Multiple Ways to Install Kali

In this article, we will learn how to open the magic box of ethical hacking. Can you guess the name of that box? Ok, I tell you the name is KALI the magic box of ethical hacking. Through this article, you will learn the installation of Kali  Linux on different platforms along with the features.

Table of Content

  • Introduction of kali Linux
  • Features of kali Linux
  • Prerequsities for kali Linux installtion
  • Kali installation on VM (Virtual machine)
  • Kali installation on Virtual Box
  • Kali installation on AWS
  • Kali installation on Respberry pi

Introduction of Kali Linux

“The quieter you become, the more can to hear”—Kali Linux

As per my definition, Kali Linux is a magic box that contains multiple magic tools to play the magic. In technical terms, Kali Linux is an open-source, Debian based Linux distribution mainly for penetration testing, security auditing, computer Forensic, Security research, etc. it contains over 600 tools of information gathering(Amap, arp-scan, APT2, etc.), vulnerability analysis (Nmap, sqlmap, BBQSQL, etc., ), wireless attack( Airbase-ng, Air crack-ng, airplay-ng, etc.), web applications(BrupSuite, zaproxy, Web Scarab), exploitation (Metasploit, Armitage, crackle), forensics (DFF, Capstone, Binwalk, etc.), etc.
It is developed, maintained and funded by Offensive Security, a leading information security training company.

Features of Kali Linux

Free of cost –it is completely free of cost, you will never have to pay for it. All the development source code are freely available to you.

Over 600 tools available for different functionality e.g computer forensics, penetration testing, etc

Completely customizable – it is easy to customize based on your needs and preferences.

Usable on a wide range of ARM devices.

Prerequisites for Kali Linux Installation

Kali OS software package required a minimum of 10 GB hard disk space for installation.

  •        Minimum 512MB Ram is required for i386 and amd64 architectures.
  •        A bootable CD-DVD Drive or a USB stick.

Give me six hours to chop down a tree and I will spend the first for four sharpening the axe.—Abraham Lincoln

Installation of Kali on Vmware

Vmware Workstation enables users to set up virtual machines on a single physical machine and use them simultaneously along with the actual machine. A Virtual machine can be downloaded from www.vmware.com.

Download kali from  http://kali.org/downloads/ 64 bit or 32 bit as per your computer capability.

Click on create a new virtual machine by selecting the Installer disc image file (ISO), and review the configured virtual machine and then powered on the created kali virtual machine.

 At the boot menu, many options are available so I am going to describe all boot menu options briefly:

Live (amd64)

Probably the one you’re searching for. This one will boot you into Kali, but only in the Live mode. That means, that when you terminate/shutdown your laptop everything you’ve saved/edited in Kali is lost. So if you make a file on your desktop, that file will be lost when you restart.

This is possible because Kali only writes to RAM and not your HDD.

Live (forensic mode)
This is a special and interesting mode. In this mode, the internal HDD is never touched, and the auto-mounting of devices is disabled. You’ll use this when performing forensics on a device (e.g. recovering sensitive files, getting evidence in crime scenes.)

Live USB Persistence
Use this if you want to install Kali on the USB you booted from, this way you can save what you’ve done, etc. If you now place a file on your desktop, it’s saved on your USB and is again accessible when you boot from it.

Live USB Encrypted Persistence
Same as above. Alone with this option, your USB is also encrypted with LUKS. If you choose USB Persistence, choose this one!

(Graphical) Install                                                                                        
If you want to install it on your HDD.

Install with speech synthesis
Install it, the text from the installation-menu is read out to you

But through the down arrow key, you can select Graphical install.

After selection of Graphical install, you will get the multiple next windows of

Preferred language selection- English (select as per your choice) then click continue

Location – United States (select as per your choice) click continue

Standard keymap –  American English (select as per your choice) click on continue

On the next screen you will ask to configure the network, select Do not configure the network at this time and hit the continue.

Now in a single word, you can provide the hostname e.g. Kali (any name as per your choice). Then click on continue.

Set the password for the root account. Don’t forget the password you have set for the root account otherwise you have to install kali again.

On the next screen, select the time zone and click continue.

