Linux hacked what to do

How to Hack Your Own Linux System

Passwords are the sole criteria of system Security for most of the System. And when it comes to Linux, if you know the root password you owns the machine. Passwords are as a Security measure for BIOS, Login, Disk, Application, etc.

Linux is considered to be the most Secure Operating System to be hacked or cracked and in reality it is, still we will be discussing some of the loop-holes and exploits of a Linux System. We will be using CentOS Linux throughout the article as an article to crack our own machine’s security.

Press any key to interrupt the boot, as soon as Linux machine boots and you will get a GRUB menu.

Linux Boot Screen

Press ‘e‘ to edit and go to the line starting with kernel (Generally 2nd Line).

Switch to Single User Mode

Now press ‘e‘ to edit the kernel and add ‘1‘ at the end of line (after one blank space) forcing it to start in single user mode and thus prohibiting it to enter default run-level. Press ‘Enter’ to close the kernel editing and then boot to the altered option. For booting You need to press ‘b‘

Logged into Single User Mode

Now you are logged in to single-user mode.

Set root Password

Yeah! Now using ‘passwd‘ command we can change the root password. And once you have root password you owns the Linux Machine – Don’t you Remember? You can now switch to graphical screen to edit anything and everything.

Add new root Password

Note: In case the above ‘passwd‘ command doesn’t work for you and you didn’t get any output, it simply means that your SELinux is in enforcing mode and you need to disable it first, before proceeding further. Run following command at your prompt.

An then run the ‘passwd‘ command, to change root password. Moreover command.

Switch to X Windows

Use command “init 5” (Fedora Based) systems and “gdm3” (Debian Based) systems.

Switch to X Window

So was this not a cake-walk to hack a Linux box? Think about the scenario if somebody did this to your server, Panic! Now we will be learning how to safeguard our Linux Machine from being modified using single user mode.

How we breaked into the system? Using Single-user mode. OK, so the loophole here was – logging into single user mode without the need of entering any password.

Fixing this loophole i.e., password protecting the single user mode.

open file “/etc/rc1.d/S99single” in your favourite editor and search for line.

Just add the following line above it. save it an exit.

Before

After

Now before entering single user mode you will need to provide root password to proceed. Check again trying to enter single user mode after these changing above said file.

Enter Root Password for Single User Mode

Why don’t you check it, Yourself.

Hack Your Linux System Without Using Single User Mode

OK, so now you will be feeling better that your system is secure. However this is partially true. It is true that your Linux Box can’t be cracked using single user mode but still it can be hacked the other way.

In the above step we modified the kernel to enter single user mode. This time also we will be editing the kernel but with a different parameter, let us see how ?

As a kernel parameter we added ‘1‘ in the above process however now we will be adding ‘init=/bin/bash’ and boot using ‘b‘.

Add ‘init=/bin/bash’

And OOPS you again hacked into your system and the prompt is enough to justify this.

Hacked into Your System

Now Trying to change the root password using the same process as stated in the first method using ‘passwd‘ command, we got something like.

Changing Root Password

Reason and Solution?

1. Reason: The root (/) partition is mounted Read only. (Hence password was not written).
2. Solution: Mount the root (/) partition with read-write permission.

To mount the root partition with read-write permission. Type the following command exactly.

Mount / Partition in Read Write

Now again try to change the password of root using ‘passwd‘ command.

Change Password of root

Hurrah! You hacked into your Linux System once again. Ohhh man is the system so easy to exploit. No! the answer is no. All you need is to configure your system.

All the above two process involved tweaking and passing parameters to kernel. So if we do something to stop kernel tweaking obviously our Linux box would be Secure and not that easy to break. And in order to stop kernel editing at boot we must provide password to boot loader, i.e., password protect the grub (Lilo is another bootloader for Linux but we won’t be discussing it here) boot loader.

