Showing posts with label Kali Linux. Show all posts
Showing posts with label Kali Linux. Show all posts

2021-09-22

Kali Desktop Experience for Windows Subsystem for Linux

Win-KeX | Kali Linux Documentation

Kex adds the Kali GUI on WSL.  Click the link above for instructions on how to intall WSL, Kex and how to run it.  The notes below are extra settings provided by Riverside of the Wall of Sheep.  The notes are beta at best but it might help for what you need WSL for.










Let the unfuckery begin. 

Posted by at
Labels: , , , ,

2016-01-28

2016.0128.WHY.FIGHT

SOURCE: 
http://resources.infosecinstitute.com/wifite-walkthrough-part-1/#article
http://resources.infosecinstitute.com/wifite-walkthrough-part-2/#article

WHAT IS IT?
In this article series, we will look at a tool named Wifite suitable for automated auditing of wireless networks. Most of you who have experience in wireless pentesting would use tools like airmon-ng, aireplay-ng, airodump-ng, aircrack-ng to crack wireless networks. This would involve a sequence of steps, like capturing a specific numbers of IV’s in case of WEP, capturing the WPA handshake in case of WPA etc, and then subsequently using aircrack-ng to crack the password required for  authentication to the network. Wifite aims to ease this process by using a wrapper over all these tools and thus making it super easy to crack Wifi networks.
Ethical Hacking Training – Resources (InfoSec)

Here is a list of features of Wifite as per its official homepage.
  • sorts targets by signal strength (in dB); cracks closest access points first
  • automatically de-authenticates clients of hidden networks to reveal SSIDs
  • numerous filters to specify exactly what to attack (wep/wpa/both, above certain signal strengths, channels, etc)
  • customizable settings (timeouts, packets/sec, etc)
  • “anonymous” feature; changes MAC to a random address before attacking, then changes back when attacks are complete
  • all captured WPA handshakes are backed up to wifite.py’s current directory
  • smart WPA de-authentication; cycles between all clients and broadcast deauths
  • stop any attack with Ctrl+C, with options to continue, move onto next target, skip to cracking, or exit
  • displays session summary at exit; shows any cracked keys
  • all passwords saved to cracked.txt
  • built-in updater: ./wifite.py -upgrade

RECOMMENDED WIRELESS CARD
Before we start using wifite, make sure you have a proper wireless card that supports packet injection. If you don’t have one, i would suggest that you buy this card.

ALFA 1000mW 1W 802.11b/g USB Wireless WiFi network Adapter with 5dBi Antenna

 

"aireplay-ng" bug info and fix
Note that there is a bug in Wifite that may or may not be there in your particular version of Wifite. The bug basically doesn’t aireplay-ng to function properly and displays an error like aireplay-ng exited unexpectedly . In order to fix this, you will have to make slight modifications in the code of wifite. You can install gedit (apt-get install gedit) which is a text editor and then edit the wifite python script (found in /usr/bin/wifite) using the steps mentioned here. To open wifite, use the command gedit /usr/bin/wifite. This will open up the source code of wifite. Then replace every occurence of cmd = [‘aireplay-ng’, with cmd = [‘aireplay-ng’,’–ignore-negative-one’,

UPDATE to the latest version
Wifite can be found under Applications -> Kali Linux -> Wireless Attacks -> 802.11 Wireless Tools. Also, note that if you are running wifite in a different VM than Kali Linux, then you have to make sure that tools like airmon-ng, aireplay-ng, airodump-ng, aircrack-ng are already installed on that system. This is because Wifite is nothing but a wrapper over all these tools. Before we even start using Wifite, it is better to update to the latest version.



LIST ALL THE COMMANDS and SWITCHES 
In my case, i already have the latest version. In this tutorial, we will be targeting a simple Wifi network with WEP encryption. Just using the command wifite -h will give you a list of all the commands.


Crack some WEP
A very tempting option would be -all which tries to attack every network that it finds. We will try it in later articles in this series. However, first lets take a look at all the targets that we have. To do that, use the command wifite -showb


Once this is done, we can see that wifite has put our network interface card into monitor mode (using airmon-ng) and started to look for clients. After a few more seconds, it will start displaying the list of access points.


Note that as it is mentioned in its feature list (automatically de-authenticates clients of hidden networks to reveal SSIDs), this list will also include hidden access points. Hence, wifite can also be used to find hidden access points. In this case we will attack an access point with the BSSID 00:26:75:02:EF:65 that i have set up for testing purposes. The access point has a simple WEP password 1234567890.


To start attacking an access point, just press Ctrl+C. Wifite will now ask you to choose a target number from the list. The target number for my test network is 1, so let me enter that. Note that if you press Ctrl+C again, it will quit Wifite.