 

Kali detects the disk partitions. Select guided-use entire disk then click continue.

 

Installer confirms that partition you are going to use. Click continue.

 

Select the All files in one partition and click on continue.

Selection of disk partition has been done, you can see the overview of partition disk you currently configured, and select the Finish partitioning and write changes to disk. After that click on continue.

Click on yes to make the changes to disk as per the selected partition changes. Then click on continue.

After partition, now Kali will start installing, you have to around 30 minutes for installation.

After Kali installation, on the next screen, you will get the network mirror option. You need to select No and click on continue.

You get the option to install the GRUB boot loader as it should be safe to install it to the master boot record of your first hard drive. Select yes and click on continue.

Select the boot loader device for GRUB installation. Select /dev/sda and click Continue.

Now you will see the installation complete dialog box. Click to continue to finalize the installation and wait for the VM to reboot. After reboot, you will see the login screen. Log in with your username or root user and provide your password. You will then see the Kali Linux desktop.

Once the VM reboots, you will see the Kali Linux login screen.

Login with username: root, Password: toor, what you entered during the installation process earlier.

 

Successfully, Kali installation has been done, now you can start working on Kali Linux.

Installation of Kali Linux on Virtual Box

VirtualBox is a software system for virtualizing the x86 computing design. It acts as a hypervisor, making a VM (virtual machine) within which the user will run another OS (operating system).

The OS within which VirtualBox runs is named the “host” OS. The OS running within the VM is named the “guest” OS. VirtualBox supports Windows, Linux, or macOS as its host OS.

 If you have already got put in VirtualBox then well smart otherwise install the newest version and install it from https://www.virtualbox.org/wiki/Downloads.

Prerequisites

  • VirtualBox installed in your Linux system
  • the image of Kali Linux present in your system
  • at least 4GB of RAM
  • at least 20-30GB of free disk space
  • network to have a system updated
  • a processor with the virtualization features enabled (often activated by default)

In virtualization, the guest OS is the virtualized system (so our Kali Linux) and the host OS is our Linux system. You can summarize the configuration that was created by you. Then launch the installation  click on the green arrow button to start .

On the next screen, you will see the installer options, select Graphical install.

After the selection of Graphical install, you have to follow all the steps the same as you have done at the time of installation of Kali Linux on VMware.

Installation of Kali Linux On AWS

Amazon Web Services (AWS) is a subsidiary of Amazon that provides on-demand cloud computing platforms and APIs to individuals, companies, and governments, on a metered pay-as-you-go basis. In aggregate, these cloud computing web services provide a set of primitive abstract technical infrastructure and distributed computing building blocks and tools. One of these services is Amazon Elastic Compute Cloud, which allows users to have at their disposal a virtual cluster of computers, available all the time, through the Internet.

For more detail description refer https://en.wikipedia.org/wiki/Amazon_Web_Services.

Prerequisites

  • An Aws account
  • Minimum 2 GB RAM (to run Metasploit)

Login to  https://aws.amazon.com/console/ to navigate web services. From the compute services, select EC2 (Elastic Compute Cloud) and click on Launch Instance.

Click on AWS Marketplace, to search  the AMI (Machine Image of Kali Linux)

In the search, tab writes Kali Linux, to the Kali AMI  and then click on select.

After selection, you can see the summary of all the instances types, software, amount available for Kali Linux. (As per your requirement you can choose, also free tier instance is also available).Then click on continue.

Now you can choose instance type as per your budget, you can select t2micro along with vcpu 1,2.5GHz, Intel Xeon Family,1GiB memory, EBS only). But to run the Metasploit to need minimum of 2 GB RAM, you can opt t2 small or t2 medium.

Review the selected instance and click on the launch.

Here, you need to create a new key pair and give a name to the key . Click on download key pair as you will not be able to download the file again after it’s created. Then click on Launch Instances.

Save the Downloaded .pem file.

Click on Launch Instances

After Launch instance, you can see the instance is running even you can provide the name to your created instance. Click on connect to get access to SSH with other information on public DNS.

For a Linux user:

You can access the Kali AWS from a linux machine. Set the permissions and connect the SSH server:

Login with username ec2-user.

