Showing posts with label kali linux. Show all posts
Showing posts with label kali linux. Show all posts

Tuesday, 26 July 2016

How to Create You Lab on Kali Linux - Using VMware or VBox

Before you start - Here are something that you need to consider..

  • Install VirtualBox or Vmware
  • Install LiveCD in VirtualBox or Vmware
  • Boot and try out your LiveCD

Introduction.


There are lots of tutorials available on the internet related to hacking but the big problem lies in testing your theoretical skills. Unless you don't have practical exposure to hacking, you cannot really understand the strength of it. The technique I will discuss here will be advantageous for those who have only single system and want to set up a testing network using it. In case you have multiple systems then you can easily test for your skills by making one system as target and other as attacker.
VMware Workstation 12 Pro - Leading Edge PC Virtualization VMware Workstation 12 Pro


Download VMware Workstation or Player

The best way to practice hacking is within a virtual environment. Essentially, you set up a hacking system, such as Kali Linux, and some victims to exploit. Ideally, you would want multiple operating systems (Windows XP, Vista, 7, and 8, as well as a Linux flavor) and applications so that you can try out a variety of hacks.

Virtual machines and a virtual network are the best and safest way to set up a hacking lab. There are several virtualization systems out there, including Citrix, Oracle's VirtualBox, KVM, Microsoft's Virtual PC and Hyper-V, and VMware'sWorkstation, VMware Player and ESXi. For a laboratory environment, I strongly recommend VMware's Workstation or Player. Workstation is commercial product that costs under $200, while Player is free. You can also get a free 30-day trial of Workstation.

Player is limited to just playing VMs , while Workstation can both create and play VMs. Let's download VMware's Workstation or Player here.


Then - For you Images you can download a pre-built image. As it will allow you to save some time, you don't need to build the image from scratch. Here is a link for you to download several Linux pre-built Linux Images on SourceForge.

I don't encourage you to download pre-built Windows VM from anywhere, for the single fact that Microsoft itself provides you with pre-built Windows VM for you to use on your VM Lab. Again I did the research for you and here it the link for you to download the Windows of your choice,  Obs: Remember Windows only allow you to use those VM images for 30 days. Please, READ Microsoft TERMS AND CONDITIONS before you use their software here is the url for you.



Keep posted - This tutorial continues on Part 2

Also check this Handful tutorials I have found online:

Checkout our tutorial videos below. Learn more about.
  1. OWASP AppSec Basics: http://www.youtube.com/watch?v=CDbWvEwBBxo
  2. OWASP SQL Injection: http://www.youtube.com/watch?v=pypTYPaU7mM
  3. OWASP Cross Site Scripting: http://www.youtube.com/watch?v=_Z9RQSnf8-g
  4. OWASP Strict Transport Security: http://www.youtube.com/watch?v=zEV3HOuM_Vw

Monday, 11 July 2016

Kali Linux - VMware Workstation 12 Error Kernel 4.6.0-amd64 Not Found Error

After update my Kali Linux - I wanted to carry on working on my VM labs using VMware Workstation, the problem is that I could not longer loud. VMware Workstation 12

Every time I tried to load - this error was loading up. ERROR Kernel 4.6.0-amd64 not found 


What I tried this approach from Kali Linux forum but it didn't help

e.g 1 from https://forums.kali.org/showthread.php?31734-Vmware-Kernel-Module-Updater-Issues-with-latest-Kernel-version-4-6-0-kali1-amd64&highlight=Vmware+kernel+issues :

Solution or Workaround: Modify 2 files in /usr/lib/vmware/modules/source/vmmon.tar and /usr/lib/vmware/modules/source/vmnet.tar
Steps:
1- Extract /usr/lib/vmware/modules/source/vmmon.tar
2- Modify /vmmon-only/linux/hostif.c
3- Replace "get_user_pages" to "get_user_pages_remote" 
4- tar and replace original
5- Extract /usr/lib/vmware/modules/source/vmnet.tar
6- Modify ./vmnet-only/userif.c
7- Replace "get_user_pages" to "get_user_pages_remote" 
8- tar and replace original
Now you should be able to compile the modules successfully.
Tested on Kali Linux 2016 with kernel 4.6.

It was still failing ..

Then - I removed VMware completely from my system and clean dkpg ..



