-repository with the structure shown in this GitHub repository: https://github.com/Athena-OS/athena-repository
Let's guess the user wants to create a package called 'dummy-menu'. In athena-repository/x84_64/packages folder, create the dummy-menu directory and inside it, put all the file tree you want to install in the target system and create a file named PKGBUILD a content similar to:
pkgname="dummy-menu"
pkgver="1.0.0"
pkgrel="1"
pkgdesc="Dummy Menu for Athena"
arch=("x86_64")
license=("custom")
source=("$pkgname.tar.gz")
package() {
mkdir -p "${pkgdir}/usr/share/icons/hicolor/128x128"
mkdir -p "${pkgdir}/usr/share/icons/hicolor/categories"
mkdir -p "${pkgdir}/usr/share/icons/shells"
mkdir -p "${pkgdir}/usr/share/pixmaps"
cp -rf "${srcdir}"/usr/share/icons/hicolor/128x128/* "${pkgdir}/usr/share/icons/hicolor/128x128/"
cp -rf "${srcdir}"/usr/share/icons/hicolor/categories/* "${pkgdir}/usr/share/icons/hicolor/categories/"
cp -rf "${srcdir}"/usr/share/icons/shells/* "${pkgdir}/usr/share/icons/shells/"
cp -rf "${srcdir}"/usr/share/pixmaps/* "${pkgdir}/usr/share/pixmaps/"
}
In package() function the user can write each command it prefers, except for some commands that cannot be executed as root, for example dconf, gsettings or makepkg.
For making the package file (a file with .zst extension), the user needs to execute makepkg command with some arguments. This process needs the user makes a tar.gz archive for the files to be added, creates some temporary files that can remain after the creation of the package. It is suggested to build a script that manages the creation of the package and the cleaning automatically, like the following build.sh script:
#!/bin/sh
#NEED ONLY TO EDIT sourcefiles VARIABLE
sourcefiles="usr"
pkgname=$(grep "^pkgname=" PKGBUILD | awk -F'"' '{print $2}')
pkgver=$(grep "^pkgver=" PKGBUILD | awk -F'"' '{print $2}')
pkgrel=$(grep "^pkgrel=" PKGBUILD | awk -F'"' '{print $2}')
arch=$(grep "^arch=" PKGBUILD | awk -F'"' '{print $2}')
pkgfile=$pkgname-$pkgver-$pkgrel-$arch.pkg.tar.zst
echo $pkgfile
sed -i '/^sha256/d' PKGBUILD
tar -zcvf $pkgname.tar.gz $sourcefiles
makepkg -g >> PKGBUILD
makepkg -f -scr --sign
rm -rf src pkg $pkgname.tar.gz
rm -rf ../../$pkgfile
mv $pkgfile $pkgfile.sig ../../In this example, the package file will be moved to the x86_64 directory that is the place where we store all our packages. In this way, when all the packages have been created or updated, the user can execute the update-database.sh script inside athena-repository folder for creating the .db file related to the created or updated packages. If the user retrieves packages from GitHub and customize them, remember to delete all git files (e.g., .git directory) and run git rm --cached x86_64/packages/<path-to-the-git-files> -f.
Note that inside build.sh, the makepkg command has --sign argument, so the package will be signed. If the user does not want to sign packages, it can remove that argument. If a signed package is needed, the user must create a private key that will be used for signing all the packages inside the user repository. A useful guide is the following: https://www.sainnhe.dev/post/create-personal-arch-linux-package-repository
In this guide, at the last section, is requested to publish the user repository to GitHub page. It is useful if the user wants to implement a remote repository.
For creating a GitHub Repository, go on the local folder where there are files to push:
$ git init
$ git branch -M main
$ git pull <--rebase> <link your repo.git>
$ git add --all
$ git commit -m "initial commit"
$ git remote add origin <link your repo.git>
$ git push
Just pay attention when you create the GitHub page: you must for first create index.md and _config.yaml files, that will be your home web page, on the root of your GitHub repository, and then the user should go to Settings of the repository → "Pages", set "main" as Branch and /root as folder and save this change as described in the guide, otherwise you risk to create a separate branch that is not connected with the files inside your GitHub repository. After this task, check on "Action" tab if the first deployment will end well.
