RevenueHits

How To Install rfkill In Kali Linux

You may be trying to do some advanced networking in Kali. The tutorial you are following says: “type rfkill block all.” You try, and are presented with: an ERROR MESSAGE!? Don’t panic, there is an easy way to install rfkill in Kali Linux.


Step One:

Start Kali Linux and open a terminal and type:

apt-get update

Wait until the update is complete, it shouldn’t take long. (DO NOT close the terminal while the update is still working!)

Step Two:

Type: apt-get install rfkill

1

Step Three:

Kali Linux will now check its databases and ask if you want to install rfkill. Type y for yes.

2


Kali Linux will now finish the process of installing rfkill. Never stop an installation once it has started! This might ruin Kali.

Finished, thank you for viewing!

 

How To Update/Install Kernel Headers in Kali Linux

     Installing the Kernel Headers in Kali Linux is sometimes necessary to install certain tools or software (i.e. VMware Tools). Follow this tutorial to learn how to do it. If you’re having trouble following the text tutorial, or if you wish to see a video of this process, please check out our video of this process.


 

Step One:

First, we need to make sure that the official Kali Linux repositories are added to the “sources.list” file.

Open a Terminal and type leafpad /etc/apt/sources.list and press Enter.

2

 

Step Two:

In the file that opens, look over it. If it contains all the lines listed below, then you can close it and continue on to Step Three. However, if it is empty or contains text different than the text listed below, delete everything inside it and replace it with the below text:


deb http://http.kali.org/kali kali main non-free contrib

deb http://security.kali.org/kali-security kali/updates main contrib non-free

deb-src http://http.kali.org/kali kali main non-free contrib

deb-src http://security.kali.org/kali-security kali/updates main contrib non-free


If you have to manually type it, be sure to double check it, as even the slightest error will result in Kali Linux not updating properly.

Once you have finished, close leafpad and click Yes when it asks you if you want to save the changes.

1

 

Step Three:

Now, in the Terminal, type the below command:

apt-get update && apt-get install -y linux-headers-$(uname -r)

And press Enter.

 

Step Four:

It will ask you if you want to install the new updates (headers). Type Y for “yes” and press Enter again.

 

Step Five:

Once it has completely finished updating, and you’re presented with the root@kali prefix again, type reboot in the terminal to restart Kali Linux.


The Kernel Headers have now been installed.

A video tutorial has also been created on this process. If you prefer video tutorials, please check it out here:

 

Thank you for following our tutorial!

 

 

 

How To Hack WPA/WPA2 Wi-Fi With Kali Linux & Aircrack-ng

          Kali Linux can be used for many things, but it probably is best known for its ability to penetration test, or “hack,” WPA and WPA2 networks. There are hundreds of Windows applications that claim they can hack WPA; don’t get them! They’re just scams, used by professional hackers, to lure newbie or wannabe hackers into getting hacked themselves. There is only one way that hackers get into your network, and that is with a Linux-based OS, a wireless card capable of monitor mode, and aircrack-ng or similar. Also note that, even with these tools, Wi-Fi cracking is not for beginners. Playing with it requires basic knowledge of how WPA authentication works, and moderate familiarity with Kali Linux and its tools. If you feel you have the necessary skills, let’s begin:

These are things that you’ll need:

If you have these then roll up your sleeves and let’s see how secure your network is!

          Important notice: Hacking into anyone’s Wi-Fi without permission is considered an illegal act or crime in most countries. We are performing this tutorial for the sake of penetration testing, hacking to become more secure, and are using our own test network and router.

By reading and/or using the information below, you are agreeing to our Disclaimer


Step One:

Start Kali Linux and login, preferably as root.

Step 1

Step Two:

Plugin your injection-capable wireless adapter, (Unless your native computer wireless card supports it). If you’re using Kali in VMware, then you might have to connect the card via the imageicon in the device menu.

