Kali linux uses the root user, since root privileges are needed to run various security tools like nmap and wireshark etc. However its uneasy to type the root/toor combination everytime Kali boots. So to make things simple just make the user root login automatically at system start. And here are the simple steps to do… Read More »
Apache and mysql are installed by default in Kali Linux. They can be accessed through the Kali Linux menu in Applications. To start apache web server click the menu entry at “Applications > Kali Linux > System Services > HTTP > apache2 start”. Similary to start mysql click MySQL > mysql start. However starting services… Read More »
Quick tutorial on how to install the angry ip scanner on kali linux. angry ip scanner is a fast ping and port scanner.
Quick tutorial on how to run metasploit exploit framework and armitage on Kali linux.
Hack windows xp with MS08-067 exploit Using metasploit its possible to hack windows xp machines just by using the ip address of the victim machine. It does not involve installing any backdoor or trojan server on the victim machine. Metasploit does this by exploiting a vulnerability in windows samba service called ms08-67. This exploit works… Read More »
Kali linux is the next version of backtrack in a completely new form. Tor is not installed by default in kali linux. However can be installed easily right from its own repositories. [email protected]:~# apt-get install tor vidalia Run the above command and tor along with vidalia should be installed. Start the tor service with the… Read More »
Web shells are often used by hackers and penetration testers to get a remote shell on a machine through a browser/web interface.
Uniscan is a web application security scanner for remote file inclusion, local file inclusion and remote command execution vulnerabilities.
In penetration testing or hacking, it is a common task to search for exploits and vulnerabilities for a give platform/application. The search is done on google, or various exploit database websites. One of them is exploit-db.com. Backtrack includes lots of exploits from exploit-db in a searchable database that can be used offline. In backtrack 5… Read More »
When trying to exploit some website using sqlmap, its a good idea to be anonymous. Sqlmap has excellent support for using common proxies or tor. First start tor and ensure that it is running the socks5 daemon on port 9050. Then use the socks5 proxy with sqlmap as follows # ./sqlmap.py –tor –tor-type=SOCKS5 -u "http://www.hackable.org/view_section.php?id=10"… Read More »