oxeo0/blog-contributions
1
0
Fork 0
mirror of http://git.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/nihilist/blog-contributions.git synced 2025-07-02 11:56:40 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

updated the directory layout

Browse source
This commit is contained in:
nihilist 2024-08-18 22:50:34 +02:00
parent e6c53ff98f
commit d203eeac3f
1231 changed files with 91 additions and 91 deletions
Download patch file Download diff file Expand all files Collapse all files

BIN
opsec/whonixqemuvms/0.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 30 KiB

BIN
opsec/whonixqemuvms/1.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 190 KiB

BIN
opsec/whonixqemuvms/2.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 221 KiB

BIN
opsec/whonixqemuvms/3.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 69 KiB

BIN
opsec/whonixqemuvms/4.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 198 KiB

346
opsec/whonixqemuvms/index.html Normal file
View file

@ -0,0 +1,346 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="description" content="">
<meta name="author" content="">
<link rel="shortcut icon" href="../../../../../../assets/img/favicon.png">
<title>Whonix QEMU VMs Setup</title>
<!-- Bootstrap core CSS -->
<link href="../../assets/css/bootstrap.css" rel="stylesheet">
<link href="../../assets/css/xt256.css" rel="stylesheet">
<!-- Custom styles for this template -->
<link href="../../assets/css/main.css" rel="stylesheet">
<!-- HTML5 shim and Respond.js IE8 support of HTML5 elements and media queries -->
<!--[if lt IE 9]>
<script src="https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js"></script>
<script src="https://oss.maxcdn.com/libs/respond.js/1.3.0/respond.min.js"></script>
<![endif]-->
</head>
<body>
<!-- Static navbar -->
<div class="navbar navbar-inverse-anon navbar-static-top">
<div class="container">
<div class="navbar-header">
<button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-collapse">
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="navbar-brand-anon" href="\index.html">nihilist`s Blog</a>
</div>
<div class="navbar-collapse collapse">
<ul class="nav navbar-nav navbar-right">
<li><a href="/about.html">About</a></li>
<li><a href="/blog.html">Categories</a></li>
<li><a href="https://blog.nowhere.moe/donate.html">Donate</a></li>
<li><a href="/contact.html">Contact</a></li>
</ul>
</div><!--/.nav-collapse -->
</div>
</div>
<!-- +++++ Posts Lists +++++ -->
<!-- +++++ First Post +++++ -->
<div id="anon2">
<div class="container">
<div class="row">
<div class="col-lg-8 col-lg-offset-2">
<a href="../index.html">Previous Page</a></br></br><p><img src="../../assets/img/user.png" width="50px" height="50px"> <ba>nihilist@mainpc - 2024-03-10</ba></p>
<h1>Whonix QEMU Setup </h1>
<img src="0.png" style="width:250px">
<p>Whonix is an open-source OS made specifically for general anonymous activities. In this tutorial we're going to set it up using the QEMU virtualization setup we installed previously.</p>
<p><h2><u>OPSEC Recommendations:</u></h2></p>
<ol>
<li><p>Hardware : (Personal Computer / Laptop)</p></li>
<li><p>Host OS: <a href="../linux/index.html">Linux</a></p></li>
<li><p>Hypervisor: <a href="../hypervisorsetup/index.html">libvirtd QEMU/KVM</a></p></li>
