A script that will rewrite /etc/issue with the IP address when the network interface is brought up.
--[ PostIT ]-- How to retrieve Email via POP3 using Telnet
1. Telnet into Exchange server hosting IMS service using TCP port 110.
Command is telnet 110
2. Turn on local echo on your telnet client so that you can see what you are typing.
On Win 9x and NT 3.5/4.0 Telnet client this done by selecting the "preferences" from the "terminal" pull down menu, and checking the local echo radio button. For Windows 2000 telnet client, issue command "set local_echo", from the telnet command prompt.
3. After performing step 1 the terminal window text should appear as follows
+OK Microsoft Exchange POP3 server version 5.5.2653.23 ready
4. Issue the following command sequence.
user \\
pass
note: Since local echo has been set, your password will appear on the telnet terminal window in plain text.
listDisplays a list of email messages
retr
Displays a specific message in the telnet terminal window
dele
Deletes a specific message
Quit
Closes telnet session
--[ Android Malware ]
AndroRat
AndroRat is a free and open source remote administration tool designed for Android. This tool allows the attacker to control a wide variety of features within the infected smartphone. Some of the AndroRat's innovative features include the ability to make phone calls, send messages from the infected phone, access the GPS coordinated of the phone, activate the microphone, access stored data and much more.
AndroRat APK Binder
AndroRat APK Binder is a malware tool that allows you to bind AndroRat directly to an app. The APK Binder is currently being sold at about $37 through various underground forums. The tool AndroRat is available in the APK format and when combined with the APK builder will allow any user with minimum expertise to infect a legitimate app and trojanize it. When a user installs the trojanized app, they also install AndroRat unknowingly. The attacker can now access the infected phone remotely and use it for their benefit.
Adwind
On similar lines as the AndroRat, a Java based RAT that has been named as Adwind is also making rounds on the Internet. This tool can be used in multiple OSes as it is a Java based tool. This tool too can assume control of an infected device remotely. However, it is not yet known if the tool has been bound to any of the legitimate APKs.
AndroRat is a free and open source remote administration tool designed for Android. This tool allows the attacker to control a wide variety of features within the infected smartphone. Some of the AndroRat's innovative features include the ability to make phone calls, send messages from the infected phone, access the GPS coordinated of the phone, activate the microphone, access stored data and much more.
AndroRat APK Binder
AndroRat APK Binder is a malware tool that allows you to bind AndroRat directly to an app. The APK Binder is currently being sold at about $37 through various underground forums. The tool AndroRat is available in the APK format and when combined with the APK builder will allow any user with minimum expertise to infect a legitimate app and trojanize it. When a user installs the trojanized app, they also install AndroRat unknowingly. The attacker can now access the infected phone remotely and use it for their benefit.
Adwind
On similar lines as the AndroRat, a Java based RAT that has been named as Adwind is also making rounds on the Internet. This tool can be used in multiple OSes as it is a Java based tool. This tool too can assume control of an infected device remotely. However, it is not yet known if the tool has been bound to any of the legitimate APKs.
--[ man nmap ]
NMAP(1) Nmap Reference Guide NMAP(1)
NAME
nmap - Network exploration tool and security / port scanner
SYNOPSIS
nmap [Scan Type...] [Options] {target specification}
NAME
nmap - Network exploration tool and security / port scanner
SYNOPSIS
nmap [Scan Type...] [Options] {target specification}
--[ MITM WiFi Honeypot ]
we will create a fake wifi hotspot so that clients may connect to
it and we can see what they are up to. And log everything they browse to on the hotspot.
You will act as a wifi hotspot, providing internet. You are able to monitor those who connect to it and forward them to the real server, acting as a man-in-the-middle. You can intercept about every data or append it to your needs to forward that to the real server.
[CLIENT] <-------------> [ YOU ] <------------> [INTERNET]
You will act as a wifi hotspot, providing internet. You are able to monitor those who connect to it and forward them to the real server, acting as a man-in-the-middle. You can intercept about every data or append it to your needs to forward that to the real server.
[CLIENT] <-------------> [ YOU ] <------------> [INTERNET]
--[ ssh access ]
There are several open source and enterprise software program through
which we can access remote system. These software becomes a necessity
when you setup a remote server and do not allow direct access to the
server, as because of some security measures. PuTTy is one of the major
terminal emulator through which we can access a remote server. PuTTy is a
free and open-source terminal emulator, serial console and network file
transfer application. It supports several network protocols, including
SCP, SSH, Telnet and rlogin. Here, I am going to show you how to access
Kali Linux through PuTTy. My base computer is running Windows 7 and Kali
Linux is installed in a VMWare Player. So we can assume that Kali Linux
is installed in a remote machine, as Windows 7 and of Kali Linux is on
different network now.
