Building SyncTerm on Ubuntu 18.04

SyncTERM is a Bulletin board system (BBS) terminal program. BBSes can be seen as the precursor to the internet as we know it – back from a time where you would dial in to the server that you wished to view. Not all BBSes are gone. Surviving BBSes can be accessed via Telnet or by using a program such as SyncTerm.

(Un)fortunately I am too young that I missed the heyday of the BBS. But, when I read the blog post: Bulletin Board Systems: The VICE Exposé on I was excited to learn that the BBS is alive and well, and anyone can “dial in” and have the experience of years gone by.

Two Bit History‘s post mentions that you will be required to build SyncTERM from the source code. This isn’t anywhere near as daunting as it sounds. I’ll take you through those steps now.

Building SyncTERM

First of all open Terminal – we’ll start by installing the dependencies that are required during the build process:

sudo apt install build-essential libncurses5-dev libncursesw5-dev

Once this is completed, change in to your home directory and then download the source code for syncTERM:

cd ~ && wget

After the sourcecode downloads, extract the code from the archive:

tar -zxvf syncterm-src.tgz

We now want to change in to a subdirectory – that contains the source – of the archive we just extracted:

cd syncterm-20200309/src/syncterm

Before we can build syncTERM, we have to tell the compiler where the source is located. This can be done with the following command:

make SRC_ROOT=/home/YOURUSERNAME/syncterm-20200309/src

After this completes, build the software and install it:

sudo make install

This may take some time. Once it completes you can run SyncTERM by typing syncterm into terminal or by finding it in the Application menu.

Now you can exchange information the way Ward Christensen and Randy Suess intended.

While you’re here check out my earlier posts! If you have any interesting BBSes you wish to share feel free to email me!

Backup Home Directory with rsnapshot

Backing up data is important. rsnapshot is a simple tool you can use to take snapshots of your home directory (or other data) automatically on a schedule.


Before starting it is assumed you have an external hard drive or secondary hard drive that snapshots will be copied to. This should automatically mount upon startup and you should know the mounting point of the device.

Installing rsnapshot

Open up a terminal window and ensure that your packages list is up to date by running the following command:

sudo apt-get update

After this has completed, install rsnapshot and rsync with the following command:

sudo apt-get install rsnapshot rsync

Configuring rsnapshot

Once the install has completed edit the configuration file in the text editor of your choice. The config file is located at /etc/rsnapshot.conf

Note: Use tabs rather than spaces when editing the rsnapshot.conf file.

To edit this in Vim run the following command:

sudo vi /etc/rsnapshot.conf

First of all modify the location where the snapshots will be stored. Scroll through the config file to find the line beginning with snapshot_root

Note: In Vim you can use search mode after pressing a forward slash (/). Type in the text string you’re looking for i.e. snapshot_root and press enter. You will be taken directly to that line. If a string appears multiple times you can cycle through them by pressing the letter N.

Modify this to read where the snapshots will be stored. This should match the location of the drive listed in prerequisites. i.e.

snapshot_root /mnt/snapshots

Note: If you are using Vim you can navigate the text file using the arrow keys or the letters H (left), L (right), J (down), K (up). To enter insert mode (so you can type text) Press I. To delete a character (when not in insert mode) Press X.

Now scroll down (or search) until you reach the backup levels section. The lines will start with retain alpha, retain beta, etc. Modify this so that it a little more user friendly.

retain hourly 24
retain daily 7
retain weekly 4
retain monthly 12

Scroll down further to the lines starting with backup. This is where you chose the folders that you wish to create snapshots of. In this case only the home folder is being backed up, comment out all the lines except the following:

backup /home/ localhost/

Note: To comment out a line simply put a # at the beginning of a line.

Save your configuration files and close the text editor.

Note: If you are using Vim save the file by pressing the ESC key, and then the letter W (write file), the letter Q (quit), and then press Enter.

