Backtrack Team: ssh

Affichage des articles dont le libellé est ssh. Afficher tous les articles

Remotely Access Kali Terminal Using Putty

In this post we will use PuTTy to remotely or locally access Kali terminal with root priveleges. We will use SSH for this tutorial, though you can use Telnet or any other mode too.

Putty

Some theoretical inforamtion about putty for your digestion.

PuTTY is an SSH and telnet client, developed originally by Simon Tatham for the Windows platform. PuTTY is open source software that is available with source code and is developed and supported by a group of volunteers. (putty.org)

PuTTY is a popular SSH and Telnet client that helps you establish secure connections over the Internet and doesn't even require installation. It's especially aimed for programmers and network administrators, which means that newcomers won't find it easy to use. The program features a simple, straightforward interface with no included documentation. Despite its apparent simplicity, PuTTY is highly configurable and includes many options to tweak connections, sessions, SSH security features and even the window's appearance. (softpedia)

Basically what you need to know is Putty works on Windows and will help you execute commands on Virtual install of Kali directly from Windows. It's like a Kali terminal in Windows. What that means is if you have any configuration other than Windows : Host and Kali : Guest, then PuTTy isn't going to be useful ( you can still use it for remotely running Kali, but the focus is on host guest mechanism here).

Download

You can download putty here. http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html . That's the official download location. Softpedia, CNET, etc. also provide downloads. You will find a lot of links there, and it will take a minute to find out what you need to download. However, for the sake of ease, the link below this line is likely to be what you are looking for.

A Windows installer for everything except PuTTYtel

Installation is quite easy, nothing you can't handle.

Kali Configuration

There are a few things that need to be done before PuTTy starts working. Firstly, you would be using SSH to connect to Kali (main advantage of SSH is that it's secure, you can search google for more info on SSH). By default, the SSH service isn't started in Kali, but you can still check with

root@kali:~# service --status-all

[ - ] ssh

It will display a long list. The - against ssh indicates it is not running. Depending on whether the SSH is installed or not, you can execute the following. Run the second command first, if it works fine the installation isn't required, if not, then execute first command.

root@kali:~#apt-get install openssh-server (to install SSH)

root@kali:~#service ssh start (to start the service)

Optional : If you are connecting remotely and are afraid that someone will eavesdrop your data, then you can use public private key encryption offered by SSH. For this you need to create an RSA key.

root@Kali:~# ssh-keygen -t rsa

You will have to specify where to store the key (just press enter for default location) and then specify a key. This step is quite unnecessary for most users.

Also, type ifconfig to get your eth0 ip address.

Starting PuTTy on Windows

Start Putty, and you will see a putty configuration dialog. Enter the IP that you found out in the last step. The port will be 22 and connection type SSH. Click open and you'll be prompted to enter the credentials for terminal access. Type in 'root' and your password. You will now see something like this-

You can run commands from here and they will be executed on your Kali machine. There are no functionality restrictions as such, and you can do almost anything from this terminal. Type exit to end the session.

Auto start SSH on Kali Boot

Now every time you will boot into Kali, the SSH service will not be running. You will have to type the following everytime to boot - service ssh start

However, there are alternatives. One straightforward one is to go to Applications -> System Tools -> Preferences -> Startup Application and click on add. Enter the command as service ssh start and add whatever you feel like for Name and Comment (nothing technical there).

Alternatively, you can use update-rc.d to get the same functionality. It helps add/remove services which will run at booting. Execute the following command to add SSH to startup services

root@kali:~#update-rc.d ssh enable

You can of course write your script to start ssh, but that wouldn't do us much good since starting the service is as easy as one line of code (service ssh start) and you don't write scripts that execute just one command (that is quite an inefficient way of usingputty scripts)

by Malik korrich ~ jeudi 5 juin 2014 0 commentaires

Top SSH Clients for iPhone

So you want to enter to your computer or another computer over a network, to give commands in an inaccessible machine, and to move files? SSH or Secure Shell is the program you need. It provides strong confirmation and secure communications over a not so secured channel. What if you don’t have your laptop with you? This could be really hard since not all computers have SSH. So here is a list of SSH clients for your iPhone.

