Kali Gnome Desktop – View Trash and Home icons and delete using the “Delete” key

Categories Kali, Linux

There are two things that bother me a little when using Kali with Gnome Desktop. There is no Trash icon on the Desktop and the need of pressing ctrl+del to send a file or directory to the Trash. If you feel the same way read the following lines to solve it.

– Showing Trash and Home icons on desktop –

From a terminal type the following:


The “Configurator Editor” pops up. From the left panel select the following schema:

org >> gnome >> nautilus >> desktop

In the right panel you will see some interesting properties like “computer-icon-visible“, “home-icon-visible” and “trash-icon-visible“. You have to check them in order to show those icons on the Desktop. If they are already checked and you don’t see the icon, uncheck them and check them again.


– Deleting using the “Delete” key –

This was a little more painful but I finally found a solution. There is a way by activating the “can-change-accels” property using the dconf-editor utility shown previously, but the problem is that we lose our changes when nautilus is restarted.

So here is the method that worked for me using the console:

Create the folder /root/.gnome2/accels:

mkdir /root/.gnome2/accels

Create the file /root/.gnome2/accels/nautilus and write the following line:

(gtk_accel_path “/DirViewActions/Trash” “Delete”)

Save the file. Now restart nautilus:

nautilus -q

That’s all.

Enjoy :)

Connecting the Raspberry Pi to an old (or not so) VGA monitor.

Categories Raspberry Pi, Raspbian

I have an old 15 inch VGA monitor optimized for a 1024×768 resolution which I have not used for a while. I thought it would be great to use it with my Raspi because it is quite small size, old and it creates that “retro” atmosphere that I love. But the thing  is not as easy as it may seem. In this post I will explain how I achieved this.

The first thing you need is an adapter to transform from HDMI signal (Raspi output) to VGA signal (Monitor input). The signal must suffer a transformation because HDMI is a digital signal while VGA is an analog one. Be careful with those cheap wires that have just a VGA port in one end and an HDMI port in the other one. They are useless for our purpose. The adapter you need may look like this (please excuse the cat…):


You can find one of this in many sites, Amazon or eBay for example. I  bought this one for around 12 €. This model is great because it has also a jack port to get the sound that may come from the HDMI signal. So this is my Raspi connected to the old monitor using the adapter I got:

Raspi using HDMI to VGA adapter

Now when you turn on your Raspi three different things could happen:

1) You see everything perfectly in your VGA monitor. You are a very lucky person and you are probably wondering why I am writing this post.

2) You see a resolution that is not good for your monitor or that you do not want and you cannot change it.

3) You do not see anything in your monitor.

If your case is not the first one there is work to do yet. By the way, in my case it was the second one using Raspbian and the third one using Berryboot. I will be using the Raspbian example. When I turned on my Raspi I got a message from my monitor saying that it had to use a 1280×720 “failsafe mode” resolution which did not look very good:

1280x720, not proper resolution

I lost like a third of the screen using this resolution and the image and text quality was very poor. There was no way to change this resolution dynamically.

So now is the time to introduce the Raspberry’s config.txt file. This file performs a basic configuration  when you turn on your Raspi and change its parameters would be like tuning the BIOS in a normal PC. So this file is the key to get our monitor working properly.

The config file is located at /boot/config.txt but if your case is the third one, and you cannot see anything on the screen, you can read the SD card in other PC and you will find the file at /.

You can find all the details, parameters and configurations for this file at:


The problem is that setting the right parameter values depends on your hardware; your monitor, your hdmi-vga adapter and even your wire! You can spend much time tuning this file but here is the trick that worked for me:

There is one parameter called hdmi_safe that when enabled (hdmi_safe=1), it sets the proper parameters to maximize compatibility for HDMI. Reading from the RPIconfig site above:

hdmi_safe Use “safe mode” settings to try to boot with maximum hdmi compatibility. This is the same as the combination of: hdmi_force_hotplug=1, hdmi_ignore_edid=0xa5000080, config_hdmi_boost=4, hdmi_group=2, hdmi_mode=4, disable_overscan=0, overscan_left=24, overscan_right=24, overscan_top=24, overscan_bottom=24

If you type (or uncomment in some config.txt files) hdmi_safe=1, save and reboot you should boot using a 640×480 resolution:

640x480 proper but too low

Ok. That is a low resolution but it looks much better. So this “hdmi_safe” parameter did a good job. Now, to be sure of which parameters have been set, let’s use a couple of commands again from the RPiconfig site:

vcgencmd get_config int – lists all the integer config options that are set (non-zero)
vcgencmd get_config str – lists all the string config options that are set (non-null)

In my case “vcgencmd get_config int” returned the following:


And “vcgencmd get_config str” did not return anything.