Step Three:

Disconnect from all wireless networks, open a Terminal, and type airmon-ng

Step 3

This will list all of the wireless cards that support monitor (not injection) mode. If no cards are listed, try disconnecting and reconnecting the adapter (if you’re using one) and check that it supports monitor mode. If you’re not using an external adapter, and you still don’t see anything listed, then your card doesn’t support monitor mode, and you’ll have to purchase an external one (see the link in the requirements). You can see here that my card supports monitor mode and that it’s listed as wlan0.

Step Four:

Type airmon-ng start followed by the interface name of your wireless card. mine is wlan0, so my command would be: airmon-ng start wlan0

Step 4

The “(monitor mode enabled)” message means that the card has successfully been put into monitor mode. Note the name of the new monitor interface, mon0.


EDIT:
A bug recently discovered in Kali Linux makes airmon-ng set the channel as a fixed “-1” when you first enable mon0. If you receive this error, or simply do not want to take the chance, follow these steps after enabling mon0:

Type: ifconfig [interface of wireless card] down and hit Enter.
Replace [interface of wireless card] with the name of the interface that you enabled mon0 on; probably called wlan0. This disables the wireless card from connecting to the internet, allowing it to focus on monitor mode instead.
After you have disabled mon0 (completed the wireless section of the tutorial), you’ll need to enable wlan0 (or name of wireless interface), by typing: ifconfig [interface of wireless card] up and pressing Enter.



Step Five:

Type airodump-ng followed by the name of the new monitor interface, which is probably mon0.

Step 5

If you receive a “fixed channel –1” error, see the Edit above.

Step Six:

Airodump will now list all of the wireless networks in your area, and a lot of useful information about them. Locate your network or the network that you have permission to penetration test. Once you’ve spotted your network on the ever-populating list, hit Ctrl + C on your keyboard to stop the process. Note the channel of your target network.

step 6

 

Step Seven:

Copy the BSSID of the target network

Step 7

Now type this command:
airodump-ng -c [channel] --bssid [bssid] -w /root/Desktop/ [monitor interface]
Replace [channel] with the channel of your target network. Paste the network BSSID where [bssid] is, and replace [monitor interface] with the name of your monitor-enabled interface, (mon0). The “–w” and file path command specifies a place where airodump will save any intercepted 4-way handshakes (necessary to crack the password). Here we saved it to the Desktop, but you can save it anywhere.

A complete command should look similar this:
airodump-ng -c 10 --bssid 00:14:BF:E0:E8:D5 -w /root/Desktop/ mon0

image

Now press enter.

Step Eight:

Airodump with now monitor only the target network, allowing us to capture more specific information about it. What we’re really doing now is waiting for a device to connect or reconnect to the network, forcing the router to send out the four-way handshake that we need to capture in order to crack the password.
Also, four files should show up on your desktop, this is where the handshake will be saved when captured, so don’t delete them!

But we’re not really going to wait for a device to connect, no, that’s not what impatient hackers do. We’re actually going to use another cool-tool that belongs to the aircrack suite called aireplay-ng, to speed up the process. Instead of waiting for a device to connect, hackers can use this tool to force a device to reconnect by sending deauthentication (deauth) packets to one of the networks devices, making it think that it has to reconnect with the network.

Of course, in order for this tool to work, there has to be someone else connected to the network first, so watch the airodump-ng and wait for a client to show up. It might take a long time, or it might only take a second before the first one shows. If none show up after a lengthy wait, then the network might be empty right now, or you’re to far away from the network.

You can see in this picture, that a client has appeared on our network, allowing us to start the next step.

Step 8

Step Nine:

Leave airodump-ng running and open a second terminal. In this terminal, type this command:
aireplay-ng –0 2 –a [router bssid] –c [client bssid] mon0
The –0 is a short cut for the deauth mode and the 2 is the number of deauth packets to send.
-a indicates the access point/router’s BSSID, replace [router bssid] with the BSSID of the target network, which in my case, is 00:14:BF:E0:E8:D5.
-c indicates the client’s BSSID, the device we’re trying to deauth, noted in the previous picture. Replace the [client bssid] with the BSSID of the connected client, this will be listed under “STATION.”
And of course, mon0 merely means the monitor interface, change it if yours is different.