The Edited the /etc/apt/source.list file with this two repositories ..

e.g 2:

Edit your sources.list

The easiest way is to edit the /etc/apt/sources.list
root@kali:~# vi /etc/apt/sources.list
(or)
root@kali:~# leafpad /etc/apt/sources.list

Add official repo’s only:

Copy paste the following repositories (remove existing lines or you can comment them out – your take). Following repo list was taken from official Kali sources.list Repositories page:
# Regular repositories
deb http://http.kali.org/kali sana main non-free contrib
deb http://security.kali.org/kali-security sana/updates main contrib non-free
# Source repositories

Then ...

Clean your apt-get

apt-get clean

Do an apt-get update

apt-get update

Do an upgrade

apt-get upgrade

Finally do a distribution upgrade

apt-get dist-upgrade
That’s it, you’re set.

Then, Install the Kernel headers  ...



Then ...

Install VMware Workstation 12 on Kali 



And That's all done ...

How to Complete Uninstall VMware Workstation from Kali Linux, Ubuntu 15 - 16 and Debian 7/8

VMWare Workstation doesn't ship in a deb, so it isn't registered in dpkg (which is why you can't find it in the software center). It does have an install and uninstall utility though.
To uninstall VMWare Workstation, you will need to run:
sudo vmware-installer --uninstall-product vmware-workstation  
If you just run:
vmware-installer
by itself, it will print all the options you have available. If you run:
vmware-installer -l
It will print a list of all VMWare products you have installed.
Similarly, to uninstall VMWare Player:
sudo vmware-installer --uninstall-product vmware-player

Friday, 13 June 2014

How to Install vsftpd on Ubuntu and Add New User



Warning: FTP is inherently insecure. If you must use FTP, consider securing your FTP connection with SSL/TLS. Otherwise, it is best to use SFTP, a secure alternative to FTP.

The first two letters of vsftpd stand for "very secure" and the program was built to have strongest protection against possible FTP vulnerabilities.

Step One—Install vsftpd
You can quickly install vsftpd on your virtual private server in the command line:

sudo apt-get install vsftpd

Once the file finishes downloading, the VSFTP will be on your droplet. Generally speaking, it is already configured with a reasonable amount of security. However, it does provide access on your VPS to anonymous users.

Step Two—Configure vsftpd
Once vsftpd is installed, you can adjust the configuration.

Open up the configuration file:

sudo nano /etc/vsftpd.conf

The biggest change you need to make is to switch the Anonymous_enable from YES to NO:

anonymous_enable=NO

Prior to this change, vsftpd allowed anonymous, unidentified users to access the server's files. This is useful if you are seeking to distribute information widely, but may be considered a serious security issue in most other cases.

After that, uncomment the local_enable option, changing it to yes and, additionally, allow the user to write to the directory.

local_enable=YES
write_enable=YES

Finish up by uncommenting command to chroot_local_user. When this line is set to Yes, all the local users will be jailed within their chroot and will be denied access to any other part of the server.

chroot_local_user=YES
Save and Exit that file.

Because of a recent vsftpd upgrade, vsftpd is "refusing to run with writable root inside chroot". A handy way to address this issue to is to take the following steps:

Create a new directory within the user's home directory
mkdir /home/username/files
Change the ownership of that file to root
chown root:root /home/username

Make all necessary changes within the "files" subdirectory
Then, as always, restart:

sudo service vsftpd restart
Step Three—Access the FTP server
Once you have installed the FTP server and configured it to your liking, you can now access it.

You can reach an FTP server in the browser by typing the domain name into the address bar and logging in with the appropriate ID. Keep in mind, you will only be able to access the user's home directory.

ftp://example.com
Alternatively, you can reach the FTP server on your virtual server through the command line by typing:

ftp example.com

Then you can use the word, "exit," to get out of the FTP shell.



Adding New Users To vsftpd

I found it rather strange that there arent any good tutorial that can explain how to add new users to vftpd. Google gives few results but most of them are trial and error method. So i decided to write this post after spending 1 hr trying to accomplish this simple task.

#edit /etc/vsftpd.conf or /opt/etc/vsftpd.conf
Open the vsftpd.conf file and search for chroot_list_enable=YES
Make sure it is YES. Do the same for the following variables
chroot_list_file=/etc/vsftpd.chroot_list or /opt/etc/vsftpd.chroot_list
chroot_list_enable=YES
Save and close the file

Create vsftpd.chroot_list in /etc/ or /opt/etc/
Add the username you want to export to ftp.
IMP: The user must already be a system user with a valid passwd. You must be able to find /home/
If the user you want to add is not a system user then create that user first before editing the above file.
#adduser 
#passwd 

Restart the vsftpd server using /etc/init.d/vsftpd restart or service vsftpd restart
Now you can log into ftp using the new user.