You can now see that Wifite will start attempting to crack the WEP access point using the different known techniques for cracking WEP encryption. After some unsuccessful tries, it has finally begun to start attacking the access points using different techniques for cracking WEP.


Once enough IV’s are being captured, it will automatically start cracking the password.


As we can see, Wifite has successfully figured out the WEP key for the access point. Wifite is an extremely useful tool for cracking wireless networks. As i mentioned previously, you need to have all the tools like airmon-ng, aireplay-ng, airodump-ng, aircrack-ng already installed on your system. To further prove the point, let’s dive into the source code of Wifite.


As we can see, the python code has mentions of calling aireplay-ng. Hence, it is recommended to run Wifite inside Kali linux.  


Crack some WPA
In this article, we will look at cracking access points using WPA-PSK or WPA2-PSK using Wifite.
If you have used tools like airodump-ng, aircrack-ng etc to crack WPA access points before, you would know that the required thing to successfully crack a WPA-PSK network is a captured WPA four-way handshake.
To start wifite for cracking a WPA access point, give it the option -wpa to only target WPA networks. Also, give it a dictionary file as an input for cracking the WPA passphrase with the -dict option. In kali linux, the wordlists are stored at the location /usr/share/wordlists. Wifite will now start scanning for WPA access points.

Press Ctrl+C to give a target number. In my case, the target number is 2 which is an access point i have configured for testing purposes. The access point uses WPA2-PSK encryption with the key as “password”.

Wifite will now start listening for the handshake. Once it has found it, it will automatically start cracking the passphrase using the dictionary file that we supplied.

And as you can see, Wifite has successfully found the passphrase for the access point.
Sometimes, things may not work as smoothly. In order to capture a WPA handshake between the client and the access point, the client has to connect to the wireless network during that period when we are monitoring the network. If the client is already connected, there will be no handshake that is captured. Wifite does this by automatically sending deauthentication packets to a particular client or a broadcast deauthentication packet if it is required. You can specify the time between deauthentication packets using the -wpadt flag. Hence, when the client tries to reconnect to the access point, the handshake is captured.
You can also specify which tool you want to use to crack the passphrase once the four-way handshake has been successfully captured. By default, aircrack-ng is selected. You can also use cowpatty, pyrit or tshark to crack the passphrase.

Another cool option in Wifite is to anonymize your MAC address using the -mac option. Even though it is quite trivial using simple commands or macchanger utility to change the MAC address for a specific interface, it is good to have this feature in the tool itself. However, in order to make this work, you first have to take that specific interface for which you want to change the MAC address down to managed mode if it is in monitor mode previously. You can use the command iwconfig to check all the interfaces that are in monitor mode and then take them down using the command airmon-ng stop interface-name command. As we can see from the image below, the mon0 interface is in monitor mode.

Hence, lets take it down using the command airmon-ng stop mon0
.
Now we can add the -mac option to anonymize the MAC address. As you can see, Wifite is intelligent enough to change the MAC address to something that is similar the existing MAC address of the interface and not to something ridiculous (for e.g AA:BB:CC:DD:EE:FF) which is a giveaway.

And when you stop the capture, Wifite is nice enough to change the MAC address back to the original one.

 PHV.DCXXIV.2016.0128


Posted by at
Labels: , , , , , , , , , , , , ,

2015-08-27

Ten Essential WiFi Hacking Tools

Note: All the information below are from http://www.hackingtutorials.org/wifi-hacking-tutorials/ - for additional cool WiFi info visit their website. 

The Top 10 Wifi Hacking Tools in Kali Linux

In this top 10 Wifi Hacking Tools we will be talking about a very popular subject: hacking wireless networks and how to prevent it from being hacked. Wifi is often a vulnerable side of the network when it comes to hacking since signals can be picked up everywhere and by anyone. Router manufacturers and ISPs turning on WPS by default makes wireless security and penetration testing even more important. With the following top 10 Wifi hacking tools we are able to test our own wireless networks for potential security issues. Let’s start off the top 10 Wifi Hacking Tools with the first tool:

1 Aircrack-ng

Aircrack is one of the most popular tools for WEP/WPA/WPA2 cracking. The Aircrack-ng suite contains tools to capture packets and handshakes, de-authenticate connected clients and generate traffic and tools to perform brute force and dictionary attacks. Aicrack-ng is an all-in-one suite containing the following tools (among others):
– Aircrack-ng for wireless password cracking
– Aireplay-ng to generate traffic and client de-authentication
– Airodump-ng for packet capturing
– Airbase-ng to configure fake access points
The Aicrack-ng suite is available for Linux and comes standard with Kali Linux. If you plan to use this tool you have to make sure your Wifi card is capable of packet injection.