Before we access Kali Linux through remote system, we need to make sure that ssh service is already running in Kali Linux.
--[ Armitage ]
Armitage is a scriptable red team collaboration tool for Metasploit
that visualizes targets, recommends exploits and exposes the advanced
post-exploitation features in the framework. Through one Metasploit
instance, your team will:
- Use the same sessions
- Share hosts, captured data, and downloaded files
- Communicate through a shared event log
- Run bots to automate red team tasks
--[ GRUB ]
A boot loader is a software program
that runs when a computer boot. It's responsible for loading and
transferring control to an operating system kernel software. The kernel,
in turn, initializes the rest of the operating system.
GRUB (GRand Unified Boot-loader) or GNU GRUB
is a very powerful multi-boot loader, which can load a wide variety of
free operating systems, as well as proprietary operating systems with
chain-loading. GRUB is designed to address the complexity of booting a
personal computer. One of the important features in GRUB is flexibility;
GRUB understands filesystems and kernel executable formats, so you can
load an arbitrary operating system the way you like, without recording
the physical position of your kernel on the disk. Thus you can load the
kernel just by specifying its file name and the drive and partition
where the kernel resides.
--[ Install Compiz on Kali ]
modify /etc/apt/sources.list.
## SID: to get compiz
deb http://ftp.us.debian.org/debian/ sid main non-free contrib
In a root terminal type :
apt-get update
apt-get -t sid install compiz
you are done installing Compiz
--[ Chrome in Kali ]
Download the debian version of chrome
open a terminal, go to the file and run dpkg -i google-chrome-stable_current_i386.deb
to add it to the menu, go to Applications -> Accessories -> Main Menu
Click on the Internet icon on the left hand panel, and click the ‘New Item’ button on the right.
In the popup window, add a new application, name it as you like. i.e. 'Chrome'
As command type: google-chrome
You can't run it as root, it will produce an error. to solve that :
specify an alternate --user-data-dir for storage of profile information
go to /opt/google/chrome, open the file 'google-chrome'
on the last line add --user-data-dir, next to exec -a “$0″ “$HERE/chrome” “$@”
save the file.
Now you can run it as root.
open a terminal, go to the file and run dpkg -i google-chrome-stable_current_i386.deb
to add it to the menu, go to Applications -> Accessories -> Main Menu
Click on the Internet icon on the left hand panel, and click the ‘New Item’ button on the right.
In the popup window, add a new application, name it as you like. i.e. 'Chrome'
As command type: google-chrome
You can't run it as root, it will produce an error. to solve that :
specify an alternate --user-data-dir for storage of profile information
go to /opt/google/chrome, open the file 'google-chrome'
on the last line add --user-data-dir, next to exec -a “$0″ “$HERE/chrome” “$@”
save the file.
Now you can run it as root.
--[ Some shortcuts ]
SHELL MOVEMENT
- Ctrl+b
Move cursor left. - Ctrl+f
Move cursor right. - Ctrl+a
Move the cursor to the beginning of the line.
--[ Kali Cleaner ]
What does it :
- It cleans apt cache.
- Remove old config files.
- Remove old kernels.
- Empty every trashes.
Save the script on your Desktop. Make it executable and clean kali linux.
root@kali:~/Desktop# ./kali_cleaner.sh
Download:
https://github.com/MasterButcher/kali-cleaner
or you can use command in terminal:
git clone https://github.com/MasterButcher/kali-cleaner.git
- Remove old config files.
- Remove old kernels.
- Empty every trashes.
Save the script on your Desktop. Make it executable and clean kali linux.
root@kali:~/Desktop# ./kali_cleaner.sh
Download:
https://github.com/MasterButcher/kali-cleaner
or you can use command in terminal:
git clone https://github.com/MasterButcher/kali-cleaner.git
--[ Install pentest tools Raspi ]
Add the repo's in sources.list if they are missing
----
add these lines :
install all Kali pentest packages (need ~ 6 GB on disk):
sudo -s
apt-get update
apt-get install kali-linux -yq
----
/etc/apt/sources.listadd these lines :
deb http://http.kali.org/ /kali main contrib non-free
deb http://http.kali.org/ /wheezy main contrib non-free
deb http://http.kali.org/kali kali-dev main contrib non-free
deb http://http.kali.org/kali kali-dev main/debian-installer
deb-src http://http.kali.org/kali kali-dev main contrib non-free
deb http://http.kali.org/kali kali main contrib non-free
deb http://http.kali.org/kali kali main/debian-installer
deb-src http://http.kali.org/kali kali main contrib non-free
deb http://security.kali.org/kali-security kali/updates main contrib non-free
deb-src http://security.kali.org/kali-security kali/updates main contrib non-free
deb http://repo.kali.org/kali kali-bleeding-edge maininstall all Kali pentest packages (need ~ 6 GB on disk):
sudo -s
apt-get update
apt-get install kali-linux -yq
--[ Install Kali on a Raspberry Pi ]
Download Kali Linux for Raspberry Pi image.