Testing the Configuration

After the configuration file has been modified, the syntax of the file can be checked by running the following command:

/usr/bin/rsnapshot configtest

If all goes well the output will say Syntax OK. If there are any issues you will need to investigate further.

rsnapshot also allows for a test run of the backup. It outputs to the screen what would happening during a backup, but doesn’t actually touch any files. This can be run with the following command:

/usr/bin/rsnapshot -t hourly

If you are noticing anything in the output that shouldn’t happen, double check your configuration file.

If everything looks good, the initial backup can be run using the following command:

/usr/bin/rsnapshot hourly

Automating the backup

Now that rsnapshot is configured we want to configure a cronjob to automate the backup. To do this open crontab using the following command:

sudo crontab -e

Note: If this is the first time you are using crontab you will be asked to choose an editor. Pick whichever editor you are most comfortable with.

Add the following lines to the bottom of the file.

0 * * * * /usr/bin/rsnapshot hourly
30 3 * * * /usr/bin/rsnapshot daily
0 0 * * 1 /usr/bin/rsnapshot weekly
30 2 1 * * /usr/bin/rsnapshot monthly

Save the file and exit.

In the configuration section we’ve set how long backups are going to be kept. To break this down:

  • A snapshot is taken every hour over a 24 hour period
  • A snapshot is taken daily at 3:30 am
  • A snapshot is taken every Monday at 12:00 am
  • A snapshot is taken on the first day of the month at 2:30 am

The older versions will be removed as per the retention policy in the configuration policy.

And that’s it – you have an automated system that takes snapshots of your home directory and stores those files on a local drive.

Now that you’ve automated your backups with rsnapshot, you’ll have plenty of time to browse my other blog posts!

Automating backups with RoboCopy and PowerShell

Backups are important and you should live by the 3-2-1 rule.

That is: 3 copies of a file; 2 copies on site, 1 copy off site

Backups should be automatic where possible. If you are manually backing up data, there is a good chance data wont get backed up as often as you hoped.

You should also test your backups regularly!

RoboCopy, short for “Robust File Copy”, is a command line utility included within Windows. It can be used to create backups of files and directories. There are many tools and programs for backing up data, but sometimes the free tools that come with the operating system are all you need.

We are going to backup files from an internal hard drive onto an external hard drive that is always plugged in. This will work well for hard drive failure, but wont be a great backup against ransomware.

Automating tasks is great for productivity. Especially if you can reuse scripts from other tasks.

To get started, first open PowerShell as an administrator. We need to create a folder to store our basic script. In your PowerShell window enter the following command:

New-Item -Path "c:\" -Name "scripts" -ItemType "directory"

And now change into the new directory:

cd c:\scripts\

Now we are going to create the batch file to run RoboCopy. Do that with the following commands:

New-Item -Name "backup.bat" -ItemType "file"
Add-Content -Path .\backup.bat -Value "robocopy D:\ E:\ /B /MIR"

We have now created a script to backup drive D to drive E – of course you may need to adjust drive letters to suit your system.

RoboCopy with copy drive D to drive E using backup mode. This allows RoboCopy to override the file and folder permissions that may prevent a file being copied. MIR copies the complete directory tree. This keeps the second drive as an exact mirror of the first.

Now we want to make sure this script runs daily. We can do that using PowerShell to configure a scheduled task. Enter the following commands:

$action = New-ScheduledTaskAction -Execute 'cmd.exe' -Argument '/c start "" "C:\scripts\backup.bat'
$trigger = New-ScheduledTaskTrigger -Daily -At 1pm
$principal = New-ScheduledTaskPrincipal -LogonType S4U

You will be asked to enter the username for the Administrator account, then follow on with the next command:

Register-ScheduledTask -Action $action -Trigger $trigger -Principal $principal -TaskName "Backup D Drive" -Description "Daily Backup of Drive D"

You now have a scheduled task that copies the content of drive D to drive E every day at 1pm – leaving you more time to browse my blog!

