قالب وردپرس درنا توس
Home / Tips and Tricks / Set up the Linux hacking distribution Ultimate Beginner Arch with Manjaro & BlackArch «Null Byte :: WonderHowTo

Set up the Linux hacking distribution Ultimate Beginner Arch with Manjaro & BlackArch «Null Byte :: WonderHowTo



Without a doubt, Kali has established itself as the most popular penetration distribution. However, just because it is the fan favorite of beginners and security researchers, it is not suitable for everyone. Manjaro Linux is a beginner-friendly, arch-based distribution that is easy to arm with the Black Arch extension, and a friendlier arch experience for the first time allows forums and IRC channels for several years. Hackers and Pentesters often discuss which operating system is the most intuitive and easy-to-use, and which has the superior collection of curated hacking tools.

Beginners often wonder what hacking distribution is right for them, and wonder if choosing between ParrotSec and Kali is the best choice to get started. Arch Linux is widely regarded as a powerful distribution, but is not particularly beginner-friendly. Let's explore a simpler way for beginners to hack with Manjaro Linux on an arch-based system.

What is Manjaro?

Manjaro is an easy-to-use, beginner-friendly Linux distribution based on Arch Linux. A state-of-the-art, lightweight distribution with the philosophy of "keep it simple". Setting up Arch can be intimidating, as it requires a deeper understanding of creating Linux systems than other distributions, but Manjaro accepts the expense and complexity of installing arch. Manjaro also has a excellent community of experienced arch users who are eager to answer beginner questions.

What is BlackArch?

BlackArch Linux is also an Arch-Linux-based distribution, but focuses on penetration testing and targets security researchers and independent hackers alike.

BlackArch has more than 2,200 indexed tools on its website. Kali currently has around 365 tools. BlackArch offers a larger collection of software that curious penetration testers can experiment with. You could spend a whole weekend testing hundreds of exciting tools while still not scratching the surface of what BlackArch has to offer.

The Road to BlackArch

We will install Manjaro and then manually import the BlackArch repositories, which all contain the hacking tools. In this way, we can install Wi-Fi hacking tools and use exploit frameworks like Metasploit from our unobtrusive Manjaro distribution.

This article is a quick guide for anyone looking to improve their user-friendly Manjaro distribution by adding weapons to some penetration test applications for their operating system. This is an excellent experience for those who want to get out of their comfort zone and experiment with BlackArch tools.

Step 1: Download Manjaro

First, you have to go to . Manjaro website to view the available download options. We are confronted with different desktop environment options. This includes XFCE, KDE and GNOME.

  • XFCE is a compact desktop environment. The goal is to be fast and resource-saving, while still being visually appealing and user-friendly. This creates a comfortable experience for users who are new to BlackArch. This also means that our CPU and RAM are not that hard to render when using XFCE.
  • KDE is a feature rich and versatile desktop environment that offers an advanced graphical desktop and a multitude of applications. Although KDE is very user-friendly and undoubtedly eye-catching, it is also quite resource-intensive and noticeably slower than a desktop environment like XFCE.
  • GNOME, which is also Kali's standard desktop environment, is said to be simple and easy to use. While the look is unique, it remains very customizable with a variety of extensions available. Like KDE, it uses more system resources than XFCE.

In general, I prefer desktop environments that use as little system resources as possible. This allows me to focus on the task at hand, without worrying about my laptop fan getting out of control as seven terminals, two browsers, three messengers and minesweepers are open at the same time.

XFCE is the clear choice For those who prefer efficiency over conspicuity and want to run a dozen applications in the background. On the other hand, if you have the fastest CPU on the market and 128 GB of RAM, you can safely use KDE without any consequences.

On Unix-like operating systems, you can use wget Download the ISO file by typing the following command in a terminal. Make sure you use the correct download link for the link you have selected.

  ~ $ wget https://osdn.net/projects/manjaro/storage/xfce/18.0.4/manjaro-xfce-18.0.4-stable-x86_64.iso 

We recommend you use the ISO Sha1 Check the sums you find on the download page for the Manjaro version you selected.

Is not there an easier way?

Before we begin I would like to point out that my guide below is one of several ways to create a BlackArch box. Another method would be to download the BlackArch OVA image. Open Virtual Appliance (OVA) files are commonly used to distribute preconfigured virtual machines (VMs) of a given operating system. We can double-click BlackArch's .ova file to open it in Oracle's VirtualBox and complete the installation.

The main disadvantage of BlackArch's OVA is the file size of 18 GB. I'm not sure if security researchers looking to test BlackArch for the first time will be thrilled to download a huge 18GB file. Another potential disadvantage is that BlackArch does not use XFCE, KDE, or GNOME by default. It uses Fluxbox, a much more DIY desktop environment than GNOME. Native Kali users are unlikely to find a Fluxbox desktop environment instantly intuitive or comfortable.

Step 2: Install Manjaro

I use the latest Manjaro XFCE ISO and install it in VirtualBox. Since we only test BlackArch today, using a virtual machine seems appropriate.

Start VirtualBox and click "New" to create a new VM. VirtualBox prompts you to name the VM and select a type and version. Be sure to use "Linux" as type and "Arch Linux" as version . Then click on "Next" to continue.

Here you must assign the BlackArch VM memory (RAM). 2048 MB equals 2 GB of RAM. Assigning 2048 MB is generally sufficient to run a VM without notice of hardware limitations. If you have 16 GB (or more) of memory on your computer, it's probably safe to allocate 4096 MB or more.

When you've decided how much memory to allocate to the BlackArch VM, click Next to continue.

Click "Build" to create our new virtual disk.