Aircrack-ng aireplay-ng WPA Handshake

2 Reaver

Number 2 in the top 10 Wifi hacking tools is Reaver. Reaver is another popular tool for hacking wireless networks and targets specifically WPS vulnerabilities. Reaver performs brute force attacks against Wifi Protected Setup (WPS) registrar PINs to recover the WPA/WPA2 passphrase. Since many router manufacturers and ISPs turn on WPS by default a lot of routers are vulnerable to this attack out of the box.
In order to use Reaver you need a good signal strength to the wireless router together with the right configuration. On average Reaver can recover the passphrase from vulnerable routers in 4-10 hours, depending on the access point, signal strength and the PIN itself off course. Statistically you have a 50% chance of cracking the WPS PIN in half of the time.

Pixie Dust attack

3 Pixiewps

PixieWPS is a relatively new tool included with Kali Linux and also targets a WPS vulnerability. PixieWPS is written in C and is used to brute force the WPS PIN offline exploiting the low or non-existing entropy of vulnerable access points. This is called a pixie dust attack. PixieWPS requires a modified version of Reaver or Wifite to work with. Since this tools has become quite popular in little time, it earns the number 3 in our top 10 Wifi hacking tools list.

Pixie Dust attack

4 Wifite

Wifite is an automated tool to attack multiple wireless networks encrypted with WEP/WPA/WPA2 and WPS. On start-up Wifite requires a few parameters to work with and Wifite will do all the hard work. It will capture WPA handshakes, automatically de-authenticate connected clients, spoof your MAC address and safe the cracked passwords.


5 Wireshark

Wireshark is one of the best network protocal analyzer tools available, if not the best. With Wireshark you can analyse a network to the greatest detail to see what’s happening. Wireshark can be used for live packet capturing, deep inspection of hundreds of protocols, browse and filter packets and is multiplatform.
Wireshark is included with Kali Linux but also available for Windows and Mac. For certain features you do need a Wifi adapter which is supports promiscuous and monitoring mode.


6 oclHashcat

Number 6 in our top 10 Wifi hacking tools is oclHashcat. oclHashcat is not a dedicated Wifi hacking tool and is not included with Kali Linux, but it can do brute force and dictionary attacks on captured handshakes very fast when using a GPU. After using the Aircrack-ng suite, or any other tool, to capture the WPA handshake you can crack it with oclHashcat using your GPU. Using a GPU with oclHashcat, instead of a CPU with Aicrack-ng, will speed up the cracking process a lot. An average GPU can try about 50.000 combinations per second with oclHashcat.
oclHashcat is available for Windows and Linux and has a version for AMD and Nvidia video cards. AMD video cards require Catalyst 14.9 exactly and Nvidia video cards require ForceWare 346.x or later to work.

oclhashcat

7 Fern Wifi Cracker

Fern Wifi Cracker is a wireless security auditing and attack tool written in Python. Fern Wifi Cracker is the first dedicated Wifi hacking tool in this list which has an graphical user interface. Fern is able to crack and recover WEP, WPA and WPS keys and contains tools to perfom MiTM attacks.
Fern Wifi Cracker runs on any Linux distribution which contains the prerequisites. Fern Wifi Cracker is included with Kali Linux.


8 Wash

Wash is a tool to determine whether an access point has WPS enabled or not. You can also use Wash to check if an access point locked up WPS after a number of Reaver attempts. A lot of access points locks itself up as a security measure when brute forcing the WPS PIN. Wash is included with the Reaver package and comes as a standard tool with Kali Linux.

Wash-WPS-locks wifi hacking tools Top 10 Wifi Hacking Tools

9 Crunch

Crunch is a great and easy to use tool for generating custom wordlists which can be used for dictionary attacks. Since the success rate of every dictionary attack depends on the quality of the used wordlist, you cannot avoid creating your own wordlist. Especially when you want to create wordlists based on default router passwords. Crunch can also be piped directly to other tools like Aircrack-ng. This feature can save a lot of time since you won’t have to wait until large password lists have been generated by Crunch before you can use them.

Crunch Password List generation Top 10 Wifi Hacking Tools

10 Macchanger

Last but not least in this top 10 Wifi Hacking Tools is Macchanger. Macchanger is a little utility which can be used to spoof your MAC address to a random MAC address or you can make up your own. Spoofing your MAC address for wifi hacking might be necessary to avoid MAC filters or to mask your identity on a wireless network.

MAC Address spoofing with macchanger
Posted by at
Labels: , , , , , , , , , , , , , , , , , ,

2015-08-11

20 Basic Linux Commands

from: http://www.tecmint.com/useful-linux-commands-for-newbies/
as noted before, all blog entries are utilized as my personal repository for tools and stuff. 