Monday, 19 August 2013

How To Install VMWare Tools v4 on Ubuntu 12.04 LTS Server



How To Install VMWare Tools v4 on Ubuntu 12.04 LTS Server and 12.10 Server

Written: March 13, 2012
Originally posted by: Justin Schier
Last Updated: October 24, 2012
Tested With: Ubuntu 12.10 Server, Ubuntu 12.04 LTS Server, Ubuntu 12.04.1 LTS Server, Ubuntu 11.10 Server

All the guides I found on the Internet, including VMWare’s website were outdated in some way, so I decided to write a guide of my own. I just went through these steps from start to finish on a fresh server and had no problems. In about 5 minutes, you will be able to install VMWare Tools on Ubuntu Server.
  1. Use Install VMWare Tools option in VMWare Client to attach media
    ubuntu vmware tools install 12.10 
  2. Update the server
  3. Create the mount point
  4. Mount the ISO

    You should see the message: mount: block device /dev/sr0 is write-protected, mounting read-only
  5. Change Directory
  6. Copy the tar file to your /tmp directory
  7. Install Build tools if necessary
  8. Change Directory
  9. Unmount the ISO
  10. Expand the tar
  11. Change Directory
  12. To prevent a potential error in the install script on Ubuntu 11.10+, create a special directory
    Unable to create symlink “/usr/lib64/libvmcf.so” pointing to file ”/usr/lib/vmware-tools/lib64/libvmcf.so/libvmcf.so”.
  13. Run the Install Script. The -d flag automatically answers the default to all questions. To customize it, just omit the -d.
  14. Reboot
Let me know if this worked for you!
Also, please follow me on Twitter: @justinschier

This is "How to do Computing" for everyday usage ...

Friday, 21 June 2013

Tuesday, 21 May 2013

How to add Swap Memory into uBuntu ..



Linux RAM is composed of chunks of memory called pages. To free up pages of RAM, a “linux swap” can occur and a page of memory is copied from the RAM to preconfigured space on the hard disk. Linux swaps allow a system to harness more memory than was originally physically available. 

However, swapping does have disadvantages. Because hard disks have a much slower memory than RAM, virtual private server performance may slow down considerably. Additionally, swap thrashing can begin to take place if the system gets swamped from too many files being swapped in and out.

Check for Swap Space


Before we proceed to set up a swap file, we need to check if any swap files have been enabled on the VPS by looking at the summary of swap usage.
swapon -s

An empty list will confirm that you have no swap files enabled:
Filename    Type  Size Used Priority

Check the File System


After we know that we do not have a swap file enabled on the virtual server, we can check how much space we have on the server with the df command. The swap file will take 512MB— since we are only using up about 8% of the /dev/sda, we can proceed.
df
Filesystem     1K-blocks    Used Available Use% Mounted on
/dev/sda        20907056 1437188  18421292   8% /
udev              121588       4    121584   1% /dev
tmpfs              49752     208     49544   1% /run
none                5120       0      5120   0% /run/lock
none              124372       0    124372   0% /run/shm

Create and Enable the Swap File


Now it’s time to create the swap file itself using the dd command :
sudo dd if=/dev/zero of=/swapfile bs=1024 count=512k

“of=/swapfile” designates the file’s name. In this case the name is swapfile. 

Subsequently we are going to prepare the swap file by creating a linux swap area:
sudo mkswap /swapfile

The results display:
Setting up swapspace version 1, size = 262140 KiB
no label, UUID=103c4545-5fc5-47f3-a8b3-dfbdb64fd7eb

Finish up by activating the swap file:
sudo swapon /swapfile

You will then be able to see the new swap file when you view the swap summary.
swapon -s
Filename    Type  Size Used Priority
/swapfile                               file  262140 0 -1

This file will last on the virtual private server until the machine reboots. You can ensure that the swap is permanent by adding it to the fstab file.

Open up the file:
sudo nano /etc/fstab

Paste in the following line:
 /swapfile       none    swap    sw      0       0 


To prevent the file from being world-readable, you should set up the correct permissions on the swap file:
sudo chown root:root /swapfile 
sudo chmod 0600 /swapfile

How to check for open ports on Linux

Checking for open ports is among the first steps to secure your device. Listening services may be the entrance for attackers who may exploit...