For Window Users:

Open the puttygen and load the previously downloaded private key to convert it into a putty supported format.

Save the private key and close the Puttygen program. Open the Putty program to connect it with Kali Linux, in hostname put the public DNS details and load the private key in the Auth tab under the SSh navigation.

Then click on open

Login with username ec2-user and your kali Linux from the cloud is ready. As this is minimal installation, to get all the tools run the command apt-get install kali-linux-full

Note: You should not go over the usage limit otherwise you will be charged and need to pay the bill.

Installation of Kali on Raspberry Pi

The Raspberry Pi is a low-cost, credit-card-sized ARM computer. Despite being a good bit less powerful than a laptop or desktop PC, its affordability makes it an excellent option for a tiny Linux system and it can do far more than act as a media hub.

The Raspberry Pi provides an SD card slot for mass storage and will attempt to boot off that device when the board is powered on.

By default, the Kali Linux Raspberry Pi image has been streamlined with the minimum tools, similar to all the other ARM images. If you wish to upgrade the installation to a standard desktop installation, you can include the extra tools by installing the kali-Linux-full meta-package.

For more details please refer https://github.com/thehackingsage/HackPi.

Prerequisites

  • Kali Linux Raspberry 2,3, 4 ARM images.
  • SD card (minimum size 8 GB but can use 16GB 0r even 32 Gb)
  • Bootable Kali

First, download the Kali Linux 2 or more image file for a raspberry file from the https://www.offensive-security.com/kali-linux-arm-images/#1493408272250-e17e9049-9ce8.

I need to write it to the SD card. Choose the Kali Linux ISO file to be imaged with “select image” and verify that the USB drive to be overwritten is the correct one. Click the “Flash!” button once ready.

Once Etcher alerts you that the image has been flashed, you can safely remove the USB drive and proceed to boot into Kali with it.

Now, you can have a plugged raspberry pi device with the bootable SD card into the monitor. After powering up the raspberry pi 3 b, it will go through a bootup process and the screen will go blank for a few seconds.

For the final step, a login prompt will appear asking for a username and a password. The default should be ‘root’ and ‘toor’ respectively.

Thank you

Author: Nisha Sharma is trained in Certified Ethical hacking and Bug Bounty Hunter. Connect with her here

Web Application Pentest Lab Setup on AWS

Isn’t it going to be nice if you can reach your pen-testing lab from all over the world? As we all know, this is a digital age that makes life easier than our expectations, thus anyone can access their information/data from the cloud. Similarly, a Pentester can design its pen-testing environment for the vulnerable machine on the cloud that can be accessed from anywhere. AWS is probably the most popular cloud service available in today’s date, with most companies taking a cloud or hybrid approach towards their infrastructure.

This article is about setting up a vulnerable lab for web penetration in Amazon Web Services (AWS) to perform pen-testing on.

Table of Content

  • Prerequisite
  • Setup & Configuration of AWS Instance
  • Deployment & Connectivity
  • Install Dependencies
    • Apache
    • MySql – server
    • PHP
    • Configuring MySql
    • Phpmyadmin
  • Lab Setup
    • DVWA
    • SQL Injection – Dhakkan
    • OWASP Mutillidae II

Prerequisite

To set up your own pen-testing environment, you must have AWS account or if not then create an AWS account and login your account.

Setup & Configuration of AWS Instance

Let’s walk through the process of setting up the lab, we will be making an EC2 instance with Ubuntu Server 18.04 LTS on it. An EC2 instance is referred to as a virtual server in Amazon’s Elastic Compute Cloud (EC2) for running applications on the AWS infrastructure. The good thing is that this will not cost you anything to build as AWS has options to setup instances within a certain computing level that are not charged for.

  1. Open the EC2 console in AWS.

     2. Navigate to “Launch Instance” and click on “Launch Instance”.

  1. Choose the Amazon machine image (AMI), this is basically similar to finding the iso file of the OS that you want on your instance. AWS has you covered with most of the popular OS’s available in its inventory.
  2. Here we looked for ubuntu.
  3. Now that we see the OS that we want running on our instance, we need to choose the “64-bit (x86)”.

