If you are a regular user of Kali Linux or for that matter any Ubuntu or Debian machine, you should be knowing what apt get update is. It is a simple way of updating the packages of Linux systems. Frequently many users of Kali Linux faced the problem as shown in the image given below while running the update command. This is called Kali Linux apt get update signature error. Today we will see how to fix apt get update signature error in Kali Linux.
Today we will see how to fix this problem. As underlined in the given image, the error occurs when verifying the signatures. What signatures is the error referring to? Just like any software nowadays, the Debian packages are supplied with a digital signature to preserve their integrity. Before downloading the packages, these signatures are verified. If these don’t match, we get an error as shown below.
To solve this problem, we need to get the new signature. This can be done using the command
Good Evening Friends. As of Sept 2015, VMware recommended using the distribution-specific open-vm-tools instead of the VMware Tools package for guest machines. This means that instead of Vmware tools, the users should install openVM tools specific to the guest OS. The makers of Kali Linux have made changes to the latest Kali rolling kernel accordingly. These openVM tools have all the needed functionality such as file copying, clipboard copy/paste and automatic screen resizing are working perfectly. Now let us see how to install OpenVM tools in Kali Linux rolling 2016.
Open a terminal and locate the “sources.list” file. Open the “sources.list” file with any text editor. Here I opened with the Vi editor. The command is “vi /etc/apt/sources.list“
When the file opens, type “i” to get into insert mode. You cannot make changes to this file unless you get into insert mode.
Now type “deb http://http.kali.org/kali kali-rolling main contrib non-free” without quotes. Hit ESC, then SHIFT+:wq to save and close the file.
Next type command apt-get update.
Then type command apt-get install open-vm-tools-desktop fuse. When it asks if you want to continue, type Y.
After installation is over, reboot the system and you will get the screen as shown below. Happy hacking.
Good Evening Friends. Today our howto is about how to setup OpenVAS in Kali Linux or Kali Linux Sana for that matter. As you already know, OpenVAS is a vulnerability scanner which replaced Nessus vulnerability scanner in Kali Linux. You should already have observed that Nessus is not installed by default in Kali Linux( see here if you are looking how to install Nessus in Kali Linux). Openvas is installed by default in Kali Linux. We just need to configure it to make it available for vulnerability scanning. Let’s see how. Open terminal and type command “openvas-check-setup“. We will use this command many times from now. The good thing about installation of Openvas is it is very simple. Simple in the sense that it will automatically give the fix for the errors we face in configuring Openvas. As shown below, we will get a error and the “fix” to fix that error just below it.
As shown in the “fix” above, type command “openvas-mkcert” . This will create an openvas ssl certificate as shown in the below two images.
The certificate will end like as shown below.
When the certificate is successfully created, once again type command “openvas-check-setup” to check the next step in the process. You can see below underlined what our next command is.
Type the command “openvas-nvt-sync” as shown below.
The process will run and end as shown below.
Once again, type command “openvas-check-setup“. It will prompt you the next command to run.
Type the command “openvas-mkcert-client -n -i“. This will create a client certificate for the Openvas manager.
Once the client certificate is successfully created as shown above, once again check the setup by typing command “openvas-check-setup“. This time it will ask you to create a user as shown below.
Type the below command to create a user. Choose your username and password as per your choice. I have chosen “root” and “toor” consecutively.
Next type command “openvas-check-setup”. It will ask you to rebuild as shown below.
Before rebuilding, start the openvas scanner as shown below by typing command “/etc/init.d/openvas-scanner start“.
Then type command “openvas –rebuild” to update the database.
Next type command “openvas-check-setup”.
Type command “openvas-scapdata-sync”. This will take a bit long time.
Once the above process is finished, type command “openvas-check-setup” once again.
Type command “openvas-certdata-sync“. The process will run as shown below.
Next, type command “openvas-check-setup” for one last time, hopefully. You will get a message that your OpenVAS installation is OK as shown below.
Restart the system and start openvas by typing command “openvas-start“.
Open your browser and point it to port number 9392 as shown below. You should get a warning as shown below. Click on “I understand the risks”.
