Installations

Hello aspiring hackers. In this howto, we will learn about installing ClearOS UTM in Vmware. For those beginners who do not know what an UTM is, it is an Unified Threat Management software. Still no idea. It is a software with all security features bundled into one. It is based on CentOS and Red Hat and is used by many enterprises as a gateway. Its features include Stateful firewall (iptables), Intrusion detection and prevention system, Virtual private networking, Web proxy with content filtering and antivirus, E-mail services, Database and web server, File and print services, Flexshares and MultiWAN.

As a penetration tester, it is very important to study about UTMs. So Let us start with this installation guide for ClearOS. Download the open source version of ClearOS UTM from here. That would be community version. Once the iso file has finished downloading, Open Vmware Workstation (Version 12 used for this article). Hit “CTRL+N”. The below window should open.

Make sure the “Typical” option is selected and click on “Next”. That takes us to the next window. Click on “Browse” and browse to location of the iso file we just downloaded and select it.

Now the window should look like the one shown above. Click on “Next”. The Guest operating system should be automatically selected for you, if not select Linux as OS and version as Centos. Click on “Next”. Even if you leave the default options, the installation continues.

Give a name to the virtual machine. Choose the name of virtual machine and its location as you like. I named it ClearOS. Click on “Next”.

Allocate the hard disk memory for your virtual machine. Keep the minimum as 15GB. Click on Finish.

It will show you a summary of all the selections you made. If you want to make any changes, click on Customize hardware or else click on “Finish”.

The virtual machine is created with the name you gave it. Before powering on the virtual machine, we need to add another network adapter to the virtual machine. Any gateway needs two network adapters. For reasons that will be explained later, I am adding two host only network adapters. Go to the settings of the virtual machine as shown below and click on “add” button as shown below.

You can see that the default network adapter assigned is NAT. On the right side, we can change it to Host-Only network as shown below. Vmware automatically creates one Host-only network adapter by default. We need to create the second Host-Only adapter manually Vmware Virtual Network Adapter. To add another adapter, click on “add” button as shown below.

 

A new sub-window will open showing you all the types of hardware which can be added. Click on the “network adapter” as we want to add a network adapter. Click on “Next”.

In the next window,select “custom” as your type of network adapter and in the dropdown box you will find our newly created Host-only Network. For me it is Vmnet3. Select that and click on “Finish”.

As you can see below, our ClearOS virtual machine now has two network adapters. Click on OK to close the settings window.

Now Power ON the machine. After a small delay, the virtual machine will Power ON.The machine will power ON and take you to the screen as shown below. Use the option “Install ClearOS ……” using arrow keys on your keyboard. Hit on Enter. Even if you don’t hit Enter, the option you highlighted will be automatically selected after some time.

The system will prompt you to hit Enter to start the installation process. Press the “Enter” key.

Select the language in which you want to run the installation process and click on “Continue”.

Next, we will be shown the Installation summary. We can change any settings of the virtual machine from here. Let’s change the Network settings from here. Click on the highlighted area.

The “Network and Hostname” window will open. By default, both the adapters will be turned OFF. We need turn it ON by toggling the switch as shown in the image below.

In ON position, it will look like below. Do this for both the adapters. Once turned ON, click on “Done” to the top left.

This will take us back to the Installation Summary page as shown below. Configure other settings if you want.

Once all the settings are configured, click on “Begin Installation”. This will start the installation process. Don’t worry if you forgot any configuration. The system will prompt you if it needs anything to be set as shown below. In this case, I forgot to set the ROOT password.

So I click on that message and set a Root password as shown below. Once the password is set, click on “Done”.

Now it shows the message “Root password is set” as shown below.

The installation process will continue and once it is finished, you will be prompted to reboot the system. Reboot the system. It will ask for credentials. Enter them and you will be greeted with a screen as shown below.

That’s it. You have successfully installed ClearOS in Vmware. Now launch into the Graphics mode console by choosing the highlighted option. You will see something like below. You will be shown the IP address of the virtual machine we just created and also how to access it from a remote machine. That’s all for now.

(Article taken from our Hackercool Magazine)

In our eternal journey of learning hacking and penetration testing, we need to install or set up so many software and labs. XAMPP server is one such important installation that may be useful to us especially if we want to become expert in web hacking.

