Contributing to Kali Linux using toolbox on Fedora
Background
While working on Penetration Testing with Kali Linux (PWK) training offered by Offensive Security, I came across a tool called smtp-user-enum
. It is a perl script to enumerate OS-level user accounts on Solaris via the SMTP service (sendmail).
In its usage documentation, it mentions an option to pass a list of hostnames running the SMTP service via a file, to use for enumeration. When trying out that option, I noticed that it didn’t work. Upon taking a close look at the script, I noticed that although it looks for the option -T
in the arguments list1, it was never part of the getopts
evaluation2, thus erroring out.
As it stands, I do not like having SSH keys tied to GitHub/Gitlab accounts on my Kali Linux virtual machine, so instead, I found a way to use a Debian container via toolbox
on my regular workstation using Fedora, to create the necessary patches to conform to Debian packaging standards and submitting a pull request on Kali Linux’s stmp-user-enum
package repo.
This post recounts of the steps I used, in case someone finds it useful or for my own reference in the future.
Note: I chose to use a Debian image here as I plan to work on other things via the same toolbox. We could have chosen to use Kali Linux docker image instead as well.
The Details
How toolbox
works
We can create the first “toolbox” by invoking toolbox enter
on Fedora. This will use the same Fedora version as our running host. That is, if the running host is Fedora 33
, it will download the same container image via https://registry.fedoraproject.org.
However, we will see that the registry does not have a Debian image from which we can work from.
Using Debian Docker image
Toolbox uses podman
3 in the background instead of docker. However, we can still pull a Debian docker image from Docker Hub.
First create a Debian “toolbox” named “debtest” as follows:
toolbox create -c debtest --image docker.io/debian:testing
Once it has finished downloading the docker image, we can enter the toolbox as:
toolbox enter debtest
We notice that we have entered our toolbox via the change in shell prompt:
⬢[user@toolbox ~]$
Creating the patch
Here we will use the Debian git-buildpackage
(gbp) (Found a nice guide on gbp
4 mentioned in another pull request5) to create and apply our changes according to Debian packaging standards.
So install the package:
sudo apt install git-buildpackage -y
Fork the smtp-user-enum
package on Gitlab.
Clone the forked repository and enter the directory:
git clone git@gitlab.com:<your-username>/smtp-user-enum.git && cd smtp-user-enum
Create our feature branch:
git checkout -b getopts-Targets-file
Apply the previous patches by executing:
gbp pq import
This will move us to a patch queue branch called patch-queue/getopts-Targets-file
.
We can check this by running:
git branch
Now we can create our changes and commit them.
Afterwards, we regenerate the patches in debian/patches/
by running:
gbp pq export
This will drop us back into our original branch getopts-Targets-file
.
Now we add debian/patches
to git and commit them:
git add debian/patches
git commit
Then push those changes to your repository:
git push -u origin getopts-Targets-file
And then we create a pull request at the original repository, wait for the Gitlab CI jobs to run and turn green, and hope that one of the Kali Linux developers merges it. 😄
-
https://gitlab.com/kalilinux/packages/smtp-user-enum/-/blob/kali/master/smtp-user-enum.pl#L98 ↩︎
-
https://gitlab.com/kalilinux/packages/smtp-user-enum/-/blob/kali/master/smtp-user-enum.pl#L87 ↩︎
-
https://honk.sigxcpu.org/projects/git-buildpackage/manual-html/gbp.patches.html ↩︎
-
https://gitlab.com/kalilinux/packages/smtp-user-enum/-/merge_requests/1 ↩︎