Obfuscating PowerShell Commands

I recently wrote a Ducky Script that creates a scheduled task upon plugging a Rubber Ducky into an unlocked PC. While the script is successful, I find it gives away too many clues as to what the script is doing.

PowerShell commands can be obfuscated using base64. These commands can be submitted to PowerShell using the the EncodedCommands parameter. While designed to be used to submit commands to PowerShell that require complex quotation marks or curly braces, it can also be used in an attempt to hide what commands a script is running.

The PowerShell commands my Ducky Script runs are as follows:

$action = New-ScheduledTaskAction -Execute 'wlrmdr.exe' -Argument " -s 60000 -f 1 -t You've Been Pwned! -m Remember that USB you plugged in? Pepperidge Farm Remembers. -a o"

$trigger = New-ScheduledTaskTrigger -Daily -At 3:14pm

Register-ScheduledTask -Action $action -Trigger $trigger -TaskName "Adobe Acrobat Update Tusk" -Description "This task doesn't keep your Adobe Reader and Acrobat applications up to date with the latest enhancements and security fixes"

This is a benign script that will remind the victim daily that they plugged in an unknown USB stick. I also had the scheduled task kind of hide itself as the Adobe Reader Update Task in an attempt to avoid being discovered later on.

Before getting started, PowerShell will need to know that it is to run all these commands together. This can be done using a semicolin (;). Simply put a semicolon between each command like so:

$action = New-ScheduledTaskAction -Execute 'wlrmdr.exe' -Argument " -s 60000 -f 1 -t You've Been Pwned! -m Remember that USB you plugged in? Pepperidge Farm Remembers. -a o";$trigger = New-ScheduledTaskTrigger -Daily -At 3:14pm;Register-ScheduledTask -Action $action -Trigger $trigger -TaskName "Adobe Acrobat Update Tusk" -Description "This task doesn't keep your Adobe Reader and Acrobat applications up to date with the latest enhancements and security fixes"

To convert the commands to base64, add the commands to a variable with a name of your choice. It my case I’ve gone with $EncodeText. It will also be important to use the backtick on the variables and some of the quotations.

$EncodeText = "`$action = New-ScheduledTaskAction -Execute 'wlrmdr.exe' -Argument `" -s 60000 -f 1 -t You've Been Pwned! -m Remember that USB you plugged in? Pepperidge Farm Remembers. -a o`";`$trigger = New-ScheduledTaskTrigger -Daily -At 3:14pm;Register-ScheduledTask -Action `$action -Trigger `$trigger -TaskName `"Adobe Acrobat Update Tusk`" -Description `"This task doesn't keep your Adobe Reader and Acrobat applications up to date with the latest enhancements and security fixes`""

The commands can now be encoded in base64 by running the following command:


The base64 text will be displayed on the screen.


This can now be fed into PowerShell using the EncodedCommand parameter. You can pipe the command to Out-Null to have the command run without any output:


You can now run Obfuscated PowerShell Commands the way your inner PowerShell Ninja intended.

Check out the Ducky Script on GitHub!

USB Rubber Ducky

I purchased a USB Rubber Ducky from Hak5 a few years back and it has been sitting in the office collecting dust ever since. A USB Rubber Ducky is a device that looks like a USB Flash Drive but thinks its a keyboard. When plugged into a computer, a USB Rubber Ducky can start typing commands. Because it is able to type commands a lot quicker than you or I, the USB Rubber Ducky can be a handy tool for automating a task, or for quickly installing a remote backdoor during a physical penetration test.

Let’s get some remote shells!!

Instead of jumping right into loading a remote shell (sorry for the misleading heading), I will start small; how to write a basic “Ducky Script” and how to encode it and load it onto the USB Rubber Ducky.

For this task, I am working on Ubuntu and creating a USB Rubber Ducky to “attack” a Windows PC.