Next, set the disk type as "VDI (VirtualBox Disk Image)". This way we can use our new BlackArch VM on other computers with VirtualBox if we want to move VMs in the future. Just click "Next" to continue.

Now set the memory on the physical disk to "dynamically assigned". This is a great feature of VirtualBox. This allows the BlackArch VM to allocate space on the hard disk drive (HDD) as needed. Dynamically allocated disks only consume space on your physical disk when it is full. If our BlackArch VM initially requires 5GB of storage and later grows to 15GB after installing more tools, that's fine. A dynamically allocated disk grows as needed. Click Next to continue.

Step 3: Configure Manjaro.

Now all we have to do is click "S tart "to turn on the Manjaro VM. If all goes well, you will be greeted with the Manjaro Bootloader. Press the down arrow on your keyboard to highlight Boot: Manjaro and press Enter .

] After a few seconds, we are greeted with the installation menu. Click the "Start Installer" button to get started.

Here you will be guided through the selection of your preferred language, keyboard configuration and hard partitioning and more. Make sure you set a strong password when creating your account. And remember that the "name" of this computer is the name that will be displayed on routers when you connect to them.

Step 4: Get used to XFCE

After installing Manjaro, users should first perform all the steps of tweaking and tweaking smaller features to their liking. Anyone familiar with GNOME or macOS will feel comfortable in the XFCE Settings menu.

Step 5: Importing BlackArch Repositories

BlackArch offers a convenient installation script manually import BlackArch tool repositories. Open a terminal and enter the following command to download the installation script strap.sh .

  ~ $ curl -Os https://blackarch.org/strap.sh[19659021)TheshfileextensionmeansthatthereisashellscriptandwillneedtosharethefilepermissionstoexecutecommandsonourcomputerTypethecommandthes chmod  into your terminal to run the strap.sh script. 

  ~ $ chmod + x strap.sh 

Now run the installation script strap.sh by typing this command into your terminal:

  ~ $ sudo ./strap.sh[19659021<WhenyouarepromptedtoinstallaBlackArchmirrorit'seasytoenter. Enter  to use the default mirror. If all goes well, the script should "BlackArch Linux is ready!" Report. 

  ...
[+] Key ring successfully installed
[+] Configure Pacman
-> enter a BlackArch Linux Mirror URL (default: https://www.mirrorservice.org/sites/blackarch.org)
[!] WARNING: You did not specify the correct mirror URL
[+] Using the default mirror https://www.mirrorservice.org/sites/blackarch.org
[+] Updated pacman.conf
[+] Updating Package Databases
:: Sync package databases ...
Core 140.2 KiB 296 K / s 00:00 [###]
additional 1775.5 KiB 408 K / s 00:04 [###]
community 4.4 KiB 522K / s 00:09 [###]
Multilib 175.0 KiB 414K / s 00:00 [###]
Blackarch 2.0 MiB 544K / s 00:04 [###]
blackarch.sig 566.0 B 0.00B / s 00:00 [###]
[+]   BlackArch Linux is ready! 

Apt-Get What?

APT (Advanced Packaging Tool), which installs packages and tools Kali and Debian are not used in Arch-based operating systems. BlackArch does not use APT, as most Kali natives are used to.

The Pacman pac kage man ager is one of the main features of Arch Linux. Pacman's goal is to easily manage packages from official arch repositories or third-party repositories such as BlackArch.

Below is a small list of APT-to-Pacman commands that new BlackArch users can become familiar with Installing Packages and Tools.

  ~ $ apt-get install 
~ $ pacman -S 
  ~ $ apt-get remove 
~ $ pacman -Rs 
  ~ $ apt-cache search 
~ $ pacman -Ss 
  ~ $ apt-get update && apt-get upgrade
~ $ pacman -yu 
  • Removing old and unneeded dependencies:
  ~ $ apt-get autoremove
~ $ pacman -Qdtq 
  • Display of package information:
  ~ $ apt-cache show 
~ $ pacman -Si  

For a complete list of related APT-to-Pacman commands, see the full list compiled by the Arch community.

BlackArch Tool Categories

As mentioned earlier, BlackArch has an incredible repository of tools. Depending on your network speed, downloading each tool may take an incredibly long time. All tools can be installed individually or in bulk according to categories. Below is a list of some available categories.

You can install entire categories by typing the following command in a terminal. Replace the desired category name.

  ~ $ sudo pacman -S blackarch-  

Run the following command for a complete list of BlackArch categories.

  ~ $ sudo pacman -Sg | grep blackarch 

Alternatively, check out the Official BlackArch Guide for more details. We can also install all over 2,200 available tools with a single command. This would take a lot of time. If you feel patient, use the following command to install everything BlackArch has to offer.

  ~ $ sudo pacman -S blackarch 

Which distribution suits you?

The debate about which penetration distribution is the best, can never be settled. The truth is that there is probably not a single perfect distribution that can satisfy the individual needs of any security researcher. We all have different standards, preferences, subject areas and different levels of experience. All these factors influence the use of our penetration test distributions.

If you're looking for new and interesting tools, Kali Linux Indians will feel comfortable connecting the intuitive interface of Manjaro with BlackArch's tool repository. [19659002] So you have a new Manjaro VM with hundreds of new hacking tools. What's next? How about connecting a wireless network adapter to the VM and installing some fun Wi-Fi hacking tools we would not find in Kali?

Thank you for reading. If you have any questions, please leave a comment or ask me on Twitter @tokyoneon_ . And do not forget to stay connected and visit our social accounts!

Do not miss: The Best Wireless Network Adapter for Wi-Fi Hacking in 2019

Title image and screenshots of tokyoneon / zero byte




Source link