My complete command looks like this:
aireplay-ng –0 2 –a 00:14:BF:E0:E8:D5 –c 4C:EB:42:59:DE:31 mon0

Step 9

Step Ten:

Upon hitting Enter, you’ll see aireplay-ng send the packets. If you were close enough to the target client, and the deauthentication process works, this message will appear on the airodump screen (which you left open):

image

step 10

This means that the handshake has been captured, the password is in the hacker’s hands, in some form or another. You can close the aireplay-ng terminal and hit Ctrl + C on the airodump-ng terminal to stop monitoring the network, but don’t close it yet just incase you need some of the information later.

If you didn’t receive the “handshake message,” then something went wrong in the process of sending the packets. Unfortunately, a variety of things can go wrong. You might just be too far away, and all you need to do is move closer. The device you’re attempting to deauth might not be set to automatically reconnect, in which case you’ll either have to try another device, or leave airodump on indefinitely until someone or something connects to the network. If you’re very close to the network, you could try a WiFi spoofing tool like wifi-honey, to try to fool the device into thinking that you’re the router. However, keep in mind that this requires that you be significantly closer to the device than the router itself. So unless you happen to be in your victim’s house, this is not recommended.

Do note that, despite your best efforts, there are many WPA networks that simply can’t be cracked by these tools. The network could be empty, or the password could be 64 characters long, etc.

Step 11:

This concludes the external part of this tutorial. From now on, the process is entirely between your computer, and those four files on your Desktop. Actually, it’s the .cap one, that is important. Open a new Terminal, and type in this command:
aircrack-ng -a2 -b [router bssid] -w [path to wordlist] /root/Desktop/*.cap

-a is the method aircrack will use to crack the handshake, 2=WPA method.
-b stands for bssid, replace [router bssid] with the BSSID of the target router, mine is 00:14:BF:E0:E8:D5.
-w stands for wordlist, replace [path to wordlist] with the path to a wordlist that you have downloaded. I have a wordlist called “wpa.txt” in the root folder.
/root/Desktop/*.cap is the path to the .cap file containing the password. The * means wild card in Linux, and since I’m assuming that there are no other .cap files on your Desktop, this should work fine the way it is.

My complete command looks like this:
aircrack-ng –a2 –b 00:14:BF:E0:E8:D5 –w /root/wpa.txt  /root/Desktop/*.cap
image

Now press Enter.

Step 12:

Aircrack-ng will now launch into the process of cracking the password. However, it will only crack it if the password happens to be in the wordlist that you’ve selected. Sometimes, it’s not. If this is the case, you can try other wordlists. If you simply cannot find the password no matter how many wordlists you try, then it appears your penetration test has failed, and the network is at least safe from basic brute-force attacks.

Cracking the password might take a long time depending on the size of the wordlist. Mine went very quickly.

If the phrase is in the wordlist, then aircrack-ng will show it too you like this:

image

The passphrase to our test-network was “notsecure,” and you can see here that it was in the wordlist, and aircrack found it.

If you find the password without a decent struggle, then change your password, if it’s your network. If you’re penetration testing for someone, then tell them to change their password as soon as possible.

 

Please use this information only in legal ways

Lewis Encarnacion

 


 

Perform A Man In The Middle Attack With Kali Linux & Ettercap

It’s one of the simplest but also most essential steps to “Conquering” a network. Once a hacker has performed a “Man In The Middle” attack (MITM) on a local network, he is able to perform a number of other “Side-kick” attacks. This includes: cutting a victim’s internet connection; intercepting Emails, logins, chat messages, and many others.

And only one tool is needed for this attack:

  • An install or Live boot of Kali Linux, a well-known OS containing a collection of hundreds of penetration testing tools.

If you have that, then proceed to the tutorial below, and we’ll demonstrate how to perform this attack.

Important Notice:
This tutorial is intended to be used for penetration testing, i.e. the act of hacking to become more secure. It is not at all meant for malicious purposes. Performing any type of fraudulent activity on someone else’s network without permission is considered a crime in most countries. Lewis’s Computer Howto’s is using their own test network in this demonstration.

