Posted on 198 Comments

How to install Kali Linux in VirtualBox (2024)

Hello, aspiring ethical hackers. In this blogpost, you will learn how to install Kali Linux in VirtualBox. The makers of Kali Linux have a released the latest version of the popular pen testing distro. So, we decided to update this article on how to install Kali in VirtualBox.

Every latest version of Kali Linux has many brand new features. Now, let’s see the simplest process to install Kali Linux in VirtualBox. The makers of Kali Linux provide pre-built VMs for popular virtualization software like VMware, VirtualBox, QEMU and Hyper-V. Go here and download the pre-built image of VirtualBox. We have performed this installation in the Oracle VirtualBox 6. In this article, we will be installing Kali Linux 2024.2 but the process is same for any version of Kali Linux.

The pre-built image will be downloaded in the form of an zip archive. Extract the contents of the zip archive. Your downloaded contents should look like below. As you can see, there will be two files: Virtual Disk Image (VDI) file and VBOX files.

How To Install Kali Linux In Virtualbox 1

Now open VirtualBox and go to Machine > Add. You can also use shortcut “CTRL+A” to get there.

How To Install Kali Linux In Virtualbox 2

In the window that opens, browse to the directory that consists of contents of the zip archive we have extracted at the beginning of this article. A window like below will open. Browse to the OVA file we downloaded.

How To Install Kali Linux In Virtualbox 3

Only the vbox file will be displayed. Select this file. Doing this will successfully create the virtual machine on VirtualBox as shown below.

How To Install Kali Linux In Virtualbox 4

Power ON the virtual machine by double clicking on it. You should see the login screen as shown below.

How To Install Kali Linux In Virtualbox 5 1 1024x542

Happy hacking practice.

Posted on 20 Comments

Havij SQL injection tool: Complete guide

Hello, aspiring ethical hackers. In our previous blogpost, you learnt what SQL injection is and different types of SQL injection attacks. In this blogpost, you will learn about Havij, an automated SQL injection tool. Havij is a SQL Injection tool that helps penetration testers to find and exploit SQL Injection vulnerabilities on a web page. It can be used to perform back-end database fingerprinting, retrieve DBMS login names and password hashes, dump tables and columns, fetch data from the database, execute SQL statements against the server, and even access the underlying file system and execute operating system shell commands.

Let me give you a complete guide on Havij in this article. First download Havij and install it.

1. Specifying the target:

Then open it and enter the vulnerable URL in the target field (for this tutorial I am using my own vulnerable webpage).

Havij1

2. List the current database:

Set the database option to ‘auto detect‘ and hit analyze. This should show you the current database name as shown below.

Havij2

3. Get Host information:

Click on the “info” tab. This will show you information about the victim’s system. We can see information like Host IP address, web server version etc.

Havij3

4. List all tables of the current database:

Click on the “Tables” tab.

Havij4

5. List all databases from the target:

Click on “Get DBs” option. This will list all the databases as shown below.

sql injection with havij

7. List tables in a certain database:

To get tables in a specific database, select the database and click on Get Tables”. This will list all the tables present in the selected database. I selected database “shunya”here.

Havij6

8. List all columns from a particular table:

We can see that there is on table ‘users’ in our database ‘shunya’ .To get columns , select the table ‘ users’ and click on “Get Columns”.

Havij7

This will list all the columns in the table. We can see that we have five columns in the table ‘users’. It’s time to dump the values of columns.

9. Dump data from the columns:

Select the columns whose data we want to dump and click on Get data”. Here I selected all the columns.

Havij8

10. Crack password hashes:

We got all the data including usernames and passwords. But passwords seem to be encrypted. No problem. Click on the password hashes and copy them. Then click on MD5″ tab and paste the password. Click on “Start”. Havij automatically decrypts the password for us. Decrypt all passwords in the similar manner.

Havij9

11. Find admin page:

Having passwords is not enough. You also need to know where to login with these passwords. Havij can do that too. Click on “Find admin”. This option finds the admin page of the website automatically. When it finds the admin page, you can try the username and passwords to get access to the website. Hope this was helpful.

Havij10
Posted on

Beginners guide to armitage

Hello, aspiring ethical hackers. In this blogpost, you will learn about Armitage. Armitage is the GUI (graphical user interface) version of the fantastic pen testing tool Metasploit. We all know Metasploit is an awesome tool for pen testing. However awesome it is, we need to type each and every command to run the exploit. What if we all can do the same pen testing with clicks and right clicks. There you have your answer, Armitage.

Armitage is installed by default in Kali Linux and it can be started using command “Armitage”. If it is not installed, ask itself to install it while the system prompts you to.

Armitage 1
Armitage 2

Armitage uses PostgreSQL database. So, we need to start the PostgreSQL service as shown below.

Armitage 2a

We also need to start the msfdb service.

Armitage 2b

Now, you are all ready to start Armitage, Type the same command you typed at the beginning “armitage” and you should see this. Armitage needs to connect to the Metasploit RPC server to work. Click on “Connect”.

Armitage 3

If you get the message shown below. Click on “yes”.

Armitage 4

If you get the message shown below, just hang on. Things may change soon.

Armitage 5

As shown below.

Armitage 6

If everything went right, you should see the window shown below.

