Tutorial on Hacking With Kali Linux

Tutorial on Hacking With Kali Linux

Hacking With Kali Linux

Why Kali Linux?

With Kali Linux, hacking becomes much easier since you have all the tools (more than 300 pre-installed tools) you are probably ever gonna need. Others can be downloaded easily. Now this tutorial will get you started and you'll be hacking with Kali Linux before you know it.

The problem with beginners

Now, I've been dealing with beginners since a long time. What they want is magic. A tool which is easy to use, works on Windows, can be download by searching on Google and clicking on the first link we see, and will do all the hacking itself on the push of a button. Sadly, no such tool exists. Hacking is an art, and it takes years of practice to master it. So how to get started? Having no idea about hacking is okay, but being a newbie with computers in general is not allowed. When I say beginner, I mean someone who has no experience with programming and with hacking methodologies. I didn't mean someone who needs a 1 page guide on how to download a tool. If you want to be a hacker, you have to work hard. So how to get started? If you have installed Kali Linux,  click here to skip past the installation paragraphs and go to hacking section of this post)

Getting Started

Now, I am not boring you with theory (^ As if all this wasn't enough theory). My aim is to get you to the point where you can start hacking with Kali Linux as soon as possible. What I'm gonna do is tell you what to do. The process is rather simple :-

• If you are totally clueless as to what Kali Linux is - Go to Kali's official website and get an idea.
• If you haven't already done that,go to their download page and download Kali Linux iso file.

Things get tough now

If you have no previous experience with Linux and virtual machines and all that stuff, getting Kali Linux up and running won't be a piece of cake.You have 2 options :

1. Read the Kali official documentation

That will give you an idea about what is a virtual machine, how OS can be run from USB, and how to create a partition and run 2 OS simultaneously. This is what I recommend. For that, go to Kali Official Documentation . 

2. Read my modified version of Kali documentation

The second option is to look at these posts, which are just sparingly modified versions of the Kali docs, and offer no advantage other than saving your time as their documentations cover much more than what the ones here do, and you don't really need to know all so much... yet. I'm linking them up here:

• Installing Kali Linux On Hard Disk using USB
• Dual Boot Kali (alongside Windows)
• Install Kali Linux in VmWare complete detailed guide

Command Line Interface

Some bash commands

Now, if you are really sure about becoming a hacker, you have to get used to linux, and specifically the command line interface. It is often compared to (and rightly so) to command prompt of Windows, but Linux' cli is much efficient and better than command prompt. What you have to do is do all the usual tasks you do in Windows in cli of Linux. Use cd to navigate, poweroff to shutdown, etc.

A pretty awesome site for that is - http://linuxcommand.org/

Going through the complete site is on its own enough exercise to keep you occupied for a month, but you can proceed gradually. The first few tutorials here will keep in mind that you don't have much info about cli, and will be really beginner friendly.

Some Useful Commands:

If you don't plan on learning all of linux cli commands, here are a few that will keep your boat afloat.

1. The default username and password is 'root' and 'toor'. 
2. Type 'poweroff' in the terminal to shutdown. 
3. apt-get command can be used to install tools and updates. 
4. apt-get update and apt-get upgrade will update all the programs installed on your machine. 
5. apt-get dist-upgrade will install the latest distribution of Kali(i.e. it upgrades your OS).

PS : Tapping <tab> while typing makes Kali complete the word for you . Double tapping <tab> makes it display all possible words starting with the incomplete word. Ctrl+c stops the functioning of any tool that is running. Pressing the up arrow key shows the command you last typed.

Some Real Hacking With Kali Linux

Assuming you've gone through the above steps and are comfortable with your new hacking environment, its time to do some real hacking with Kali Linux.My recommendation would be to start by hacking a wifi, then do some penetration testing, and maybe read something on Denial of Service when you have free time. Links here-

Hack wireless networks in Kali Linux using aircrack 

Penetration Testing In Kali For Beginners

Denial Of Service Attacks

Read More

HACK EMAIL-ID,USERNAME AND PASSWORD OR ANY USER DETAILS BY USING KALI LINUX.

HACK EMAIL-ID,USERNAME AND PASSWORD OR ANY USER DETAILS BY USING KALI LINUX

Today,i am going to show you how you can get email-id,username and password or any user details you want by using KALI LINUX.