By reading and/or using the information below, you are agreeing to our Disclaimer,

 

Step One:

Start Kali Linux and login, preferably as the root user. When you’ve logged in, open a Terminal and enter this command: echo 1 > /proc/sys/net/ipv4/ip_forward. This enables IP forwarding, which is mandatory in order for the victim device to maintain connection while we are ARP poisoning it. This command will not be permanent; you’ll have to enter it every time that you restart Kali and wish to perform another MITM attack.

Step Two:

For whatever reason, ettercap doesn’t come ready to work from the factory. We need to make some small edits before it will work.
Open a Terminal and type: leafpad /etc/ettercap/etter.conf

Step 1

Step Three:

Look through the text file that just opened. On one of the first lines, under the [privs] section, look for the words highlighted below:

Step 2

You need to change the “ec_uid” and “ec_gid” values to zero. They should look like this when done:

Step 2.1

Remove the number 65534 and replacing it with 0 (zero). You can leave the “# nobody is default” line.

Step Four:

This next one will be tricky to locate, so we’re going to use the “Find” option. Click on Search in the toolbar at the top of leafpad and click Find, or hit Ctrl+F.

Type the word iptables in the box that appears and click the Find button or press Enter.

Step 3

It should skip to a line that looks like this:

Step 3.1

We need to “uncomment” the two bottom lines. To do this, remove the two “#” symbols before each “redir_command,” so that the two lines look like this:

Step 3.2

Now close leafpad and click Yes when it asks you to save changes.

Step Five:

Now start Ettercap-gtk, open a Terminal and type ettercap –G

Step 5

Wait until Ettercap opens. When it does, click Sniff in the toolbar and select Unified Sniffing… from the menu.

Step 5.1

Step Six:

Select the interface that’s connected to the network.

Step 6

If your using a wired (ethernet) connection, then the interface will probably be eth0, but if you’re using wireless, (WLAN), then it will be a different one. To find which one of your interfaces is connected, run ifconfig.

Step Seven:

Now Ettercap should load into attack mode. Click on Hosts and select Scan for hosts from the menu.

Step 7

Step Eight:

Ettercap will briefly scan for hosts on the network. After a moment, you should see the words “hosts added to the host list…” in the command box.

Click on Hosts again, and this time select Hosts list from the menu.

Step 8

Step Nine:

Click the IP address of the router and click the Add to Target 1 button.

Step 9

Then select the IP of your test victim’s machine and click Add to Target 2.

Step 9.1

Step 10:

Now click Mitm on the toolbar and select Arp poisoning…

Step 10

When the question box shows up, check the box next to Sniff remote connections and hit OK.

Step 10.1

Step 11:

Ettercap will now Arp poison the victim and router. It might take a few minutes for the ARP process to work out, but once it does, your victim PC should be able to still connect to the internet without knowing that you’re virtually in between it and the router. If you’re victim can’t connect, make sure that you entered the “IP forward” command in Step 1 before starting ettercap. It might be a good idea to test this attack on one of your devices first, just to make sure that everything is going as planned.

Step 11

You’ve successfully executed an MITM attack!

You can now use tools such as URLsnarf and SSLstrip to sniff out information about your victim’s internet traffic. You can also use etterfilters to cut you victim’s internet completely. Tutorials on how to use these tools will be coming soon.

To stop the MITM attack, click on MITM and select Stop mitm attack(s) from the menu.

Step stop

Ettercap will then send the ARP correction packet, and the network will return to normal. You can then close Ettercap.

 

Ways to protect yourself against one of these attacks.

There are a couple of methods:

  • ARP detection software

This method is pretty useless. There are very few ARP detection programs out there, and the few that do exist are either free junk or over priced. In addition, to use these programs on a windows machine requires installing special drivers for your wireless cards. Recommendation: Don’t use.

  • Static ARP entries

This method works the best for the standard individual. You just type in a simple command and your computer becomes “Unarpable.” This is how it works:

When an attacker performs an ARP MITM attack, his computer sends a ARP packet to the victim’s machine telling it that his mac address is the router’s. The victim’s machine is fooled and starts sending its data to the attacker.