<li><p>Application: <a href="../index.html">Host-based VPN</a> (if your ISP doesn't allow Tor traffic) </p></li>
</ol>
<p>I recommend using this setup into one of the above mentionned VMs, for <a href="../anonymityexplained/index.html">Anonymous use</a>, as per the <a href="../opsec4levels/index.html">4 basic OPSEC levels</a>.</p>
<p><u>Sidenote:</u> If your ISP does not allow Tor traffic, make sure that you <a href="../vpnqemu/index.html">route the QEMU VMs traffic through a VPN</a>, to hide the tor traffic from your ISP (You -> VPN -> Tor) Setup</p>
</div>
</div><!-- /row -->
</div> <!-- /container -->
</div><!-- /grey -->
<!-- +++++ Second Post +++++ -->
<div id="anon3">
<div class="container">
<div class="row">
<div class="col-lg-8 col-lg-offset-2">
<h2><b>Initial Setup </b></h2>
<p>Make sure that you have setup the QEMU / virt-viewer setup we described in <a href="../antiforensics/index.html">this</a> earlier tutorial</p>
<p>Then install download the whonix VMS as follows:</p>
<p>First go <a href="https://www.whonix.org/wiki/KVM">here</a> to download whonix for qemu, </p>
<img src="1.png" class="imgRz">
<p>Then extract the .xz file where you want the image to be at:</p>
<pre><code class="nim">
[ 10.8.0.3/24 ] [ nowhere ] [~/Downloads]
→ mv Whonix-XFCE-17.0.3.0.Intel_AMD64.qcow2.libvirt.xz /mnt/VAULT/VMs/
[ 10.8.0.3/24 ] [ nowhere ] [~/Downloads]
→ cd /mnt/VAULT/VMs/
[ 10.8.0.3/24 ] [ nowhere ] [VAULT/VMs]
→ tar -xvf Whonix-XFCE-17.0.3.0.Intel_AMD64.qcow2.libvirt.xz
WHONIX_BINARY_LICENSE_AGREEMENT
WHONIX_DISCLAIMER
Whonix-Gateway-XFCE-17.0.3.0.xml
Whonix-Workstation-XFCE-17.0.3.0.xml
Whonix_external_network-17.0.3.0.xml
Whonix_internal_network-17.0.3.0.xml
Whonix-Gateway-XFCE-17.0.3.0.Intel_AMD64.qcow2
[ 10.8.0.3/24 ] [ nowhere ] [VAULT/VMs]
→ touch WHONIX_BINARY_LICENSE_AGREEMENT_accepted
[ 10.8.0.3/24 ] [ nowhere ] [VAULT/VMs]
→ ls -lash
total 7.9G
4.0K drwxr-xr-x 2 nothing nothing 4.0K Dec 29 20:10 .
4.0K drwxr-xr-x 4 nothing nothing 4.0K Dec 29 20:09 ..
40K -rw-r--r-- 1 nothing nothing 39K Oct 21 2015 WHONIX_BINARY_LICENSE_AGREEMENT
0 -rw-r--r-- 1 nothing nothing 0 Dec 29 20:10 WHONIX_BINARY_LICENSE_AGREEMENT_accepted
8.0K -rw-r--r-- 1 nothing nothing 4.1K Oct 21 2015 WHONIX_DISCLAIMER
4.0K -rw-r--r-- 1 nothing nothing 172 Oct 21 2015 Whonix_external_network-17.0.3.0.xml
2.7G -rw-r--r-- 1 nothing nothing 101G Oct 21 2015 Whonix-Gateway-XFCE-17.0.3.0.Intel_AMD64.qcow2
4.0K -rw-r--r-- 1 nothing nothing 2.3K Oct 21 2015 Whonix-Gateway-XFCE-17.0.3.0.xml
4.0K -rw-r--r-- 1 nothing nothing 97 Oct 21 2015 Whonix_internal_network-17.0.3.0.xml
3.8G -rw-r--r-- 1 nothing nothing 101G Oct 21 2015 Whonix-Workstation-XFCE-17.0.3.0.Intel_AMD64.qcow2
4.0K -rw-r--r-- 1 nothing nothing 2.3K Oct 21 2015 Whonix-Workstation-XFCE-17.0.3.0.xml
1.4G -rw-r--r-- 1 nothing nothing 1.4G Dec 29 20:06 Whonix-XFCE-17.0.3.0.Intel_AMD64.qcow2.libvirt.xz
</code></pre>
<p>So now we have the qcow2 files (take note that it can), so we can proceed following the instructions:</p>
<pre><code class="nim">
[ 10.0.2.2/24 ] [ nowhere ] [VAULT/VMs]
→ vim Whonix-Gateway-XFCE-17.0.3.0.xml
[ 10.0.2.2/24 ] [ nowhere ] [VAULT/VMs]
→ cat Whonix-Gateway-XFCE-17.0.3.0.xml | grep VAULT
<<b></b>source file='/mnt/VAULT/VMs/Whonix-Gateway-XFCE-17.0.3.0.Intel_AMD64.qcow2'/>