First things first, Lets start by setting up a working directory. On Ubuntu we can do that with the following commands:

mkdir ~/RubberDucky/
mkdir ~/RubberDucky/scripts

Now change directory to RubberDucky with the following command:

cd ~/RubberDucky

Let move onto downloading the require tools.


Hak5 provide the tools required to encode the Ducky Script text files into a bin file that can be used by the Rubber Ducky. Before we can run Duckencoder we will need to install the java runtime environment. This can be done with the following command:

sudo apt install default-jre

Once this has installed, it is time to download duckencoder. We have already changed into our RubberDucky directory, so we can go ahead and download the tool. Do that with the following command:


Creating basic Ducky Script

My basic script is inspired by the Matrix. It’s not very elaborate, it just opens Notepad on Windows and displays a message to the users.

To get started lets create a blank text file and open it with our favourite text editor.

touch ~/RubberDucky/scripts/HelloWorld.txt && vi ~/RubberDucky/scripts/HelloWorld.txt

Now enter the text below. If you are not familiar with Vim, you will need to press i to enter the insert mode before you can enter the text.

REM Ducky Payload inspired by The Matrix
STRING notepad.exe
STRING Wake up User.
STRING The Matrix has you.
STRING Follow the Rubber Ducky.

To save the file and exit Vim, press escape to go back to command mode and the type :wq and press enter.

Other Scripts are available from Hak5.

Encoding the Ducky Script

Before we can load the script onto the USB Rubber Ducky, we will need to encode the file with the Duckencoder tool we downloaded earlier. This is a simple process and can be done using the command below:

java -jar duckencoder.jar -i ~/RubberDucky/scripts/HelloWorld.txt -o inject.bin

Essentially we are using java to run duckencoder, taking the text file as an input (-i) and setting the output (-o) as the bin file.

Once this completes you will see the inject.bin file in the ~/RubberDucky directory. This can be transferred over to a Micro SD card and inserted into your RubberDucky. This can be now plugged into a Windows PC for a little bit of non-malicious fun.

Install Sudo for FreeBSD

FreeBSD doesn’t come with sudo pre-installed. Instead you are required to log in as root to make changes to the system. This is not best practise as you can do plenty of damage to your system when running as root.

With that said, for this task, you will need to be running as root.

You can easily install sudo for FreeBSD. We will go through this now. Before we start, make sure the ports tree is up to date.

portsnap fetch update

Type out the following command to change directory to the sudo port and commence the installation.

cd /usr/ports/security/sudo/ && make install clean

Leave the defaults selected, but be sure to also select insults so you get a witty message when you incorrectly enter your sudo password – then select ok.

The port will now build. Once it has completed, you will be required to add a user to the sudoers. To edit the sudoers file it is recommended to use the visudo tool. It can be ran by entering the following:


On FreeBSD, visudo uses vim as the default editor. If you haven’t used vim before it can be a little daunting. First of all we need to navigate down to find the line root ALL=(ALL) ALL. This can be done using either the J or the down arrow keys.

Once you have found that line, enter the letter twice to create a new line and activate insert mode. Add the line below, substituting username with your actual username. If you haven’t add a user yet, you can do this with the adduser command.

username ALL=(ALL) ALL

We now need to save the file and quit vim. You can do this with the following command:


You can now log in without root and superuser do, the way Todd. C. Miller intended.

Resizing MBR Partition FreeBSD

Recently, the FreeBSD virtual machine that hosts my internal wiki got low on space. I had not provisioned a large enough virtual hard drive when creating the VM. When you want to store all the things in the wiki, you will need all the space. So, I will guide you through the steps for increasing the MBR partition size in FreeBSD.