Use dd utility to image this file to your SD card. Assumed that the storage device is located at /dev/sdb.
Be advised that you doublecheck the location of the SD card !
This process will wipe out your SD card. If you choose the
wrong storage device, you may wipe out your computers hard disk.
root@kali:~ dd if=kali-pi.img of=/dev/sdb bs=512k
This process can take a while depending on your USB storage device speed
and image size. Once the dd operation is complete, boot up your
Rasberry Pi with the SD card plugged in. You will be able to log in to
Kali (root / toor) and startx.
--[ Nessus on Kali ]
Download the Nessus installer (.deb) file here
Open a terminal;
dpkg -i "Nessus.....deb"
When it's done installing, go HERE to get a Registration Code.
register nessus:
$ cd /opt/nessus/bin
$ ./nessus-fetch --register "xxxxxx-xxxxx-xxxxx-xxxxx"
(might take some time for updating plugins)
"xxxxxx-xxxxx-xxxxx-xxxxx" is the serial code that tenable sent you after registration.
After it finished the update:
$ service nessusd start
This will start your nessus daemon on Port 8834
https://127.0.0.1:8834
(It may ask to add security exception, do it if that's the case)
Now Add a New Nessus User. The first time Nessus will take a long time to 'initialize', just be patient.
Then you will see a login screen, Enter your login name and password there.
Have fun.
Open a terminal;
dpkg -i "Nessus.....deb"
When it's done installing, go HERE to get a Registration Code.
register nessus:
$ cd /opt/nessus/bin
$ ./nessus-fetch --register "xxxxxx-xxxxx-xxxxx-xxxxx"
(might take some time for updating plugins)
"xxxxxx-xxxxx-xxxxx-xxxxx" is the serial code that tenable sent you after registration.
After it finished the update:
$ service nessusd start
This will start your nessus daemon on Port 8834
https://127.0.0.1:8834
(It may ask to add security exception, do it if that's the case)
Now Add a New Nessus User. The first time Nessus will take a long time to 'initialize', just be patient.
Then you will see a login screen, Enter your login name and password there.
Have fun.
--[ Reset windows pw ]
Download Kali Linux and burn the ISO to a CD/DVD. Boot Windows machine with the LiveCD. On the boot menu of Kali Linux, select Live (forensic mode).
Kali Linux initialize and when it loads, it will open a terminal window
and navigate to the Windows password database file. Almost all versions
of windows password is saved in SAM file. This file is usually located under /Windows/System32/config. On your system it may look something like this: /media/hda1/Windows/System32/config. Below is the screenshot.
--[ reset root pw on kali ]
Boot the machine and wait until GRUB Boot Loader comes up. Select recovery mode and then press e to edit.
on the line :
linux /boot/vmlinuz-3.xxxxxx, after the root UUID, change 'ro' to 'rw'.
After initrd.gz add init=/bin/bash
Press F10 make the changes and reboot the system.
When its rebooted, it will prompt for the password to manage it.
type : passwd root
type the new password and verify it by entering it again.
then type 'shutdown -h now', after booting it again you can logon with the newly set passwd.
on the line :
linux /boot/vmlinuz-3.xxxxxx, after the root UUID, change 'ro' to 'rw'.
After initrd.gz add init=/bin/bash
Press F10 make the changes and reboot the system.
When its rebooted, it will prompt for the password to manage it.
type : passwd root
type the new password and verify it by entering it again.
then type 'shutdown -h now', after booting it again you can logon with the newly set passwd.