STEPS FOR SETTING UP YOUR SYSTEM.

1. Download Kali Linux from here.
2. Extract the contents of Kali Linux iso file which you  downloaded in step and copy it to pendrive or instead of pendrive burn the iso file in cd if you want to make a cd of it.
3. After copying all contents to pendrive or burning the iso file in cd,reboot you system,press F8 on boot-time and select boot from pendrive if you have copied all the files in pendrive,else boot from cd-rom if you burn the iso file in cd.
4. After selecting the boot from device,the kali installation window will open,install accordingly as per your requirement.
5. NOTE:During installation,in mount point of selected installation drive,set mount point to "/".
6. Remember the username and password while installation as this will be necessity for this hacking method.
7. Once,installation is completed,system will reboot,login your account.
8. Your system is ready for use.

Method which we are using to hack the username and password or any user details isSocial Engineering Toolkit method.

NOW LETS SET IT UP.

• Open terminal using ctrl+alt+t or click on the small black window image on the top left of your screen.
• Once terminal is open,type the code carefully.

sudo root

 Then enter your root username and password.Don't close the terminal.

• Next step is to open social engineering toolkit.For this type the below command in terminal.

se-toolkit

 You will see something in terminal of your system as shown below in the image.

  

• As shown above in image,you too will see the menu in your terminal.Press "1" and hit enter as we are going to do Social-Engineering Attacks.You will see something in terminal as shown below in the image.

• Once again,you will get a menu as shown above in the image.We are going to select Website Attack Vectors,so press "2" and hit enter.You will see something as shown in the image below.

• In this method,we are going to get the credential of the victim,so press "3" and hit enter as it will select credential harvester attack method.This will open  new menu as shown below in the image.

• Since,we want the username and password which is credential of victim,so we need to trap the victim in a look a like page to original website page(like phishing page) and for that we need to clone a website.To do this,press "2" and hit enter which will open something like shown below.
  

In above image,you might have noticed a red colour rectangle box made by me,in that box,you will find "tabnabbing:XXX.XX.XXX.X" where this "XXX.XX.XXX.X" is you computer IP address.To find IP address of your computer,open a new terminal and type the command given below.

su root
enter_your_root_password
 ifconfig

In above command,we first gain the root access,and then afterwards type "ifconfig"  and hit enter to get the IP address.
Copy paste this IP address at the end of "Tabnabbing:".I have used my IP address but for security reasons i can't reveal it,so i have posted here "XXX.XX.XXX.X".Please note that,if you don't put your computer IP address,they this method won't.After entering your IP address,hit enter.It will ask your to enter the url of website you want to clone as shown below.Here,i had entered "www.ymail.com" as i want to hack someone ymail account.The below image represents all the steps.

It will give a message that its working on cloning the site and will take a little bit time.

Once the process is completed,you will see something as shown in the image below.

• The next step is the most important step,till now we have make your IP address go online and anyone who visit your IP address will see the page which will look like the website of whose url you entered to clone.In this step,you need to shortened your IP address by using services like ADF.LY, Binbox, Goo.gl,etc.Once you enter your ip address on these sites to shorten,they will provide you a link,all you need to do is just send this shortened link to your victim.
• When the victim visit the url which you have sent them,the will see a same page of which                   url you had entered to clone the website.The victim will think that it is a original page and when the victim enters any of their information,you will see that information in the terminal.
• In this example,i have used ymail.com.Therefore,the victim will see homepage of yahoo mail.This is only the login form,i have entered the login username as:"Kali used to hack email-id and password" andpassword as: "Hacking successfull".

NOTE:VICTIM CAN IDENTIFY THAT THE PAGE IS A TRAP AS THE ADDRESS BAR OF BROWSER WILL BE HAVING YOUR IP ADDRESS.FOR BEST RESULTS,SEND THE SHORTENED URL TO VICTIM MOBILE AND ASK THEM TO VISIT URGENTLY,OR YOU CAN SAY VISIT THIS LINK AND LOGIN TO GET LATEST UPDATES OF THEIR FAVOURITE CONTENTS,ETC.

RESULT.

The username and password will be shown in terminal window and will be similar to the image shown below.