When you enter a static ARP entry, you’re telling your computer that the router’s mac address is permanent and will not be changed. Therefore, your computer ignores any phony ARP packets sent by the attacker.

We will be making a tutorial on how to do this soon. In the meantime, you can use Google to find answers.

 

We Hope You Enjoyed This Tutorial

How To Make A Permanent Alias In Kali Linux

     Since the Linux operating system is based almost entirely on terminal commands, it is imperative that you create some basic aliases to make your life a bit easier. One way of doing this is to just issue the command, “alias=command.” The problem with this method is that it only keeps the alias until the system is logged off, then you have to enter it all over again.
    The solution? Enter the alias in the .bashrc file. This simple tutorial will explain to you how to do this.



Step one:

Log into Linux and open a terminal.

Step two:

In the terminal, type “leafpad .bashrc”.

step one

Step three:

Hit Enter. A text file (.bashrc) should open in the leafpad text editor.

Step three 1

Scroll down until you reach a line filled with #alias examples.

Step three 2

Step four:

Place your select cursor at the end of the last #alias example and hit enter, making a new line. See photo below.

Step four


Step five:

Type the alias in the specified above location using the following format:
alias [shortcut]='[command]'
Replace [shortcut] with the alias you want, and replace [command] with the command that the alias stands for.
Example: alias updatesys='apt-get update && apt-get upgrade'


The above example is a alias that I use so I can easily update Kali without having to type in “apt-get update && apt-get upgrade” every time.



Picture example:
step four 2

Final step:

You’re almost there! Now that you’re done typing the alias in, you need to save the .bashrc file. Do this quickly by hitting Ctrl+S or click “File > Save.”


Tip:
To insure that the file has been completely saved, make sure that the asterisk next to the file name is gone:

Tip 1


Now close the .bashrc file and the terminal behind it. Open a new terminal and try out your alias. If all went according to plan, the alias will be permanent, and can only be removed if you remove it from the .bashrc file in the same way you created it.


Congrats! You’re done!

Repeat these steps to create as many permanent aliases as you please!



How To Install Kali Linux In VMware Player

This tutorial will walk you through the difficult process of installing Kali Linux in VMware Player, a free virtual machine manager that can be downloaded from www.vmware.com.

This tutorial assumes that you have some basic knowledge of your computer (amount of RAM, number of processors, x32 or x64 architecture, etc.) and that you’re using VMware Player as a virtual machine manager, not VMware Workstation or other software.


Step One:


First we need to download Kali from http://kali.org/downloads/. If you have a 64-bit capable computer (like me), then you probably will want the 64-bit version of Kali for performance and compatibility reasons. Select the 64-bit version ONLY if you have a 64-bit computer. If you don’t have a 64-bit capable computer, or if you aren’t sure, then get the 32-bit version, as it will work on both architectures.



Step Two:

You can either direct download Kali through the browser’s download manager by clicking on ISO, or you can torrent it by clicking on Torrent. Torrenting is usually a bit faster, but if you don’t have a torrent program, or don’t know what a torrent is, don’t worry about it and click ISO to do a normal download.

Step Three:

When Kali has finished downloading, open VMware Player and click Create a new virtual machine.


step 3

Step Four:

In the window that opens, select Installer disc image file (iso), browse to the location of and select the Kali Linux ISO file that you just downloaded.


step 4

Once you have selected the file, click Next.

3.5


Step Five:

In the next step, select a name for the virtual machine. I’m going to name it Tutorial Kali for this tutorial. You also need to select a location for it, I recommend creating a folder called “Virtual machines” in My Documents. Then click Next.

step 5

Step Six:

Next step, you need to select a maximum size for Kali. I recommend doing at least 30 GB’s as Kali tends to expand over time. After you’ve entered your desired value (no less than 20 GB) change the next option to Store virtual disk as a single file and click Next.

step 6

Step Seven:

In the next window, we need to customize some hardware settings, so click on the Customize Hardware… button.

step 7

Step Eight:

You will now be presented with a Hardware window. Select Memory in the left pane of the window, and slide the slider on the right side to at least 512 MB*. Since I have 8 GB of RAM on my computer, I’m going to put it at 2 GB’s (2000 Mb’s).