1. Command: ls

The command “ls” stands for (List Directory Contents), List the contents of the folder, be it file or folder, from which it runs.
root@tecmint:~# ls

Android-Games                     Music
Pictures                          Public
Desktop                           Tecmint.com
Documents                         TecMint-Sync
Downloads                         Templates
The command “ls -l” list the content of folder, in long listing fashion.
root@tecmint:~# ls -l

total 40588
drwxrwxr-x 2 ravisaive ravisaive     4096 May  8 01:06 Android Games
drwxr-xr-x 2 ravisaive ravisaive     4096 May 15 10:50 Desktop
drwxr-xr-x 2 ravisaive ravisaive     4096 May 16 16:45 Documents
drwxr-xr-x 6 ravisaive ravisaive     4096 May 16 14:34 Downloads
drwxr-xr-x 2 ravisaive ravisaive     4096 Apr 30 20:50 Music
drwxr-xr-x 2 ravisaive ravisaive     4096 May  9 17:54 Pictures
drwxrwxr-x 5 ravisaive ravisaive     4096 May  3 18:44 Tecmint.com
drwxr-xr-x 2 ravisaive ravisaive     4096 Apr 30 20:50 Templates
Command “ls -a“, list the content of folder, including hidden files starting with ‘.’.
root@tecmint:~# ls -a

.   .gnupg   .dbus   .goutputstream-PI5VVW  .mission-control
.adobe                  deja-dup                .grsync                 .mozilla                  .themes
.gstreamer-0.10         .mtpaint                .thumbnails             .gtk-bookmarks           .thunderbird
.HotShots               .mysql_history          .htaccess  .apport-ignore.xml       .ICEauthority           
.profile                .bash_history           .icons                  .bash_logout                    .fbmessenger
.jedit                  .pulse                  .bashrc                 .liferea_1.8              .pulse-cookie            
.Xauthority  .gconf                  .local                  .Xauthority.HGHVWW  .cache
.gftp                   .macromedia             .remmina                .cinnamon                       .gimp-2.8
.ssh                    .xsession-errors  .compiz                 .gnome                          teamviewer_linux.deb          
.xsession-errors.old .config                 .gnome2                 .zoncolor
Note: In Linux file name starting with ‘.‘ is hidden. In Linux every file/folder/device/command is a file. The output of ls -l is:
  1. d (stands for directory).
  2. rwxr-xr-x is the file permission of the file/folder for owner, group and world.
  3. The 1st ravisaive in the above example means that file is owned by user ravisaive.
  4. The 2nd ravisaive in the above example means file belongs to user group ravisaive.
  5. 4096 means file size is 4096 Bytes.
  6. May 8 01:06 is the date and time of last modification.
  7. And at the end is the name of the File/Folder.
For more “ls” command examples read 15 ‘ls’ Command Examples in Linux.

2. Command: lsblk

The “lsblk” stands for (List Block Devices), print block devices by their assigned name (but not RAM) on the standard output in a tree-like fashion.
root@tecmint:~# lsblk

NAME   MAJ:MIN RM   SIZE RO TYPE MOUNTPOINT
sda      8:0    0 232.9G  0 disk 
├─sda1   8:1    0  46.6G  0 part /
├─sda2   8:2    0     1K  0 part 
├─sda5   8:5    0   190M  0 part /boot
├─sda6   8:6    0   3.7G  0 part [SWAP]
├─sda7   8:7    0  93.1G  0 part /data
└─sda8   8:8    0  89.2G  0 part /personal
sr0     11:0    1  1024M  0 rom
The “lsblk -l” command list block devices in ‘list‘ structure (not tree like fashion).
root@tecmint:~# lsblk -l

NAME MAJ:MIN RM   SIZE RO TYPE MOUNTPOINT
sda    8:0    0 232.9G  0 disk 
sda1   8:1    0  46.6G  0 part /
sda2   8:2    0     1K  0 part 
sda5   8:5    0   190M  0 part /boot
sda6   8:6    0   3.7G  0 part [SWAP]
sda7   8:7    0  93.1G  0 part /data
sda8   8:8    0  89.2G  0 part /personal
sr0   11:0    1  1024M  0 rom
Note: lsblk is very useful and easiest way to know the name of New Usb Device you just plugged in, especially when you have to deal with disk/blocks in terminal.

3. Command: md5sum

The “md5sum” stands for (Compute and Check MD5 Message Digest), md5 checksum (commonly called hash) is used to match or verify integrity of files that may have changed as a result of a faulty file transfer, a disk error or non-malicious interference.
root@tecmint:~# md5sum teamviewer_linux.deb 

47790ed345a7b7970fc1f2ac50c97002  teamviewer_linux.deb
Note: The user can match the generated md5sum with the one provided officially. Md5sum is considered less secure than sha1sum, which we will discuss later.