Therefore the group of parameters enabled do not match the ones RPiconfig indicates when hdmi_safe is activated. That’s why I recommend to use vcegencmd command, to be sure of which parameters are really set. Now the only thing left to do is to change the 640×480 resolution to 1024×768 and remove the “padding” you can see in the image above.

The resolution has to be with the “hdmi_mode” parameter, and you can see its possible values in the RPiConfig site. I will show some of them:

hdmi_mode=1 640×350 85Hz
hdmi_mode=2 640×400 85Hz
hdmi_mode=3 720×400 85Hz
hdmi_mode=4 640×480 60Hz
hdmi_mode=5 640×480 72Hz
hdmi_mode=6 640×480 75Hz
hdmi_mode=7 640×480 85Hz
hdmi_mode=8 800×600 56Hz
hdmi_mode=9 800×600 60Hz
hdmi_mode=10 800×600 72Hz
hdmi_mode=11 800×600 75Hz
hdmi_mode=12 800×600 85Hz
hdmi_mode=13 800×600 120Hz
hdmi_mode=14 848×480 60Hz
hdmi_mode=15 1024×768 43Hz DO NOT USE
hdmi_mode=16 1024×768 60Hz
hdmi_mode=17 1024×768 70Hz
hdmi_mode=18 1024×768 75Hz
hdmi_mode=19 1024×768 85Hz
hdmi_mode=20 1024×768 120Hz
hdmi_mode=21 1152×864 75Hz
hdmi_mode=22 1280×768 reduced blanking


As you can see the hdmi_safe configuration used hdmi_mode=4 which corresponds to a 640×480 60Hz resolution. I will change this value to 16 that corresponds to 1024×768 60Hz which is perfect for my monitor. As you can imagine, the “padding” thing has to be with the “overscan_left”, “overscan_right”, “overscan_top” and “overscan_bottom” parameters. If you see my config, it is curious that  the “disable_overscan” is set and the overscan is working. I will set the four parameters I mentioned to 0 because I do not need any padding. My final configuration will be the following (remember that now we have to disable the hdmi_safe parameter):


Now I am ready to set or copy this parameters to the config.txt file and reboot. Everything looks great and now my monitor starts a new life working with my Raspi.

1024x768 perfect

1024x768 desktop

I hope this post can help you out.


Recovering router password using Burp Suite dictionary attack

Categories Backtrack, Blackbuntu, Kali, Linux, Windows

Few weeks ago, during cleaning up, I found an old access point/router. I wanted to attach it to my network and do some tests, but I did not remember the password for configuring it through its web access page. I knew it had to be some default user/password but I did not succeed in my tries. I thought it was the right time to prepare a small dictionary attack. There are many powerful tools for this task but I used “Burp Suite” because I love it and I try to use it whenever I can. Furthermore is a perfect tool for understanding what happen behind the scenes during these kind of attacks.

I made the following video trying to explain this process. I hope you find it helpful.

If you want you can download the ‘combinator’ script used in the video ->  combinator.rb (184 downloads) .



TP-LINK TL-WN725N v2 working on Raspberry Pi (Raspbian)

Categories Linux, Raspberry Pi, Raspbian

When I bought my Raspberry Pi I also ordered this tiny usb wifi adapter (TP-LINK TL-WN725N) in order to play with my raspi everywhere. I got this adapter because  I read it worked out of the box, it was cheaper than others and it supported WiFi-N. As you may guess I am writing this post because the first advantage, the out of the box one, did not work for me.

Raspi with TP-LINK WN725N

I read some forums and it seemed that I had purchased a newer version of this adapter, the TL-WN725N v2. It needs a different driver, the Realtek 8188eu, which is not included by default in the Raspbian distributed by the official web site of Raspberry Pi. So, to sum up, I was able to find the driver source code and now I have a wireless raspi. If you have the same problem with this adapter, read the following lines to obtain directly the .ko object and you will be done. If you want you can download the driver source code (link at the end), compile and install it on your own.

