Complete Guide to Ethical Hacking

Cyber Security Simplified

Complete Guide to Ethical Hacking

This Post Will Be Completed Soon…
Contributors are invited for Articles, Posts, Photos, Videos, etc
Please Email us at contribute@phmcsecurities.org

Introduction

My Name is Sagar Bansal, and I am the Founder of PHMC SECURITIES, I met with Some Amazing People who also wanted to do exactly what i was planning to, and we Created this Free Guide…

Author – Sagar Bansal & Jitendra Kumar Singh
Co-Author – Daniel Platt

You can check our Full Training which is at Minimum Cost (Remember, it is on our Cost not on Profits) on https://phmcsecurities.org/learn

But If you Prefer to go with a Free Written Guide, then Let’s get started.
( Complete Guide in Menu Bar is a Great Navigation to use)

Download THE WAPT BOOK

We are Re-Making the Blog and this guide is being broken into small posts, So Please use the Menu Navigation to Find the Lectures Properly…

Basic Theory

let us Study the basic classification of hackers.

you maybe feeling that, What is it???  Theory?
No! Everything is practical but, to become technical, we need to learn some basic theory..

So, first let us start with basic classification of hackers.we can classify hackers broadly into different different categories:

 

On the Basis of Work

  • White Hat Hacker:
    white hat hacker is also known as an ethical hacker or an pen tester.

for your info: the ethical hackers and an pen-testers are the people, who breaks into the secure system with the permission of the online property owner

For example:  if the owner says you that, hay! come to my company and check my security!. so, it means, he is giving you the chance and permission to show your security skills.

  • Black Hat Hackers:

black hat hackers are those persons(hackers) who does not takes online property owner permission before entering into the specific target. they are basically concerned with bad word. to make it cut and clear,

For example: have you seen a movie an hero and a villain?if so, you maybe knowing that, hero will be good and villain will be bad but they would be having same knowledge right?
so, in hacking black and white both type of hackers are considered as an hero and a villain.

in Short, white hat hacker is considered as an hero and black hat as a villain.

  • Grey Hat Hackers:
    this hackers work with an intention to get some reward but in an black hat hacking way. their motto will be to get some of the good fame and rewards from the big big brands.

so, they go to the big brand websites, scan them for the vulnerabilities, then, try to find some vulnerability from which, they can exploit their code or program. but, their intention is not bad.

  • Red hat hackers:
    this are the mixture of white and black hat hackers, this hackers generally have extra skills then white and black hat hackers.

    So, this hackers work for those only from whom they get reward they extra info like:

    • vulnerabilities in government websites,
    • vulnerabilities in banks and much more!
    • their activities can be legal or illegal depending on the reward and fame they get.
  • Green Hat Hackers:
    this hackers are often known as neophyte hackers or newbie hackers means, this persons would be new in the field of cyber security hacking so, they would be knowing some small small hacking tricks which they use to prank their friends or to fool the persons who do not have good knowledge.
  • Blue Hat Hacker:
    this term is different!
    what you all maybe thinking: hay! what this person is telling about colors? is this an joke?
    No! it is not a joke. you must know this all.
    let us get to know this blue hat hacker with an example:
  • let us assume company a is launching any product and, it hire a Security Company to check the security of that product (to do penetration testing on that product)

    and Security Company completes their penetration testing work and, after completing the penetration testing, they calls the other person which would be out of their teem to check the security again of that product.

    it maybe possible that, he would get some vulnerability which the Security Company group does not found in that product… so, if it is, they try to fix the vulnerability of that product.

    So, at last, blue hat hackers are the hackers, who are out of the Team and, Microsoft generally use this term often.

On the Basis of Skills

  • Elite Hacker:
    this hackers are the hackers who get the high rated or high level info
    or news as soon as it get released in the market.
  • Script Kiddies:
    this are the people which likes to be dependent on an scripts and tools developed by an other people and don’t have any own programing skills
  • Hacktivist:
    this hackers generally like to hack into big big websites to spread their name.
    Example of some of them are anonymous, lulzsec, etc.

Process of Hacking

Before going further we should know the correct meaning of hacking and how a system is hacked. In general hacking is not like you see in movies where a person continuously tapping on keyboard and after 5 minute says boom system is hacked. Hacking takes a lot of time and patience. Here we will know the process through which we can hack a system

How this process works: 

Let there is a secured system that we want to hack. This system can be accessed using two ways, first one is the person directly connected to that system and second one is the security measures to protect that system. A hacker can go through either of the two ways either he can attack on the person or on the security measures. When hacker attack on the security of the system using various tools than it is called technical hacking. When a hacker attack on the people connected to the system it is called social engineering. Here attack on person means make him give you personal information of the system that you want to hack

So, to make it easy, i would say, hacking is an two way process.
Either you take Security down or, you take the People down.

