When you start Kali, the grub boot menu comes up which waits for around 5 seconds before booting. Now if there are other oses alongside kali then the grub menu is useful. However if kali is the only os on the system, or for example kali is running inside virtualbox then it is of little… Read More »
Kali linux uses the root user, since root privileges are needed to run various security tools like nmap and wireshark etc. However its uneasy to type the root/toor combination everytime Kali boots. So to make things simple just make the user root login automatically at system start. And here are the simple steps to do… Read More »
Apache and mysql are installed by default in Kali Linux. They can be accessed through the Kali Linux menu in Applications. To start apache web server click the menu entry at “Applications > Kali Linux > System Services > HTTP > apache2 start”. Similary to start mysql click MySQL > mysql start. However starting services… Read More »
Quick tutorial on how to install the angry ip scanner on kali linux. angry ip scanner is a fast ping and port scanner.
Quick tutorial on how to run metasploit exploit framework and armitage on Kali linux.
Hack windows xp with MS08-067 exploit Using metasploit its possible to hack windows xp machines just by using the ip address of the victim machine. It does not involve installing any backdoor or trojan server on the victim machine. Metasploit does this by exploiting a vulnerability in windows samba service called ms08-67. This exploit works… Read More »
Kali linux is the next version of backtrack in a completely new form. Tor is not installed by default in kali linux. However can be installed easily right from its own repositories. root@kali:~# apt-get install tor vidalia Run the above command and tor along with vidalia should be installed. Start the tor service with the… Read More »
Uniscan is a web application security scanner for remote file inclusion, local file inclusion and remote command execution vulnerabilities.
Apache is a web server that is available for all major platforms. Each OS stores the apache in a different directory or path, due to which it takes some effort to find the configuration file when needed. For example Ubuntu and fedora store it in different locations inspite of both being linux. So here are… Read More »
Kali Linux Kali Linux is the successor of Backtrack. It follows Backtrack 5rc3 as the next version. Backtrack was based on Ubuntu, but Kali linux is based on Debian. And further more the default desktop that is gnome has been hacked and modified to a large extent. It is gnome 3.4 but is made to… Read More »
When trying to exploit some website using sqlmap, its a good idea to be anonymous. Sqlmap has excellent support for using common proxies or tor. First start tor and ensure that it is running the socks5 daemon on port 9050. Then use the socks5 proxy with sqlmap as follows # ./sqlmap.py –tor –tor-type=SOCKS5 -u "http://www.hackable.org/view_section.php?id=10"… Read More »
Sqlmap is the most popular tool for automated exploitation of sql injection vulnerability and database takeover. Its written in python is cross platform. If you are using Backtrack then sqlmap comes pre packaged in it. In this post I am going to show you the simple process to setup and run sqlmap on windows. 1…. Read More »
Out of the many useful auxiliary modules that metasploit has, one is called search_email_collector which searches google, bing and yahoo for email addresses associated to a particular domain. This is useful in automated information gathering during a penetration test program. The location inside msfconsole is auxiliary/gather/search_email_collector So lets try it out. Launch msfconsole. I am… Read More »
Ping Sweep Ping sweep is the process of pinging an entire range of network ip addresses to find out which ones are online or alive. Nmap is an excellent tool to do this quickly and effectively. Here is the command $ nmap -n -vv -sn 192.168.1.1-255 -oG – | grep -i 'up' Host: 192.168.1.1 ()… Read More »
Social Engineering Toolkit Social engineering toolkit is the most powerful tool for performing social engineering attacks. It is the metasploit of social engineering in a way. It provides a very easy user interface to perform attacks like phishing, browser exploitation etc. In this tutorial we are going to see how it can be used to… Read More »
Sqlmap In the previous post on we learnt how to use sqlmap to hack a vulnerable web application and fetch the list of databases, tables, columns and data rows. In this post we shall see how to do some simple fingerprinting on the remote database to find valuable information that can be used to assist… Read More »
Netcat is a command line utility that can perform lots of tasks like telnet. In this tutorial we shall use it to get a reverse shell using a php backdoor.
Database schemas Databases are present in almost all kinds of application that need to store information in some form or the other. Web applications like blogs, cms, social networking sites or business applications etc all have a database along with the code. The database design or schema determines how the tables and their relationships are… Read More »
SSL certificates Some websites, specially restricted ones might require you to use a client side ssl certificate to open the pages. The certificate is used as an authentication factor, in place of username/password. When opening such websites in browsers, the browser must provide the ssl certificate. Over here we shall see how to do that… Read More »
Socket based chat application In our previous article on we learned about the basics of creating a socket server and client in python. In this post we are going to write a very simple chat application in python that is powered by sockets. The chat application we are going to make will be more like… Read More »