Categories
guides software

Setting up Kali-Kex on Ubuntu on WSL

I like to use Windows Subsystem for Linux. It makes running Linux applications on Windows very easy and efficient. It runs natively, instead of emulated, and makes a workflow maintainable, including compiling Linux binaries for C and C++ applications using compilers such as GCC and Clang without needing to use simulator tools such as Cygwin and MinGW

I prefer the Ubuntu builds. It was the first Linux distribution to initially work with WSL.

With WSL 2.0 we have the ability to run graphical applications. We can use WSLg to run Windows containing individual applications within our regular interface.

However, Kali Linux’s distro has an alternative option, known as Kex. Kex allows us to have a full desktop workspace within the WSL environment with the XFCE desktop, as opposed to Ubuntu’s GNOME, which is not supported by Kex.

Since both Kali and Ubuntu are Debian-based distros, this means that the XFCE desktop and Kex can run functionally on either if installed correctly. My preference is to install Kex on Ubuntu.

These steps assume that WSL 2 is enabled and Ubuntu is installed from the Windows store and configured.

  1. Set up the Kali Keyring. This allows us to pull from Kali’s repository. The latest version can be installed in the Bash shell with this command:
    • wget https://http.kali.org/kali/pool/main/k/kali-archive-keyring/kali-archive-keyring_2022.1_all.deb
    • sudo dpkg -i kali-archive-keyring_2022.1_all.deb
  2. Add the Kali public archive key
    • wget -q -O – https://archive.kali.org/archive-key.asc | sudo gpg –dearmor -o /usr/share/keyrings/kali-archive-keyring.gpg
  3. Ubuntu key for reference:
    • sudo apt-key adv –keyserver keyserver.ubuntu.com –recv-keys 871920D1991BC93C
  4. Add the Kali repository to the /etc/apt/sources.list
    • sudo nano /etc/apt/sources.list
    • Add the following line to the bottom of the sources.
    • deb http://http.kali.org/kali kali-rolling main non-free contrib
  5. Now run sudo apt update and sudo apt full -upgrade
  6. Now install Kex
    • sudo apt install -y kali-win-kex desktop-base xfce4 xfce4-places-plugin xfce4-goodies
  7. Kex should launch correctly. There are small configuration changes to make
  8. In Windows Terminal, the configuration can be added
    • wsl -d Ubuntu-22.04 kex –sl –wtstart -s
  9. For Ubuntu 22.04 on WSL. This would be the name of your distro on WSL. SL mode is integrated, vs Window mode.
  10. Set the new taskbar to autohide so it doesn’t cover the top of the screen in XFCE

Categories
guides tech

How to Set Up Bitwarden

Bitwarden is a password manager that is Open Source, (aka Free as in Speech as well as Free as in Beer). The free portion is feature-rich and convenient for most purposes, containing all the features of a solid password manager, including encryption, and synchronizing between devices.

  1. First, you need to create a Bitwarden account. You can create this account on https://bitwarden.com but be sure to store your Master Password in a safe space such as a safe, because this is what encrypts your other passwords.
  2. Next, you can optionally import your passwords from other password managers, including the built-in ones of browsers such as Microsoft Edge and Google Chrome. Instructions for importing passwords from your existing password managers are available here: https://bitwarden.com/help/article/import-data/
  3. After you have imported your passwords, it’s a good idea to install the applications and extensions for Bitwarden on your computer, your web browser(s), and on your mobile devices. Download links for all of these are available here: https://bitwarden.com/download/
  4. To configure the Bitwarden Desktop application, be sure to set configure a PIN login and enable other forms of access, such as Windows Hello on which allows for biometric access on a Windows computer with a fingerprint sensor or a supported infrared camera. You can set the time limit for how long the program will stay accessible before locking out the vault.
  5. The browser extensions can be set to autofill passwords on websites, but this setting is turned off by default. Additionally, the extension has a time-out limit for how long before the extension will lock out access to the vault. Be sure to disable the built-in password managers on your web browser to ensure you don’t save passwords there in the future and be sure to disable any previous password managers you used to use.
  6. On your mobile device, if you are running Android, you can have Bitwarden auto-fill passwords into mobile applications. You can additionally have fingerprint authentication to allow easy access to your vault if you have a fingerprint sensor. Some additional accessibility settings will need to be enabled to give the app the ability to do this autofill capability. iOS devices aren’t currently capable, but the app will still allow you to copy/paste passwords to and from your clipboard.
  7. All websites and apps are listed in Bitwarden with a name, and the URL, and with fields for your username and password. Additionally, there are notes fields, and Bitwarden will keep a password history of previous passwords that were saved. The URL can be exact, or approximate, such as “starting with” or otherwise. For many uses, the default should be fine, but if you have duplicates, you can adjust your settings for individual sites or across the app you are using.
  8. You can protect your Bitwarden account with 2-Factor-Authentication using apps such as Authy and Google Authenticator. Be sure to store any backup codes offline, because if you lose access, you will not be able to restore your account.
Categories
guides tech

GOG Activity Feed Experiment

The GOG Galaxy Game launcher has some tricks or flaws in order to get a game to appear in the user’s activity feed. From my experience, some games would appear, and others would not. Because of the open nature of GOG, there are several ways to install games obtained from the game publisher. Sadly, when a player is trying a new game, the “User has started playing Game” item in the activity feed will only show some of the installation methods. Thus I’m running this experiment to determine the successful ways to get this outcome.