Touchterm

Touchterm is a free version of Touchterm Pro that connects with all servers. It doesn't have the fancy features and gestures of TouchTerm Pro but can be recommended as an SSH client. It is driven by industry-standard OpenSSH, Open-source library and has clocked months of daily usage of a massive user base.

Features include RSA/DSA public key authentication, complete server, connection, password, and SSH Key management, application Lock, both Wi-Fi and EDGE/3G support. Full special-key support, allows displaying terminal output, Landscape mode support, configurable font size and color and support for almost all commonly used international character encoding.

iSSH

iSSH is a front-end application to the command line application. iSSH gives an easy way to start an SSH connection to a remote computer. It includes: ports to forward to the remote computer, or, to start an SSH SOCKS proxy. The first could be used to forward a VNC connection over SSH and the latter could be used to bypass your work’s website filters. Either way, iSSH offers a simple way to start an SSH connection for those who don't know how to use the Terminal or just don’t need it. SSH and Telnet emulator of VT100, VT102, VT220, ANSI, and xterm terminals. It is incorporated with a tunneled VNC and RDP client and an X server.

pTerm

A very simple SSH client and xterm terminal emulator. Its features include; SSH, Telnet, and Raw Socket (TCP) support; xterm terminal emulation; 80x24 standard unix terminal window; Pinch to zoom in the terminal; Landscape and Portrait modes; Support for CTRL keys; Works over Edge, 3G, or WiFi connections

Prompt

Ideal for system administrators, web developers, movie-style hackers or any person who needs to connect remotely and type. It looks and works great on iPhone, your iPad, and even iPod Touch. Requires iOS 5.0 or later. This app is optimized for iPhone 5

Features include effortless favorites, customizable special keys, autocomplete, keyfile support, Bluetooth keyboards including special keys, password lock, Bonjour server detection.

Rapid SSH

RapidSSH is a powerful and complete Terminal App for Apple iPad and iPhone, enabling SSH, Telnet and RAW connectivity to devices over Wifi and 3G. Full multi-session capability, complex scripting, remote screen sharing via web, Dropbox support, and full logging. It supports SSH v1, SSH v2, SSH Agent, Agent Forwarding, and full scripting.

These are great applications, and each offers something the other doesn’t. Choose which ones you think you really need. You can enjoy your gadget fully with this app so go get one!

This guest post is brought to you by Martin Nodskov of Frompo.com, a site that offers savings and current information on search.

Note: If you want to learn more about Linux and Windows based Penetration testing, you might want to subscribe our RSS feed and Email Subscription or become our Facebook fan! You will get all the latest updates at both the places.

by Malik korrich ~ mercredi 15 mai 2013 0 commentaires

SSH Cracking Backtrack 5 Video Tutorial

SSH is a network protocol which allows you to connect the remote computer securely, SSH is just like telnet but telnet is not secure while SSH is a secure channel for communication. We have already discussed SSH before and in this tutorial I will show you how to crack a SSH to get the password because if you know the username and password then it is very for an attacker to get the remote shell of the victim.

SSH security is very important because web administrator used to connect their web admin panel via SSH, people are using SSH to transfer the files. The communication might be client to client and client to server.

In this tutorial I will show you how to crack the SSH and to get access on the Linux machine, the tools:

Backtrack 5 R1
Hydra (THC Hydra)
Mind

Enjoy the video and do not forget to share it ! Spread the knowldege to get some knowledge.

by Malik korrich ~ mardi 31 juillet 2012 0 commentaires

Hacking Application for Android

Mobile devices is now very common now a days and mobile devices has changed the way of bi-directional communication. There are many operating system for mobile devices available but the most common and the best operating system for mobile is Android, it is an OS means you can install other applications (software's) on it. In Android application usually called apps or android apps.

The risk of hacking by using mobile devices is very common and people are developing and using different apps (application) for their hacking attack. Android has faced different challenges from hacking application and below is the list of application for android hacking.