Read More

Hacking Website with Sqlmap in Kali Linux

Hacking Website with Sqlmap in Kali Linux

In the previous tutorial, we hacked a website using nothing but a simple browser on a Windows machine. It was a pretty clumsy method to say the least. However, knowing the basics is necessary before we move on to the advanced tools. In this tutorial, we'll be using Kali Linux (see the top navigation bar to find how to install it if you haven't already) and SqlMap (which comes preinstalled in Kali) to automate what we manually did in theManual SQL Injection tutorial to hack websites.




Now it is recommended that you go through the above tutorial once so that you can get an idea about how to find vulnerable sites. In this tutorial we'll skip the first few steps in which we find out whether a website is vulnerable or not, as we already know from the previous tutorial thatthis website is vulnerable.

Kali Linux

First off, you need to have Kali linux (or backtrack) up and running on your machine. Any other Linux distro might work, but you'll need to install Sqlmap on your own. Now if you don't have Kali Linux installed, you might want to go to this page, which will get you started on Beginner Hacking Using Kali Linux

Sqlmap

Basically its just a tool to make Sql Injection easier. Their official website  introduces the tool as -"sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections."

A lot of features can be found on the SqlMap website, the most important being - "Full support for MySQL, Oracle, PostgreSQL, Microsoft SQL Server, Microsoft Access, IBM DB2, SQLite, Firebird, Sybase and SAP MaxDB database management systems." That's basically all the database management systems. Most of the time you'll never come across anything other than MySql. 

Hacking Websites Using Sqlmap in Kali linux

Sql Version

Boot into your Kali linux machine. Start a terminal, and type -

sqlmap -h

It lists the basic commands that are supported by SqlMap. To start with, we'll execute a simple command
sqlmap -u <URL to inject>. In our case, it will be-

sqlmap -u http://testphp.vulnweb.com/listproducts.php?cat=1

Sometimes, using the --time-sec helps to speed up the process, especially when the server responses are slow.

sqlmap -u http://testphp.vulnweb.com/listproducts.php?cat=1 --time-sec 15

Either ways, when sqlmap is done, it will tell you the Mysql version and some other useful information about the database.

The final result of the above command should be something like this.

Note: Depending on a lot of factors, sqlmap my sometimes ask you questions which have to be answered in yes/no. Typing y means yes and n means no. Here are a few typical questions you might come across-

• Some message saying that the database is probably Mysql, so should sqlmap skip all other tests and conduct mysql tests only. Your answer should be yes (y).
• Some message asking you whether or not to use the payloads for specific versions of Mysql. The answer depends on the situation. If you are unsure, then its usually better to say yes.

Enumeration

Database

In this step, we will obtain database name, column names and other useful data from the database.

List of  a few common enumeration commands

So first we will get the names of available databases. For this we will add --dbs to our previous command. The final result will look like -

sqlmap -u http://testphp.vulnweb.com/listproducts.php?cat=1 --dbs

 So the two databases are acuart and information schema.

Table

Now we are obviously interested in acuart database. Information schema can be thought of as a default table which is present on all your targets, and contains information about structure of databases, tables, etc., but not the kind of information we are looking for. It can, however, be useful on a number of occasions. So, now we will specify the database of interest using -D and tell sqlmap to enlist the tables using --tables command. The final sqlmap command will be-

sqlmap -u http://testphp.vulnweb.com/listproducts.php?cat=1 -D acuart --tables

The result should be something like this -
Database: acuart
[8 tables]
+-----------+
| artists   |
| carts     |
| categ     |
| featured  |
| guestbook |
| pictures  |
| products  |
| users     |
+-----------+
Now we have a list of tables. Following the same pattern, we will now get a list of columns.

Columns

Now we will specify the database using -D, the table using -T, and then request the columns using --columns. I hope you guys are starting to get the pattern by now. The most appealing table here is users. It might contain the username and passwords of registered users on the website (hackers always look for sensitive data).

The final command must be something like-

sqlmap -u http://testphp.vulnweb.com/listproducts.php?cat=1 -D acuart -T users --columns

The result would resemble this-

Data

Now, if you were following along attentively, now we will be getting data from one of the columns. While that hypothesis is not completely wrong, its time we go one step ahead. Now we will be getting data from multiple columns. As usual, we will specify the database with -D, table with -T, and column with -C. We will get all data from specified columns using --dump. We will enter multiple columns and separate them with commas. The final command will look like this.

sqlmap -u http://testphp.vulnweb.com/listproducts.php?cat=1 -D acuart -T users -C email,name,pass --dump

 Here's the result

John Smith, of course. And the password is test. Email is email@email.com?? Okay, nothing great, but in the real world web pentesting, you can come across more sensitive data. Under such circumstances, the right thing to do is mail the admin of the website and tell him to fix the vulnerability ASAP. Don't get tempted to join the dark side. You don't look pretty behind the bars. That's it for this tutorial. Try to look at other columns and tables and see what you can dig up. Take a look at the previous tutorial on Manual SQl Injection which will help you find more interesting vulnerable sites.