TECHNICAL HACKING:

According to my Methodology Technical hacking is divided Into 5 steps :

  1. Reconnaissance
  2. Scanning
  3. Gaining access
  4. Maintaining access
  5. Clearing tracks
  1. Reconnaissance : It means the information gathering. In this step we try to get the information about the target system. Sometimes even the small piece of information helps hacker to break the system. In this step hacker get the complete information about the system like which operating system target is using etc.
  2. Scanning: In this step we analysis the data gathered in previous step. In this we take the benefits of vulnerability in the system. A vulnerability is the loophole that can be use to access the target system. After getting information we try to find out the vulnerability in the system. For example. We get to know which operating system or tools target is using than we can find the related loophole for that system.
  3. Gaining access: In this step when hacker find the vulnerability in the system and use various tools to exploit that vulnerability and gain the access to the target system.
  4. Maintaining access: Maintaining access means keep a way o enter into that system when you need. Generally it is used in black hat hacking where hacker leaves a backdoor in the system for future entry in the system. Maintaining access is important because let’s say the vulnerability that helped you to access the target system is patched than your exploit will no longer work on that system so instead of looking for any other vulnerability hacker leaves backdoor in the system so easily gain the access to the system when required. Another benefit of maintaining access is that the hacked can be further connected to another systems so if hacker get access to one than he can access any system connected to that system.
  5. Clearing tracks: Clearing track means deleting the evidence from the targeted system. Generally system keeps the logs like IP address and other information of the hacker so it is beneficial to clear the tracks so no one can reach hacker. In ethical hacking you should take permission from employer for clearing tracks.

and then you can add the Reporting Phase as did it for someone else

Social Engineering  ( Non Technical Hacking )

i will again divide it Into 5 steps :

  1. Information gathering
  2. Relationship development
  3. Exploitation of Relationship
  4. Execution of Objective
  5. Clearing tracks
  1. Information gathering: This Stage is is same as in the technical hacking but this time we get information about people connected to that system instead of the system itself. For example : Hacker want the access to a system which have high security measures so hacker can go through the person which is connected to the same network on which targeted system is connected. Sometimes information about the person using targeted system helps a lot. Because most time target use some personal information as password which can be very useful.
  2. Relationship development: In this we maintain a relationship with targeted person to get information. This relationship can be of any type like friends or even hacker can give a survey to Target to get his personal information. In this hacker get sensitive information of the person that can be helpful for exploiting the target system.
  3. Exploitation of Relationship: In this step hacker use the information about the user of targeted system and use this information to exploit that system.
  4. Execution of Objective: In this step hacker execute various operations to complete his objectives like gaining access to that computer , installing backdoor in the system etc.
  5. Clearing tracks: Here clearing tracks means targeted person should not doubt on hacker. And targeted personal should not get to know that you have installed something suspicious on his system.

As you can see using social engineering you can easily access the targeted system as compared to technical hacking where you need to look through target system, find for vulnerability , looking for tools to exploit that vulnerability.

Types of Penetration Testing

Pen testing can be Done in Many Styles, and Different Situation Demand Different Method

 

Pen testing can be Done in Many Styles

  1. Black Box Penetration Testing :-
    In this type of penetration testing, tester has no idea about the systems that he is going to test. He is interested to gather information about the target network or system.
    Advantages of Black Box Penetration Testing.
    There is no requirement that tester should have to know a specific language.
  2. White Box Penetration Testing:-
    IN this type of testing the tester has been provided with whole range of information about the systems and/or network such as Source code, OS details, IP address, etc. which type of server is being used what type of security they are using etc.
  3. Grey Box Penetration Testing:-
    In this type of testing, a tester have limited information about the internal details of a system. It can be considered as an attack by an external hacker gained access to some of the sensitive documents of the organization

Areas of Penetration Testing

  • Network Penetration Testing − In this testing, the physical structure of a system needs to be tested to identify the vulnerability and risk which ensures the security in a network. Like they have enough protection for DOS or any port with default credentials is not opened.
  • Application Penetration Testing − In this testing, the logical structure of the system needs to be tested. Like testing for the XSS CSRF and business logic vulnerabilities.
  • The response or workflow of the system − This is the third area that needs to be tested. Social engineering gathers information on human interaction to obtain information about an organization and its computers.

