Tutorial on Hacking With Kali Linux

Hacking With Kali Linux

Why Kali Linux?

With Kali Linux, hacking becomes much easier since you have all the tools (more than 300 pre-installed tools) you are probably ever gonna need. Others can be downloaded easily. Now this tutorial will get you started and you'll be hacking with Kali Linux before you know it.

The problem with beginners

Now, I've been dealing with beginners since a long time. What they want is magic. A tool which is easy to use, works on Windows, can be download by searching on Google and clicking on the first link we see, and will do all the hacking itself on the push of a button. Sadly, no such tool exists. Hacking is an art, and it takes years of practice to master it. So how to get started? Having no idea about hacking is okay, but being a newbie with computers in general is not allowed. When I say beginner, I mean someone who has no experience with programming and with hacking methodologies. I didn't mean someone who needs a 1 page guide on how to download a tool. If you want to be a hacker, you have to work hard. So how to get started? If you have installed Kali Linux,  click here to skip past the installation paragraphs and go to hacking section of this post)

Getting Started

Now, I am not boring you with theory (^ As if all this wasn't enough theory). My aim is to get you to the point where you can start hacking with Kali Linux as soon as possible. What I'm gonna do is tell you what to do. The process is rather simple :-

• If you are totally clueless as to what Kali Linux is - Go to Kali's official website and get an idea.
• If you haven't already done that,go to their download page and download Kali Linux iso file.

Things get tough now

If you have no previous experience with Linux and virtual machines and all that stuff, getting Kali Linux up and running won't be a piece of cake.You have 2 options :

1. Read the Kali official documentation

That will give you an idea about what is a virtual machine, how OS can be run from USB, and how to create a partition and run 2 OS simultaneously. This is what I recommend. For that, go to Kali Official Documentation . 

2. Read my modified version of Kali documentation

The second option is to look at these posts, which are just sparingly modified versions of the Kali docs, and offer no advantage other than saving your time as their documentations cover much more than what the ones here do, and you don't really need to know all so much... yet. I'm linking them up here:

• Installing Kali Linux On Hard Disk using USB
• Dual Boot Kali (alongside Windows)
• Install Kali Linux in VmWare complete detailed guide

Command Line Interface

Some bash commands

Now, if you are really sure about becoming a hacker, you have to get used to linux, and specifically the command line interface. It is often compared to (and rightly so) to command prompt of Windows, but Linux' cli is much efficient and better than command prompt. What you have to do is do all the usual tasks you do in Windows in cli of Linux. Use cd to navigate, poweroff to shutdown, etc.

A pretty awesome site for that is - http://linuxcommand.org/

Going through the complete site is on its own enough exercise to keep you occupied for a month, but you can proceed gradually. The first few tutorials here will keep in mind that you don't have much info about cli, and will be really beginner friendly.

Some Useful Commands:

If you don't plan on learning all of linux cli commands, here are a few that will keep your boat afloat.

1. The default username and password is 'root' and 'toor'. 
2. Type 'poweroff' in the terminal to shutdown. 
3. apt-get command can be used to install tools and updates. 
4. apt-get update and apt-get upgrade will update all the programs installed on your machine. 
5. apt-get dist-upgrade will install the latest distribution of Kali(i.e. it upgrades your OS).

PS : Tapping <tab> while typing makes Kali complete the word for you . Double tapping <tab> makes it display all possible words starting with the incomplete word. Ctrl+c stops the functioning of any tool that is running. Pressing the up arrow key shows the command you last typed.

Some Real Hacking With Kali Linux

Assuming you've gone through the above steps and are comfortable with your new hacking environment, its time to do some real hacking with Kali Linux. My recommendation would be to start by hacking a wifi, then do some penetration testing, and maybe read something on Denial of Service when you have free time. Links here-

Hack wireless networks in Kali Linux using aircrack 

Penetration Testing In Kali For Beginners

Denial Of Service Attacks

Read full post »

Remotely Access Kali Terminal Using Putty

In this post we will use PuTTy to remotely or locally access Kali terminal with root priveleges. We will use SSH for this tutorial, though you can use Telnet or any other mode too.

Putty

Some theoretical inforamtion about putty for your digestion.

PuTTY is an SSH and telnet client, developed originally by Simon Tatham for the Windows platform. PuTTY is open source software that is available with source code and is developed and supported by a group of volunteers. (putty.org)

PuTTY is a popular SSH and Telnet client that helps you establish secure connections over the Internet and doesn't even require installation. It's especially aimed for programmers and network administrators, which means that newcomers won't find it easy to use. The program features a simple, straightforward interface with no included documentation. Despite its apparent simplicity, PuTTY is highly configurable and includes many options to tweak connections, sessions, SSH security features and even the window's appearance. (softpedia)


Basically what you need to know is Putty works on Windows and will help you execute commands on Virtual install of Kali directly from Windows. It's like a Kali terminal in Windows. What that means is if you have any configuration other than Windows : Host and Kali : Guest, then PuTTy isn't going to be useful ( you can still use it for remotely running Kali, but the focus is on host guest mechanism here).