4. Command: dd

Command “dd” stands for (Convert and Copy a file), Can be used to convert and copy a file and most of the times is used to copy a iso file (or any other file) to a usb device (or any other location), thus can be used to make a ‘Bootlable‘ Usb Stick.
root@tecmint:~# dd if=/home/user/Downloads/debian.iso of=/dev/sdb1 bs=512M; sync
Note: In the above example the usb device is supposed to be sdb1 (You should Verify it using command lsblk, otherwise you will overwrite your disk and OS), use name of disk very Cautiously!!!.
dd command takes some time ranging from a few seconds to several minutes in execution, depending on the size and type of file and read and write speed of Usb stick.

5. Command: uname

The “uname” command stands for (Unix Name), print detailed information about the machine name, Operating System and Kernel.
root@tecmint:~# uname -a

Linux tecmint 3.8.0-19-generic #30-Ubuntu SMP Wed May 1 16:36:13 UTC 2013 i686 i686 i686 GNU/Linux
Note: uname shows type of kernel. uname -a output detailed information. Elaborating the above output of uname -a.
  1. Linux“: The machine’s kernel name.
  2. tecmint“: The machine’s node name.
  3. 3.8.0-19-generic“: The kernel release.
  4. #30-Ubuntu SMP“: The kernel version.
  5. i686“: The architecture of the processor.
  6. GNU/Linux“: The operating system name.

6. Command: history

The “history” command stands for History (Event) Record, it prints the history of long list of executed commands in terminal.
root@tecmint:~# history

 1  sudo add-apt-repository ppa:tualatrix/ppa
 2  sudo apt-get update
 3  sudo apt-get install ubuntu-tweak
 4  sudo add-apt-repository ppa:diesch/testing
 5  sudo apt-get update
 6  sudo apt-get install indicator-privacy
 7  sudo add-apt-repository ppa:atareao/atareao
 8  sudo apt-get update
 9  sudo apt-get install my-weather-indicator
 10 pwd
 11 cd && sudo cp -r unity/6 /usr/share/unity/
 12 cd /usr/share/unity/icons/
 13 cd /usr/share/unity
Note: Pressing “Ctrl + R” and then search for already executed commands which lets your command to be completed with auto completion feature.
(reverse-i-search)`if': ifconfig

7. Command: sudo

The “sudo” (super user do) command allows a permitted user to execute a command as the superuser or another user, as specified by the security policy in the sudoers list.
root@tecmint:~# sudo add-apt-repository ppa:tualatrix/ppa
Note: sudo allows user to borrow superuser privileged, while a similar command ‘su‘ allows user to actually log in as superuser. Sudo is safer than su.
It is not advised to use sudo or su for day-to-day normal use, as it can result in serious error if accidentally you did something wrong, that’s why a very popular saying in Linux community is:
“To err is human, but to really foul up everything, you need root password.”

8. Command: mkdir

The “mkdir” (Make directory) command create a new directory with name path. However is the directory already exists, it will return an error message “cannot create folder, folder already exists”.
root@tecmint:~# mkdir tecmint
Note: Directory can only be created inside the folder, in which the user has write permission. mkdir: cannot create directory `tecmint‘: File exists
(Don’t confuse with file in the above output, you might remember what i said at the beginning – In Linux every file, folder, drive, command, scripts are treated as file).

9. Command: touch

The “touch” command stands for (Update the access and modification times of each FILE to the current time). touch command creates the file, only if it doesn’t exist. If the file already exists it will update the timestamp and not the contents of the file.
root@tecmint:~# touch tecmintfile
Note: touch can be used to create file under directory, on which the user has write permission, only if the file don’t exist there.

10. Command: chmod

The Linux “chmod” command stands for (change file mode bits). chmod changes the file mode (permission) of each given file, folder, script, etc.. according to mode asked for.
There exist 3 types of permission on a file (folder or anything but to keep things simple we will be using file).
Read (r)=4
Write(w)=2
Execute(x)=1
So if you want to give only read permission on a file it will be assigned a value of ‘4‘, for write permission only, a value of ‘2‘ and for execute permission only, a value of ‘1‘ is to be given. For read and write permission 4+2 = ‘6‘ is to be given, ans so on.
Now permission need to be set for 3 kinds of user and usergroup. The first is owner, then usergroup and finally world.
rwxr-x--x   abc.sh
Here the root’s permission is rwx (read, write and execute).
usergroup to which it belongs, is r-x (read and execute only, no write permission) and
for world is –x (only execute).
To change its permission and provide read, write and execute permission to owner, group and world.
root@tecmint:~# chmod 777 abc.sh
only read and write permission to all three.
root@tecmint:~# chmod 666 abc.sh
read, write and execute to owner and only execute to group and world.
root@tecmint:~# chmod 711 abc.sh
Note: one of the most important command useful for sysadmin and user both. On a multi-user environment or on a server, this command comes to rescue, setting wrong permission will either makes a file inaccessible or provide unauthorized access to someone.