*Note, you should give a virtual machine a maximum of half the RAM installed on your computer. If your computer has 4 GB of RAM, then the max you want to slide it to is 2 GB. If your computer has 8 GB, then you can go to a max of 4 GB, etc.

step 8

Now highlight Processors in the left pane. This option really depends on your computer, if you have multiple processors, then you can select multiple or all processors for better performance.

step 8.1

Moving on, click on Network Adapter in the left pane. On the right side, move the dot to the Bridged (top) option. Now click on the Configure Adapters button.

8.2

In the small window that pops up, uncheck all the boxes except for the one next to your regular network adapter and hit OK.

8.4

You can now click on Close at the bottom of the Hardware window and then click on Finish in the Wizard.

step 8.5

Step Nine:

After you click Finish the window will close and the new virtual machine file will be added to the VM library. Now all we have to do is start Kali and install it! To do this, highlight the name of the newly created virtual machine by clicking on it, and click Play virtual machine in the right pane.

step 9

This will start Kali for the first time.

Step 10:

At the boot menu, use the arrow keys to scroll down to Graphical install and hit enter.

4

Step 11:

The next screen will ask you to select your preferred language, you can use the mouse to select this, then click Continue.

step 11

Step 12:

On the next screen, select your location and hit Continue.

step 12

It’ll now ask you for your standard keymap. If you use the standard American English keyboard, then just click Continue.

step 13

Step 14:

Wait until Kali finishes detecting the hardware on your computer. During this, you might be presented with this screen:

step 14

Just hit Continue and select Do not configure the network at this time on the next screen.

step 14.5

Step 15:

You will now be asked to supply a hostname, which is kind of like a computer name. You can enter anything you want, or you can just leave it as kali. When you’re done, hit Continue.

step 15

Step 16:

Kali will now ask you to enter a password for the root (main) account. Make sure you can easily remember this password, if you forget it, you’ll have to reinstall Kali. Hit Continue after you’ve enter and re-entered the password of your choice.

step 16

Step 17:

The next step will ask you for your time zone, select it and click Continue.

step 17

Step 18:

Wait until Kali detects the disk partitions. When you are presented with the next step, select Guided – use entire disk. (this is usually the top option) then click Continue.

step 18

The installer will now confirm that you want to use this partition. Hit Continue.

step 18.5

One more question about the partition will appear. Select the option that says All files in one partition and hit Continue.

step 18.9

Step 19:

Confirm that you want to make these changes by selecting Finish partitioning and write changes to disk. Then hit Continue.

step 19

Step 20:

The last question! Confirm that you really want to make these changes by moving the dot to Yes and hitting Continue.

step 20

Kali will now start installing! Wait until it has completed, this might take upwards of 30 minutes.


 

Step 21:

Alright, Kali has finished installing and now you are presented with a window that asks you about a network mirror. You can just select No and hit Continue.

step 21

Step 22:

After a few minutes, the installer will ask you if you want to install GRUB boot loader. Click Yes and Continue.

step 22

Step 23:

The installation should now complete, and you’ll be shown with the following notification message:

step 23
Click Continue.

Step 24:

After it restarts, and you’re shown with the “login” screen, click on “Other…”

Screenshot_1

Type the username root in the box and press Enter or click “Log In,”

Screenshot_2

On the next screen, type the password that you created earlier, and press Enter or click “Log In” again.

Screenshot_3

Kali should login, and you’re done!



If you type the password/username incorrectly, you’ll get this message:

Screenshot_4

Just try again, and remember to use the password that you created earlier.


 

You’ve successfully installed Kali Linux in VMware!

You can delete that massive ISO file that you downloaded as well, it isn’t necessary any more. To get the most functionality out of Kali Linux, you should install VMware Tools. You can follow my tutorial on how to do that.