Here’s a list of potential ways to install games with GOG in 2020. All of these methods assume that the user has GOG Galaxy Launcher 2 installed and logged into the user’s GOG account.

  1. By using the Galaxy’s built-in downloading method and hitting the play button from the download page.
  2. By using the Galaxy’s built-in downloading method and hitting the play button from the games page.
  3. By installing via the backup archive download from GOG’s site, hitting play from the installer without adding the game to the user’s library.
  4. By installing via the backup archive download from GOG’s site, hitting play from the installer after adding the game to the user’s library but not linking the executable.
  5. By installing via the backup archive download from GOG’s site, hitting play from the installer after adding the game to the user’s library and linking the executable.
  6. By installing via the backup archive download from GOG’s site, hitting play from the Galaxy launcher after adding the game to the user’s library and linking the executable.

Note that there is an occasional delay on how GOG syncs the activity feed.

Items from this list that I have tried for this experiment so far include:

  1. Installing a game and running from the Download page did not successfully add the item to the activity feed, but tracked time.
  2. See below for a discussion on one game that can appear similar to this.
  3. Installing a game downloaded from another GOG account and playing from the installer tracked time but didn’t add to the activity feed.
  4. Installing a game downloaded from another GOG account and playing from the installer after adding to the library but not linking the executable also tracked time but didn’t add to the activity feed.
  5. A mixed conflict discussed below.
  6. Untested directly but potentially indirectly tested, discussed below.

One game had been sideloaded from the archive installer, and later activated on the GOG account. Several hours had been played before direct account linkage. Time tracking occurred, but not achievement tracking. The game didn’t appear on the activity feed. After the linkage, the gameplay was stored in a different directory. Initially, starting the game from the GOG client did nothing, but after Cloud Saves were synced, the item was added to the activity feed as started playing for the first time.

When installing a game from the archive installer, and then leaving the installer open, I added the game to the library and linked the executable in the launcher. I then hit the Launch button from the installer and the game started. After a few minutes, I closed the game. The time tracking had not occurred in GOG immediately. Out of lack of patience after waiting several minutes, I hit the Play button from the Launcher library. After several minutes of playtime, I closed the game. Several minutes later, the item appeared on the activity feed, and the prior playtime had appeared in the launcher. Therefore, it is a mystery whether it was due to opening from the launcher or from the installer that triggered it. Additionally, there may be a time zone locale issue with the GOG feed on the website, as there is a time difference from the more accurate Galaxy launcher.

Categories
guides

Using Process Monitor from SysInternals

Sometimes, you need to be able to figure out what an application is doing. What its retrieving information from or saving data to.

In my scenario, I was trying to figure out where a game was saving its high scores and configuration. I found a location in my AppData folder, but deleting it would not wipe it from the game. I considered the Registry as well, with no luck.

I decided on using Process Monitor from Microsoft SysInternals for the job.

First, I tried filtering to only include the .exe as the process name, and ran the program. This yielded several thousand results, which was too much. I then tried using .swf in the path, since this game was built on Adobe Air, which only yielded the content in the path I already knew about. Finally, I considered using the steam ID number contained in the path, which got me to find the secret folder and in the AppData directory, and a secret file formatted in JSON, with all the high scores, configuration, and even the ability to unlock certain parts of the game. Deleting this file properly wiped the game of the data.

Personal note for reference: The game involved was The Jackbox Party Game Pack, and the secret directory was %LOCALAPPDATA%\STEAMNAME while the other leftover directory which didn’t affect the game when deleting was at %APPDATA%\TheJackboxPartyPack

Categories
guides

How to Connect a non-Gmail address to Gmail

  1. Go to Gmail Settings
  2. Go to the Accounts and Import tab.
  3. Find the “Check mail from other accounts” section.
  4. Click the “Add a mail account” for a popup window.
  5. Enter the full email address.
  6. Click Add Account.
  7. The username is the full email address. Autofill gets it wrong.
  8. Password is given.
  9. POP Server is given by the provider. Autofill gets it wrong.
  10. Port is the default.
  11. Check “leave a copy”
  12. Check “always use SSL”
  13. Click next.
  14. “Send Mail as” in settings if option not provided.
  15. Choose “Yes, I want to send as”.
  16. Click Next.
  17. Choose a name to appear as the sender.
  18. Keep Treat as Alias checked.
  19. Click Next.
  20. SMTP Server is given by the provider. Autofill gets it wrong.
  21. Port is given by the provider.
  22. Username is the full email address. Autofill gets it wrong.
  23. Password is given.
  24. Leave TLS checked and click next.
  25. Gmail will now send an email, find it.
  26. Verify via the link or code given.