The Android Network Toolkit

In the last Defcon conference a new tool has been released by a security researcher and the tool is called “The Android network toolkit”. The has been developed for penetration tester and ethical hackers to test any network and vulnerabilities by using their mobile phones. This toolkit contain different apps that will help any hacker to find vulnerabilities and possibly exploit it. The company behind the app is an Israeli security firm called Zimperium.

Nmap for Android

Nmap (network mapper) is one the best among different network scanner (port finder) tool, Nmap mainly developed for Unix OS but now it is available on Windows and Android as well. Nmap for android is a Nmap apps for your phone! Once your scan finishes you can e-mail the results. This application is not a official apps but it looks good.

FaceNiff- Session Hijacker for Android

Your Facebook account is at risk, just like a Firesheep (for firefox hacking) there is a FaceNiff for hijacking the session of famous social networking websites includes facebook and twitter. FaceNiff is developed by Bartosz Ponurkiewicz who created Firesheep before but faceniff is for android OS.

AnDOSid- DOS Tool for Android

DOS or denial of service attack is very dangerous attack because it takes down the server
(computer).AnDOSid allows security professionals to simulate a DOS attack (A http post flood attack to be exact) and of course a dDOS on a web server, from mobile phones.AnDOSid is designed for security professionals only!

SSHDroid- Android Secure Shell

Secure shell or SSH is the best protocol that provides an extra layer of security while you are connecting with your remote machine.SSHDroid is a SSH server implementation for Android.
This application will let you to connect to your device from a PC and execute commands (like "terminal" and "adb shell").

by Malik korrich ~ vendredi 23 septembre 2011 0 commentaires

OpenSSH Tutorial for Linux-Windows

SSH or secure shell is one of the best way to secure your communication on the Internet, if you want to connect remote computer from public places like coffee shop, work place and even from your home. It is recommended to use a secure channel (encrypted) to establish the connection and for transferring the files (Data). The theory behind SSH has been discussed before and as we have shared the best SSH clients for windows operating system.

This article is a tutorial based article.

What Is OpenSSH

OpenSSH is a SSH client that provide end point security by using encryption techniques for the applications like Telnet,FTP and rLogin.

OpenSSH Tutorial

Normally OpenSSH used in Linux operating system however windows version of OpenSSH is also available and for this tutorial I will use Backtrack 5, you can use some other Linux distribution as well because we discuss each and everything from basic.

Backtrack 5 has OpenSSH client so for me there is no need to download OpenSSH and most of the Linux distribution has SSH client so for vary first step open the terminal and check that your SSH.

root@bt:~# ssh

If you will find the response like this, means you have SSH client on your OS.

Follow the tutorial from this point because you have SSH client, if you don't have OpenSSH client than leave this section and move to the installing section below.

Below is the simple command to connect a remote computer:

ssh user@remotemachine

The good practice is to use specific ports for this connection like:

ssh -p remoteport -D localport -f -C -q -N user@remotebox

Remoteport = Port for the remote SSH server , remember default port for SSH is 22 but you can use some other ports as well.

Localport = Port for the local SSH client (your computer).

Remotebox= IP address of the remote device

user= user is the username for the remote computer

-C = Enable encyrption

Install OpenSSH

There are many ways to install OpenSSH like you can get source file from the official website but for this tutorial on the terminal type:

pacman -S openssh

If you dont have a pacman in your box than you need to install it by using

apt-get install pacman

The SSH daemon can be find here /etc/ssh/sshd_config

Now for connection tutorial see above.

by Malik korrich ~ lundi 19 septembre 2011 0 commentaires

Top SSH Client for Windows

SSH or secure shell is the best way to communicate secretly over Internet it provides a secure channel between sender and the receiver and it uses encryption techniques to make the procedure secure. SSH is a protocol and there are different clients are available to run and execute or simple to work on this protocol for different Operating system like for Linux, MAC, Iphone and Windows.

So before going to the actual tutorial I would like to share some SSH clients for different operating system.

