All posts for the month October, 2015

NOTE : Kali Linux Rolling 2016.2 has been released. This guide works even for that too.

Good evening friends. I have seen that most of the people are still facing many problems while installing Kali Linux in Virtualbox. So today i brought the easiest method to install Kali linux in Virtualbox. It doesn’t involve  typing of any lengthy  commands. For this howto, I am installing Kali Linux v2.0 Sana in virtualbox version 5. This howto works for any host OS, from Windows XP to Windows 10. Just install the latest Virtualbox version for that operating system.

The makers of Kali Linux are providing prebuilt virtualbox images which are available for download here. First download the image.  It would be a compressed image. Now extract the contents of  the file at any location of your choice.


It would be a ova extension file as shown below.


Now open Virtualbox. Go to “File” and choose option “Import appliance”. Click on it.


As soon as you click on it, the below window will open.


Now, browse to the location of the OVA file we just downloaded. Click on “Next”.


You will see the below window.  Check out all the options shown. Change any options if required.


Make sure that the location where you are creating disk has enough space. Click on Import.


The process of importing will start as shown below.


It will take some time to process.  Just wait. As soon as the importing is over you will see the virtual machine  as shown below.


Power On the virtual machine.  After some system processes, you will be asked for the username. The username is “root”.


Next you will be prompted for password. The default password is “toor”.


If everything went well, you should see the interface as shown below. Go to full screen to see if its working. You are all good to go. See, this is the easiest way to install Kali Linux in virtualbox. Hope it was helpful. Please comment if you encounter any problem. I would be happy to solve it.


Good Evening friends. Today we will see how to add new exploits to Metasploit from the exploit database. As we all know, Metasploit is a framework to exploit systems. This howto is being done in Kali Linux which has Metasploit installed by default. You can see below that here Metasploit has total 1467 exploits.  Now let us add the recently released Microsoft Windows Media Center MCL vulnerability exploit to Metasploit framework.


Go to the website and open the search option as shown below. Go to the Advanced Search option and give the below values to search for all the exploits for Metasploit.


As the below image shows, we get all the exploits authored by Metasploit. We are interested in the  Ms15-100 Microsoft Windows Media Center MCL vulnerability underlined below.


Now click on the download option as shown below. A window will open as shown below.  Select the Save option.


Now open a terminal and navigate to the Downloads folder to check your download.  In our present case it is “38195.rb”.


Now navigate to the directory where metasploit stores its exploits by typing command “cd/root/.msf4“. Go into modules directory and create a directory named “exploits” inside that directory. Now go into the exploits directory(which you just created) and create another directory named “windows”, inside the windows directory( which once again you just created) create directory “local”. If you are getting confused, all the steps are given in below image, just follow them. We are just creating a valid path for metasploit to find this exploit. Once you are in the local directory, copy the exploit you just downloaded to the local folder as shown below.


Ok, we’re almost done. Now restart the system and fire up your Metasploit. Now you can see that we have 1468 exploits as 1467 previously.


Now let us search for our exploit by typing command “search ms15_100”.  Load the exploit as shown below.  We have successfully added a new exploit  to Metasploit. Hope that was helpful.



Vulnerawa  is a vulnerable web application designed by me to simulate realtime websites. It has been designed to help beginners understand website hacking clearly. It can be downloaded from here.  Today I am going to show how to setup vulnerawa in EasyPHP. EasyPHP is a portable  WAMP server for PHP web development and web hosting on Windows. Go here and download the EasyPHP DevServer 14.1.  Install the Devserver. The installation is quite simple.  However when it asks where to install EasyPHP server, set it in a folder where there will be no clash of user rights. I set it in the C:/ folder as shown below.


Once installation is finished, start the server. As the server starts, there should be a icon in the taskbar showing the status of the EasyPHP Dev server as shown below.


See there and make sure your server has started. If it did’nt start, start  the server as administrator. Now open your browser and type “localhost” in the urlbar. If the result is as shown below, Your EasyPHP server installation is successful.


Now go to the folder where file you downloaded is located and extract the contents of the zip archive to the folder shown below. This is the root folder of the server.


Now in the url bar type “localhost/vulnerawa1.0.2” and hit Enter. If you get the result as below, you are all ready to play with vulnerawa.


Before you start practicing, create the database by clicking on button “Create Database”.


Hope this was helpful. Happy hacking practice.