To make it work just download the kernel object (.ko) file which is the compiled module driver for the kernel. I will be updating this section for different kernel versions.

For raspbian image: 2013-07-26-wheezy-raspbian.img
8188eu.ko (Compiled in 2013-08) (676 downloads) (Working in kernel Linux raspberrypi 3.6.11+ #474 PREEMPT)

For raspbian image: 2013-09-25-wheezy-raspbian.img
8188eu.ko (Compiled in 2013-10) (442 downloads) (Working in kernel Linux raspberrypi 3.6.11+ #538 PREEMPT)

For raspbian image: 2013-12-20-wheezy-raspbian.img & 2014-01-07-wheezy-raspbian.img
8188eu.ko & firmware (Compiled in 2014-01) (1533 downloads) (Working in kernel Linux raspberrypi 3.10.24+ #614 PREEMPT & 3.10.25+ #622 PREEMPT)

For raspbian image: 2014-06-20-wheezy-raspbian.img
8188eu.ko & firmware (Compiled in 2014-06) (514 downloads) (Working in kernel Linux raspberrypi 3.12.22+ #691 PREEMPT)

For raspbian image: 2014-09-09-wheezy-raspbian.img
8188eu.ko & firmware (Compiled in 2014-09) (450 downloads)  (Working in kernel Linux raspberrypi 3.12.28+ #709 PREEMPT)

For raspbian image: 2014-12-24-wheezy-raspbian.img
8188eu.ko & firmware (Compiled in 2014-12) (995 downloads) (Working in kernel Linux raspberrypi 3.12.35+ #730 PREEMPT)

Place the .ko object in the following path:


In my case it is the following path:


Last version of the rtl8188eu driver includes a firmware file called rtl8188eufw.bin you have to place this file under:


Now execute the following commands

depmod -a

modprobe 8188eu

We are done. You should see now the new interface (wlan0 normally) when the device is connected.

Driver source code: https://github.com/lwfinger/rtl8188eu



Blackbuntu: Failed to fetch http://deb.torproject.org/torproject.org/dists/maverick/…

Categories Blackbuntu

If you’re using Blackbuntu nowadays you might have found the following error lines when you execute apt-get update:

W: Failed to fetch http://deb.torproject.org/torproject.org/dists/maverick/main/source/Sources.gz 404 Not Found

W: Failed to fetch http://deb.torproject.org/torproject.org/dists/experimental-maverick/main/binary-i386/Packages.gz 404 Not Found

The thing is that maverick is not longer supported in the tor’s repositories and it’s been replaced by lucid. So we have to do the same in order to fix it:

nano /etc/apt/sources.list

Now go to the TOR repositories section and replace the following lines:

# Tor Project
deb-src http://deb.torproject.org/torproject.org maverick main
deb http://deb.torproject.org/torproject.org experimental-maverick main

with these lines:

# Tor Project
deb-src http://deb.torproject.org/torproject.org lucid main
deb http://deb.torproject.org/torproject.org experimental-lucid main

Now finally execute:

apt-get update
apt-get upgrade



Enabling sshd in Backtrack 5

Categories Backtrack, Linux

By default sshd is not enabled in Backtrack 5 but of course is installed.

Just run this command:


And now we can start the service, choose one of the following ways:

 service ssh start

/etc/init.d/ssh start

start ssh

Done. Service is listening on port 22. You can access using root/toor.

You can change the configuration by editing /etc/ssh/sshd_config.



Update metasploit through http proxy

Categories Backtrack, Linux

This was a feature that many people requested for long time. In previous versions of metasploit, msfupdate didn’t allow us to use proxies. Now that is based on subversion, we can do it. I’ll show you how using Backtrack 5.

Although we configured the proxy using the Network Proxy Preferences window in gnome:

And therefore we have the environment variables set in the shell:

$ env | grep http


Something seems to be missing when we use msfupdate or svn. So the following steps are the key ones.

Edit the file ~/.subversion/servers

Go to global section (normally at the end) and modify it to look like this:

http-proxy-host = proxy.mydomain.com
http-proxy-port = 8080
http-proxy-username = myuser
http-proxy-password = mypass

If your proxy doesn’t require authentication just comment out the user and password lines.