11. Command: chown

The Linux “chown” command stands for (change file owner and group). Every file belongs to a group of user and a owner. It is used Do ‘ls -l‘ into your directory and you will see something like this.
root@tecmint:~# ls -l 

drwxr-xr-x 3 server root 4096 May 10 11:14 Binary 
drwxr-xr-x 2 server server 4096 May 13 09:42 Desktop
Here the directory Binary is owned by user “server” and it belongs to usergroup “root” where as directory “Desktop” is owned by user “server” and belongs to user group “server“.
This “chown” command is used to change the file ownership and thus is useful in managing and providing file to authorised user and usergroup only.
root@tecmint:~# chown server:server Binary

drwxr-xr-x 3 server server 4096 May 10 11:14 Binary 
drwxr-xr-x 2 server server 4096 May 13 09:42 Desktop
Note: “chown” changes the user and group ownership of each given FILE to NEW-OWNER or to the user and group of an existing reference file.

12. Command: apt

The Debian based “apt” command stands for (Advanced Package Tool). Apt is an advanced package manager for Debian based system (Ubuntu, Kubuntu, etc.), that automatically and intelligently search, install, update and resolves dependency of packages on Gnu/Linux system from command line.
root@tecmint:~# apt-get install mplayer

Reading package lists... Done
Building dependency tree       
Reading state information... Done
The following package was automatically installed and is no longer required:
  java-wrappers
Use 'apt-get autoremove' to remove it.
The following extra packages will be installed:
  esound-common libaudiofile1 libesd0 libopenal-data libopenal1 libsvga1 libvdpau1 libxvidcore4
Suggested packages:
  pulseaudio-esound-compat libroar-compat2 nvidia-vdpau-driver vdpau-driver mplayer-doc netselect fping
The following NEW packages will be installed:
  esound-common libaudiofile1 libesd0 libopenal-data libopenal1 libsvga1 libvdpau1 libxvidcore4 mplayer
0 upgraded, 9 newly installed, 0 to remove and 8 not upgraded.
Need to get 3,567 kB of archives.
After this operation, 7,772 kB of additional disk space will be used.
Do you want to continue [Y/n]? y
root@tecmint:~# apt-get update

Hit http://ppa.launchpad.net raring Release.gpg                                           
Hit http://ppa.launchpad.net raring Release.gpg                                           
Hit http://ppa.launchpad.net raring Release.gpg                      
Hit http://ppa.launchpad.net raring Release.gpg                      
Get:1 http://security.ubuntu.com raring-security Release.gpg [933 B] 
Hit http://in.archive.ubuntu.com raring Release.gpg                                                   
Hit http://ppa.launchpad.net raring Release.gpg                      
Get:2 http://security.ubuntu.com raring-security Release [40.8 kB]   
Ign http://ppa.launchpad.net raring Release.gpg                                                  
Get:3 http://in.archive.ubuntu.com raring-updates Release.gpg [933 B]                            
Hit http://ppa.launchpad.net raring Release.gpg                                                                
Hit http://in.archive.ubuntu.com raring-backports Release.gpg
Note: The above commands results into system-wide changes and hence requires root password (Check ‘#‘ and not ‘$’ as prompt). Apt is considered more advanced and intelligent as compared to yum command.
As the name suggest, apt-cache search for package containing sub package mpalyer. apt-get install, update all the packages, that are already installed, to the newest one.
Read more about apt-get and apt-cache commands at 25 APT-GET and APT-CACHE Commands

13. Command: tar

The “tar” command is a Tape Archive is useful in creation of archive, in a number of file format and their extraction.
root@tecmint:~# tar -zxvf abc.tar.gz (Remember 'z' for .tar.gz)
root@tecmint:~# tar -jxvf abc.tar.bz2 (Remember 'j' for .tar.bz2)
root@tecmint:~# tar -cvf archieve.tar.gz(.bz2) /path/to/folder/abc
Note: A ‘tar.gz‘ means gzipped. ‘tar.bz2‘ is compressed with bzip which uses a better but slower compression method.
Read more about “tar command” examples at 18 Tar Command Examples

14. Command: cal

The “cal” (Calendar), it is used to displays calendar of the present month or any other month of any year that is advancing or passed.
root@tecmint:~# cal 

May 2013        
Su Mo Tu We Th Fr Sa  
          1  2  3  4  
 5  6  7  8  9 10 11  
12 13 14 15 16 17 18  
19 20 21 22 23 24 25  
26 27 28 29 30 31
Show calendar of year 1835 for month February, that already has passed.
root@tecmint:~# cal 02 1835

   February 1835      
Su Mo Tu We Th Fr Sa  
 1  2  3  4  5  6  7  
 8  9 10 11 12 13 14  
15 16 17 18 19 20 21  
22 23 24 25 26 27 28
Shows calendar of year 2145 for the month of July, that will advancing
root@tecmint:~# cal 07 2145

     July 2145        
Su Mo Tu We Th Fr Sa  
             1  2  3  
 4  5  6  7  8  9 10  
11 12 13 14 15 16 17  
18 19 20 21 22 23 24  
25 26 27 28 29 30 31
Note: You need not to turn the calendar of 50 years back, neither you need to make complex mathematical calculation to know what day you were worn or your coming birthday will fall on which day.

