Installations

Hello aspiring hackers. In this howto, we will learn about installing ClearOS UTM in Vmware. For those beginners who do not know what an UTM is, it is an Unified Threat Management software. Still no idea. It is a software with all security features bundled into one. It is based on CentOS and Red Hat and is used by many enterprises as a gateway. Its features include Stateful firewall (iptables), Intrusion detection and prevention system, Virtual private networking, Web proxy with content filtering and antivirus, E-mail services, Database and web server, File and print services, Flexshares and MultiWAN.

As a penetration tester, it is very important to study about UTMs. So Let us start with this installation guide for ClearOS. Download the open source version of ClearOS UTM from here. That would be community version. Once the iso file has finished downloading, Open Vmware Workstation (Version 12 used for this article). Hit “CTRL+N”. The below window should open.

Make sure the “Typical” option is selected and click on “Next”. That takes us to the next window. Click on “Browse” and browse to location of the iso file we just downloaded and select it.

Now the window should look like the one shown above. Click on “Next”. The Guest operating system should be automatically selected for you, if not select Linux as OS and version as Centos. Click on “Next”. Even if you leave the default options, the installation continues.

Give a name to the virtual machine. Choose the name of virtual machine and its location as you like. I named it ClearOS. Click on “Next”.

Allocate the hard disk memory for your virtual machine. Keep the minimum as 15GB. Click on Finish.

It will show you a summary of all the selections you made. If you want to make any changes, click on Customize hardware or else click on “Finish”.

The virtual machine is created with the name you gave it. Before powering on the virtual machine, we need to add another network adapter to the virtual machine. Any gateway needs two network adapters. For reasons that will be explained later, I am adding two host only network adapters. Go to the settings of the virtual machine as shown below and click on “add” button as shown below.

You can see that the default network adapter assigned is NAT. On the right side, we can change it to Host-Only network as shown below. Vmware automatically creates one Host-only network adapter by default. We need to create the second Host-Only adapter manually Vmware Virtual Network Adapter. To add another adapter, click on “add” button as shown below.

 

A new sub-window will open showing you all the types of hardware which can be added. Click on the “network adapter” as we want to add a network adapter. Click on “Next”.

In the next window,select “custom” as your type of network adapter and in the dropdown box you will find our newly created Host-only Network. For me it is Vmnet3. Select that and click on “Finish”.

As you can see below, our ClearOS virtual machine now has two network adapters. Click on OK to close the settings window.

Now Power ON the machine. After a small delay, the virtual machine will Power ON.The machine will power ON and take you to the screen as shown below. Use the option “Install ClearOS ……” using arrow keys on your keyboard. Hit on Enter. Even if you don’t hit Enter, the option you highlighted will be automatically selected after some time.

The system will prompt you to hit Enter to start the installation process. Press the “Enter” key.

Select the language in which you want to run the installation process and click on “Continue”.

Next, we will be shown the Installation summary. We can change any settings of the virtual machine from here. Let’s change the Network settings from here. Click on the highlighted area.

The “Network and Hostname” window will open. By default, both the adapters will be turned OFF. We need turn it ON by toggling the switch as shown in the image below.

In ON position, it will look like below. Do this for both the adapters. Once turned ON, click on “Done” to the top left.

This will take us back to the Installation Summary page as shown below. Configure other settings if you want.

Once all the settings are configured, click on “Begin Installation”. This will start the installation process. Don’t worry if you forgot any configuration. The system will prompt you if it needs anything to be set as shown below. In this case, I forgot to set the ROOT password.

So I click on that message and set a Root password as shown below. Once the password is set, click on “Done”.

Now it shows the message “Root password is set” as shown below.

The installation process will continue and once it is finished, you will be prompted to reboot the system. Reboot the system. It will ask for credentials. Enter them and you will be greeted with a screen as shown below.

That’s it. You have successfully installed ClearOS in Vmware. Now launch into the Graphics mode console by choosing the highlighted option. You will see something like below. You will be shown the IP address of the virtual machine we just created and also how to access it from a remote machine. That’s all for now.

(Article taken from our Hackercool Magazine)

In our eternal journey of learning hacking and penetration testing, we need to install or set up so many software and labs. XAMPP server is one such important installation that may be useful to us especially if we want to become expert in web hacking.

XAMPP stands for Cross-Platform (X), Apache (A), MariaDB (M), PHP (P) and Perl (P). It is a simple, lightweight Apache distribution that makes it extremely easy for developers to create a local web server for testing and deployment purposes. It is open source and very simple to set up. Once we set up Xampp Server, we can install any CMS in it to practice website hacking or web security.