Provide encrypted password to bootloader using ‘grub-md5-crypt‘ followed with your password. First encrypt the password

Password Protect Boot Loader

Copy the above encrypted password, exactly as it is and keep it safe we will be using it in our next step. Now open your ‘grub.conf‘ file using your favourite editor (location might be: /etc/grub.conf) and add the line.

Change “$1$t8JvC1$8buXiBsfANd79/X3elp9G1” with your encrypted password which you generated above and copied it safely to some other location.

The “grub.conf” file after inserting the above line, save and exit.

grub.conf Preview

Now Cross Checking, editing the kernel at boot, we got.

Cross Cheking Boot Loader

Now you would be breathing that you system is fully secure now and not prone to hack, however still the game is not over.

You better know that you can enforce rescue mode to remove and modify the password using a bootable image.

Just put your installation CD/DVD in your drive and select Rescue Installed System or use any other rescue image, you could even use a Live Linux Distro, mount the HDD and edit the ‘grub.conf‘ file to remove password line, reboot and again you are logged in.

Note: In rescue mode Your HDD is mounted under ‘/mnt/sysimage‘.

I know you would be asking- so where is the end. Well i would say is to.

1. Password protect your BIOS.
2. Change you Boot order to HDD first, followed by rest (cd/dvd, network, usb).
3. Use Password sufficiently Long, Easy to remember, Hard to guess.
4. Never write Your Password to anywhere.
5. Obviously use Uppercase, Lowercase, Numbers and Special Character in your password thus making it hard to break.

This guide was just to make you aware of facts and tell you how to secure your System. Tecmint.com and the writer of this article strongly discourage this guide as a base of exploiting other’s system. It is the sole responsibility of the reader if they engage in any such activity and for such kind of act neither the write nor Tecmint.com will be responsible.

Your positive comments makes us feel good and encourages us and that is always sought from you. Enjoy and Stay Tuned.

If You Appreciate What We Do Here On TecMint, You Should Consider:

TecMint is the fastest growing and most trusted community site for any kind of Linux Articles, Guides and Books on the web. Millions of people visit TecMint! to search or browse the thousands of published articles available FREELY to all.

If you like what you are reading, please consider buying us a coffee ( or 2 ) as a token of appreciation.

We are thankful for your never ending support.

Источник

Best Linux Distributions for Hacking and Penetration Testing

Last updated August 5, 2020 By Munif Tanjim 42 Comments

Looking for the best Linux distro to learn hacking?

Whether you want to pursue a career in information security, are already working as a security professional, or are just interested in the field, a decent Linux distro that suits your purposes is a must.

There are countless Linux distros for various purposes. Some are designed for specific tasks in mind and others suit different interfaces.

In a previous article, we explored some weird Ubuntu distributions. But today we are going to have a look at a list of some of the best Linux distros to learn hacking and penetration testing.

Before we see the best Linux distros for hackers, I would recommend you to check out the online hacking courses at our shop.

Best Linux hacking distributions

Here’s a list of various Linux distributions focusing on security. These distros provide multiple tools that are needed for assessing networking security and other similar tasks. The list is in no particular order.

1. Kali Linux

Kali Linux is the most widely known Linux distro for ethical hacking and penetration testing. Kali Linux is developed by Offensive Security and previously by BackTrack.

Kali Linux is based on Debian. It comes with a large amount of penetration testing tools from various fields of security and forensics. And now it follows the rolling release model, meaning every tool in your collection will always be up to date.

It’s the most advanced penetration testing platform out there, supporting a wide range of devices and hardware platforms. Moreover, Kali Linux provides decent documentation and has a large and active community.

You can easily install Kali Linux in VirtualBox inside Windows and start practicing hacking right away.

2. BackBox

BackBox is a Ubuntu-based distro developed for the purposes of penetration testing and security assessment. It’s one of the best distros in its field.