This article contain a list of best SSH clients that are available for Windows Operating system. So here is the comprehensive list that we have created on based of our knowledge, if you do not find your SSH client than comment about it.

PuTTY: A Free Telnet/SSH Client

PuTTY is a free implementation of Telnet and SSH for Windows and Unix platforms, along with an xterm terminal emulator. PuTTY 0.61 is out, after over four years, with new features, bug fixes, and compatibility updates for Windows 7 and various SSH server software.

OpenSSH for Windows

OpenSSH for Windows is a free package that installs a minimal OpenSSH server and client utilities in the Cygwin package without needing the full Cygwin installation. The OpenSSH for Windows package provides full SSH/SCP/SFTP support. SSH terminal support provides a familiar Windows Command prompt, while retaining Unix/Cygwin-style paths for SCP and SFTP.

WinSCP SSH for Windows

WinSCP is an open source free SFTP client, SCP client, FTPS client and FTP client for Windows. Its main function is file transfer between a local and a remote computer. Beyond this, WinSCP offers scripting and basic file manager functionality. It has a graphical interface it supports basic authentication.

Private Shell SSH Client

Private Shell is an advanced and easy-to-use SSH and SecureFTP client for Windows providing remote computer access with SSH1 and SSH2 protocols. Private Shell's default configuration allows you to connect to any SSH1 or SSH2 server in the most secure way by choosing the strongest encryption algorithms supported by a remote computer.

AbsoluteTelnet / SSH

AbsoluteTelnet / SSH is a secure flexible terminal client with rock-solid emulations that is suitable for developers, administrators, or deployment across the enterprise.

Cygwin

OpenSSH (SSH1 and SSH2 protocol) with Cygwin can run on Windows using the portable version of OpenSSH, which can be either built from source or installed as a Cygwin native package. Several other packages of OpenSSH on Cygwin exist; one that is actively maintained is copssh.

by Malik korrich ~ mercredi 14 septembre 2011 0 commentaires

Secure Shell- SSH An Introduction

Network protocol or communication protocol are the set of defined rules and regulation which must be followed by the both parties (Sender and receiver) for effective communication. Network protocols like HTTP, FTP, TCP/IP, SMTP and more, you can get the list of network protocol. So network protocol is very important and now a days security of your information is more important. Use some secure protocol to make your data secure.

You must have heard about secure socket layer or SSL, SSL provide a secure channel between server and the user, suppose you need to connect your home computer with your work computer and you want to transfer some importance files so SSL is no longer for this situation, you must have a secure network protocol to connect remote devices.

What Is Secure Shell- SSH

According to WiKiPedia “Secure Shell or SSH is a network protocol that allows users to open a window on a local computer and connect to a remote computer as if they were sitting there.”

By this definition you can understand that SSH provides a secure channel between two computers to protect the valuable information from hacking attack.

SSH is typically used to log into a remote machine and execute commands, but it also supports tunneling, forwarding arbitrary TCP ports and X11 connections; file transfer can be accomplished using the associated SFTP or SCP protocols.

Just like HTTP, FTP and other protocols SSH have a port number of 22 (TCP). You can use Telnet (port 23) to connect remote computer but remember Telnet does not provide any sort of security or encryption that is Telnet has been replaced by SSH.

Secure shell can be used on various operating system like Windows, Linux, MAC, BSD and even you can use SSH protocol on your Iphone (Purpose is same). Authentication process in SSH is very strong like SSH use public key cryptography to authenticate remote computer and vice versa.

SSH can be used for multiple purposes like Tunneling, forwarding ports and connections. The major version of SSH are as follows:

SSH1 or SSH-1
SSH2 or SSH-2

What Is SSH Client

SSH client is a simple software program that allows you to use SSH protocol to connect remote computer in a efficient manner. SSH client are available on graphical user interface so it is easy to use.

On the next article for SSH series we will discuss deeply about SSH client with the tutorials of tunneling.

by Malik korrich ~ mercredi 31 août 2011 0 commentaires