This will prompt you with a login screen. Login with the credentials we created above.( Hope you have not forgotten them).
Once you login you should see the screen as shown below. Hurrah, you have successfully configured Openvas in Kali Linux. Happy hacking.
It is a dream of every hacker to bypass the antivirus solutions of their targets. Recently we have been learning about various payload generators that can bypass antivirus. In this howto, we will see one such payload generator which is designed to bypass antivirus. It’s named Shellter. To say in the words of its makers, “By using Shellter, you automatically have an infinitely polymorphic executable template, since you can use any 32-bit ‘standalone’ native Windows executable to host your shellcode. By ‘standalone’ means an executable that is not statically linked to any proprietary DLLs, apart from those included by default in Windows. ”
Let us see how to install Shellter in Kali Linux. The version we are using here is the latest version Shellter V7.0 till date which can be downloaded from here. Go to the download page and download the zip file shown below.
Click on the link and save the file as shown below.
Once the download is finished, go to the Downloads folder. You will see the “shellter.zip” file as shown below. I copied the file to the root folder but if you want to keep the file in Downloads folder you can keep it. This step is not mandatory.
Now change the permissions of the zip file as shown below. Until you change the permission- s, you cannot unzip the files. After you change the permissions of the file, unzip the contents of the file using the “unzip” command.
Type “ls“. You will see a new directory with name “shellter”. You have successfully installed Shellter in Kali Linux. Navigate into the directory “Shellter” to see its contents as shown belo- w. We will see how to use Shellter to bypass antivirus in our next issue. Until then, happy hacking practice.
Good evening Friends. Today we will see how to install Veil Evasion in Kali Linux. Although this howto is made on Kali Linux Sana, it is same for all the versions of Kali. For the novices, Veil-Evasion is a tool to generate payload executables that bypass common antivirus solutions. First of all download and save the zip file of veil evasion as shown below from here.
Next, Open terminal and go to the directory where the zip has been downloaded. Commonly it is root or Downloads. Mine is in root. Next unzip the contents of the zip file by using command unzip “Veil-Evasion-master.zip” as shown below.
When unzipping is finished, type “ls” command once again. You will see a new directory “Veil-Evasion-master”. Change into that directory as shown below and type “ls” to see the contents of that directory.
There will be a dircetory named “setup”. Change into that directory. You will see a file named “setup.sh”. Execute that file using command “./setup.sh“
It will prompt you a question whether you want to continue with the installation or not. Type “y”.
The installation will start. It will ask you whether to install Wine. Click on “Install”.
Next it will install Python. Click on “Next”.
Click on “Next”.
If it asks you to overwrite existing files of any Python, select “yes”.
Click on “Next” for the below window.
Finsih the installation by clicking on “finish”.
Next, the system will ask you to install pywin32. Pywin32 is a set of extension modules that provides access to many of the Windows API functions. Click on “Next”.
Click on “Next”.
Click on “Next”.
Click on “Finish” the script.
Next it will install pycrypto. Click on “Next”.
Click On “Next”.
Select language as “English” and click on “OK”.
Next it prompt you to install Ruby. Accept the license and click on “Next”.
Click on Install.
Click on Finish to to finish the installation of Ruby.
You will see the below screen as the installation finishes.
Now let us see if our installation has been successful by starting the program. Go to the “Veil-Evasion-master” directory in which there is a python script called “Veil-Evasion.py”. Execute this script by typing command “./Veil-Evasion.py”.
Good Evening friends. Today we will see how to add new exploits to Metasploit from the exploit database. As we all know, Metasploit is a framework to exploit systems. This howto is being done in Kali Linux which has Metasploit installed by default. You can see below that here Metasploit has total 1467 exploits. Now let us add the recently released Microsoft Windows Media Center MCL vulnerability exploit to Metasploit framework.
Go to the website exploit-db.com and open the search option as shown below. Go to the Advanced Search option and give the below values to search for all the exploits for Metasploit.
