Posted on 2 Comments

Webshells in Kali Linux

Hello Aspiring Hackers. In this howto, we will learn about Webshells provided by default in Kali Linux. In a previous article , we saw how one of the most popular shells can be used to hack a website. However popularity has its own disadvantages, at the least in the field of cyber security. The C99 php shell is very well known among the antivirus. Any common antivirus will easily detect it as malware. Although it is unlikely that web servers will be installed with antivirus, still it is good to stay one step ahead. So today we will see some of the least popular but still effective web shells.

As you all know, Kali Linux is one of the best pen testing distros available. It would be very disappointing if it didn’t have web shells in its arsenal. Open a terminal and navigate to the directory “/usr/share/webshells” as shown below. As you can see, web shells are classified according to the language of the website we are trying to hack. Today we will see about PHP shells. So go into that directory and do an “ls”. You can see the shells below.

Now let us see their features by uploading each one them into web server we want to hack. See how to upload the shells.

  1. simple-backdoor.php

As the name clearly tells, the functioning of this shell is very simple. It is used to execute some commands on the target web server. Let us go to the shell’s link after uploading and execute the “net user” command as shown below. As already used in Part 1, this command gives us all the users present on the Window’s system.

Similarly let us execute another powerful command “systeminfo” to get the web server’s whole information as shown below. Sorry about the censor.

php-backdoor.php

The php-backdoor, as the name implies  is file upload shell just used to add more backdoors. It helps us in the case where we can’t easily upload any additional files we want.

I works akin to file upload function in our Part 1. As you can see below, it has upload form and a function to execute commands. We can also connect to the database.

php-reverse-shell.php

Every shell doesn’t require us to visit the web server. In fact we can make the webserver visit us. Enter the php-reverse-shell. As its name says, it makes a reverse connection to our attacker system. In order for this shell to make a reverse connection, it needs an IP address. So before uploading this shell we need to change the IP address in the script to our IP address ( Kali Linux ) as shown below. Save it and close it.

Next, let us start a netcat listener in one of the terminal. If you are new to netcat the command “nc -v -n -l -p 1234” tells netcat to listen verbosely on port 1234. Remember the port number should be same as we specified above.

Now when we upload the shell, On kali linux we will get a terminal as shown below. Hit “ls” to see the contents of the directory.

qsd-php-backdoor.php

The qsd-php-backdoor is compatible with both Linux and Windows web servers. As we upload it, it will detect whether the web server is Windows or Linux and then acts accordingly. The screenshot is shown below. As you can see we can move to the root directory of web server and come back, execute shell commands and SQL queries.

You already know what happens when we execute “systeminfo” command as shown below.

That’s about webshells in Kali Linux. Hope it was helpful.

Posted on 3 Comments

How to install Veil Evasion in Kali Linux

Good evening Friends. Today we will see how to install Veil Evasion in Kali Linux. Although this howto is made on Kali Linux Sana, it is same for all the versions of Kali. For the novices, Veil-Evasion is a tool to generate payload executables that bypass common antivirus solutions. First of all download and save the zip file of veil evasion as shown below from here.

Next, Open terminal and go to the directory where the zip has been downloaded. Commonly it is root or Downloads. Mine is in root. Next unzip the contents of the zip file by using command unzip “Veil-Evasion-master.zip” as shown below.

When unzipping is finished, type “ls” command once again. You will see a new directory “Veil-Evasion-master”. Change into that directory as shown below and type “ls” to see the contents of that directory.

There will be a dircetory named “setup”. Change into that directory. You will see a file named “setup.sh”. Execute that file using command  “./setup.sh

It will prompt you a question whether you want to continue with the installation or not. Type “y”.

The installation will start. It will ask you whether to install Wine. Click on “Install”.

Next it will install Python. Click on “Next”.

Click on “Next”.

If it asks you to overwrite existing files of any Python, select “yes”.

Click on “Next” for the below window.

Finsih the installation by clicking on “finish”.

Next, the system will ask you to install pywin32. Pywin32 is a set of extension modules that provides access to many of the Windows API functions. Click on “Next”.

Click on “Next”.

Click on “Next”.

Click on “Finish” the script.

Next it will install pycrypto. Click on “Next”.

Click On “Next”.

Select language as “English” and click on “OK”.

Next it prompt you to install Ruby. Accept the license and click on “Next”.

Click on Install.

Click on Finish to to finish the installation of Ruby.

You will see the below screen as the installation finishes.

Now let us see if our installation has been successful by starting the program. Go to the “Veil-Evasion-master” directory in which there is a python script called “Veil-Evasion.py”. Execute this script by typing command “./Veil-Evasion.py”.

This is how Veil-Evasion looks when started.