Read More

Hack Facebook Account : Stuff You Should Know

Hack Facebook?

Okay, so you got lured into the idea of hacking a Facebook account? I won't ask why. Everyone has their reasons. If you came here to learn how to hack a Facebook account, feel free to leave, because the title read - Hack Facebook Account : Stuff You Should Know -and not - How to hack a facebook account (well actually don't leave, I have something for you later in this tutorial, something on actually hacking Facebook) .That being said, there are a lot of real hacking tutorials around the website you might want to read. However, if you are here on a pure curiosity basis, then read on, and you will be a smarter person by the end of this post than you were when you began reading it.

Why not to think about hacking facebook

Search google images for facebook hack and you already
 see so many misleading programs. I mean
just enter user ID and they'll provide
 you with username and password.
It's surprising how many people actually expect it to work.

First, because you can't. Well, actually you can, but the high improbability of success makes it stand next toyou can't hack facebook. If you think typing 'hack facebook account' on google, clicking on the first result, and entering the target's email address will give you the password of his/her Facebook account, then you are not on the general level of stupidity, you have achieved an appreciatively high one. Come on, if it were so easy to hack a FB account no one would be using FB to start with. There is so much on our Facebook account that we can't even imagine the consequences if it were to get into the hands of a seasoned hacker, leave alone a novice (not even a novice for that matter) who just searched google for hacking facebook.
impossible, so much so, that I won't be exaggerating in saying that it can't be hacked. As far as the picture on the left is concerned, its one of the many tools offered on the internet, all of which have the following in common-

1. All have very easy user interface. You just have to enter the user id, and click hack.
2. All have download links which will take you to a survey, or some annoying ads.
3. All are 100% not working.

What does 'hacking Facebook' actually mean?

What is the actual meaning of hacking Facebook. Most of us are misguided by the term hacking in general. Hacking incorporates the attainment of someone's password, but hacking is so much more. Account passwords to hacking are just like coins are to the subway surfer game. You get coins along the way, your progress is partially judged on the basis of coins acquired, but the idea is to find your way through the obstacles and keep moving ahead. In general sense, when you use the term hacking Facebook, you mean to understand the functioning of the website, find out about its database management systems, scripts employed, use of cookies, language on which it is built on, etc. Then you find vulnerabilities in the working of the websites, and code exploits to break through the obstacles and gain privileges into their systems, using suitable payloads. The next step would be privilege escalation. For example, you found out a vulnerability that allows you to look into the database and see the email address and cellphone number of any user. You would want to escalate your privileges and also gain access to their passwords. The last step may be setting up a backdoor, for quicker access next time. Another step might be to clear your traces so that you don't get caught. And trust me, you can't do this. I mean you wouldn't be reading a blog on beginner level hacking on Kali Linux if you had so far with web pentesting. So, the conclusion is that hacking Facebook is a real big deal, not everyone's piece of cake (I admit even I'm nowhere close to the level of expertise where I would be playing with databases on Facebook servers). And the Facebook passwords are just a reward that you get after hacking Facebook. But are we missing something? There can't be only one way to get someone's facebook password. I mean we don't want administrator access to all the Facebook databases, just a password of one of the millions of users. There must be a hole somewhere. That kid next door claims he can get Facebook password of anyone, and he's good, but not 'code a exploit for Facebook' good, no, not that good. This is where social engineering steps in.

Social Engineering

With time, the level of security in all fields of life keeps getting stronger. The element of encryption has reached almost unbeatable stage. With 256 bit encryption, cracking will take practically forever. The element of laziness is in our favor (not everyone upgrades to latest security measures), and so is the element of cost-effectiveness and carelessness (you don't picture a nerd kid with glasses next door when you are deciding between WEP and WPA for your password). But nevertheless, things are changing, but one thing remains constant. Humans. Humans in general are stupid. Not really, a better word would be ignorant, not aware of how stuff works. Most Facebook users have no idea about what all Facebook is doing for their accounts security, and how easily their carelessness can ruin each and every one of Facebook's effort to protect their private information.