At the end, go in airootfs/etc/pacman.conf and add:
[athena_repository]
SigLevel = Optional TrustedOnly
Server = file:///home/athena/$repo/$arch #In case of local repository or...
Server = https://athena-os.github.io/$repo/$arch #In case of remote repository
Remember to add the name of the created packages in packages.x86_64 file of archiso.
Important note: when the user makes any changes on its repository and push them on GitHub by git push, go on GitHub user webpage, in Actions section and monitor the running task. If the tasks fails, the user will see a red icon on it, and the user must fix that error otherwise the changes won't be applied on the remote repository. Usually, these errors are triggered by the presence of broken symbolic links inside the files of a package.
Furthermore, if a package in the repository is edited and the pkgver or pkgrel is not changed, when the end user executes pacman -Syu, cannot get the updated package. So, the developer should always change one of these two variables when a package is edited and delete the old .zstand .zst.sigfiles from x86_64folder and then execute update-db.sh. In case the developer does not update the version of the package, a workaround is that the end user should remove the package and reinstall it.
Sadly, it is not possible to retrieve packages directly from AUR during the ISO creation.
For installing AUR packages during the creation of ISO, the user must download package files of its desired package from AUR and make a package to be added in its custom repository.
Currently, the AUR packages added on Athena Repository are:
- archlinux-tweak-tool
- firefox-esr-bin
- hyper-bin
- mkinitcpio-openswap
- powershell-bin
In Athena, for better managing the import and trust of the athena key and blackarch key, at the ISO creation phase, athena.gpg, athena-trusted, athena-revoked, blackarch.gpg, blackarch-trusted and blackarch-revoked files are stored in airootfs/usr/share/pacman/keyrings folder (blackarch key is stored by calling the ISO installation script). athena.gpg file is the public key we need to import, athena-trusted contains the keys to trust. and it has the following content:
<long-key>:4:
athena-revoked contains the list of revoked keys in long format.
After storing these files in keyrings folder, in general it is needed to perform:
sudo pacman-key --init
sudo pacman-key --populate
At the Athena ISO creation phase it is not needed because the trusted files have already been stored in airootfs/etc/pacman.d/gnupg in Archiso.
For exporting it in a file: gpg --export --armor --output athena-public.key A3F78B994C2171D5
For importing it in a new system:
pacman-key --add /etc/athena-public.key
sudo pacman-key --lsign A3F78B994C2171D5
gpg --export-secret-keys --armor --output privkey.asc user-id
Note: user-id can be specified with your key ID, fingerprint, a part of your name or email address.
In a new machine, you can import the private key in the following manner:
gpg --import privkey.asc
It will import also the public key. And then, if you need to sign packages, remember to edit /etc/makepkg.conf file.
Revocation certificates are automatically generated for newly generated keys. These are by default located in ~/.gnupg/openpgp-revocs.d/. The filename of the certificate is the fingerprint of the key it will revoke. The revocation certificates can also be generated manually by the user later using:
gpg --gen-revoke --armor --output revcert.asc user-id
Warning: if you import revcert.asc revocation certificate, your key will be revoked locally. If you send your revoked key to a public PGP server, it will be revoked globally. Once revoked, it is not possible to sign packages.
This certificate can be used to revoke a key if it is ever lost or compromised. The backup will be useful if you have no longer access to the secret key and are therefore not able to generate a new revocation certificate with the above command. It is short enough to be printed out and typed in by hand if necessary.
Warning: Anyone with access to the revocation certificate can revoke the key publicly, this action cannot be undone. Protect your revocation certificate like you protect your secret key.
Key revocation should be performed if the key is compromised, superseded, no longer used, or you forget your passphrase. This is done by merging the key with the revocation certificate of the key.
If you have no longer access to your keypair, first import a public key to import your own key. Then, to revoke the key, import the file saved in backup your revocation certificate:
$ gpg --import revcert.asc
Now the revocation needs to be made public. Use a keyserver to send the revoked key to a public PGP server if you used one in the past, otherwise, export the revoked key to a file and distribute it to your communication partners.
Source: https://wiki.archlinux.org/title/GnuPG#Backup_your_private_key