Permanent Grub Error solution!!!

Todays post isnt exactly security related but rather something important to note among the day to day linux users. Ive had an issue that has bugged me for over a year. Has your computer ever failed to boot and is constantly throwing grub rescue or grub related errors and non of the boot-repair stuff works? Well thats the point of this post because I finally found the answer written somewhere in one of the zillion forums I read when trying to resolve this problem.
My box would sometimes boot up properly and other times not boot up so resorted to never shutting down. After trying a million 'solved' solutions on different forums, I landed on this tutorial that solved the issue. It worked well for a while until I had to update the kernel and the headers. When I tried to solve it with the same method that served me well last time round, well it didn't work this time round so I had to find a more lasting solution. So over the weekend  after about 8 hours I finally landed on this.
Read answer by grief
I did a clean install of my linux mint then when I got to the section of selecting the partition, choose advanced partitioning then I made the /boot the first and primary partition, and I gave it a size of about 500MB. Feel free to choose between 300-500MB depending on the size of your hard drive. Mine is a 1TB then create the partition where the OS installation will go. I set mine to 300GB and set the mount point to /. (All ext4 partitions) I then created a swap partition of 8GB since my RAM is about 8GB. If your RAM is <4GB set the swap to half the RAM. I set the remainder of the partition to NTFS to store my data and all the other stuff. Then proceeded normally with the installation. So there went my weekend.
It so happens that some of the forums say this is only relevant to server versions of linux and not to your desktop versions of Ubuntu or linux mint. I think this comes about because gone are the days when only servers had "large" hard drives. These days its not uncommon to find people with 1,2,4 TB or even bigger hard drives.

Backdooring Executables

A backdoor in a computer system (or cryptosystem or algorithm) is a method of bypassing normal authentication, securing illegal remote access to a computer, obtaining access to plaintext, and so on, while attempting to remain undetected. In recent days, large organizations deploy Intrusion Detection Systems (IDS) to detect attacks directed to their online resources. This hardens chances for successful attacks; however, attackers can still use client side attacks to compromise and gain control of remote systems.

In this post, we shall practically see one of the commonly used methods, backdooring executable, that will lead us into a successful attack. It might look intimidating if you see this for the first time, but don’t be scared since as you continue to follow these posts finally everything will be clear and start making sense. Hopefully you will enjoy and love this, just like how I do when I was preparing it.

To begin, we shall get any executable that we will use as our backdoor. And if I say any I mean ANY, like adobe reader, VLC media player, web browser etc. since majority of us like movies, I will download the recent version of a VLC media player for windows 32 bit operating system.

Great! We have two options to create a backdoor, first by manually appending our malicious shell codes and then modify the program execution flow or by using a Metasploit framework. In this post, we shall use the second method which is easy to understand for the time being; however, it is quite important to know both of them as we shall see in later posts.

The Metasploit Project is a computer security project that provides information about security vulnerabilities and aids in penetration testing and IDS signature development. Its best-known sub-project is the open source Metasploit Framework, a tool for developing and executing exploit code against a remote target machine. Other important sub-projects include the Opcode Database, shellcode archive and related research. The Metasploit Project is well known for its anti-forensic and evasion tools, some of which are built into the Metasploit Framework. You can download it from their website www.metasploit.com, as for my case I am using kali Linux which is pre-loaded with Metasploit framework. You can also download and install kali Linux from www.kali.org .

So far so good! On the console, I used Metasploit payload called reverse https which is followed by local IP address and port that I will use to receive connection from the remote machine. I encoded this payload with three iterations to avoid antivirus and IDS detection. Finally, the downloaded VLC will be passed as an input as well as providing the name for the output malicious VLC backdoor.

Perfect! Now we have our backdoor, we need to send it to our victim’s machine for execution while on our attacking machine we shall set a listener waiting for any remote connection. This is where Social Engineering comes into account. Social engineering, in the context of information security, refers to psychological manipulation of people into performing actions or divulging confidential information. A type of confidence trick for the purpose of information gathering, fraud, or system access, it differs from a traditional "con" in that it is often one of many steps in a more complex fraud scheme.

After spending time and money, we can successful convince our user to install our malicious VLC backdoor. For demonstration, I will copy the backdoor the var/www directory and start an apache server. Then I will start postgresql server and the Metaslpoit. Finally, Metasploit console will be launched.

 

Bravo! I selected a multi-handler to handle the remote connection form our victim machine. It demands the payload, local port and IP address of attacking machine to be set. Remember, there has to be the same as the one used in creating the backdoor, I hope you can still remember that.

Now, our victim downloads the malicious VLC backdoor using our apache server. After downloading, he will then proceed to install this VLC media player. However, the moment he starts the installation, on out attacking machine we will receive a remote connection and gain control of his machine.

Fantastic! Now we have our Meterpreter session opened, we can type help to see some interesting activities that we can perform on this remote computer. We can get the user ID, and if the user is not an administrator, we can escalate our privileges and becomes system’s admin.

Great! Also, we can dump the hashes for all users on this machine and later on crack them to obtain their passwords.

At this point, we can download files from the remote machine; take screen shot, record video and audio by using the webcam and so on. Our victim is running a Windows 7 32 bit operating system.

Pause a bit and think how many times you have installed programs given from a third part? If so, as we saw, how many persons might be able to access and control your computer each time you are connected to the internet? Later on, we shall see how to inspect executable before installing on our machines.