15. Command: date

The “date” (Date) command print the current date and time on the standard output, and can further be set.
root@tecmint:~# date

Fri May 17 14:13:29 IST 2013
root@tecmint:~# date --set='14 may 2013 13:57' 

Mon May 13 13:57:00 IST 2013
Note: This Command will be very use-full in scripting, time and date based scripting, to be more perfect. Moreover changing date and time using terminal will make you feel GEEK!!!. (Obviously you need to be root to perform this operation, as it is a system wide change).

16. Command: cat

The “cat” stands for (Concatenation). Concatenate (join) two or more plain file and/or print contents of a file on standard output.
root@tecmint:~# cat a.txt b.txt c.txt d.txt >> abcd.txt
root@tecmint:~# cat abcd.txt
....
contents of file abcd 
...
Note: “>>” and “>” are called append symbol. They are used to append the output to a file and not on standard output. “>” symbol will delete a file already existed and create a new file hence for security reason it is advised to use “>>” that will write the output without overwriting or deleting the file.
Before Proceeding further, I must let you know about wildcards (you would be aware of wildcard entry, in most of the Television shows) Wildcards are a shell feature that makes the command line much more powerful than any GUI file managers. You see, if you want to select a big group of files in a graphical file manager, you usually have to select them with your mouse. This may seem simple, but in some cases it can be very frustrating.
For example, suppose you have a directory with a huge amount of all kinds of files and subdirectories, and you decide to move all the HTML files, that have the word “Linux” somewhere in the middle of their names, from that big directory into another directory. What’s a simple way to do this? If the directory contains a huge amount of differently named HTML files, your task is everything but simple!
In the Linux CLI that task is just as simple to perform as moving only one HTML file, and it’s so easy because of the shell wildcards. These are special characters that allow you to select file names that match certain patterns of characters. This helps you to select even a big group of files with typing just a few characters, and in most cases it’s easier than selecting the files with a mouse.
Here’s a list of the most commonly used wildcards :
Wildcard   Matches
   *   zero or more characters
   ?   exactly one character
[abcde]   exactly one character listed
 [a-e]   exactly one character in the given range
[!abcde]  any character that is not listed
 [!a-e]   any character that is not in the given range
{debian,linux}  exactly one entire word in the options given
! is called not symbol, and the reverse of string attached with ‘!’ is true.
Read more examples of Linux “cat command” at 13 Cat Command Examples in Linux

17. Command: cp

The “copy” stands for (Copy), it copies a file from one location to another location.
root@tecmint:~# cp /home/user/Downloads abc.tar.gz /home/user/Desktop (Return 0 when sucess)
Note: cp is one of the most commonly used command in shell scripting and it can be used with wildcard characters (Describe in the above block), for customised and desired file copying.

18. Command: mv

The “mv” command moves a file from one location to another location.
root@tecmint:~# mv /home/user/Downloads abc.tar.gz /home/user/Desktop (Return 0 when sucess)
Note: mv command can be used with wildcard characters. mv should be used with caution, as moving of system/unauthorised file may lead to security as well as breakdown of system.

19. Command: pwd

The command “pwd” (print working directory), prints the current working directory with full path name from terminal.
root@tecmint:~# pwd 

/home/user/Desktop
Note: This command won’t be much frequently used in scripting but it is an absolute life saver for newbie who gets lost in terminal in their early connection with nux. (Linux is most commonly referred as nux or nix).

