Hak5 1409 – How to Sync Google Drive on Linux and Reviewing REMnux
This time on the show, Shannon reviews the malware analysis disto REMnux. Darren check out Google Drive Sync Alternatives, then wrapping it up with EliteWraps. All that and more, this time on Hak5!
REMnux 4 Review
Last week I checked out Kali Linux, the newest refresh of Backtrack, featuring hundreds of pentesting tools for hobbyists and experts.
This week, I’m checking out REMnux, which is a linux distro specifically made for reverse engineering malware. Malware is malicious software that can be hidden in a file or source in the form of code, scripts, active content or other software. Generally malware is hostile and is made to disrupt or collect sensitive information or change a computer in some way.
REMnux is best used as an ISO image or a virtual appliance. This can be useful to run in a virtual machine and be able to analyze malware in that isolated environment so you don’t end up harming your usual workspace. It is an ubuntu based distro with an easy to use desktop environment.
I’m using an .iso. Your user is remnus and the password is malware.
Some of the preinstalled tools include:
For Flash malware: SWFTtools, flasm, and more.
For network activities: Wireshark, Honeyd, fakedns, NetCat and plenty more.
For web malware: Firefox User Agent Switcher extensions, TinyHTTPd, etc.
For shellcode: gdb, objdump, Radare, etc.
For suspicious executables: upx, packerid, bytehist, DensityScout, xorsearch, etc.
For malicious documents: Didier Steven’s PDF tools, Origami framework,
For memory forensics: Volatility Framework, bulk_extractor, AESKeyFinder and RSAKeyFinder.
No command line tools are included in the graphical interface, so you will need to check their cheat sheet to verify if something is included for sure. Backtrack does this. Aliases for many commands found in ~/bash_aliases.
Google Drive Sync Alternatives
InSync is a Google Drive syncing alternative for Windows, Mac and Linux. The Linux client is currently free in beta and sports installers for Unity, Cinnamon, and Gnome as well as Cinnamon and Gnome applets.