Building an OSINT box based on Open Source Intelligence Techniques 7th edition. Part 5, Setting up Linux Applications.

Welcome back. Sorry about the delay, but I wanted to get the post about fixing the NAS posted before I continued. This post has also been sitting waiting for editing for a bit. Picking up where we left off, I’m going to discuss the changes between Michael Bazzell’s book, and my experiences of setting up the system using Xubuntu.

First up, I used sudo apt install vlc instead of the snap command. Mainly because I know apt, and don’t understand snap. It just isn’t something I use, and other items in the book were installed with apt, so I don’t see a reason to mix them unless I have too.

The next change came when it was time to install the video download software. I fall into the camp of never use sudo to install python packages. The book said to use

Here is what I see is wrong with that:

  • Using sudo installs the software system-wide for all users. There are times for this, but this isn’t one of them.
  • The command installs the Python 2 version of the software. It’s 2020, use Python 3, since word on the net is python 2 is now End of Life.
  • Pip installs from the PyPi repository. Anyone can upload a package to that location, and you saying to trust someone else’s code downloaded from the internet to be executed as root on your computer.
  • There is a risk overwriting system required python files with different versions. Linux, in general, usually has multiple versions of Python installed. One is the “system” required version, which is used to run some of the maintenance scripts. Overwriting them could lead to problems with maintaining the system.

I used

pip3 says to get the Python 3 package from PyPI. The install command says to install the package. The –user flag means to install it in ‘~/.local/’. And the –upgrade flag says to upgrade the package if it exists.

Although reading Real Python’s Python Basics book, they say that even using the command above is bad form, and while it is more typing it really should be

There is one problem with doing it the ways above, but that is okay. The problem is that ~/.local/ wasn’t in my path to run the python script I wanted. That wasn’t hard to fix, and something I normally do on Linux boxes anyway. I added .profile to the user home directory with the following:

to take advantage of the change without logging out and back in run:

A large part of the chapter covers the scripts used to use to make it easier to run all the commands. One item of note is that a lot of the scripts use nautilus to open the folder the script saved the data to. XFCE, the Desktop Environment for Xubuntu, use thunar, so every instance of nautilus will need to be changed to thunar.

But I have to change most of the scripts from the chapter anyway, because I’m not storing them under /home/osint/Documents/scripts. I like to keep things together in a related folder. But more on that later.

One other thing, if you hadn’t noticed in the book. There are some minor mistakes in some of the scripts. It would be a good idea to review each one anyway. One example is a script that creates a folder with the name <fullpath>/$timestamp-$handle/, but the nautilus part of the script tries to pen <fullpath>/$handle/

There are also issues with some of the commands. In one spot, Bazzell introduces two similar programs to install. One has a flag called user. The other doesn’t. However, the walkthrough says to use

for both. The second program treats it as <target_0> and <target_1>.

While I haven’t said the names of the programs to install in this chapter, I will make the exception on one. To install EyeWitness, the command is sudo ./setup.sh. I didn’t care for this. It did need sudo to do apt updates and apt installs. But it also used sudo for python3 -m pip install. Which dropped several files into/usr/local/bin/

At this point, there are several other programs to install. But I’m going to revert the VM to the last snapshot, because of the EyeWitness install. I’ll either use the docker install option (it is in the README.md file) or re-write the setup.sh script to not require sudo for everything and use –user for the pip installs.

 

Leave a Reply

Your email address will not be published.