Determining Network Range @ Kali Linux

This post will focus on determining the IP addresses range from the target network. Here I will explore the tools needed to achieve it.

Let's begin the process of determining the network range by opening a terminal window:

1.     DMitry (Deepmagic Information Gathering Tool) is a UNIX/(GNU)Linux Command Line Application coded in C language.DMitry has the ability to gather as much information as possible about a host. Base functionality is able to gather possible subdomains, email addresses, uptime information, tcp port scan, whois lookups, and more. The information are gathered with following methods:

 

·         Perform an Internet Number whois lookup.

·         Retrieve possible uptime data, system and server data.

·         Perform a SubDomain search on a target host.

·         Perform an E-Mail address search on a target host.

·         Perform a TCP Portscan on the host target.

·         A Modular program allowing user specified modules

2.     Open a new terminal window and issue the following command:

dmitry -wnspb targethost.com -o /root/Desktop/dmitry-result

3.     When finished, we should now have a text document on the desktop with filename dmitry-result.txt, filled with information gathered from the target:

4.    To issue an ICMP netmask request, type the following command:

netmask -s targethost.com

 
5.    Using scapy, we can issue a multiparallel traceroute. To start it, type the
following command:
scapy

6.    Scapy is a powerful interactive packet manipulation program. It is able to forge or decode packets of a wide number of protocols, send them on the wire, capture them, match requests and replies, and much more. It can easily handle most classical tasks like scanning, tracerouting, probing, unit tests, attacks or network discovery (it can replace hping, 85% of nmap, arpspoof, arp-sk, arping, tcpdump, tethereal, p0f, etc.). It also performs very well at a lot of other specific tasks that most other tools can't handle, like sending invalid frames, injecting your own 802.11 frames, combining technics (VLAN hopping+ARP cache poisoning, VOIP decoding on WEP encrypted channel, ...), etc.Now with scapy started, we can now enter the following function:

ans,unans=sr(IP(dst="www.targethost.com/30", ttl=(1,6))/TCP())


7.    To exit scapy, type the following function:

exit()

Nessus @ Kali Linux

1.  Nessus is a proprietary comprehensive vulnerability scanner which is developed by Tenable Network Security. It is free of charge for personal use in a non-enterprise environment and is the world's most popular vulnerability scanner, taking first place in the 2000, 2003, and 2006 security tools survey.Nessus allows scans for the following types of vulnerabilities:
 

-  Vulnerabilities that allow a remote hacker to control or access sensitive data on a system.

-  Misconfiguration (e.g. open mail relay, missing patches, etc.).
-  Default passwords, a few common passwords, and blank/absent passwords on some system accounts. Nessus can also call Hydra (an external tool) to launch a dictionary attack.

-  Denials of service against the TCP/IP stack by using mangled packets
-  Preparation for PCI DSS audits

2.   This post brings you screenshots for installing Nessus in Kali Linux for home users that's the free edition I am using here :

Firstly after installing Nessus from the site,Obtain the activation code for Nessus by registering at 

http://www.nessus.org/products/nessus/nessus-plugins/obtain-an-activation-code

Secondly Activate Nessus by executing the following command:

/opt/nessus/bin/nessus-fetch --register S56X-XXXX-XXXX-XXXX-4122

Where  S56X-XXXX-XXXX-XXXX-4122 should be your activation code received vide registered email.

Create a user account for the Nessus web interface:

/opt/nessus/sbin/nessus-adduser

To start the Nessus server, we simply invoke the following command:

/etc/init.d/nessusd start

KALI LINUX : UPDATING IN 3 TERMINAL COMMANDS

1.   No big deal for these three terminal commands which actually can suffice for updating any package.As Kali packages are constantly updated between releases, a newer set of tools are available than what were originally downloaded on your DVD ROM or came with any old iso image.