  1. We now need to choose our instance type, to basically define the amount of hardware this instance will have, we choose the “t2.micro”. This gives us I virtual CPU and 1 GB of RAM.

For most general-purpose workloads, T2 Unlimited instances will provide ample performance without any additional charges.

Features:

  • High-frequency Intel Xeon processors
  • Burstable CPU, governed by CPU Credits, and consistent baseline performance
  • Lowest-cost general purpose instance type, and Free Tier eligible*
  • Balance of compute, memory, and network resources

Read more from here

  1. Once we click on “Review and Launch”, the rest of the options are left as they are, and we click on “launch”.

8. Now let’s launch the instance which will create a key pair to your instance and complete the launch process.

This is a very important step, this is what makes it possible for you to connect to your instance over SSH, the key pair.

  1. Choose “Create a new key pair”, give it a name, them download and save the .pem file somewhere where you can keep it safe.

AWS gives you the launch status, tells you about the launch process and shows you that your instance is now launching.

  1. Now click on “View Instances” to see what’s happing with our Ubuntu server. Note that it takes a few minutes for the server to be fully deployed, so be patient. Now we see under “Status check” that we have our 2/2 checks, this essentially means that our instance is fully deployed and ready for us to connect to.

Deployment & Connectivity

This is the good part, where we get to deploy and connect to our instance in AWS.

  1. We choose our instance and click on “Connect”, this takes us to a page with options that defines how we want to connect to our instance, and we choose to connect using a standalone SSH client.

  1. Enter the name for your Instance ID, so that you can easily identify the instance ID from its name.

AWS is very helpful in giving us the particulars for our connection, like the commands to use.

There are many applications you can choose from to connect to the instance, we are connecting to it from Kali Linux.

  1. We first make sure that the .pem file that we saved has the right permissions assigned to it, in this case, it needs to be only ‘read’. Once that is done, we put in the SSH particulars provided by AWS.

  1. The .pem file is defined so that the SSH operation knows where the keys are located and that’s it, we are in!!. We connect and get to root.

Install Dependencies required for Pentest-lab

Ubuntu is up and running now, let’s start it for our pentest purposes, in order to do that we need to have the basic dependencies installed so that we can access web application like DVWA, etc.

Apache

First, we will install the Apache. Apache is the most commonly used Web server on Linux Systems. Web servers are used to serve web pages requested by the client computers.

  1. So, let’s first install Apache in the ubuntu by the following command.

We have successfully installed apache2, by default apache runs on port 80

 

For Apache to function properly we need to open port 80, so let’s get to it. We need to edit the security group in order for the Apache service to work. Ports are closed by default in AWS, so we can define what we want open.

  1. Go to your instance and launch the security groups wizard-1.
  2. Edit the inbound rules and add HTTP, using TCP protocol over port 80.

  1. The rule has been added, now click on save.

  1. Now to validate that Apache is running on our Ubuntu server, we access the IP of the instance in a browser.

MySQL – Server

The next step is to install MySql-server. This is fairly simple, just type in the command and let Ubuntu do the rest.

PHP

Installing PHP 7.2, simply type the following command.

Configuring MySQL

Let’s configure MySQL so we have the right kind of credentials for our setup. After it gets logged in you will grant all the privileges to the user of Ubuntu as in our case we have given all the privileges to user raj which will be identified with the password of ubuntu which is 123 in our case and after which we will reset all the previous privileges so that it can start the service with the new changes. For this, the commands are the following.

PHPMyAdmin

We need to install phpMyAdmin as well, here is how you do it.

Phpmyadmin needs to be configured, it needs to know that we want to use apache2 as our web server.

Next, we need to give it the password that we kept while setting up MySQL.

Lab Setup

We are done with installing all the dependencies for our setup and are now ready to install our pentest labs.

DVWA

let’s navigate to the “html” folder to download and install DVWA. Once that is done, we need to move the config.inc.php.dist file for further configurations.

Open the config.inc.php file in a text editor and put in the database credentials that we had set up earlier. We only need to modify 2 fields: db_user and db_password.