As the below image shows, we get all the exploits authored by Metasploit. We are interested in the Ms15-100 Microsoft Windows Media Center MCL vulnerability underlined below.
Now click on the download option as shown below. A window will open as shown below. Select the Save option.
Now open a terminal and navigate to the Downloads folder to check your download. In our present case it is “38195.rb”.
Now navigate to the directory where metasploit stores its exploits by typing command “cd/root/.msf4“. Go into modules directory and create a directory named “exploits” inside that directory. Now go into the exploits directory(which you just created) and create another directory named “windows”, inside the windows directory( which once again you just created) create directory “local”. If you are getting confused, all the steps are given in below image, just follow them. We are just creating a valid path for metasploit to find this exploit. Once you are in the local directory, copy the exploit you just downloaded to the local folder as shown below.
Ok, we’re almost done. Now restart the system and fire up your Metasploit. Now you can see that we have 1468 exploits as 1467 previously.
Now let us search for our exploit by typing command “search ms15_100”. Load the exploit as shown below. We have successfully added a new exploit to Metasploit. Hope that was helpful.
Hi Friends, this is a guide on how to reset Nessus password in Windows. Open a command line terminal with administration privileges. Navigate to the installation folder of Nessus as shown below. That would be in program files.
Once you are in that folder, type “dir” command to see the contents of the folder as shown below.
Now type command ” nessuscli.exe lsuser ” to see all the Nessus users. In my case there is only one user present. Now to reset his password, type command ” nessuscli.exe chpasswd root “. Then enter the new password twice as shown below. Congrats, you have successfully changed your Nessus password.
Hi Friends, its common that we forget things. I have forgotten my Nessus password so many times. Today we will see how to reset Nessus password in Kali Linux in case you have forgotten it.
Nessus is the world’s most popular vulnerability assessment tool. It is an open source vulnerability scanner although there is also a commercial option. option Open a terminal, and type the command “cd /opt/nessus/sbin” to navigate to the sbin directory. Here type “ls” to see the contents of this directory as shown below.
Next type command “./nessuscli lsuser ” to see all the nessus users present. Here, we have only one. Ok, let’s reset the password for user root. Type command ” ./nessuscli chpasswd root“. The system will prompt you to enter the new password. Enter the password two times as shown below. You have successfully reset Nessus password. Now logon with the new password.
Hi Everybody, today we are going to see how to make live USB of Kali Linux. Live USB installation has many advantages like system administration, forensics and testing of the OS before making a hard drive installation. However what prompted me to make kali live USB was wifi hacking. My laptop has a compatible adapter for wifi hacking but Kali Linux in Vmware Workstation recognizes your host’s wifi adapter as a ethernet adapter. So I thought I could postpone buying a usb wifi adapter for some time by making a live usb installation of kali linux.
Whatever, let’s get to how to make Kali Live USB. First we need to download software called win32diskimager from here, Install the software and launch it. It will look like below.
Plug a USB drive into your laptop. Make sure it is at least 4 GB. In the “device” tab, select your USB drive. In the “image file” tab, browse to the iso image of Kali Linux as shown below.
Kali Linux is the most advanced penetration testing distribution with a number of tools. While using these tools a measure of anonymity is required. Today we are going to see how to spoof your IP address in Kali Linux. First, check your IP address by visiting any website which shows your IP address ( http://www.whatismyip.com ). Then go to the site www.vpnbook.com.
Download the Euro1 Server OpenVPN certificate bundle as shown below. Note down the username and password given. We will need it in later steps.
When you click on the download link, the following window opens. Since it is a zip package, system will prompt whether to open it with unzip ( the default option ). Click on “OK”.
Open the terminal and navigate to the directory where the contents of the zip archive have been unzipped. Type the command “ls” to see the unzipped files. We are going to use the vpnbook-euro1-udp53.ovpn package.
OpenVPN has been installed by default in the Kali Linux distribution. Type the command “openvpn vpnbook-euro1-udp53.ovpn” to start the process.
The installation starts. Enter the username and password we noted above when prompted.
After a short time, the process is completed. Check your IP address again. If everything goes well, your IP address will be changed.