In this howto, we will see how to install Xampp web server in Ubuntu 16 Desktop. This Ubuntu Desktop is installed as a virtual machine in Vmware Player ( You can also use Oracle Virtualbox). Ubuntu (or for that matter any Linux distribution) has a default web server installed. But I decided to install Xampp server for its simplicity and ease of use.

Why are we setting this up in an Ubuntu system? Because most of the web servers in real life are set up in Linux and this makes it easy for us to simulate real world hacking attacks. Now let’s get to the installation part. Go to the downloads page of Xampp server and download the appropriate version (Many people download the 64 bit version and try to install it in 32 bit OS). For this tutorial, we are using the Xampp version 5.6.23.0 32 bit version since my OS is 32 bit.

The download should complete in a short time depending on the speed of your internet. Once the download is finished, open terminal. This can be done by clicking on search app at the top left of the Ubuntu Desktop and searching for terminal.

Once the terminal is open, navigate to the Downloads folder as shown in the image below. Type “ls” command to see a .run file of XAMPP server. Use command “chmod” to change the permissions of the “run” file. Once the colour of the .run file changes, execute the file by using command “./xampp-linux-5.6.23-0-installer.run” without quotes.

If you get an error as shown below, then you are not running with root privileges which are required for executing this file.

Click on “OK” and execute the .run file with “sudo” command as shown. When it prompts for sudo password, give the password.

The setup will start as shown below. Click on “Next”.

Click on “Next” again.

The system will show you the directory in which this server is being installed. Click on “Next”.

Click on “Next” again.

The system will show you a message that it is ready to install XAMPP server on your computer. Click on “Next”.

The installation process will start as shown below. It will take a bit long of time but it should not be too longer. Just go to a small stroll and come back.

After the installation is finished, you will be shown a window as below. Make sure that the “Launch XAMPP” checkbox is enabled and click on “Finish“.

The XAMPP server application is launched as shown below.

Go to tab “Manage Servers” as shown below. Make sure that Apache web server and MYSQL database servers are running. If any service is not running, you can start them using buttons given below. The services should be green in colour.

Now let’s see if you can access the phpmyadmin of the web server. PHPmyadmin allows yo- u to manage databases from the browser, Open a browser and type “localhost/phpmyadmin” in the tab to access phpmyadmin.  If everything went well, you should see this page shown below.

Now let’s see if we can access a website on the web server. In the browser window, just type “localhost” without quotes and you should see the webpage given below. This is the default webpage of XAMPP server.

Everything is set with our XAMPP web server. The XAMPP server can be started or stopped form the terminal using given commands as shown below.

 

 

 

Hello aspiring hackers, as you already know, the latest version of Kali, Kali rolling edition 2017.3 has been released. In this howto, we will see how to install Kali Linux 2017.3 in VirtualBox. The newest edition of Kali Linux gives users the best of all worlds – the stability of Debian, together with the latest versions of the many outstanding penetration testing tools created and shared by the information security community. The best feature I like in this version is constantly updated tools. Now let us start with the installation part. Download the latest version of Kali Linux from here.

For this howto, we will use VirtualBox version 5.30 (the latest version till date) which can be downloaded from here. Before we start the installation there’s a small step we need to perform. Enabling Virtualization technology in the host (the system on which VirtualBox is installed or being installed).

Virtualization is a feature included in processors which when enabled will help in accelerating virtual machines used by Virtualbox, Vmware or Hyper-V. Intel Processors have Intel-VTx and  AMD processors have AMD-V hardware acceleration features. I don’t know what exactly is the reason but this feature is disabled by default in modern CPU’s. This feature can be enabled by booting into the BIOS or UEFI.

The BIOS key is different for different PC brands. Here I have given the BIOS hot keys for some popular PC brands I collected from internet.

Acer – Del or F2                                                                                                                                Asus – Del, F2 or F9                                                                                                                            Acer – Del or F2                                                                                                                                  Compaq Presario – F10                                                                                                                        Dell – F2 or F12                                                                                                                                      HP – Esc or F10                                                                                                                                      Lenovo -F1 or F2                                                                                                                                    Samsung – F2                                                                                                                                        Sony – F2                                                                                                                                        Toshiba – Esc, F1 or F12

To boot into BIOS, you need to restart the system and start pressing the respective hot key for your PC brand. Once you boot into BIOS,you will see a screen as shown below. This is a BIOS screen for a Lenovo system.