Now we open DVWA in our web browser and click on “Create/Reset Database”.

Time, to login to our DVWA!

SQL Injection – Dhakkan

Our vulnerable web app is up and running, now we want to install a lab for SQL injections, we will be using the Dhakkan sqli lab.

Here’s how to set it up. We download it into the html folder to host it, next we move the “sqlilabs” folder to the “sqli”. Next, we need to edit the database credentials so that the lab can function properly. Open the db-creds.inc file in a text editor.

Now that the file is open, we put in the username and password.

Now browse this web application from through this Public-DNS/sqli and click on Setup/reset Databases for labs. Now the sqli lab is ready to use.

Success! Sqli is up and running.

OWASP Mutillidae II

Last but not least, we will install OWASP Mutillidae II and that will conclude our setup for now.

So, let’s start by navigating to the “html” folder and downloading Mutillidae. Once downloaded, we navigate to the “includes” folder.

Once in, modify the database access file to prove the credentials we had set up earlier.

Now we will open this our local browser by the following URL: Public-DNS/mutillidae where we will find an option of reset database. Just click on it to reset the database. Let’s launch Mutillidae using our browser.

Voila!! Your Ubuntu instance is ready for you to start your AWS pentest journey. You have your connectivity, dependencies and labs all configured and ready to go.

We at Hacking Articles always try to bring you the most industry-relevant content. Since the cloud is now the thing most companies are moving towards and raising curiosity about ways to keep the cloud secure, this is article is just to get you ready for our new articles on cloud penetration testing, so stay tuned.

Have fun and stay ethical.

About The Author

Abhimanyu Dev is a Certified Ethical Hacker, penetration tester, information security analyst and researcher. Connect with him here

Multiple Methods to Bypass Restricted Shell

We all know the Security Analyst-Hacker relationship is like “Tom & Jerry” where one person takes measures to step-up the security layer and another person tries to circumvent it. The same situation that I slowly resolved while solving CTF challenges where always a new type of configuration error help me learn more about poor implementation of protection.

In this post, we will talk about “restricted shell or bash,” which is used in many CTF challenges and learn to bypass rbash by multiple methods.

Following CTF Challenges using rbash:

Table of Content

  • Restricted shell
  • Restrictions with in rbash
  • Pros of a restricted shell
  • Cons of a restricted shell
  • Multiple methods to bypass rbash

Restricted Shell: rbash

A restricted shell is used to set up an environment more controlled than the standard shell which means If bash is started with the name rbash, or the -r option is supplied at invocation, the shell becomes restricted. 

Restrictions with in rbash

It behaves identically to bash with the exception that the following are disallowed or not performed:

  • cd command (Change Directory)
  • cd command (Change Directory)
  • PATH (setting/ unsetting)
  • ENV aka BASH_ENV (Environment Setting/ unsetting)
  • Importing Function
  • Specifying file name containing argument ‘/’
  • Specifying file name containing argument ‘-‘
  • Redirecting output using ‘>‘, ‘>>‘, ‘>|‘, ‘<>‘, ‘>&‘, ‘&>‘
  • turning off restriction using ‘set +r‘ or ‘set +o‘

Pros of Restricted Shell

  • Rbash is often used in combination with a chroot jail in an additional attempt to restrict access to the entire process.

Cons of Restricted Shell

  • When a shell script command is executed, rbash cuts off any constraints in the spawned shell to execute the code.
  • Inadequate to allow fully untrusted code to be executed.

Enable restricted shell for a user

As said above the rbash will control the access of bash shell for a user and allow to execute the trusted command only which means the login user can run some selected command only. In order to control the user bash command, execute or enable the restricted shell for any user to follow the below steps:

  1. Create a local user “ignite”
  2. Set password
  3. Set usermod to enable rbash for a local user.
  4. Ensure accessible shell for the user with the help of /etc/passwd.

Method to Bypass rbash

  1. Bypass rbash using Editors
  • Vi-editors
  • Ed-editors
  1. Bypass rbash using One liner
  • Python
  • Perl
  • Awk
  1. Bypass rbash through Reverse Shell
  2. Bypass rbash using System binaries
  • More
  • Less
  • Man
  1. Bypass rbash using Expect
  2. Bypass rbash through SSH

Bypass rbash using Editors

Now suppose you have accessed the host machine as a local user and found the logged user is part of rbash shell thus you are unable to run some system commands, such as: cd (change directory) because due to rbash it is restricted.