XAMPP stands for Cross-Platform (X), Apache (A), MariaDB (M), PHP (P) and Perl (P). It is a simple, lightweight Apache distribution that makes it extremely easy for developers to create a local web server for testing and deployment purposes. It is open source and very simple to set up. Once we set up Xampp Server, we can install any CMS in it to practice website hacking or web security.

In this howto, we will see how to install Xampp web server in Ubuntu 16 Desktop. This Ubuntu Desktop is installed as a virtual machine in Vmware Player ( You can also use Oracle Virtualbox). Ubuntu (or for that matter any Linux distribution) has a default web server installed. But I decided to install Xampp server for its simplicity and ease of use.

Why are we setting this up in an Ubuntu system? Because most of the web servers in real life are set up in Linux and this makes it easy for us to simulate real world hacking attacks. Now let’s get to the installation part. Go to the downloads page of Xampp server and download the appropriate version (Many people download the 64 bit version and try to install it in 32 bit OS). For this tutorial, we are using the Xampp version 5.6.23.0 32 bit version since my OS is 32 bit.

The download should complete in a short time depending on the speed of your internet. Once the download is finished, open terminal. This can be done by clicking on search app at the top left of the Ubuntu Desktop and searching for terminal.

Once the terminal is open, navigate to the Downloads folder as shown in the image below. Type “ls” command to see a .run file of XAMPP server. Use command “chmod” to change the permissions of the “run” file. Once the colour of the .run file changes, execute the file by using command “./xampp-linux-5.6.23-0-installer.run” without quotes.

If you get an error as shown below, then you are not running with root privileges which are required for executing this file.

Click on “OK” and execute the .run file with “sudo” command as shown. When it prompts for sudo password, give the password.

The setup will start as shown below. Click on “Next”.

Click on “Next” again.

The system will show you the directory in which this server is being installed. Click on “Next”.

Click on “Next” again.

The system will show you a message that it is ready to install XAMPP server on your computer. Click on “Next”.

The installation process will start as shown below. It will take a bit long of time but it should not be too longer. Just go to a small stroll and come back.

After the installation is finished, you will be shown a window as below. Make sure that the “Launch XAMPP” checkbox is enabled and click on “Finish“.

The XAMPP server application is launched as shown below.

Go to tab “Manage Servers” as shown below. Make sure that Apache web server and MYSQL database servers are running. If any service is not running, you can start them using buttons given below. The services should be green in colour.

Now let’s see if you can access the phpmyadmin of the web server. PHPmyadmin allows yo- u to manage databases from the browser, Open a browser and type “localhost/phpmyadmin” in the tab to access phpmyadmin.  If everything went well, you should see this page shown below.

Now let’s see if we can access a website on the web server. In the browser window, just type “localhost” without quotes and you should see the webpage given below. This is the default webpage of XAMPP server.

Everything is set with our XAMPP web server. The XAMPP server can be started or stopped form the terminal using given commands as shown below.

 

 

 

Kali Linux is the most popular and also my favorite pen testing distro. Its regular updates and stability accord it the top spot. Apart from Kali Linux, there are many other pen testing distros available. One of them is Parrot Security distro. Parrot Security sports many more tools than Kali Linux which includes software for cryptography,cloud, anonymity, digital forensics and of course programming. One of our readers has requested us to make a guide on how to install Parrot Security OS in Vmware. So be it.

Download the Parrot Security OS . Unlike the makers of Kali Linux, Parrot Security have not yet provided a Vmware image to download. So we have to download a iso image (depending on your architecture yo- u can download a 32bit or 64 bit iso file). Once the download is finished, open Vm- ware Workstation (Version 12 used for this article). Hit “CTRL+N”. The below window should open.

Make sure the “Typical” option is selected, and click on “Next”. That takes us to the next window. Initially, the “installer disc image file” field should be empty. Click on “browse” and browse to location of the iso file we just downloaded and select it. Now the window should look like below. Click on “Next”.

The Guest operating system should be automatically selected for you, if not select Linux as OS and version as Debian 8.x (since I am installing a 32bit, make it Debian 8.x64 if installin -g 64bit). Click on Next.

Choose the name of virtual machine and its location as you like. I named it Parrot. Click on “Next”.

Allocate the hard disk memory for your virtual machine. Keep the minimum as 20GB. Click on Finish.

It will show you a summary of all the selections you made. If you want to make any changes, click on Customize hardware or else click on Next.