Enable that feature as shown below and Save the options and exit.

With that taken care of,  Open Virtualbox and go to “Machine” and click on “New” or hold “CTRL+N”. The below window will pop up.

Click on “Expert Mode” and the window should transform as shown below.

Choose the name for your virtual machine. I named it Kali 2017.3. Choose the OS type as “Linux” and version as “Debian(32 bit)” ( since I am installing 32bit version.). Allocate memory of atleast 1GB. Keep other options default and click on “Create”.

Allocate hard disk size around 14GB or minimum 10GB and click on “Create”.

A virtual machine is created. Now open its settings, go to system settings and enable the PAE/NX feature as shown below.

Turn on the Virtual machine. It should start up as shown below.

Browse to the ISO file of Kali Linux we downloaded.

In our previous guides, we were performing Install. For a change, we will do the Graphical Install this time. Select the Graphical Install Option.

Choose the language as “English” or as applicable. Click on “Continue“.

Select the location of your choice. I chose “India.” Click on “Continue“.

Choose your keyboard. Click on “Continue“.

The system will load some additional components and then prompt you for the hostname. Enter hostname and click on  the “Continue” button.

Give any domain name if you want. However it is optional. You can even leave it blank. Click on  “Continue”.

The system will prompt you to set the root password. Enter the root password, confirm it  and click on “Continue.”

The system will prompt you to partition disks. If you are not sure what to do or a novice, choose “Guide-use entire disk” option. Click on “Continue“.

Click on “Continue“.

Select the partitioning scheme of your choice. If you are a new user, choose the first option as recommended. Click on “Continue“.

Then we will be shown an overview of current settings we chose. Choose the option “Finish partitioning and write changes to disk.” and Click on “Continue“.

Select the option “Yes” to write the changes to disk. Click on “Continue”.

The installation will start. It will take a bit of time to be finished.

In the middle of the process, you will be prompted if you want to use a network mirror. select “No” or “Yes” according to your choice. I chose “YES”.

In the “Proxy” window, leave it blank and Click on “Continue“.

Then system will ask you whether to install the grub Boot loader or not. Select “Yes” and click on “Continue“.

Select the highlighted option and click on “Continue”.

When the installation is completed, the system will ask you to boot into the system. Click on “Continue” to perform this.

The system will reboot into the operating system. Enter the username as “root” and the password as configured above. Now comes the most interesting but contentious part. Yes, installation of guest additions. Open a terminal and type command “apt update && apt -y dist-upgrade” without quotes. This will update system to the latest packages and repositories.

Reboot the system using “reboot” command to make sure system is updated.  Now to install Guest Additions, type command “apt -y install virtualbox-guest-x11” without quotes in the terminal. This will take some time so don’t panic. Just wait and watch.

Reboot  the system again. This will successfully install Guest Additions in Kali. Hope this was helpful. If you face any problems during installation, please leave a comment below. Thanks.

Kali Linux is the most popular and also my favorite pen testing distro. Its regular updates and stability accord it the top spot. Apart from Kali Linux, there are many other pen testing distros available. One of them is Parrot Security distro. Parrot Security sports many more tools than Kali Linux which includes software for cryptography,cloud, anonymity, digital forensics and of course programming. One of our readers has requested us to make a guide on how to install Parrot Security OS in Vmware. So be it.

Download the Parrot Security OS . Unlike the makers of Kali Linux, Parrot Security have not yet provided a Vmware image to download. So we have to download a iso image (depending on your architecture yo- u can download a 32bit or 64 bit iso file). Once the download is finished, open Vm- ware Workstation (Version 12 used for this article). Hit “CTRL+N”. The below window should open.

Make sure the “Typical” option is selected, and click on “Next”. That takes us to the next window. Initially, the “installer disc image file” field should be empty. Click on “browse” and browse to location of the iso file we just downloaded and select it. Now the window should look like below. Click on “Next”.

The Guest operating system should be automatically selected for you, if not select Linux as OS and version as Debian 8.x (since I am installing a 32bit, make it Debian 8.x64 if installin -g 64bit). Click on Next.

Choose the name of virtual machine and its location as you like. I named it Parrot. Click on “Next”.

Allocate the hard disk memory for your virtual machine. Keep the minimum as 20GB. Click on Finish.