20. Command: cd

Finally, the frequently used “cd” command stands for (change directory), it change the working directory to execute, copy, move write, read, etc. from terminal itself.
root@tecmint:~# cd /home/user/Desktop
server@localhost:~$ pwd

/home/user/Desktop
Note: cd comes to rescue when switching between directories from terminal. “Cd ~” will change the working directory to user’s home directory, and is very useful if a user finds himself lost in terminal. “Cd ..” will change the working directory to parent directory (of current working directory).
These commands will surely make you comfortable with Linux. But it’s not the end. Very soon I will be coming with other commands which will be useful for ‘Middle Level User‘ i.e., You! No don’t exclaim, if you get used-to these commands, You will notice promotion in user-level from newbie to Middle-level-user. In the next article, I will be coming up with commands like ‘Kill‘, ‘Ps‘, ‘grep‘,….Wait for the article and I don’t want to spoil your interest.
Posted by at
Labels: , , , , , , , , , , , , , , , , ,

2014-09-26

Unlocking and Rooting Your Nexus Under Kali Linux

Unlocking and Rooting Your Nexus Under Kali Linux

CREDITS: This whole post was lifted from nethunter.com (a.k.a. Kali NetHunter)

 Before flashing the Kali NetHunter image to your Nexus device, it must first be unlocked and rooted. Note that unlocking your device will result in all of your data being deleted so ensure you have made a backup. Begin by installing the google-nexus-tools package on your Kali Linux system:


1

root@kali:~# apt-get update && apt-get -y install google-nexus-tools

Connect your Nexus to Kali with a USB cable. You will be prompted to allow USB debugging from the computer as shown below. Tap ‘OK’ to allow the connection.
On your Kali system, use the nexus-adb command to verify that your Nexus has been successfully attached.


1
2
3

root@kali:~# nexus-adb devices
List of devices attached
0a6088af        device

Download the correct TWRP recovery image for your Nexus device:
Next, we require the correct files needed to root the device:
In this example, we are flashing a Nexus 7 2013 LTE device so we download the necessary files for our device and unzip the CF-Auto-Root archive.


1
2
3

root@kali:~# wget -q -O twrp-recovery.img http://techerrata.com/file/twrp2/deb/openrecovery-twrp-2.8.0.1-deb.img
root@kali:~# wget -q -O cf-auto-root.zip http://download.chainfire.eu/361/CF-Root1/CF-Auto-Root-deb-razorg-nexus7.zip?retrieve_file=1
root@kali:~# unzip cf-auto-root.zip

With everything in place, we can now proceed to unlock the Nexus, install a new recovery, and root the device. First, reboot to the bootloader:


1

root@kali:~# nexus-adb reboot bootloader

Once the device has booted to the bootloader, we can unlock it with the command below. You will be prompted to confirm the unlock on the Nexus device itself. Use the volume button to select Yes and press the Power button to confirm the unlock.


1
2
3
4
5
6
7
8
9

root@kali:~# nexus-fastboot oem unlock
(bootloader) Unlocking bootloader...
(bootloader) erasing userdata...
(bootloader) erasing userdata done
(bootloader) erasing cache...
(bootloader) erasing cache done
(bootloader) Unlocking bootloader done!
OKAY [ 80.961s]
finished. total time: 80.961s

With the Nexus still in bootloader mode, we can flash the TWRP recovery downloaded previously:


1
2
3
4
5
6

root@kali:~# nexus-fastboot flash recovery openrecovery-twrp-2.8.0.1-deb.img
sending 'recovery' (7878 KB)...
OKAY [  0.673s]
writing 'recovery'...
OKAY [  0.302s]
finished. total time: 0.975s

The final step is to actually root the Nexus by making the ‘root-linux.sh’ script executable and then running it:


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30

root@kali:~# chmod 755 root-linux.sh
root@kali:~# ./root-linux.sh

----- CF-Auto-Root-deb-razorg-nexus7 -----

Please make sure your device is in bootloader/fastboot mode before continuing.

***WARNING*** ALL YOUR DATA *MAY* BE WIPED ! ***WARNING***

We are going to run the OEM UNLOCK command on your device. If your device
was not previously unlocked, this will wipe all your data !

After the unlock, CF-Auto-Root will boot. You should see a big red Android
on your device's screen.

You may need to enter your administrator password to continue.

Press Ctrl+C to cancel !

Press ENTER to continue

... INFOThe bootloader is already unlocked!
OKAY
downloading 'boot.img'... OKAY
booting... OKAY

It may take a minute or so for the red Android to appear. If it doesn't show up
at all, there may be a problem.

Press ENTER to continue

After your Nexus reboots, re-enable developer mode as shown above in order to proceed.

Install BusyBox Free Stephen (Stericson)

The first application to install once rooted is Busybox Free (Stephen Sericson). The NetHunter image will fail to function without a proper installation of this app. Once downloaded from the App store, open up BusyBox and grant it root privileges. Wait until the “gathering information” stage completes, and press “install”. Exit the Busybox app.

Install the TWRP Boot Manager Application

To ease the process of booting your Nexus into fastboot and recovery mode (normally done by powering down the Nexus, then booting it by pressing both the power button and volume down), we can install the TWRP boot manager application through the Google play store. This will allow us to boot into recovery mode with a single press of the touchscreen. Your Nexus device is now successfully unlocked and rooted, 
Posted by at
Labels: , , , , , , , , , ,
Subscribe to: Posts (Atom)