Now the question is: Then what will you do in such a situation? 🤔

And the answer is: Use “Editors Programs” to bypass the restricted mode. 😇

1st method – VI Editor

So you can use the VI editor and this will be in the edit mode where you need to run the following command to open the “sh: Bourne shell” instead of rbash.

Now if you will try to access /etc directory then you will saw that you are able to run cd & pwd command as shown below.

2nd method- ed-Editor

You can also go with ed-editor which very easy to use as this is same as cat program that will provide inline edit mode where you can use the following command to call “sh: Bourne shell”

Now again if you will try to access /etc directory then you will saw that you are able to run cd & pwd command as shown below.

There many more editors such as pico or nano which you should by yourself to bypass rbash environment.

Bypass rbash using One liner

1st Method Python

You can also choose python following command as a one-liner to import “sh: Bourne shell” and spawn the proper sh shell instead of rbash as shown below where we are able to access the /etc directory without any restriction.

2st Method Perl

Similarly, you can also choose Perl following command as a one-liner to import “sh: Bourne shell” and spawn the proper sh shell instead of rbash as shown below where we are able to access the /etc directory without any restriction.

3rd Method- Awk

Similarly, you can also choose awk following command as a one-liner to import “sh: Bourne shell” and spawn the proper sh shell instead of rbash as shown below where we are able to access the /etc directory without any restriction.

Bypass rbash through Reverse Shell

1st-Method Python

You can also choose reverse shellcode to bypass rbash, here we have use python reverse shellcode (penetestmokey) and this will throw the “sh: Bourne shell” to the listen to machine (Kali Linux in our case) on the netcat which is listening over our Kali Linux.

After running the listener we will be running the following command.

Now if you will try to access /etc directory then you will saw that you are able to run cd & pwd command as shown below.

2nd Method – PHP

Similarly, you can use PHP reverse shellcode which need to be executed on the host machine and reverse connection will be accessible on Listening IP.

Now if you will try to access /etc directory then you will saw that you are able to run cd & pwd command as shown below.

Bypass rbash using System binaries

Very few people know this, that some system binaries program (such as less, more, head, tail, man and many more) are very useful to bypass restricted environment.

Consider a situation where you a log file named ignite.txt inside the current directory and you allow to only a few commands such as more or less to read the logs.

1stMethod-/bin/more

Take the privilege of /bin/more program to bypass the restricted environment by executing following command on the rbash shell

more ignite.txt

Now if you will try to access /etc directory then you will saw that you are able to run cd & pwd command as shown below.

2nd Method-/bin/less

Take the privilege of /bin/less program to bypass the restricted environment by executing following command on the rbash shell

Now if you will try to access /etc directory then you will saw that you are able to run cd & pwd command as shown below.

3rd Method-/bin/man

Take the privilege of /bin/less program to bypass the restricted environment by executing following command on the rbash shell

Now if you will try to access /etc directory then you will saw that you are able to run cd & pwd command as shown below.

Bypass rbash using Expect

Expect is a Unix program that “talks” to other interactive programs according to a script. Following the script, Expect knows what can be expected from a program and what the correct response should be.

Take the privilege of /bin/usr/expect the program to bypass the restricted environment by executing the following command on the rbash shell.

Now if you will try to access /etc directory once again then you will saw that you are able to run cd & pwd command as shown below.

Bypass rbash through SSH 

If you know the ssh credential of the user who is part of rbash shell, then you can use the following command along ssh to break the jail and bypass the rbash by accessing proper bash shell.

Now if you will try to access /etc directory once again then you will saw that you are able to run cd & pwd command as shown below.

Reference: http://manpages.ubuntu.com/manpages/cosmic/man1/rbash.1.html

Author: Kavish Tyagi is a Cybersecurity enthusiast and Researcher in the field of WebApp Penetration testing. Contact here

Multiple Ways to Setup Cloud Pentest Lab using OwnCloud

This article is all about setting up a Private Cloud on your local machine on ubuntu, docker and VM. But before it is installed and configured, you should know what the cloud is and why it is a very important part of IT organizations.

