Wireless Pentesting with Qubes

Hello Everyone,
I need help regarding wireless pentesting.
Installed Os= Parrot OS as standalone HVM.
Chaining= sys-usb (provides network) < sys-firewall < Parrot OS
I have also tried directly using sys-usb upto no avail.

Any help would be much appreciated.

Not a right place to asking for pentest,
but if you want learn how networking works in qubes, thereā€™s a good doc Networking | Qubes OS and Firewall | Qubes OS

1 Like

Thanks, will go through those asap.

You donā€™t say how many WiFi devices you have, or what you are trying to
do.
If you only have one device, then some techniques will work, some wont,
If you intend to pentest low level features of WiFi itself, then get a
dedicated device, which you attach to the Parrot qube.
If you want to pentest over WiFi that will work with your set-up.

1 Like

I am trying to do some moniter mode stuff using aircrack-ng.
While internal wifi works using PCI passthrough I need usb adapter to work.
I tried assigning usb controller to parrot qube but got the following error while boot:
Start failed: internal error: ā€œUnable to reset PCI device 0000:00:14.0: no FLR, PM reset or bus reset available, see /var/log/libvirt/libxl/libxl-driver.log for detailsā€.

Meanwhile here is what I got from logs:

1. libxl: libxl_pci.c:1489:libxl__device_pci_reset: The kernel doesnā€™t support reset from sysfs for PCI device 0000:00:14.0

2. libxl: libxl_domain.c:853:pvcontrol_cb: guest didnā€™t acknowledge control request: -9

3. libxl: libxl_device.c:1146:device_backend_callback: Domain 37:unable to remove device with path /local/domain/33/backend/vif/37/0

4. libxl: libxl_domain.c:1529:devices_destroy_cb: Domain 37:libxl__devices_destroy failed

5. libxl: libxl_device.c:1146:device_backend_callback: Domain 48:unable to remove device with path /local/domain/38/backend/vif/48/0

6. libxl: libxl_domain.c:1529:devices_destroy_cb: Domain 48:libxl__devices_destroy failed

I will appreciate if you can guide me properly in this regard.

Good doc about pci too, you can find how to fix there.

1 Like

I was trying to apply usb controller to main parrot vm not usb-qube.

In my case there are three sys-usb vms namely sys-usb, sys-usb-clone, parrot-usb.
So my question is if I apply ā€œqvm-pci attach --option no-strict-reset=true parrot-usb dom0:00_14.0ā€ to parrot-usb will it affect other also?
If Yes, how to reset this option?

On another note is there any way to attach usb adapter to parrot os itself without any middleman i.e, sys-usb (parrot-usb in this case)?

Try to set PV mode for the correspondent sys-usb qube, then attach it to parrot via qvm-usb attach --persistent..ā€¦

1 Like

See this:

1 Like

Here are my takeaways from this post, correct me if I am wrong:

  1. Clone sys-net and install pentest tools on it.

  2. Allow it to access usb adapter using pci passthrough and capture data.

  3. Allow it to transmit data backchannel safely.

  4. Perform inspection on data in pentest qube.

I will be researching more and report back my findings for future users.

At last I have unorthodox question regarding virtualization inside one of my sanboxed windows hvm. I am trying to run vmware inside of it to perform some analysis. Encountered error as follows:

This host does not support Intel VT-x.
This host does not support ā€œIntel EPTā€ hardware assisted MMU virtualization.
VMware Workstation does not support the user level monitor on this host.
Module ā€˜MonitorModeā€™ power on failed.
Failed to start the virtual machine

Is that possible? If Yes, do point me in right direction.

2 Likes

You can, but need not, use a cloned sys-net for pentesting.
Depending on the tools you want to use you can run them from a connected
qube.

If you want to keep normal and pentesting activities separate then
using a separate sys-net with separate attached NICs is a good thingā„¢

I gather data in ā€œpentest qubeā€ and analyse it in a separate qube,
sometimes disposable, either offline or part of a virtual net.

On your bonus question, it is possible to run VMware in nested VMs.
Whether you can do this will depend on what hardware you have, what
guests you want to run, what version of VMware you have, and so on.
Iā€™m fairly certain that Workstation wont work under Xen, but you could
prove me wrong.

1 Like

Where are the instructions for how to create this Network Recon Qube?

There are no instruction in the talk notes or video presentation.
Can you please provide steps?!

@unman @deeplow

@amazing these should be it:

1 Like

I meant the actuall instructions. Not these. I donā€™t know what commands to run via CLI to install pentest tools.

Hey brother would you be able to walk me through how you got Parrot OS to work? I downloaded the ISO and created a Standalone HVM to run it but im running into Boot Issues. For instance i cant get past a terminal startup screen that will ask me for a: ā€œParrotSECā€ Login: (this being the Qubes Name)

Then one time recieving the error:

ā€œCannot connect to qrexec within 60 secondsā€

(My mind is just so melted trying to figure this out while at work during my breaks.)

Any help with the Installation would be much appreciated, i went through documentation but cant seem to understand what my specific issue is since it isnt well documented.

It was a long time ago and I donā€™t recall what I did that time. I would recommend either using one of unmanā€™s templates (see here: https://qubes.3isec.org) or build one from the Debian 12 template available in Qubes repository.

I personally prefer the 2nd one as it allows me to update natively, if youā€™re interested here are the steps:

  1. Create/clone a new Debian 12 template and name like ParrotOS-Template.
  2. Update it fully sudo apt update && sudo apt dist-upgrade
  3. Download Parrot OS signing key from any keyserver in a DispVM and copy that key to /etc/apt/trusted.gpg.d/ in ParrotOS-Template
  4. Run sudo apt update && sudo apt upgrade
  5. Install Parrot tools from the APT repo (tools are under the name parrot-tools-<CATEGORY>.
    E.g (Search): apt search parrot-tools-
    E.g (Install): sudo apt install parrot-tools-web
  6. Create new AppVMs as per requirement (Donā€™t use ParrotOS-Template for daily usage).
1 Like