[ 10.0.2.2/24 ] [ nowhere ] [VAULT/VMs]
→ vim Whonix-Workstation-XFCE-17.0.3.0.xml
[ 10.0.2.2/24 ] [ nowhere ] [VAULT/VMs]
→ cat Whonix-Workstation-XFCE-17.0.3.0.xml | grep VAULT
<<b></b>source file='/mnt/VAULT/VMs/Whonix-Workstation-XFCE-17.0.3.0.Intel_AMD64.qcow2'/>
[ 10.8.0.3/24 ] [ nowhere ] [VAULT/VMs]
→ sudo virsh -c qemu:///system net-define Whonix_external*.xml
[sudo] password for nothing:
Network Whonix-External defined from Whonix_external_network-17.0.3.0.xml
[ 10.8.0.3/24 ] [ nowhere ] [VAULT/VMs]
→ sudo virsh -c qemu:///system net-define Whonix_internal*.xml
Network Whonix-Internal defined from Whonix_internal_network-17.0.3.0.xml
[ 10.8.0.3/24 ] [ nowhere ] [VAULT/VMs]
→ sudo virsh -c qemu:///system net-autostart Whonix-External
Network Whonix-External marked as autostarted
[ 10.8.0.3/24 ] [ nowhere ] [VAULT/VMs]
→ sudo virsh -c qemu:///system net-start Whonix-External
Network Whonix-External started
[ 10.8.0.3/24 ] [ nowhere ] [VAULT/VMs]
→ sudo virsh -c qemu:///system net-autostart Whonix-Internal
Network Whonix-Internal marked as autostarted
[ 10.8.0.3/24 ] [ nowhere ] [VAULT/VMs]
→ sudo virsh -c qemu:///system net-start Whonix-Internal
Network Whonix-Internal started
[ 10.8.0.3/24 ] [ nowhere ] [VAULT/VMs]
→ sudo virsh -c qemu:///system define Whonix-Gateway*.xml
Domain 'Whonix-Gateway' defined from Whonix-Gateway-XFCE-17.0.3.0.xml
[ 10.8.0.3/24 ] [ nowhere ] [VAULT/VMs]
→ sudo virsh -c qemu:///system define Whonix-Workstation*.xml
Domain 'Whonix-Workstation' defined from Whonix-Workstation-XFCE-17.0.3.0.xml
</code></pre>
<p>make sure you give them 4gb of RAM before launching them, then launch them:</p>
<pre><code class="nim">
[nihilist@nowhere VMs]$ cat Whonix-Gateway.xml | grep KiB
<<b></b>memory dumpCore="off" unit="KiB">2097152</memory>
<<b></b>currentMemory unit="KiB">2097152</currentMemory>
[nihilist@nowhere VMs]$ cat Whonix-Workstation.xml | grep KiB
<<b></b>memory dumpCore="off" unit="KiB">4194304</memory>
<<b></b>currentMemory unit="KiB">4194304</currentMemory>
</code></pre>
<p>we can automate the VM startup procedure with a simple bashscript like so :</p>
<pre><code class="nim">
[nihilist@nowhere VMs]$ cat refreshvms.sh
#!/bin/bash
#remove VMs
sudo virsh -c qemu:///system destroy Whonix-Gateway
sudo virsh -c qemu:///system destroy Whonix-Workstation
sudo virsh -c qemu:///system undefine Whonix-Gateway
sudo virsh -c qemu:///system undefine Whonix-Workstation
sudo virsh -c qemu:///system net-destroy Whonix-External
sudo virsh -c qemu:///system net-destroy Whonix-Internal
sudo virsh -c qemu:///system net-undefine Whonix-External
sudo virsh -c qemu:///system net-undefine Whonix-External
echo '[+] VMs removed, re-install them ? (ctrl+c to exit)'
read
#install VMs
sudo virsh -c qemu:///system net-define Whonix_external*.xml
sudo virsh -c qemu:///system net-define Whonix_internal*.xml
sudo virsh -c qemu:///system net-autostart Whonix-External
sudo virsh -c qemu:///system net-start Whonix-External
sudo virsh -c qemu:///system net-autostart Whonix-Internal
sudo virsh -c qemu:///system net-start Whonix-Internal
sudo virsh -c qemu:///system define Whonix-Gateway.xml
sudo virsh -c qemu:///system define Whonix-Workstation.xml
</code></pre>