Table of Content

  • Cloud Computing
  • Benefits of Cloud Computing
  • Types of Cloud Computing
  • Cloud Computing Deployment Models
  • How cloud computing works
  • Installation of Own cloud in Ubuntu
  • Installation of OwnCloud using Docker
  • Bitnami Owncloud Stack Virtual Machines

Cloud Computing

Cloud computing is the on-demand delivery of compute power, database, storage, applications, and other IT resources via the internet with pay-as-you-go pricing. Whether you are using it to run applications that share photos to millions of mobile users or to support business-critical operations, a cloud services platform provides rapid access to flexible and low-cost IT resources.

In other words, cloud computing means, storing and accessing information and programs over the internet instead of the hard drive of your computer. You can access as many resources as you need, almost instantly, and only pay for what you use.

References: https://aws.amazon.com/what-is-cloud-computing/

Benefits of Cloud Computing

  • Cost Saving – Pay for what you use.
  • Agile deployment – Easy and fast access a broad range technology (database, storage, compute etc.) on as per the requirement.
  • Location Independent –Deploy your application in multiple physical locations around the world with just a click.
  • Disaster Recovery – No environmental disruption, no natural calamity effect.
  • Elasticity– Instantly scale up or down the amount of resources that actually need.

Types of Cloud Computing

There are three main types of models of cloud computing. Each type of cloud service and deployment method provides you with different levels of control, flexibility, and management.

  • Infrastructure as a Service (IaaS) -It is a cloud computing offering in which a vendor provides users access to computing resources such as servers, storage and networking. Organizations use their own platforms and applications within a service provider’s infrastructure.

Example: Linode, Rackspace, Amazon Web Services (AWS), Cisco Metapod, Microsoft Azure, Google Compute Engine (GCE)

  • Platform as a service (PaaS)– It is a cloud computing offering that provides users with a cloud environment in which they can develop manage and deliver applications. In addition to storage and other computing resources, users are able to use a suite of prebuilt tools to develop, customize and test their own application also can providers manage security, operating systems, server software and backups.

Example: AWS Elastic Beanstalk, Windows Azure, Force.com, Google App Engine, Apache Stratos.

  • Software as a service (SaaS)-It is a cloud computing offering that provides users with access to a vendor’s cloud-based software. Users do not install applications on their local devices. Instead, the applications reside on a remote cloud network accessed through the web or an API. Through the application, users can store and analyse data and collaborate on projects.

Example: Google Apps, Dropbox, Salesforce, Cisco WebEx,

Cloud Computing Deployment Models

  • Cloud (Public) – A cloud-based application is fully deployed in the cloud and all parts of the application run in the cloud. Applications in the cloud have either been created in the cloud or have been migrated from an existing infrastructure to take advantage of the benefits of cloud computing.
  • Hybrid- A hybrid deployment is a way to connect infrastructure and applications between cloud-based resources and existing resources that are not located in the cloud. The most common method of hybrid deployment is between the cloud and existing on-premises infrastructure to extend, and grow, an organization’s infrastructure into the cloud while connecting cloud resources to the internal system.
  • On-premises (Private) – Private Cloud refers to the cloud solution dedicated for use by a single organization. The data centre resources may be located on-premise or operated by a third-party vendor off-site. The computing resources are isolated and delivered via a secure private network, and not shared with other customers.

How cloud computing works

Cloud computing gives you access to servers, storage, databases, and a broad set of application services over the Internet. A cloud services provider owns and maintains the network-connected hardware required for these application services, while you provision and use what you need via a web application.

Hope, now you have a basic understanding of cloud computing. Let’s start the installation of Owncloud in multiple ways.

Installation of Own cloud in Ubuntu

OwnCloud is the market-leading open-source software for cloud-based collaboration platforms. As an alternative to Dropbox, OneDrive and Google Drive, ownCloud offers real data security and privacy for you and your data. Store your files in one central location – protected from unauthorized access. Many features designed for absolute data security help you to work productively and securely.

