Posts

Showing posts with the label linux

[2013 Version] Starting a Pentesting Lab [How-To/Linux/Windows]

Image
Recently I bought a gaming computer with some of the best specs out there (i7, gtx670, 16gig ram, ssd, etc) and decided to finally set up my own Pentesting lab so I can practice breaking and securing "real" boxes of my own. My current setup consists of my router connected to my apartment's WAN using DHCP, which issues private DHCP leases to the connected boxes on my network. I have a Windows 7 laptop of my own, a Windows 7 desktop host machine running VMs, and a Ubuntu 12.10 server for all my main Linux needs (I have SSH set up so I can access this box from work and other places). My friends also connect to this network via Wifi, so there are random Win7 and OSx computers connected to it. As for my virtualized boxes, I have Windows XP (different SPs), Windows Server 2003, 2008, and 2012, Metasploitable 2, DVL (Damn Vulnerable Linux), BackTrack5R3 (I hack from this box), and a few other exploitable machines. I will be setting up a Windows Vista and a couple other *nix

Hacking Metasploitable #1: Introduction & IRC Hack [Metasploit/Linux/Exploit/How-to]

Starting today, I will start releasing how-tos on hacking the Metasploitable distro of Linux released by the creators of Metasploit in which I will go through how to determine if a system is exploitable, how to use Metasploit, how to load modules and run exploits, and what to do once you have exploited a system. I hope these posts, starting with this (#1), teach the readers the important parts of using Metasploit as well as the basics of Pentesting and exploitation. This is by no means a thorough series on exploitation, but a way to get basic users' hands wet in the world of exploitation and hacking.

BASH scripting in Linux: an introduction [Linux]

I've already used a bit of BASH scripting in my Wifi sniffing tutorial, but the importance of scripting in BASH and other languages such as Perl, Ruby, and Python is so great I need to write separate posts for them all. Bash stands for "Bourne-Again Shell" (you will see "sh" stands for "shell" in many places). Named aptly for being the successor of the Bourne Shell, it came into use in 1989 and has since been a main scripting language for Linux and has many different options such as piping (seen before on my blog), variables and control structures (like all good languages), file reading, and the Unix "wildcard" usage by the asterisk (*) key. Enough about stuff I'm sure you guys don't care about, lets jump right in!

Installing and using Nmap [Linux/Windows]

Image
I'm afraid I've been very busy lately with a new job working overnights and figuring out all my college needs for moving in next month, but I've been doing a lot of research and reading on a few interesting topics so hopefully the next few posts will be very interesting. I've also updated a few of my posts including my wifi sniffing and securing your home network posts, so check those out! Today's post is about one of the most important netsec tools you will have in your arsenal. This program is called Nmap and is a free, open-source network auditing and security tool that we will use quite often while looking for vulnerabilities on networks. I will be explaining how to install and do some basic usage on Linux AND Windows (yay Windows!). I will be using my Backtrack 5 for Linux and Windows XP and hopefully get a Vista/Win7 part up as well.

[OLD] Installing SSLStrip [Linux]

I've written most of a how-to and explanation of how to use two programs, SSLStrip and Ettercap, to sniff networks and grab passwords even if a secure connection is used (HTTPS rather than HTTP), but I have to cover a few topics before I release it. First, I need to explain how to install SSLStrip for those people not using Backtrack 5, then I must explain ARP (Address Resolution Protocol) poisoning and spoofing, since this is an important part of using SSLStrip and Ettercap to grab passwords. If you're using Backtrack 5, like I mentioned before SSLStrip should be installed already and located in the "/pentest/web/sslstrip" folder and can be run by typing "python sslstrip.py" For the users not using Backtrack 5, follow the directions below:

Beginning networking in Ubuntu [Linux]

Since I'm trying to cover all the basics first so new users can jump right in to later topics by just reading these and the other posts I've released and *hopefully* gain and understanding of the most basic Linux commands and functions. Each command listed below I will attempt to describe the basis for it's name, what it's acronym stands for (if necessary), the basic uses of it, a few more advanced uses of it, and any other information I (or any commentators!) see useful.

[OLD] Installing Metasploit [Linux/Now Updated with Windows!]

Image
Now that I've briefly covered some WEP/WPA cracking, lets install an important tool to our arsenal for issuing exploits and "payloads" (a name for exploits). This program is called "Metasploit" and is considered by many to be one of the most important hacking/pentesting tools around. It has an amazing array of exploits that can be used on many vulnerable machines, and when coupled with the vulnerability scanner Nessus (I'll cover this in the future) becomes a highly sophisticated tool we can use to hack into and secure our networks. I'm installing this on Ubuntu Gnome Backtrack 5 (the newest release), so if you're on a different GUI (like KDE) and aren't using BT5, some things might be different. NOTE: It may be useful for new users to check out my  Linux commands overview that I recently updated (the day this post was released). Hopefully you know the basics of Linux navigation and listing commands, so lets begin.

[OLD] Cracking WEP/WPA/2 networks with Aircrack-ng [Linux]

Now that you have hopefully installed the Aircrack-ng suite and familiarized yourself with some basic Linux commands, we can start cracking WEP and WPA1/2 networks to see the differences in securi ty  Wired Equivalent Privacy  (WEP) and Wi-fi Protected Access (WPA) provide.

Getting Started With Aircrack-ng [Linux]

As my first "real" post, I'll explain the basics to installing an important suite that I use quite often and is one of the most important tools to pentesting networks called Aircrack-ng (ng stands for new generation, like IPng or IPv6). I use Ubuntu Backtrack 5 which comes preloaded with the aircrack-ng suite, but I'll explain how to install and configure this on a fresh Linux computer or laptop for those who aren't strictly into netsec and want to start or have fun with it. Before starting on Linux , make sure you have all the necessary kernel headers and other files necessary to run aircrack. Issue the command "apt-get install build-essential" and add the prefix "sudo" (super user do) before if you are not running as root. This should install all necessary files if you do not already have them, and  you should be ready to begin. Also, the aircrackng suite requires the "openssl-dev or libssl-dev" dependencies (thanks Anon in com