First things first: Backup the important data

Second: Backup the important data

Now that you’ve got your data backed up, lets have a look at our current drive usage. This can be done using the following command:

df -Ph
Filesystem     Size    Used   Avail Capacity  Mounted on
/dev/da0s1a 120G 27G 84G 24% /
devfs 1.0K 1.0K 0B 100% /dev

Because I didn’t know I was going to blog this, my drive already has enough space. But because I’m greedy, and want to educate others, I will resize the drive to 256GB.

Let have a look at our current hard drive partitions. You can do this using gpart:

gpart show
=>       63  268435393  da0  MBR  (128G)
63 1985 - free - (993K)
2048 268433408 1 freebsd [active] (128G)

=> 0 268433408 da0s1 BSD (128G)
0 260046848 1 freebsd-ufs (124G)
260046848 8386560 2 freebsd-swap (4.0G)

I powered off my VM and provisioned more drive storage. Powered it up again and ran the above command a second time. You can see the newly acquired free space.

=>       63  536870849  da0  MBR  (256G)
63 1985 - free - (993K)
2048 268433408 1 freebsd [active] (128G)
268435456 268435456 - free - (128G)

=> 0 268433408 da0s1 BSD (128G)
0 260046848 1 freebsd-ufs (124G)
260046848 8386560 2 freebsd-swap (4.0G)

Before resizing a partition we are required to get rid of the swap partition. First of all disable swap with the following command:

sudo swapoff -all
swapoff: removing
/dev/da0s1b as swap device

We can now delete the swap partition. Ensure the index matches the index of the swap-partiton and the drive identifier corresponds with the correct drive in the BSD section.

sudo gpart delete -i 2 da0s1

Before we can use the free space we need resize the MBR section.

sudo gpart resize -i 1 da0

Confirm the freespace has moved to BSD using gpart.

gpart show
=>       63  536870849  da0  MBR  (256G)
63 1985 - free - (993K)
2048 536868864 1 freebsd [active] (256G)

=> 0 536868864 da0s1 BSD (256G)
0 260046848 1 freebsd-ufs (124G)
260046848 276822016 - free - (132G)

You will also see the swap partition is gone.

Now we want to resize the hard drive – be sure to leave enough create a new swap partition.

sudo gpart resize -i 1 -s 252G -a 4k da0s1

That will leave me with 4GB to create a swap drive which can be done with the following command:

sudo gpart add -t freebsd-swap -a 4k da0s1

Check that the partitions have been resized and created using gpart:

gpart show da0s1
=>        0  536868864  da0s1  BSD  (256G)
0 528482304 1 freebsd-ufs (252G)
528482304 8386560 2 freebsd-swap (4.0G)

Now we need to enable the swap drive and grow the file system to fit the new partition. This can be done with the following commands:

sudo swapon -a
sudo growfs /

You will need to confirm that you wish the resize the partition. Did you remember to make a backup?

Device is mounted read-write; resizing will result in temporary write suspension for /. It's strongly recommended to make a backup before growing the file system. OK to grow filesystem on /dev/da0s1a, mounted on /, from 124GB to 252GB? [yes/no]

We can check our partitions again with gpart:

gparts show
=>       63  536870849  da0  MBR  (256G)
63 1985 - free - (993K)
2048 536868864 1 freebsd [active] (256G)

=> 0 536868864 da0s1 BSD (256G)
0 528482304 1 freebsd-ufs (252G)
528482304 8386560 2 freebsd-swap (4.0G)

If everything looks good, we can then check our hard drive usage with the following command.

df -Ph
Filesystem     Size    Used   Avail Capacity  Mounted on
/dev/da0s1a 244G 27G 198G 12% /
devfs 1.0K 1.0K 0B 100% /dev

And there is it – You have now resized your partitions and can store all the files the way data hoarders intended.

Cull your Twitter Friends with Thanos

Every now and again it feels good to cull some of the people you follow on Twitter. Sometimes though, you are not sure on who to remove and who to keep.

I was having the same dilemma, and thought that there had to be an easy way. I had used Tweepy previously, and thought to call upon it to help with the cull.