Posted on 7 Comments

How to spoof your IP address in Kali Linux

Kali Linux is the most advanced penetration testing distribution with a number of tools. While using these tools a measure of anonymity is required. Today we are going to see how to spoof your IP address in Kali Linux. First, check your IP address by visiting any website which shows your IP address ( http://www.whatismyip.com ). Then go to the site www.vpnbook.com.

Download the Euro1 Server OpenVPN certificate bundle as shown below. Note down the username and password given. We will need it in later steps.

When you click on the download link, the following window opens. Since it is a zip package, system will prompt whether to open it with unzip ( the default option ). Click on “OK”.

Open the terminal and navigate to the directory where the contents of the zip archive have been unzipped. Type the command “ls” to see the unzipped files. We are going to use the vpnbook-euro1-udp53.ovpn package.

OpenVPN has been installed by default in the Kali Linux distribution. Type the command “openvpn vpnbook-euro1-udp53.ovpn” to start the process.

The installation starts.  Enter the username and password we noted above when prompted.

After a short time, the process is completed. Check your IP address again. If everything goes well, your IP address will be changed.

Posted on 27 Comments

Create Virtual pentesting Lab in VirtualBox

Hello aspiring hackers. In this howto you will see how to create virtual pentesting lab in Virtualbox.  Sometime back, I wrote an article on how to set up a virtual penetration testing lab using Vmware Workstation. But Vmware Workstation is a commercial product.

Today I am going to show you how to create a pen test lab in VirtualBox absolutely free of cost. I hope this tutorial will be helpful for many beginners into cyber security domain.

What do we need?

1. Oracle VirtualBox. (Download)

2. Kali Linux. (Download)

3. Metasploitable 2. (Download)

Oracle VirtualBox is the virtualization software we will be using to create our lab. We will be using Kali Linux as the attacker machine and Metasploitable 2 as the victim machine. Install Kali Linux and Metasploitable 2 in VirtualBox.

See how to install Kali Linux in VirtualBox.

See how to install Metasploitable in VirtualBox.

Select Kali Linux, Go to settings > network. Enable “network adapter 1″. Set the “Attached to” option to “internal network”. Set the name of the network adapter to “intnet”. Click on “OK” to save the settings.

Do the same for Metasploitable virtual machine.

Power on the metasploitable VM. Log into the system. Default username and password are “msfadmin”.

Type the command “ifconfig” to see the IP addresses of interfaces.

The ‘lo’ interface is the loopback. Now we are going to set the IP address on the interface “eth0”. Type the command “sudo ifconfig eth0 10.10.10.2 netmask 255.0.0.0 up”. The sudo password is “msfadmin. Verify that the IP address is set by typing command “ifconfig”.

Power on Kali Linux. In the terminal, type command “ifconfig eth0 10.10.10.1 netmask 255.0.0.0 up”. Verify if the IP address is set by typing command “ifconfig”.

Test whether this system can communicate with victim system by pinging the victim machine as shown below.

The connection is successful. Our virtual pentesting lab is ready. Happy practicing.

Posted on 225 Comments

Install Kali in Virtualbox (Updated to kali 2021.3)

The makers of Kali Linux have a released the second version (2020.2) of Kali Linux for the year 2020.  Since many versions have been released since we last wrote this article, we decided to update this article on how to install Kali in Virtualbox.

Kali Linux 2020.2 has many brand new features.  With xfce and gnome given Kali Linux feel, this release has given themes for KDE Plasma. This is like going back to its roots as Backtrack used to have this desktop environment. The login screen also has been given new graphics along with a new layout. Also now you can install Powershell by default by selecting the meta package while installing. This release also updated gnome to 3.36. The new tools included in this release include NextNet, the pivot point discovery tool and SpiderFoot  the OSINT tool.

The makers also included python2-pip once again to add support to some tools still depending on python2 although overall it upgraded to Python 3.8. This release also replaces CherryTree, the note taking application with Joplin. Now, let us see the simplest process  to install Kali in Virtualbox. For this download the virtualbox image of Kali Linux 2020.2 from here. We have performed this installation in the Oracle Virtualbox 6.

This howto is using the Kali Linux 32bit OVA . Your downloaded contents should look like below. As you can see, we have an ova file.

Now open Virtualbox and go to File Menu > Import Appliance as shown below. It can also be accessed using shortcut CTRL+ I.

A window like below will open. Browse to the OVA file we downloaded.

After selecting the OVA file, click on “Next”.  If you want to make any changes to the virtual machine settings like RAM, name etc, you can do it here. You can also leave it to default values if you want. Click on “Import”.

Click “Agree” when the software license agreement pops up as shown below. The import process starts.

After the import process is completed, Power On the virtual machine. You will see a login screen prompt. Login using the credentials kali:kali.

Here is the final look of the Kali Linux virtual machine we installed.