Choosing Your OS

There are a lot of operating system you can use but the fact is that it shouldn’t be windows operating system. Windows can be highly vulnerable and you cannot get a lot of  anonymity in windows and I’ll suggest you to use any Linux based operating system.

There are a lot of Linux based operating system out there some of them are

1. Kali Linux : It is the successor of backtrack and in the whole course we will use this operating system because we are going to use a portable USB drive for you to use. We will install Kali on that USB and it will be capable of holding each and every tool which you can use easily because Kali Linux is a persistence operating system. It has my 150 plus favorite tools and very light weight.
Official Website www.kali.org

There are some other OS and Projects you may be interested in are

1. BackBox http://blackbox.org

2. Parrot security OS http://parrotsec.org

3. Live hacking OS http://livehacking.com

4. Samurai web testing frame work http://samurai-wtf.org/

5. Network security tool kit http://www.networksecuritytoolkit.org/nst/index.html

6. BugTraq http://bugtraq-team.com/

7. Node Zero https://sourceforge.net/projects/nodezero/

8. Pentoo http://www.pentoo.ch

9. Blackbuntu https://sourceforge.net/projects/blackbuntu/

10. Blackarch linux https://blackarch.org/

You can also use Ubuntu, Fedora, or Basically Any OS if you want and then you can add respiratory of tools in that but if you think that this is hard you can use Kali Linux.

Now everybody will think that why we have to use Kali Linux

Let’s talk about it, the most advanced operating system which have many tools pre-installed and that can be use easily used so going with others doesn’t make a sense. We will prefer that you use Kali Linux but if you want to use others you can use them as well.

So for Kali Linux you can go to https://www.kali.org . They have a training section as well where you can find out everything you want to learn about this OS. There is a video as well you can watch that if you want.

Kali Linux was launched on March 13th 201. It is a successor of Backtrack and in August 11th 2015 kali 2.0 came.

Kali 2.0 has restructured tools categories. Each and everything is divided like all tools for password attacks are in the password attack category all tools of information gathering are in information gathering categories which makes it easy to find the tools of your choice. It also supports multi desktop which gives us a clean environment there is inbuilt notifications as well. It updates weekly. There is native ruby 2.0 so Metasploit is going to work really fast and it has built in ScreenCasting as well.

To download kali linux images you have to look which type of processor is yours like it is based on x86 architecture or on x64. In case of Windows OS, You can get this information from My Computer ( This PC ) > system properties. My processor is 64 bits so I will download Kali 64 bit ISO. If you have x86 you can download x86 version as well.

Don’t go with the light version because will not have everything what a full version will give you

I will download x64 Kali to get ready for next lecture. I will suggest you all to download this as well.

Writing Your OS

You Should Have at Least 4 GB USB ( 8 GB Recommended )
Connect your USB drive to your laptop or desktop after connecting follow these steps:

1. Format that USB drive if it has anything in it you can backup if there is so important data if you want.

2. Now, Open the win32diskimager

3. Now click on that folder icon and choose your Downloaded Kali Linux file

look like the image attachable.

4. Now I am writing to my USB which have a drive letter F.

5. After that from the drop down menu after that folder icon which you have chosen in step 3, choose your drive letter mine is F.

 

6. After following these steps click on write and it will start writing that OS in USB drive.

Congratulations, Its Done
Now, for Mac you have to follow some other steps to do that:

I am posting the link of that tutorial from the Kali forum in this post.

https://forums.kali.org/showthread.php?362-Kali-Linux-Live-USB-on-MAC

However, Students Enrolled in the Training can use our Compiled Software to Do the Same Process with GUI Interface as with Windows

Setup Persistence

You Should Have at Least 4 GB USB ( 8 GB Recommended )
Connect your USB drive to your laptop or desktop after connecting follow these steps:

1. Format that USB drive if it has anything in it you can backup if there is so important data if you want.

2. Now, Open the win32diskimager

3. Now click on that folder icon and choose your Downloaded Kali Linux file

look like the image attachable.

4. Now I am writing to my USB which have a drive letter F.

5. After that from the drop down menu after that folder icon which you have chosen in step 3, choose your drive letter mine is F.