Humans are the weakest link in any security system

From leaving one's account logged in to not paying attention to someone who's peeping from behind, watching them type their passwords, humans can be really ignorant. But we need not rely on this level of ignorance for passwords (I stopped using the word stupid because it'll definitely annoy and offend people. I mean not good at computers doesn't really mean stupid. They have other stuff to do than protect their accounts). We can very well get the password of an average internet user who is not very paranoid and cynical about stuff. We can't hack Facebook and gain access to their servers, but your friends machine isn't that well guarded. A virus binded with a game he asked you to fetch in a USB drive? An average person won't think that you might have planted a trojan or a keylogger in the USB drive when he takes a file from you. Or maybe send him a link which will silently install some malware in his computer. Many people don't think twice before clicking on a link (some people do, though). Or maybe make a fake login page and send him a professional looking email, directing him to a website where he ends up receiving a login page somehow (you have to make it look real and genuine, backed up by a nice story, that you can expect the target to buy). There are many more methods. As far as the promise for something later in this tutorial about actual Facebook hacking, I have provided you with a small trailer about what you can do, in the next few tutorials we will discuss stuff in detail. The first tutorial is here.

Credential Harvester To Hack Facebook (Phishing)

I don't usually put this disclaimer, but as it was a tutorial that could potentially lead a lot of people on the wrong track (away from the quest on knowledge and towards the quest for illegal hacking and account passwords), here is a warning. Everything on this site is for educational purposes and I won't be responsible for anything you do with this information. If you do something illegal, the jail time would be yours to serve, not mine. So be careful where you are headed.

Read More

Kismet with GPS in Kali Linux - Tutorial

recently ran into a situation where I needed to use Kismet with GPS support.  This was extremely difficult to accomplish, not because the installation is difficult (its actually fairly simple when you know the steps) but because there was absolutely NO decent documentation on this. Hopefully this will change that.

What You Need?

This header for this section should perhaps be “What I Used.”  Because I’ve only tested my only hardware, its the only thing I can say for certain will work.  I used the ALFA AWUS036NH external wireless adapter, found here:

http://www.amazon.com/gp/product/B003YIFHJY?ref_=pe_527950_33920250

And I used the GlobalSat ND-100S USB GPS Dongle, found here:
http://www.amazon.com/dp/B003WNHGAO/ref=pe_385040_30332190_TE_dp_1

How to Install in Kali???

First we need to install a few packages in Kali Linux to get this thing to work.  First, the GPS daemon.

# sudo apt-get install gpsd

Then GPSd-clients package:

# sudo apt-get install gpsd-clients

Now, you can plug in your hardware.  If you are using a VM, make sure you pass it across.  You can verify that the GPS dongle is there by using the following command:

# lsusb

Then verify that your wireless adapter is there, and get the interface name.

# ifconfig

Next, make sure that your GPS adapter is showing up in the /dev/ directory.  To do this, use the command:

# ls /dev/gps*

This should also help you identify the name.  Once you have identified the path in /dev/, pass that as an argument to gpsd.

# gpsd /dev/gps[x]

Did it Work???

To verify that this worked, we obviously want to boot up Kismet.  Kinda the point…right?  Once Kismet has been booted, use the backtick/accent button ( ` ) to access the Kismet menu at the top.  Scroll right to the Windows menu, then select “GPS Details.”

Assuming you have signal, you should see the number of satellites connected and the signal strength corresponding to each.  In the example provided below, I have signal from 4 different satellites.  Alternatively, you may see a message indicating that you have no satellite signal.  If this is the case…keep walking/driving around.  It’ll happen.  Otherwise, if you are receiving a message that says no GPS device is connected, time to scrub the whole process and start over again.

Finally, you can verify that GPS data is being written to the output by examining the contents.  In the .nettxt file below, you can see that their are coordinate values for minimum position, maximum position and peak position. 

Source

Justin Hutchens wrote this outstanding article on his blog. - See more at: http://www.ehacking.net/2014/08/kismet-with-gps-in-kali-linux-tutorial.html#sthash.AxSOw7CA.dpuf

Read More