Before starting the installation, I want to confirm that you should already have Ubuntu in PC or you can install ubuntu. As I already have Ubuntu 18.04 LTS.

Let’s start the journey together with below steps:

Install Apache2

OwnCloud requires a webserver to function. So, we install Apache2 on Ubuntu.

Install the MariaDB Server

After apache2 installation, run the commands to disable the directory listing and also to Restart the Apache2 services.

MariaDB is the database server. It is an enhanced, drop-in replacement for MySQL. MariaDB is used because it is fast, scalable and robust, with a rich ecosystem of storage engines, plugins and many other tools make it very versatile for a wide variety of use cases.

After installation of MariaDB , restart the service and enable MariaDB service to always start up when the server boots.

Install PHP and its modules

Run the commands to add a third-party repository and upgrade to PHP 7.1

Now,  update and upgrade

Next, we  install PHP7.1  and related modules

After installation of PHP 7.1, open FPM PHP default file.

Create OwnCloud  Database

After the installation of all the necessary LAMP packages, we will continue to configure the servers. First, we create the OwnCloud Database. Below are the steps:

  1. Run the MySQL command to logon to the database server. In the next prompt, type the root password.
  2. Create a database called Owncloud.
  3. Create a  database user g nisha with the new password e.g 123(you Should put the strong password for security purpose).
  4. Then, we grant the user full access to the database.
  5. Finally, save your changes and exit.

Note: In the database, the command should be ended by a sign ; otherwise you will get an error.

Download Latest Owncloud Release

Visit  https://owncloud.com/download/ for download and extract OwnCloud Files into the /var/www/html directory.

Then set the correct permissions for OwnCloud to function, change the ownership and mod e.g as we grant (Read Write Execute i.e 777) permission.

Configure Apache2

Configure Apahce2 site configuration file for OwnCloud. This file will control how users access OwnCloud content. Create a new configuration file called owncloud.conf as shown.

Then copy and paste the content below into the file and save it. Replace the highlighted in yellow lines with your own domain name and directory root location and then save the file.

Enable the OwnCloud and Rewrite Module

After configuring the VirtualHost above, enable it by running the commands below and at last restart the Apache2 service.

Open the browser and put localhost(local IP ) e.g http://localhost/owncloud

You’ll be prompted to create an admin account and password. Connect to the database using the information you created and then click on finish setup.

            

Put the admin Credentials and continue.

Happy to see the final Picture of OwnCloud, now you can upload and store your data safely on Owncloud.

Installation of OwnCloud using Docker

Docker is a tool designed to make it easier to create, deploy, and run applications by using containers. Containers allow a developer to package up an application with all of the parts it needs, such as libraries and other dependencies, and ship it all out as one package.

Let’s start the installation with the below steps :

Install Docker

To install docker, simply open the terminal of Linux and type the following command:

Once the docker is up and running, you can run or pull any image in your docker. As per the requirement, we are going to search owncloud image. When you run the following command, it will first check your local repository; if the image is not available there then it will pull it from docker hub.

Once you find your image, you can pull it into your container and download the Owncloud image.

The docker attaches command permits you to attach to a running container using the container ID or name you can use one instance of shell only though attach command or you can directly run the container with container id. ownCloud is accessible via port 8080 on the host machine. But if you crave to open a new terminal with a new instance of container’s shell, we just need run docker exec.

To log in to the ownCloud UI, open http://localhost:8080 in your browser of choice, where you see the standard ownCloud login screen, as in the image below.

Finally welcome to your owncloud platform to perform your services (upload, safety storage of data etc.)

Bitnami Owncloud Stack Virtual Machines

Bitnami Virtual Machines contain a minimal Linux operating system with ownCloud installed and configured. Using the Bitnami Virtual Machine image requires hypervisor software such as VMware Player or VirtualBox. Both of these hypervisors are available free of charge.

You can download from here

Login with default credential

It very simple, only just navigate to the web browser and explore VM IP as shown below.

Author: Nisha Sharma is trained in Certified Ethical hacking and Bug Bounty Hunter. Connect with her here