The virtual machine is created with the name you gave it. Power on the virtual machine. It will boot and take you to the interface shown be low.

Choose the “Install” option. In the next window select “Standard Installer”. You can select these options using “tab” button.

Select the language in which you want to continue the installation process.

Select your country. For this article, I chose location as India.

Select the keyboard configuration you want.

It is important to set the root password (no need to tell it is Linux’s most powerful account) for the machine before we do anything. Set a complex password. Read the suggestions before you set the root password.

Re-enter the root password again to confirm it.

It is a good practice to use the system as a no -n root user. The system will prompt you to create a new user account for non-administrative activities. I am creating a user with name kalyan. I am giving the same name as username.

Create a password for the user account you just created. Make it a good password for security reasons.

Re-type the password again to confirm the password you have assigned.

The next step is partitioning the hard disk. Unless you are an expert or want to try something different, use the entire disk.

The system will warn you before partitioning. Select the disk for partitioning.

It will ask you to choose the partitioning scheme. Choose the first one. It is also recommended for users.

Next, it will show you changes you have configured before writing the changes to the disk. Select “Finish partitioning and write changes to the disk”.

Confirm for one last time that you want to writ-e changes to the disk. Select “Yes”.

The installation process will start and may take some time. You can have snacks and come back. After installation finishes, it will prompt whether you want to install GRUB boot loader.

Select Yes. Then it will ask you where to install the boot loader. Select the /dev/sda disk.

After the installation is finished, it will show you a message as shown below. It’s time to boot into your new system.

As the system boots, it will ask present you a login screen. You can login as either root or the new user you created it. Once you login,your new pen testing distro should look as below.

 

Webinspect is an automated web application security scanning tool from HP. It helps the security professionals to assess the potential vulnerabilities in the web application. It is basically a dynamic black box testing tool which detects the vulnerabilities by actually performing the attack. Today we will see how to install HP Webinspect in Windows.

We will be installing it on Windows 10. HP Webinspect requires SQL server to be installed on the system. So first install SQL server express on Windows as shown here. After SQL server is installed successfully, download the latest version of HP Webinspect from their website. We will use version 16.10 for this howto. Right click on the downloaded file and run with administrator privileges.

The installation wizard will start with the welcome message as shown below. Click on”Next”.

hpwebinspect1

Accept the license agreement and click on “Next”.

hpwebinspect2

You can change the installation folder if you want although keeping it default will not hurt. Click on “Next”.

hpwebinspect3

If you want to setup Webinspect as a sensor, select the option and click on “Next”.

hpwebinspect4

Click on “Install” to start installation process.

hpwebinspect5

Once the installation is over, it will show you the below window. If you want to start HP webinspect, select the option and click on “Finish”.

hpwebinspect6

The program will launch as shown below.

hpwebinspect7

If you get something like below, you have no SQL server installed on your system. Install SQL server express and launch the program again.

hpwebinspect8

The program will prompt you for activation as shown below. The program also offers 15 days trial. I am registering for the trial.

hpwebinspect9

hpwebinspect10

Once the registration process is over, the program will open as shown below. Update the program. In our next howto, We will see how to perform  web app pentesting with HP Webinspect. Until then, Happy Weekend.

hpwebinspect12

 

 

Good morning friends. Today we will see how to install SQL server express 2012 in Windows 10.  Download the relevant SQL server 2012 express from here.  Right click on the downloaded file and run with administrator privileges. The below window should open. Click on the “New SQL server stand-alone installation” option since we are installing a new version of the database server.

sql2012e1

Accept the license terms and click on “Next”.

 

sql2012e2

Most probably the server will update to service pack 1. Leave it to update and after successful update, click on “Next”.

sql2012e3

Click on “Install”. The installation process will start. As it will download setup files, it will take some time.

sql2012e4

It will prompt you to select the features you want to install. If you are not sure what you want, leave the default selection and click on “Next”.

sql2012e5

The Instance configuration window opens. Leave the default options and click on “Next”.

sql2012e6

Click on “Next”.

sql2012e7

Configure the authentication for the SQL server. If you have no idea, once again leave the default options and click on “Next”.

sql2012e8

If you want to send any errors to Microsoft, select the option and click on “Next”.

sql2012e9

The installation will start as shown below.

sql2012e10

The installation progress will end with the below window. Congrats, You have successfully installed SQL server express 2012 in Windows 10.

sql2012e11