<p>You can run it like so:</p>
<pre><code class="nim">
[nihilist@nowhere VMs]$ chmod +x refreshvms.sh
[nihilist@nowhere VMs]$ ./refreshvms.sh
[sudo] password for nihilist:
Domain 'Whonix-Gateway' destroyed
Domain 'Whonix-Workstation' destroyed
Domain 'Whonix-Gateway' has been undefined
Domain 'Whonix-Workstation' has been undefined
Network Whonix-External destroyed
Network Whonix-Internal destroyed
Network Whonix-External has been undefined
error: failed to get network 'Whonix-External'
error: Network not found: no network with matching name 'Whonix-External'
[+] VMs removed, re-install them ? (ctrl+c to exit)
Network Whonix-External defined from Whonix_external_network-17.0.3.0.xml
error: Failed to define network from Whonix_internal_network-17.0.3.0.xml
error: operation failed: network 'Whonix-Internal' already exists with uuid 878828d6-fd1f-49ac-9d0c-9c829c414b80
Network Whonix-External marked as autostarted
Network Whonix-External started
Network Whonix-Internal marked as autostarted
Network Whonix-Internal started
Domain 'Whonix-Gateway' defined from Whonix-Gateway.xml
Domain 'Whonix-Workstation' defined from Whonix-Workstation.xml
</code></pre>
<img src="2.png" class="imgRz">
</div>
</div><!-- /row -->
</div> <!-- /container -->
</div><!-- /white -->
<div id="anon2">
<div class="container">
<div class="row">
<div class="col-lg-8 col-lg-offset-2">
<h2><b>Basic Whonix Usage</b></h2> </br> </br>
<p>So now you can compatmentalize your anonymous usage in a separate VM by using the tor browser there, along with keepass and monero:</p>
<p>You can open Onion Circuits on the gateway VM to view the tor connections being built up in real time like so :</p>
<img src="3.png" class="imgRz">
<p>And inside the Workstation VM you can browse Tor, and use Keepass just like in the <a href="../torbrowsing/index.html">previous tutorial</a>:</p>
<img src="4.png" class="imgRz">
<p>you can also use monero (take note that the default sudo password in whonix is "changeme", so dont forget to change it):</p>
<pre><code class="nim">
[workstation user ~]% passwd
[workstation user ~]% sudo apt install monero -y
[workstation user ~]% monero-wallet-cli
</code></pre>
</div>
</div><!-- /row -->
</div> <!-- /container -->
</div><!-- /white -->
<!-- +++++ Footer Section +++++ -->
<div id="anonb">
<div class="container">
<div class="row">
<div class="col-lg-4">
<h4>Nihilism</h4>
<p>
Until there is Nothing left.
</p>
</div><!-- /col-lg-4 -->
<div class="col-lg-4">
<h4>My Links</h4>
<p>
<a target="_blank" rel="noopener noreferrer" href="http://blog.nowhere.moe/rss/feed.xml">RSS Feed</a><br/><a target="_blank" rel="noopener noreferrer" href="https://matrix.to/#/#nowheremoe:nowhere.moe">Matrix Chat</a><br/>
</p>
</div><!-- /col-lg-4 -->
<div class="col-lg-4">
<h4>About nihilist</h4>
<p style="word-wrap: break-word;"><u>Donate XMR:</u> 8AUYjhQeG3D5aodJDtqG499N5jXXM71gYKD8LgSsFB9BUV1o7muLv3DXHoydRTK4SZaaUBq4EAUqpZHLrX2VZLH71Jrd9k8</p></br><p><u>Contact:</u> nihilist@nowhere.moe (<a href="https://nowhere.moe/nihilist.pubkey">PGP</a>)</p>
</div><!-- /col-lg-4 -->
</div>
</div>
</div>
<!-- Bootstrap core JavaScript
================================================== -->
<!-- Placed at the end of the document so the pages load faster -->
</body>
</html>