I wrote a basic Python script which is inspired by Thanos. It can be found on GitHub. I will give a quick run though on how to run it.

First of all we need the Tweepy module installed. It can be done with Pip.

pip3 install tweepy

Now we need to create a folder in which to download the script.

mkdir ~/thanosTwitter

change into the directory and download the script.

cd ~/thanosTwitter && curl -O

You will now need to create a Twitter developer account. This is so you have the keys for the API access. You can create a developer account on the Twitter Developer website. You will also need to create a Twitter app through the developer portal. Once you have the keys you can add them to the script with the text editor of your choice.

Save the changes and it is time to run the script. Before doing so I would like to point out that the script does not give warning and will start unfollowing as soon as it is executed. If you are happy with this, run the script.


Once the script finishes, you will have half an many friends on Twitter, and the universe will be perfectly balanced, just as Thanos intended.

Python 3 KeePass Dictionary Attack


A few years back I created a python script for a class I was teaching on password security. It is a basic script to run a dictionary attack against a KeePass database. Being that Python 2.7 EOL date is quickly approaching, I thought I might change my script to suit Python 3 – and do a quick blog post on how to run the new script.

First of all you will need to download and install the libkeepass module. This can be done using pip. If you haven’t installed pip3 you will need to do this first.

sudo apt-get install python3-pip
pip3 install libkeepass

Create a directory to store the script, and then change into the newly created directory.

cd ~ && mkdir keepassdictionaryattack
cd keepassdictionaryattack

You can supply your own password list as password.txt or download one of the many available online. I am using the 500 worst passwords list I found on Daniel Miessler’s GitHub.

Download the passwords and rename the file to passwords.txt

curl -O

mv 500-worst-passwords.txt passwords.txt

Now, download the KeePass Dictionary Attack script.

curl -O

Copy a KeePass database into ~/keepassdictionaryattack and then run the script.


If the KeePass database is using a weak password, you may gain access to the database and all the goodies inside.

Installing and Using Git and GitHub on Ubuntu

GitHub is a web-based hosting of the version control system, Git. It allows for teams to easily work on projects, share code, and monitor versions. GitHub has both free and paid services depending on your needs.

This is just a simple tutorial to show you how to install and Use Git and GitHub on Ubuntu.

Notes: Before we get started if you are using GitHub with 2FA, you will need to setup a Personal Assess Token. This can be generated at

Also, if you do not wish to share your email address publicly, you can use your GitHub noreply email address. It will be in the form of [email protected] and can be found at

You email address will also need to be verified. Information on this can be found at:

Installing and Using Git and GitHub on Ubuntu

To get started we will need to install Git on Ubuntu. To do this enter the following command into terminal.

sudo apt install git

Once completed, you will now need to set your username and email address. These are your GitHub username and your GitHub noreply email address.

git config --global "username"
git config --global "[email protected]"

Now change to the Home Directory and create your first Git Repository.

cd ~ && git init MyFirstGit

If successful you should see the message: Initialized empty Git repository in /home/owner/MyFirstGit/.git/

Change into the newly created directory

cd MyFirstGit

Create a simple README file and add some text. This can be done with an editor of your choice. A quick sample is shown below.

echo "This is MyFirstGit" > README

Now you can add the file to the index and record changes to the repository

git add README
git commit -m "First commit to GitHub"

Now you need to create a repository on GitHub. This can be done via:

The repository will need to share the same name as the folder you created earlier, i.e. MyFirstGit. You can leave Initialize this repository with a README unchecked as we have already created this file.

This is a fairly simple procedure but if you get stuck detailed steps can be found here:

Upon creating a new repository you will be given the links to the repository, which should be similar to:

We can now add the files to GitHub

git remote add origin
git push -u origin master

You will be prompted to enter your username and password (or Personal Access Token if you are using 2FA).

You will now be able to share code and monitor versions the way Linus Torvalds intended.