Sharing for what Problem I faced in between
There is quite a lot of website and youtube channel that teaching how to hack wi-fi and few of them are mentioning what problem we may face and how to solve. This is the main reason why I want to make a post to sharing the problem I faced instead of straightforward hacking process.
Prerequisites
As an experience sharing blog post, I will start from basic part but assuming you already have your Kali Linux ready and have basic Linux command background. I may give some basic introduction of the command but in detail, you may put your effort to google it and you will learn much more.
Step 1. Getting Fluxion from Github
Fluxion is a security auditing tools and social engineering research tool. You may find more detail from their website as below link.
https://github.com/FluxionNetwork/fluxion
The version you download maybe different because this is the original source for Fluxion and they are keep updating it. I got at lease 3 different versions from above link when I try on my different VM and Raspberry Pi machine during Nov 2017 to Mar 2018. The latest version I download up to now is v4.0.
I suggest you do not get order version as technology always changing and if you considering new version may have more bugs or unknown issues that’s true but those contributors are putting hard effort to solve it and this is what I see in these period. So just download the latest one to try.
Click the “Clone or download” button as per above screen showing and you should got the full package in zipped format in your download folder.
Unzip it and put it somewhere in your computer and just remember where you saved. For example, I am putting inside the /Documents/Wifi Hacking/
Step 2. Installation and Kick Start
Starting from 3.xx version, Fluxion will auto-install all the packages to you. Let’s kick start by run the following command.
sudo ./fluxion.sh
As you see above screen, every time when you run Fluxion the program will check any package is missed and auto-install it.
After you run the Fluxion and after auto-installed those packages you may need to manually disconnect the Wi-Fi connection that shown as above, or you may run the following command line before you kick start the ./fluxion.sh
export FLUXIONWIKillProcesses=1
If you don’t understand this step and not sure is it necessary to run. I suggest you can just skip this part and you can find at Troubleshooting section for more detail on different issues you may face.
Step 3. Starting Fluxion Options…
Above is the first option you may see on v4.4. Don’t choice [1] if you don’t capture any packet from decided Wi-Fi access point yet. So let’s choice [2] for getting and it will go to choice access point and analysis the packet.
Upon your Wi-Fi adaptor chips version and you may choice [1], [2] or [3] whatever choice. My adaptor supports both 2.4GHz and 5GHz but I just go for 2.4GHz channel so I will choice [1]
Fluxion will keep scanning all the nearest access points and showing the ESSID and the detected router brand. The Brand is important for latest stage, as we will create a page for user to input the wifi password. Fluxion have another packages for us to download and pretend the corresponding router in later stage. That is optional step but it can reduce the doubt from the victim.
You need to break above process manually by press Control+C, when you feel the access points are good enough.
Once you break the scanning process, all detected access points will be listed and then you can choice which one you are going to hack by input the number next to the ESSID. For me, I will hack 048 and this is my own access points by input 48 on the command line.
[esp8266 usage if necessary] [Explain above is in a VM on my Macbook Pro but I also do the same steps for my Raspberry Pi. the reason I show by VM because more easy to capture screen.] [All Site instead of Default Portal] [This is first post and will further to share man-in-the-middle]
Topics Covered
Background
In the previous article, we saw the internal details of the Shellshock vulnerability. In this article, we will see how to exploit the bash bug in the following scenarios.
But before proceeding further, it is recommended to go through the first part of this series.
more…
This Method can be Used for Both ID Elevation and Jail Shell Escaping. And It might need some dependencies on the remote system. Its an Old School Trick, Enjoy.
After successful Exploitation phase in a Penetration Test at times one can end in a situation like that:
Mostly it will be remote reverse shell and going:
$ /bin/bash
is not a good option .
There is a pretty nice way to escape from that typing:
$ python -c ‘import pty;pty.spawn(“/bin/bash”)’
it works nice and make your work easier…but in situation like that one you will end with something like that:
As you can see we went back to user1 losing privileges from user2. When I had to deal with such a problem like that one I found this solution , so I thought to share it:
Picking a laptop for Ethical hacking/Penetration Testing requires a lot of brainstorming since you need a robust machine that will not lag or run out of resources during working. During Ethical Hacking/Penetration Testing .it could involve DDOS a website, coding a backdoor program, Scanning a servers, cracking passwords, Reversing a Program or performing penetration testing. And Even Create a Private Lab for Testing Exploits and Practice. All these tasks demand a good hardware that can handle enormous data, multi-tasking capacity, high processing speed and a decent internal memory. Unable to meet these specifications in a laptop can easily derail your hacking Performance.
Having said that, every hacker or IT security personnel need to run their specific software that might include running several virtual machines of Different Operating Systems, password cracking tools, Kali Linux or SQL injections. While creating a list of ten laptops for hackers, we have considered all the key features so that you may get the maximum performance out of the hacking machine.
The Following Penetration Testing Cheat Sheet Linux System is for usage during local enumeration,post exploitation or when performing command injection etc.
If you want to become Professional Ethical Hacker. Well, Then be ready for a long journey. The Most Important things you’ll need is passion & Dedication, I hope you have it and you are interested in Learning Ethical hacking. So , Let’s start with what you will need to know.
First of All Decide Your Point of Interest in Hacking. Since There are Several Domains in Ethical Hacking.
For Example :- Web Application Security, Network Security, System Security , Reverse Engineering , Exploit Development and Social Engineering.
If you want to be Professional Ethical Hacker you must know all and Specially : Web Application Security
So For that
Many Unix systems are using Samba as a service for file sharing.So it is a service which at some point of time we will have to face and exploit it.In this article we will see how we can exploit this service on a server that is running a vulnerable version of Samba.
We have scan with the Nmap our target which is an Ubuntu server and we have identify that is running a Samba server on ports 139 and 445.
Identifying Samba Service
GDB Tutorial is comprehensive guide to learn gdb in easy steps. This tutorial covers instroduction of gdb, how to install it and explains how to use gdb and gdb commands with example. This tutorial is best for beginner level programmer, who are new to gdb and debugging environment.
Contents of GDB Tutorial
Online GDB
Most exploits are only capable of doing one thing—insert a command, add a user, etc. Basically, it’s one and done. In addition, if we add a command shell for our exploit (among the most useful payloads we can use on the victim), we are limited to processes that can be initiated at the command line. On systems running Linux, this provides us with a powerful environment for further system control, but on Windows systems we are working with a command shell leftover from DOS and of limited functionality (Windows Server’s Powershell is remedying that). If we want to add another process to the victim, we need to exploit the system again and potentially risk detection (each exploit risks being detected by an IDS/IPS, security admin, etc.). The beauty of Meterpreter is that it gives us a platform on the victim system to create more functionality. It’s a service that we install on the victim system that gives us command shell capability and much more. Additionally, the Meterpreter communicates back to us encrypted for stealth. We can even write our own scripts and run them on the target system through the Meterpreter. To sum up, Meterpreter makes extracting information from the target system and covering our tracks much easier. Now that you have a basic understanding of the Meterpreter, let’s hack into a Linux system, install a reverse shell, and then upgrade to the Meterpreter for our convenience and pleasure. The steps are going to be essentially the same as in our previous hack, except that we change the exploit and payload. Why Meterpreter?