--[ Basic commands ]
File Operations
pwd Print Name Of Current/Working Directory
cd Changing The Working Directory
cp Copy Files Or Directory
rm Remove Files And Directory
ls List Of Directory Contents
mkdir Make Directory
cat Concatenate Files And Print On Standard Output
mv Move Files
chmod Change Files Permissions
pwd Print Name Of Current/Working Directory
cd Changing The Working Directory
cp Copy Files Or Directory
rm Remove Files And Directory
ls List Of Directory Contents
mkdir Make Directory
cat Concatenate Files And Print On Standard Output
mv Move Files
chmod Change Files Permissions
--[ Basic apt and dpkg ]
Common apt commands
apt-get install <package> Downloads <package> and all of its dependencies, and installs or upgrades them.apt-get remove [--purge] <package> Removes <package> and any packages that depend on it. --purge specifies that packages should be purged.
apt-get update Updates packages listings from the repo, should be run at least once a week.
apt-get upgrade Upgrades all currently installed packages with those updates available from the repo. should be run once a week.
apt-get dist-upgrade [-u] Similar to apt-get upgrade, except that dist-upgrade will install or remove packages to satisfy dependencies.
apt-cache search <pattern> Searches packages and descriptions for <pattern>.
apt-cache show <package> Shows the full description of <package>.
apt-cache showpkg <package> Shows a lot more detail about <package>, and its relationships to other packages.
man apt Will give you more info on these commands as well as many that are in less common usage.
Common dpkg commands
dpkg -i <package.deb> Installs a package file; one that you downloaded manually, for example.dpkg -c <package.deb> Lists the contents of <package.deb> a .deb file.
dpkg -I <package.deb> Extracts package information from <package.deb> a .deb file.
dpkg -r <package> Removes an installed package named <package>
dpkg -P <package> Purges an installed package named <package>. The difference between remove and purge is that while remove only deletes data and executables, purge also deletes all configuration files in addition.
dpkg -L <package> Gives a listing of all the files installed by <package>. See also dpkg -c for checking the contents of a .deb file.
dpkg -s <package> Shows information on the installed package <package>. See also apt-cache show for viewing package information in the Debian archive and dpkg -I for viewing package information extracted from a .deb file.
dpkg-reconfigure <package> Reconfigures an installed package
man dpkg Will give you more info on these commands as well as many that are in less common usage.
--[ Flashplayer4Kali? ]
1. goto www.get.adobe.com/flashplayer
2. select .tar.gz for other Linux from the drop down list and Download now3. it will ask you select the location of the file. browse the location where you want to download the file click on ok
4. in the terminal go to the file
5. tar xzvf install_flash_player_11_linux.i386.tar.gz in the terminal to extract the files
8. then cp libflashplayer.so /usr/lib/mozilla/plugins to copy the files
done.
--[ Debian sources.list generator ]
-Goto http://debgen.simplylinux.ch/
-Click on 3rd party repos
-Fill the details as you like and click on send
-Now select sources under Default Debian Packages and if necessary check on yes include, if source packages are required and then click generate sources.list button to generete your links
-Add them to etc/apt/sources.list
-Open a root terminal and type apt-get update
-Click on 3rd party repos
-Fill the details as you like and click on send
-Now select sources under Default Debian Packages and if necessary check on yes include, if source packages are required and then click generate sources.list button to generete your links
-Add them to etc/apt/sources.list
-Open a root terminal and type apt-get update
--[ Add repo's ]
Open root terminal and type this code.
leafpad /etc/apt/sources.list
Add all repositories
deb http://http.kali.org/ /kali main contrib non-free
deb http://http.kali.org/ /wheezy main contrib non-free
deb http://http.kali.org/kali kali-dev main contrib non-free
deb http://http.kali.org/kali kali-dev main/debian-installer
deb-src http://http.kali.org/kali kali-dev main contrib non-free
deb http://http.kali.org/kali kali main contrib non-free
deb http://http.kali.org/kali kali main/debian-installer
deb-src http://http.kali.org/kali kali main contrib non-free
deb http://security.kali.org/kali-security kali/updates main contrib non-free
deb-src http://security.kali.org/kali-security kali/updates main contrib non-free
apt-get update
apt-get upgrade
--[ TOR Auto-install Shellscript ]
#!/bin/shecho "deb http://deb.torproject.org/torproject.org wheezy main" >> /etc/apt/sources.listclear screcho "[*] Installing the keys...."gpg --keyserver keys.gnupg.net --recv 886DDD89gpg --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | sudo apt-key add -echo "Ready!!"
--[ Download Kali ]
To get your hands on the latest Kali Linux distribution, you can download it from: http://www.kali.org/downloads or http://cdimage.kali.org.
Kali Linux offers documentation at http://docs.kali.org, bug reporting at http://bugs.kali.org and a Kali forum site at http://forums.kali.org.
Subscribe to:
Posts (Atom)