Armitage 8

Welcome to Armitage, If you can see, Armitage has three sections. Section 1 should be familiar to you. The names should remind you of Metasploit. That’s because, that is exactly that but in graphical format. Section 2 is where you can see the visual display of Armitage, The visual representation of the network you are trying to pen test or hack is shown here. Section 3 named “console” is “metsaploit” itself. Now that you are familiar with all the sections of Armitage, let’s see the menus of Armitage.

Armitage 9
Armitage 10
Armitage 11
Armitage 12
Armitage 13

To start with Armitage, let’s first add our own attack machine to the display. To do this, we need to go to “Host” menu and click on “Add Host”.

Armitage 14

In the small window that is opened, add the IP address of the attacker machine and click on “Add”.

Armitage 15

Now, Armitage looks like this with our attacker machine shown on display. Now, let’s add the OS and give a name to our Attacker system so that we can easily detect it.

Armitage 16

Right click on the attacker system. Go to Host>Operating system>Linux as shown below.

Armitage 17

Similarly, to give name to your attacker systems, go to Host>set label. I named it Kali.

Armitage 18
Armitage 19

Since the attacker system is ready, we now need target system. For this tutorial, we will be using Windows XP SP2 as target. To get the target on armitage, all we need to do is perform a ping scan to detect the LIVE systems on the target network. To do this, go to Host menu> Nmap scan>Ping scan as shown below.

Armitage 20

Enter the IP address range to scan. This information is usually obtained during footprinting. You want to scan for LIVE systems.

Armitage 21

As soon as the scan is complete, the LIVE targets are displayed on the display of Armitage and you will be prompted with a message as shown below.

Armitage 22

As you can see here, the Ping scan as usual failed to detect the operating system of the target and even open ports too. Next, let’s scan for open ports on the target. To do this, go to Hosts>Nmap> Quick Scan.

Armitage 23

All the actions you perform are shown in console section. From the same menu, lets perform a comprehensive scan to detect the operating system of the target.

Armitage 24
Armitage 25

This time the operating system of target system id detected as Windows Next stage is to find some attacks related to it. To do this, go to Attacks menu>Find attacks.

Armitage 26
Armitage 27

As the message in the above image says, you will find a new menu named “Attack” on the target system now. If you don’t find the “Attack menu” on the target system, go to Armitage menu >Set Exploit rank. Set it to “poor” as shown below.

Armitage 28
Armitage 29

Find attacks again. This time you will see an Attack menu on the target system.

Armitage 30

Go to Attack menu and you will see all the exploits we can use on the target.

Armitage 31

I select the infamous ms08_067 vulnerability.

Armitage 32

A new window opens. This is just like the options on Metasploit whenever you load an exploit. The only difference is, here it is in graphical mode and you don’t have to change anything.

Armitage 33

Just click on “Launch”. If the target system is compromised, then the look of the target system changes as shown below.

Armitage 34 1
Posted on 1 Comment

Desktop phishing tutorial: Step by step guide

Hello aspiring ethical hackers. In our previous blogpost, you learnt about phishing. In this blogpost, you will learn about Desktop phishing.

What is Desktop phishing?

Desktop phishing is the same as phishing, the only difference being in the method hosting the files required for phishing. Whereas in phishing we upload our files to an external server, in desktop phishing we upload our files to the web server installed on our own desktop. Desktop phishing overcomes three disadvantages present in the traditional method of phishing.

One, however hard we may try, the URL will always looks suspicious in traditional method of phishing.

Dphish1

Two, modern day browsers are capable of detecting phishing sites.

Dpish2

Three, as soon as the webhosting provider detects that you are hosting a phishing webpage, he will suspend your account. This will most likely happen within 24 hours. Desktop phishing overcomes all these defects. So now, let’s see how to desktop phish. As already told, desktop phishing is same as traditional phishing, until the creation of phishing files which you can find here.Now Install Wamp Server on your Windows machine. Next, install a VPN on your system to keep your IP static. See here. We are going to host our phishing files on our desktop and redirect the victim to our site.

Copy our phishing files to the folder C:/wamp/www. This is the root directory of the Wamp server.

Dpish3

Here is the script of the “phish.php” we used.

Dpish3a

Go to folder “C:/wamp/bin/apache/Apache 2.4.4/conf” and make changes to the ‘httpd.conf’ file as below. These changes give permission to external users to access your fake website.

Dpish4

Start your wamp server, open your browser and type localhost” in the url to see if your phishing site is working. Then open Notepad and create a batch file as shown below. We need to send this file to the victim machine and make him execute it. See how? Make sure you replace the IP address below with one assigned by VPN.

Dpish5

What the above script does is it changes the hosts file in the victim’s system to redirect to your fake website when user tries to access Facebook. Now, what is hosts file?

Hosts file is a text file located in the folder “C:/windows/system32/drivers/etc” which resolves IP addresses associated with domain names.

Dpish6

Usually when we try to visit any website say www.google.com our system sends a query for it’s IP address to the DNS server. When we make an entry in the hosts file of our computer, the query is not sent to the DNS server. When the victim clicks on the executable sent by us, it changes the hosts file like below.

Dpish7

Now when victim types “www.facebook.com” in his browser, he is redirected to our wamp server. Notice that the URL looks completely genuine and the browser didn’t detect it as a phishing site.

desktop phishing tutorial

When the unsuspecting victim enters his credentials,

Dpish9

a text file called pass .txt is created in the www directory.

Dpish10

Open the file and we can see the credentials.

Dpish11

That’s all in desktop phishing tutorial for beginners. See how to phish with Weeman Http server.