BackBox has its own software repository that provides the latest stable versions of various system & network analysis toolkits as well as the most popular ethical hacking tools. It’s designed with minimalism in mind and uses the XFCE desktop environment. It delivers a fast, effective, customizable and complete experience. It also has a very helpful community behind it.

3. Parrot Security OS

Parrot Security OS is relatively new to the game. Frozenbox Network is behind the development of this distro. The target users of Parrot Security OS are penetration testers who need a cloud-friendly environment with online anonymity and an encrypted system.

Parrot Security OS

Parrot Security OS is also based on Debian and uses MATE as its desktop environment. Almost every recognized tool for penetration testing is available here, along with some exclusive custom tools from Frozenbox Network. And yes, it’s available as a rolling release.

4. BlackArch

BlackArch is a penetration testing and security research distro built on top of Arch Linux.

BlackArch has its own repository containing thousands of tools organized in various groups. And the list is growing over time.

If you are already an Arch Linux user, you can set up the BlackArch tools collection on top of it.

5. Bugtraq

Bugtraq is a Linux distro with a huge range of penetration, forensic and laboratory tools.

Bugtraq is available with the XFCE, GNOME and KDE desktop environments, in Ubuntu, Debian and OpenSUSE versions. It’s also available in 11 different languages.

Bugtraq packs in a huge arsenal of penetration testing tools: mobile forensics, malware testing laboratories and tools specifically designed by the Bugtraq community.

6. DEFT Linux

DEFT Linux, short for Digital Evidence & Forensics Toolkit, is a distribution made for computer forensics, with the purpose of running a live system without corrupting or tampering with the PC and its usual boot drives.

DEFT is the counterpart to DART (Digital Advanced Response Toolkit), a forensics system for Windows. It uses the LXDE desktop environment and WINE for running Windows tools.

7. Samurai Web Testing Framework

Samurai Web Testing Framework is developed with the sole purpose of penetration testing on the web. Another aspect of this distro is that it comes as a virtual machine, supported by Virtualbox and VMware.

Samurai Web Testing Framework is based on Ubuntu and contains the best free and open-source tools that focus on testing and attacking websites.

It also includes a pre-configured wiki set up to store information during your penetration tests.

8. Pentoo Linux

Pentoo is based on Gentoo Linux. It is a distro focused on security and penetration testing and is available as LiveCD with Persistence Support (meaning any changes made in the live environment will be available on the next boot if you use a USB stick).

Pentoo is basically a Gentoo installation with lots of customized tools, kernel features and much more. It uses the XFCE desktop environment.

If you are already a Gentoo user, you can install Pentoo as an overlay on it.

9. CAINE

CAINE stands for Computer Aided Investigative Environment. It is intended as a digital forensics project and is completely focused on this field.

CAINE comes with a wide variety of tools developed for the purposes of system forensics and analysis.

10. Network Security Toolkit

Network Security Toolkit is a bootable live ISO based on Fedora. It provides security professionals and network administrators with a wide range of open-source network security tools.

Network Security Toolkit has an advanced Web User Interface for system/network administration, navigation, automation, network monitoring & analysis and the configuration of many applications found in the Network Security Toolkit distro.

11. Fedora Security Spin

Fedora Security Spin is a variation of Fedora designed for security auditing and testing, which can also be used for teaching purposes.

Fedora Security Spin

The purpose of this distro is to support students and teachers while they practice or learn security methodologies: information security, web application security, forensics analysis and so on.

12. ArchStrike

ArchStrike (previously known as ArchAssault) is a project based on Arch Linux for penetration testers and security professionals.

It comes with all the best parts of Arch Linux amd additional tools for penetration testing and cyber security. ArchStrike includes thousands of tools and applications, all categorized into modular package groups.

Others

There are plenty of others for you to choose from. Here are a few more of them:

Which of the hacking Linux distros we mentioned have you tried? Want to suggest a distro that we missed? Share your thoughts in the comment section.

Like what you read? Please share it with others.

Источник