Posted on 225 Comments

Install Kali in Virtualbox (Updated to kali 2021.3)

The makers of Kali Linux have a released the second version (2020.2) of Kali Linux for the year 2020.  Since many versions have been released since we last wrote this article, we decided to update this article on how to install Kali in Virtualbox.

Kali Linux 2020.2 has many brand new features.  With xfce and gnome given Kali Linux feel, this release has given themes for KDE Plasma. This is like going back to its roots as Backtrack used to have this desktop environment. The login screen also has been given new graphics along with a new layout. Also now you can install Powershell by default by selecting the meta package while installing. This release also updated gnome to 3.36. The new tools included in this release include NextNet, the pivot point discovery tool and SpiderFoot  the OSINT tool.

The makers also included python2-pip once again to add support to some tools still depending on python2 although overall it upgraded to Python 3.8. This release also replaces CherryTree, the note taking application with Joplin. Now, let us see the simplest process  to install Kali in Virtualbox. For this download the virtualbox image of Kali Linux 2020.2 from here. We have performed this installation in the Oracle Virtualbox 6.

This howto is using the Kali Linux 32bit OVA . Your downloaded contents should look like below. As you can see, we have an ova file.

Now open Virtualbox and go to File Menu > Import Appliance as shown below. It can also be accessed using shortcut CTRL+ I.

A window like below will open. Browse to the OVA file we downloaded.

After selecting the OVA file, click on “Next”.  If you want to make any changes to the virtual machine settings like RAM, name etc, you can do it here. You can also leave it to default values if you want. Click on “Import”.

Click “Agree” when the software license agreement pops up as shown below. The import process starts.

After the import process is completed, Power On the virtual machine. You will see a login screen prompt. Login using the credentials kali:kali.

Here is the final look of the Kali Linux virtual machine we installed.

Posted on 5 Comments

How to hide an exe file in a Jpeg

I have been searching for a way to send an executable file to someone and make him to execute it. Sending the exe directly is not feasible. So let’s see how to hide an exe file in a jpeg and test its feasibility. First of all, create a new directory named test and download some images and name them similarly. I downloaded images of a popular Tollywood actress. The plan is to lure the victim into falling in the trap. I did this on a Windows 7 machine.

Go to Folder Options”, go to View tab”deselect ‘ Hide extensions for known file types‘ and select option Show hidden files, folders and drives. This will allow us to see the extensions of the files we are working with.

Open Notepad, type the following text and save it with the extension .bat”. What the following code does is it creates a new user named “hacker” with password “abc123″ in the Windows machine this code gets executed.

Download BAT to EXE converter and convert the batch file we just created to an exe.

Rename the file “samy.exe” to  “samy_3.jpg”. Windows will prompt a warning. Ignore it.

Right click on the file “samy_3.jpg”, drag it a little and leave. Select ‘Create Shortcuts here’. We are creating a shortcut for the file samy_3.jpg.

Rename the shortcut to “samy_0.jpg”. Whatever the name you give make sure that the shortcut is clicked first and not the exe file.

Right click on “samy_0.jpg” and select Properties. In the “Start in” column delete the entire text. In the “Target:” column type “C:Windowssystem32cmd.exec samy_3.jpg.” This will run the file samy_3.jpg when clicked on the samy_0.jpg.

Click on “Change Icon” tab. Replace the text inside with “%SystemRoot%system32SHELL32.dll” and click on “OK”.

Compress all files into zip archive with the name “samy unseen.zip”. Remember that name should be attractive enough to lure the victim into clicking the images.

OK, package is ready. Now the bigger challenge is to send the package to the victim’s computer. I tried to mail the package to the victim but it didn’t work out.

 So I suggest you to find your own way of sending it to the victim. To test if the package will work on the victim’s system or not open “CMD” and type the command “net user” before executing the image. It will show us all the users on the system.

Then click on the image samy_0.jpg. Open “CMD” and type the “net user” command again.

A new user named hacker has been created. So the trick worked.

Posted on

Password cracking with Brutus

Hi everybody, today I’m gonna show you remote password cracking with Brutus. For the newbies, script kiddie is a person with little knowledge  of hacking or any programming languages and instead searches for automatic tools to hack the computers. In this scenario, script kiddie is using a Windows XP machine and two tools Zenmap and Brutus available for free to download. As you will see, Zenmap is used for scanning for any open ports of  live machines and Brutus is a password cracker.

Imagine I am the script kiddie, I  first find out my own computer’s  ip address by typing the command “ipconfig” in the command line.

The ip address of my system happens to be 10.10.10.1. I decide to scan the following range of ip addresses to look for any live hosts. In the target option, I specify IP address as 10.10.10.2-10 and I choose profile as intense scan to get maximum information about the target. After performing the scan, the results show that only one system 10.10.10.3 is alive.

The scan  also shows that the victim machine which is LIVE is running a ftp server and its operating system is Windows XP.

I decide to use Brutus to crack the remote FTP password. Brutus has both dictionary and brute force attack options. I decide to choose dictionary attack since it is faster than brute forcing. Brutus comes with a built in username(users.txt) and password list(pass.txt).As the victim machine is running Windows XP which comes with a default administrator account, I decide to  add “administrator” to the users.txt file.

I choose type as FTP since I am about to crack a FTP server.

Then I select the file pass.txt containing some common passwords and just hope to crack the password.

Then after starting the cracker, Brutus runs and gives one positive authentication result.

Username : administrator

Password: 123456

Then I try to log into the FTP server of the remote machine using CMD with the authentication result achieved above.

I successfully logged into the FTP server. Once I am into the remote machine I try some FTP commands but before that I change my local directory to Desktop.

Then I use DIR command to list the directories in the FTP server.

There are four directories in the FTP server:Detroit, Images:lena and users. I  go to the users directory using command cd users and then list the files in the directory by using command ls. There is one text file named users.txt in the directory.

I decide to download the file users.txt to my machine using the command get users.txt. Since I had set my local directory to desktop it will be downloaded to Desktop.

Let’s see the contents of the users.txt file just downloaded. It contains some usernames and passwords.

In the same way, I enter into another directory of interest to me “Images” and download the only image present in it to my desktop.

In this way, I can download any number of files from the remote server to my local machine. That’s all for in password cracking with Brutus.