Save and close. Now go to /pentest/exploits/framework and launch the following command.

svn update



Auto login and startx in Backtrack 5

Categories Backtrack, Linux

Let’s face it, we all use tty1 to login as root/toor and launch startx… so why not boot automatically into our favorite desktop environment? In the following lines I’ll explain how to achieve this in three simple steps.

  • Step 1: Install mingetty.

We need a small application that allows us to auto login as the user that we want. There are severals apps in the repositories to do this task. In fact, you can write your own app to do this in C like many tutorials suggest on the Internet. I’ll use mingetty.

apt-get install mingetty

  • Step 2: Configuration of tty1

Now we need to change the behaviour of tty1 to use mingetty instead of the standard getty. To achieve this we need to edit the file /etc/init/tty1.conf, so use your favourite editor. I’ll use nano.

nano /etc/init/tty1.conf

Let’s comment out the getty line so it looks like this:

#exec /sbin/getty -8 38400 tty1

Just below this commented line, add the following one:

exec /sbin/mingetty –autologin root –noclear tty1

Save and close the file.

  • Step 3: startx right after login

The last thing we need to do is launch the startx command just after the login. To do this we need to edit the file /root/.bash_profile. Everything we write in this file is going to be executed just after the root logs in. By default there is no such file in BT5 installation but maybe you added some useful command for you and you want to keep it, so we are going to run the following command:

echo “startx” >> ~/.bash_profile

Done. Restart to see it working.


Connecting to WPA/WPA2 PSK network using command line

Categories Linux

When we want to connect to a wireless network protected using WPA/WPA2 schema using command line we cannot use iwconfig to achieve it. We need to use a “supplicant” program. The most common is wpa_supplicant. To use this program we need to provide it a config file, so let’s do it.

Create a new file with the following content:

# WPA/WPA2 PSK Config file






Where “MyNetwork” is the name (ESSID) of the network you want to connect to and “MyKey” is the Pre-Shared Key for the network.

Save this file wherever you want. I’ll use /root/wpa.conf (I’m using BT5 right now :)).

** If the example file configuration does not meet your requirements you can find other configurations in the following file:


The interface I’ll be using for this connection is eth1.

The command we need to launch to finally connect to this network is the following:

wpa_supplicant -Dwext -c/root/wpa.conf -ieth1

Parameters meaning:

-D driver to use. (wext -> Linux wireless extensions (generic))

-c config file to use. (/root/wpa.conf -> our new config file)

-i interface to use. (eth1 -> my wireless interface)

As the wpa_supplicant command that we use needs to be active permanently while we are connected to the network it’s better to launch it in the background so we’ll use the following command:

wpa_supplicant -Dwext -c/root/wpa.conf -ieth1 &

If you’re using a graphical interface like Gnome or KDE you can also press ALT+F2 to run the program in background mode:

And that’s it, you’re connected.

Remember that once you’ve done this you need to configure the IP parameters for the network. If there is a DHCP server running you can use:

dhclient eth1


Make ipw2200 works in BT5

Categories Backtrack, Linux

I like to use an old laptop in which I’ve installed BT5. From being an useless thing inside a closet it has become a wonderful tool for me nowadays. Although I’ve a neat Alpha AWUS036H card,  it was reasonable that I wanted that its internal ipw2200bg card worked too. That is something that doesn’t happen when you run BT5 with its default configuration.

If we run dmesg we’ll see that our internal card is detected but something is happening with its firmware.

ipw2200: Detected Intel PRO/Wireless 2200BG Network Connection
ipw2200: ipw2200-bss.fw request_firmware failed: Reason -2
ipw2200: Unable to load firmware: -2
ipw2200: failed to register network device

To solve this issue we have to download the latest firmware for the card. You can get it from the official site http://ipw2200.sourceforge.net/firmware.php. I’ve uploaded the latest version at present, 3.1, so you can get it directly from here:  ipw2200-fw-3.1.tgz (294 downloads)

Once you get it extract the firmware files:

tar xvfz ipw2200-fw-3.1.tgz

Copy the .fw files to /lib/firmware:

cp ipw2200-fw-3.1/*.fw /lib/firmware/

Reset the driver:

modprobe -r ipw2200

modprobe ipw2200