Download

You can download putty here. http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html . That's the official download location. Softpedia, CNET, etc. also provide downloads. You will find a lot of links there, and it will take a minute to find out what you need to download. However, for the sake of ease, the link below this line is likely to be what you are looking for.

A Windows installer for everything except PuTTYtel

Installation is quite easy, nothing you can't handle.

Kali Configuration

There are a few things that need to be done before PuTTy starts working. Firstly, you would be using SSH to connect to Kali (main advantage of SSH is that it's secure, you can search google for more info on SSH). By default, the SSH service isn't started in Kali, but you can still check with

root@kali:~# service --status-all

 [ - ]  ssh

It will display a long list. The - against ssh indicates it is not running. Depending on whether the SSH is installed or not, you can execute the following. Run the second command first, if it works fine the installation isn't required, if not, then execute first command.

root@kali:~#apt-get install openssh-server (to install SSH)

root@kali:~#service ssh start (to start the service)

Optional : If you are connecting remotely and are afraid that someone will eavesdrop your data, then you can use public private key encryption offered by SSH. For this you need to create an RSA key.

root@Kali:~# ssh-keygen -t rsa

You will have to specify where to store the key (just press enter for default location) and then specify a key. This step is quite unnecessary for most users.

Also, type ifconfig to get your eth0 ip address. 

Starting PuTTy on Windows

Start Putty, and you will see a putty configuration dialog. Enter the IP that you found out in the last step. The port will be 22 and connection type SSH. Click open and you'll be prompted to enter the credentials for terminal access. Type in 'root' and your password. You will now see something like this-

You can run commands from here and they will be executed on your Kali machine. There are no functionality restrictions as such, and you can do almost anything from this terminal. Type exit to end the session.

Auto start SSH on Kali Boot

Now every time you will boot into Kali, the SSH service will not be running. You will have to type the following everytime to boot - service ssh start

However, there are alternatives. One straightforward one is to go to Applications -> System Tools -> Preferences -> Startup Application and click on add. Enter the command as service ssh start and add whatever you feel like for Name and Comment (nothing technical there).

Alternatively, you can use update-rc.d to get the same functionality.  It helps add/remove services which will run at booting. Execute the following command to add SSH to startup services

root@kali:~#update-rc.d ssh enable

You can of course write your script to start ssh, but that wouldn't do us much good since starting the service is as easy as one line of code (service ssh start) and you don't write scripts that execute just one command (that is quite an inefficient way of usingputty scripts)

Read full post »

Wifi Hacking - WEP - Kali Linux Aircrack-ng suite

Alright, this post is written assuming you have Kali Linux up and running on your computer. If not, here is a post on hacking with kali linux. It will tell you about what Kali Linux is, and how to use it. It will guide you through installation process.
So if you are still following, then just follow these simple steps-

Firstly, create a wireless network to crack. Don't use this method on others. It is illegal. Then proceed with the steps below.

1. Find out the name of your wireless adapter.

Alright, now, your computer has many network adapters, so to scan one, you need to know its name. So there are basically the following things that you need to know-

• lo - loopback. Not important currently.
• eth - ethernet
• wlan - This is what we want. Note the suffix associated.

Now, to see all the adapters, type ifconfig on a terminal. See the result. Note down the wlan(0/1/2) adapter.

2. Enable Monitor mode

Now, we use a tool called airmon-ng to  create a virtual interface called mon. Just type 

airmon-ng start wlan0

 Your mon0 interface will be created.

3. Start capturing packets

Now, we'll use airodump-ng to capture the packets in the air. This tool gathers data from the wireless packets in the air. You'll see the name of the wifi you want to hack.

airodump-ng mon0

4. Store the captured packets in a file 

This can be achieved by giving some more parameters with the airodump command

airodump-ng mon0 --write name_of_file

Now the captured packets will be stored in name_of_file.cap
You have to wait till you have enough data (10000 minimum)

5. Crack the wifi

If all goes well ,then you'll be sitting in front of your pc, grinning, finally you've got 10000 packets (don't stop the packet capture yet). Now, you can use aircrack-ng to crack the password. (in a new terminal)

aircrack-ng name_of_file-01.cap 

The program will ask which wifi to crack, if there are multiple available. Choose the wifi. It'll do its job. If the password is weak enough, then you'll get it in front of you. If not, the program will tell you to get more packets. The program will retry again when there are 15000 packets, and so on.

Note : This will not work with WPA-2. Here is a tutorial on -
Hacking wpa/wpa-2 wps with reaver on kali linux


Troubleshooting : Check this link if you failed to hack the network. 

The missing ingredient

Here is a comparatively advanced tutorial which will require you to have gone through this tutorial as well as the missing ingredient one. After you have got the big picture, you can move on to complicated things like speeding up wifi hacking.
Speeding Up WEP Hacking

Read full post »