It will show you a summary of all the selections you made. If you want to make any changes, click on Customize hardware or else click on Next.

The virtual machine is created with the name you gave it. Power on the virtual machine. It will boot and take you to the interface shown be low.

Choose the “Install” option. In the next window select “Standard Installer”. You can select these options using “tab” button.

Select the language in which you want to continue the installation process.

Select your country. For this article, I chose location as India.

Select the keyboard configuration you want.

It is important to set the root password (no need to tell it is Linux’s most powerful account) for the machine before we do anything. Set a complex password. Read the suggestions before you set the root password.

Re-enter the root password again to confirm it.

It is a good practice to use the system as a no -n root user. The system will prompt you to create a new user account for non-administrative activities. I am creating a user with name kalyan. I am giving the same name as username.

Create a password for the user account you just created. Make it a good password for security reasons.

Re-type the password again to confirm the password you have assigned.

The next step is partitioning the hard disk. Unless you are an expert or want to try something different, use the entire disk.

The system will warn you before partitioning. Select the disk for partitioning.

It will ask you to choose the partitioning scheme. Choose the first one. It is also recommended for users.

Next, it will show you changes you have configured before writing the changes to the disk. Select “Finish partitioning and write changes to the disk”.

Confirm for one last time that you want to writ-e changes to the disk. Select “Yes”.

The installation process will start and may take some time. You can have snacks and come back. After installation finishes, it will prompt whether you want to install GRUB boot loader.

Select Yes. Then it will ask you where to install the boot loader. Select the /dev/sda disk.

After the installation is finished, it will show you a message as shown below. It’s time to boot into your new system.

As the system boots, it will ask present you a login screen. You can login as either root or the new user you created it. Once you login,your new pen testing distro should look as below.

 

Webinspect is an automated web application security scanning tool from HP. It helps the security professionals to assess the potential vulnerabilities in the web application. It is basically a dynamic black box testing tool which detects the vulnerabilities by actually performing the attack. Today we will see how to install HP Webinspect in Windows.

We will be installing it on Windows 10. HP Webinspect requires SQL server to be installed on the system. So first install SQL server express on Windows as shown here. After SQL server is installed successfully, download the latest version of HP Webinspect from their website. We will use version 16.10 for this howto. Right click on the downloaded file and run with administrator privileges.

The installation wizard will start with the welcome message as shown below. Click on”Next”.

hpwebinspect1

Accept the license agreement and click on “Next”.

hpwebinspect2

You can change the installation folder if you want although keeping it default will not hurt. Click on “Next”.

hpwebinspect3

If you want to setup Webinspect as a sensor, select the option and click on “Next”.

hpwebinspect4

Click on “Install” to start installation process.

hpwebinspect5

Once the installation is over, it will show you the below window. If you want to start HP webinspect, select the option and click on “Finish”.

hpwebinspect6

The program will launch as shown below.

hpwebinspect7

If you get something like below, you have no SQL server installed on your system. Install SQL server express and launch the program again.

hpwebinspect8

The program will prompt you for activation as shown below. The program also offers 15 days trial. I am registering for the trial.

hpwebinspect9

hpwebinspect10

Once the registration process is over, the program will open as shown below. Update the program. In our next howto, We will see how to perform  web app pentesting with HP Webinspect. Until then, Happy Weekend.

hpwebinspect12

 

 

Good morning friends. Today we will see how to install SQL server express 2012 in Windows 10.  Download the relevant SQL server 2012 express from here.  Right click on the downloaded file and run with administrator privileges. The below window should open. Click on the “New SQL server stand-alone installation” option since we are installing a new version of the database server.

sql2012e1

Accept the license terms and click on “Next”.

 

sql2012e2

Most probably the server will update to service pack 1. Leave it to update and after successful update, click on “Next”.

sql2012e3

Click on “Install”. The installation process will start. As it will download setup files, it will take some time.

sql2012e4

It will prompt you to select the features you want to install. If you are not sure what you want, leave the default selection and click on “Next”.

sql2012e5

The Instance configuration window opens. Leave the default options and click on “Next”.

sql2012e6

Click on “Next”.

sql2012e7

Configure the authentication for the SQL server. If you have no idea, once again leave the default options and click on “Next”.

sql2012e8

If you want to send any errors to Microsoft, select the option and click on “Next”.

sql2012e9

The installation will start as shown below.

sql2012e10

The installation progress will end with the below window. Congrats, You have successfully installed SQL server express 2012 in Windows 10.

sql2012e11