2.  So these go like this :

- Update the local package index with the latest changes made in the repositories:

apt-get update

- Upgrade the existing packages:

apt-get upgrade

- Upgrade to the latest version (if available):

apt-get dist-upgrade

3.  That's it.....do it as Root or add sudo su before u start

Installing Broadcom drivers : Kali Linux

1.     This post will show the installation of Broadcom's official Linux hybrid wireless driver. Using a Broadcom wireless USB adapter gives us the greatest possibility of success in terms of getting our wireless USB access point to work on Kali.

2.    Open a terminal window and download the appropriate Broadcom driver from http://www.broadcom.com/support/802.11/linux_sta.php

cd /tmp/

wget http://www.broadcom.com/docs/linux_sta/hybrid-portsrc_
x86_64-v5_100_82_112.tar.gz

3.     Extract the downloaded driver using the following script:

mkdir broadcom

tar xvfz hybrid-portsrc_x86_64-v5_100_82_112.tar.gz –C /tmp/broadcom

4.     Modify the wl_cfg80211.c file since there's a bug in version 5.100.82.112 that prevents compiling the code under kernel version 2.6.39

vim /tmp/broadcom/src/wl/sys/wl_cfg80211.c

Look at the following piece of code at line number 1814:

#if LINUX_VERSION_CODE > KERNEL_VERSION(2, 6, 39)

Replace it with the following:

#if LINUX_VERSION_CODE >= KERNEL_VERSION(2, 6, 39)

Save the changes.

5.     Compile the code:

make clean
make
make install

6.     Update the dependencies:

depmod -a

7.     Find loaded modules by issuing the following:

lsmod | grep b43\|ssb\|bcma

8.     Remove the modules found by executing the following command:

rmmod b43

Where could be b43 or ssb or bcma.

9.     Blacklist the modules to prevent them from loading at system startup:

echo "blacklist " >> /etc/modprobe.d/blacklist.conf

Where could be b43 or ssb or bcma or wl.

10.     Finally, add the new module to the Linux Kernel to make it a part of the boot process:

modprobe wl

KALI LINUX : INSTALLATION SCREENSHOTS

Kali Linux is a Debian-derived Linux distribution designed for digital forensics and penetration testing. It is maintained and funded by Offensive Security Ltd. It was developed by Mati Aharoni and Devon Kearns of Offensive Security through the rewrite of BackTrack, their previous forensics Linux distribution.Kali Linux is preinstalled with numerous penetration-testing programs, including nmap (a port scanner), Wireshark (a packet analyzer), John the Ripper (a password cracker), and Aircrack-ng (a software suite for penetration-testing wireless LANs). Kali Linux can be run from a hard disk, live CD, or live USB. It is a supported platform of the Metasploit Project's Metasploit Framework, a tool for developing and executing security exploits.This post brings you the screen step wise shots during installation....

UPDATING METASPLOIT ON BACKTRACK3 : SOLVED

1.   Backtrack 5 comes with pre-installed  metasploit framework v4.0 but now Metasploit Community comes with updated  Web Ui version and others functionalities and even more exploits.To exploit the new features and functionalities it is important to upgrade the existing Metasploit version to its current stable version.But unlike in past it is not simply a matter of doing msfupdate in the msfconsole.Here I bring you few simple steps with screen shots to enable you to upgrade your version of Metasploit.

Firstly download the current available version ie Metasploit framework v4.5 which can be downloaded from Metasploit Framework site here

 

or click at  http://www.metasploit.com/download/

 

Secondly Installing Metasploit Community over the existing metasploit framework installation won't work for various reasons so the best way to start is by uninstalling the earlier version of Metasploit Framework first and this basically comes to the following terminal commands.

# cd /opt/metasploit/

# ls

# ./uninstall

 

Thirdly ,Make installer executable...so when you have downloaded the file with name "metasploit-latest-linux-installer.run", open new terminal window and enter the following commands.

# chmod u+x /root/metasploit-latest-linux-installer.run

Fourthly, Run Installer

# ./metasploit-latest-linux-installer.run

This will now be explained further till installation vide screen shots as below :

At the end of the installer, the metasploit web UI will open in your browser (https://localhost:3790/) and you follow the steps to register and choose the metasploit community edition for free....thats it!!!