Archives

All posts for the month October, 2015

NOTE : Kali Linux Rolling 2016.2 has been released. This guide works even for that too.

Good evening friends. I have seen that most of the people are still facing many problems while installing Kali Linux in Virtualbox. So today i brought the easiest method to install Kali linux in Virtualbox. It doesn’t involve  typing of any lengthy  commands. For this howto, I am installing Kali Linux v2.0 Sana in virtualbox version 5. This howto works for any host OS, from Windows XP to Windows 10. Just install the latest Virtualbox version for that operating system.

The makers of Kali Linux are providing prebuilt virtualbox images which are available for download here. First download the image.  It would be a compressed image. Now extract the contents of  the file at any location of your choice.

kaliv1

It would be a ova extension file as shown below.

kaliv2

Now open Virtualbox. Go to “File” and choose option “Import appliance”. Click on it.

kaliv3

As soon as you click on it, the below window will open.

kaliv4

Now, browse to the location of the OVA file we just downloaded. Click on “Next”.

kaliv5

You will see the below window.  Check out all the options shown. Change any options if required.

kaliv6

Make sure that the location where you are creating disk has enough space. Click on Import.

kaliv7

The process of importing will start as shown below.

kaliv8

It will take some time to process.  Just wait. As soon as the importing is over you will see the virtual machine  as shown below.

kaliv9

Power On the virtual machine.  After some system processes, you will be asked for the username. The username is “root”.

kaliv10

Next you will be prompted for password. The default password is “toor”.

kaliv11

If everything went well, you should see the interface as shown below. Go to full screen to see if its working. You are all good to go. See, this is the easiest way to install Kali Linux in virtualbox. Hope it was helpful. Please comment if you encounter any problem. I would be happy to solve it.

kaliv12

Good Evening friends. Today we will see how to add new exploits to Metasploit from the exploit database. As we all know, Metasploit is a framework to exploit systems. This howto is being done in Kali Linux which has Metasploit installed by default. You can see below that here Metasploit has total 1467 exploits.  Now let us add the recently released Microsoft Windows Media Center MCL vulnerability exploit to Metasploit framework.

      edb1

Go to the website exploit-db.com and open the search option as shown below. Go to the Advanced Search option and give the below values to search for all the exploits for Metasploit.

edb2

As the below image shows, we get all the exploits authored by Metasploit. We are interested in the  Ms15-100 Microsoft Windows Media Center MCL vulnerability underlined below.

edb3

Now click on the download option as shown below. A window will open as shown below.  Select the Save option.

edb4

Now open a terminal and navigate to the Downloads folder to check your download.  In our present case it is “38195.rb”.

edb5

Now navigate to the directory where metasploit stores its exploits by typing command “cd/root/.msf4“. Go into modules directory and create a directory named “exploits” inside that directory. Now go into the exploits directory(which you just created) and create another directory named “windows”, inside the windows directory( which once again you just created) create directory “local”. If you are getting confused, all the steps are given in below image, just follow them. We are just creating a valid path for metasploit to find this exploit. Once you are in the local directory, copy the exploit you just downloaded to the local folder as shown below.

edb6

Ok, we’re almost done. Now restart the system and fire up your Metasploit. Now you can see that we have 1468 exploits as 1467 previously.

edb7

Now let us search for our exploit by typing command “search ms15_100”.  Load the exploit as shown below.  We have successfully added a new exploit  to Metasploit. Hope that was helpful.

edb8

 

Windows 10 is familiar and easy to use, with lots of similarities to Windows 7 including the Start menu. It starts up and resumes fast, has more built-in security to help keep you safe, and is designed to work with software and hardware you already have. See how to install Windows 10 in Virtualbox.

Vulnerawa  is a vulnerable web application designed by me to simulate realtime websites. It has been designed to help beginners understand website hacking clearly. It can be downloaded from here.  Today I am going to show how to setup vulnerawa in EasyPHP. EasyPHP is a portable  WAMP server for PHP web development and web hosting on Windows. Go here and download the EasyPHP DevServer 14.1.  Install the Devserver. The installation is quite simple.  However when it asks where to install EasyPHP server, set it in a folder where there will be no clash of user rights. I set it in the C:/ folder as shown below.

vephp1

Once installation is finished, start the server. As the server starts, there should be a icon in the taskbar showing the status of the EasyPHP Dev server as shown below.

vephp2

See there and make sure your server has started. If it did’nt start, start  the server as administrator. Now open your browser and type “localhost” in the urlbar. If the result is as shown below, Your EasyPHP server installation is successful.

vephp3

Now go to the folder where vulnerawa1.0.2.zip file you downloaded is located and extract the contents of the zip archive to the folder shown below. This is the root folder of the server.

vephp4

Now in the url bar type “localhost/vulnerawa1.0.2” and hit Enter. If you get the result as below, you are all ready to play with vulnerawa.

vephp5

Before you start practicing, create the database by clicking on button “Create Database”.

vephp6

Hope this was helpful. Happy hacking practice.