Loading...
Blogs & Stories

SpiderLabs Blog

Attracting more than a half-million annual readers, this is the security community's go-to destination for technical breakdowns of the latest threats, critical vulnerability disclosures and cutting-edge research.

Installing VMware Tools on Kali Linux and Some Debugging Basics

access_time
person_outlineChristophe De La Fuente
share

I have been using Backtrack for a while now and decided toswitch to Kali Linux, a new open source distribution by the creators ofBacktrack. It's built on Debian and is FHS compliant, which is a verygood thing.

So I downloaded the VMware image from the Kali Linux download page and ran it using VMware Fusion. The first thing I did (and I guess everybodydoes) was run an "apt-get update && apt-get dist-upgrade" toupgrade the system. Immediately after that, I found an annoying issue when tryingto drag and drop files from the host into the VM. Here is the error message Igot each time I tried to copy a file:

"There was an error getting information about …"
01-error-edited

Apparently, the VMwareTools needed to be upgraded and, believe me, it was not an easy task.

VmwareTools Installation

To install theVMware Tools, I selected "Reinstall VMware Tools" from the "Virtual Machine" menu (Iam using VMware Fusion 5.0.3 on Mac OS X, but the same procedure should apply on otherplatforms and versions).

02-install_vmware-tools

This automatically mounted a virtual CD containing the installation software.

03-CD

My next step would be tocopy the compressed file, untar it and run the installer (the version at thetime of writing was 9.2.2-893683). This process is not as easy as it might appear:

# cp /media/cdrom/VMwareTools-9.2.2-893683.tar.gz .# tar xzvf VMwareTools-9.2.2-893683.tar.gz# cd  vmware-tools-distrib/# ./vmware-install.pl

After answeringsome questions with the default options, I ended up with the following:

04-installation-error1-edited

I needed to dig deeper into the vmware-config-tools.pl code to understand what was going on.

Looking at vmware-config-tools.pl

When I opened the file /usr/bin/vmware-config-tools.pl with my favorite editor and searched for the string "is not a valid path to," I found this at line 6152:

05-config-tool-code

Apparently, $kh_path was empty (""), and I needed to find outwhy. The first parameter of the getValidKernelHeadersPath()function is $kh_path and upon further review I found the code responsible for settingits value (line 6192):

$gKernelHeaders = `$modconfig --get-kernel-headers $mcKverOpt $appLoaderArgs`;

I just added this code right after the line6192 in vmware-config-tools.pl to find out what the command actually is:

print("$modconfig --get-kernel-headers $mcKverOpt $appLoaderArgs");

Running the tool again gave me this:

06-config-tool-edited

Next I tried executing this command:

07-modconfig-edited

As I expected, nothing happened. I had to plunge further and find out which files the tool was calling. I suspected that missing files mighthave been the issue.

Tracing the system calls with strace I found the following:

# apt-get install strace# strace '/usr/lib/vmware-tools/sbin32/vmware-modconfig-console' --validate-kernel-headers -k 3.7-trunk-686-pae "" -- -l "/usr/lib/vmware-tools"

Here is the interesting part:

08-strace-edited

...[SNIP]...access("/lib/modules/3.7-trunk-686-pae/build/include/linux/version.h", F_OK) = -1 ENOENT (No such file or directory)...[SNIP]...

With that, I'd discovered the issue: the file/lib/modules/3.7-trunk-686-pae/build/include/linux/version.h was missing.

To fix it, I used this:

# cd /lib/modules/3.7-trunk-686-pae/build/include/# ln -s /usr/src/linux-headers-3.7-trunk-686-pae/include/generated/uapi/linux/version.h linux/version.h

And I was presented with the following after running vmware-config-tools.pl again:

09-success1-edited

"Excellent," I thought, "it's fixed." In actuality, there was more work to do:

10-installation-error2

Some of the services reported an error, and one in particular didnot start:

...[SNIP].../etc/init.d/vmware-tools: 1088: local: ': bad variable name     Blocking file system:      failed...[SNIP]...

Fixing /etc/init.d/vmware-tools

It seems that the service initialization script also needed to be fixed. For more details, I opened the /etc/init.d/vmware-tools file to see whatlies at line 1088:

local run_kver=`get_version_integer`

The get_version_integer() function is defined as follows:

11-vmware-tools-service-code

As you can see above, the script gets the kernel versionnumber by running the "uname –r" command and parsing the resultstring.

Running the command gave me this:

# uname –r3.7-trunk-686-pae

The issue here is that the script is expecting a set of three numbers (kernel version, major revision and minor revision), but here theuname command only returns two numbers: the kernel version and the majorrevision (3.7).

When the script called the kernel_version_integer() function,the calling parameter values were wrong:

v1="3"v2="7-trunk-686-pae"v3=""

Here is the kernel_version_integer() function definition:

kernel_version_integer() {  echo $(((($1 * 256) + $2) * 256 + $3))}

The error was that the following operation was executed and,obviously, it failed:

((3 * 256) + 7-trunk-686-pae) * 256 +

The correct operation should be:

((3 * 256) + 7) * 256 + 0

So we have two issues here: v2 is not correctly parsed and v3 is not set to zero.

Here is how I quickly fixed the code of the get_version_integer()function:

get_version_integer() {  local version_uts  local v1  local v2  local v3   version_uts=`uname -r`   # There is no double quote around the back-quoted expression on purpose  # There is no double quote around $version_uts on purpose  set `IFS='.'; echo $version_uts`  v1="$1"  v2="$2"  v3="$3"  # There is no double quote around the back-quoted expression on purpose  # There is no double quote around $v3 on purpose  if [ -z "$v1" ]; then    v1="0"  else    set `IFS='-ABCDEFGHIJKLMNOPQRSTUVWXYZ_abcdefghijklmnopqrstuvwxyz'; echo $v1`    v1="$1"  fi  if [ -z "$v2" ]; then    v2="0"  else    set `IFS='-ABCDEFGHIJKLMNOPQRSTUVWXYZ_abcdefghijklmnopqrstuvwxyz'; echo $v2`    v2="$1"  fi  if [ -z "$v3" ]; then    v3="0"  else    set `IFS='-ABCDEFGHIJKLMNOPQRSTUVWXYZ_abcdefghijklmnopqrstuvwxyz'; echo $v3`    v3="$1"  fi kernel_version_integer "$v1" "$v2" "$v3"}

I found that this resolved the error:

12-success2

Perfect! The services started successfully.

Keep in mind that I ran vmware-config-tools.pl. If you wantto re-run the whole installation with vmware-install.pl, the file/etc/init.d/vmware-tools will be overwritten. In that case, you would need to modifythe file vmware-tools-distrib/installer/services.sh in the VMware Toolsinstallation directory because it will overwrite/etc/init.d/vmware-tools.

Conclusion

It is not always easy to update VMware Tools utility,especially when using non-common Linux distributions. I haven't tried the VMware Fusion 6.0 yet and don't know if these issues are still there, but I'm sure you will have to adapt the fixes according to the errors you may find.

I hope this post will be useful and will save you some time.But remember, debugging basics are important, and you may have to repeat the process for the next kernel or VMware upgrade.

Related SpiderLabs Blogs

Microsoft Teams Updater Living off the Land

SpiderLabs Blog

Azure Web App Service For Offensive Operations

SpiderLabs Blog

Introducing Password Cracking Manager: CrackQ

SpiderLabs Blog