 

6. After following these steps click on write and it will start writing that OS in USB drive.

Congratulations, Its Done
Now, for Mac you have to follow some other steps to do that:

I am posting the link of that tutorial from the Kali forum in this post.

https://forums.kali.org/showthread.php?362-Kali-Linux-Live-USB-on-MAC

However, Students Enrolled in the Training can use our Compiled Software to Do the Same Process with GUI Interface as with Windows

Orientation of Kali

So Now we will do a quick overview of orientation of Kali. Those who have previously used kali can skip this lecture and others can take this lecture.

Lets start with the top left corner. At the top left corner there is application menu which contains all the tools in the application which comes pre installed in Kali Linux.

They are categorised like information gathering menu contains all the tools which are required for information gathering purposes. If you want to do vulnerability assessment than all the tools related to this are in vulnerability analysis menu. And there are some other categories like password attacks, data base assessment, wireless attacks, forensic and social engineering tools as well.

There is also a menu which have useful applications and some sub menus like accessories which contains some basic apps like calculator text editor leafpad. There is also an office tab as well which some other tools like dictionary. There is a tab programming which contains ipython and programmers can run their python code in this.

On the left of applications there is a Menu of Places which contains some shortcuts like if you want to go home, desktop, documents, downloads etc you can click on it.

On the top left, the first icon from the top left shows the number of work places you have opened you can switch to different work places by clicking on it which keeps your desktop neat and clean.

Now, the next icon is recorder tab by which you can record, take a screen shots or you can start the recording after sometimes. 

Adding a Non Root User

Adding a non-root user to Kali is most important thing because each and every task like installing a programme or doing some changes will required root user but these changes can be malicious and if someone get’s root access to your system, he owns the complete system. 

There are two ways to create a non-root user you can use terminal (CLI) or graphical interface to do so 
Let’s use the GUI Method…

1. Go to settings. 

2. Then choose users and click on add user  

3. Now a pop up box will open which will ask some of the basic information like account type, full name, user name and a password.  

4. After filling all the information click on add and a user will be added to your OS.

5. To check that these changes happened correctly click on the arrow on the top left corner of your desktop  and click on that lock icon to return to login screen

Now below this there will be an option which says log in as another user, click on it, and enter the username you have chosen and then the password which you have entered in step 3 and click enter. You will be now logged in as a non-root user.  

Terminal - Navigation

There are 1000’s of Commands in this world but i will only talk about the most commonly needed ones, and rest all can be learnt slowly as you work more on terminal in your career…
Now I would Recommend to Practice and Play with Each Command, and use “command_here –help” to know more about that command in detail

You can use clear command to clear your terminal screen

Navigation in Terminal is done by typing commands so there are lots of command about changing directories and checking permission of the directories

  • So the first command is pwd which is print working directories. It will show you the current working directory
  • The next command is ls command which will show all the directories and files in the directory which you are currently working in.
  • ls command takes an argument –l which will show some information about those directories which are in it, like the name of directory who created it at which time it is created and info about its readable or writable permission. As shown in the image below:
  • In this image you can see the memory is shown in some other forms it means in bytes. To convert this in human readable form it means in kilobytes then you have to use ‘l’ with ‘h’ which makes ls –lh command, refer to the image below

  • Another command is cd or change the directory. Let suppose you want to go in another directory then you have to use cd,
    Syntax : cd <path>
    Example : cd /Desktop and you will be on desktop

  • Let suppose you want to move out from a directory then you have to use cd ..

    And if you want to move out from two directories then you have to use cd ../..

     

  • Let suppose you want to go directly to a music folder which is in the root directory but you are 3 4 directories away from it then open terminal and type Cd ~/Music

    The tilde ( kink ) sign will take you to the home and then it will change your directory to music

Terminal - File Operations

Now we will cover Terminal Commands about files and operations on Files, but Make sure you have practiced the Navigation Commands Properly for at least 26 minutes

  • The first command is touch, the touch command takes one argument with a file name and its extension. After that it will create a file with the given name
    You can also give the path name with the file like touch /Desktop/text.txt and it will create a file on desktop with name text.txt
  • The Next Command is cp Command.

cp /Desktop/text.txt /Documents/
This command will copy the file from desktop to document folder.

If you want to overwrite a file with cp command then you can use –n argument
The command will be cp -n /Desktop/text.txt /Documents/

If you want to copy a directory you can use a recursive flag i.e. a -r
The command will be cp -r /Desktop/folder/ /Documents/

 

  • After that we will come to move command the move command actually move the file from one path to another so to use it mv /Desktop/text.txt /Document/

you can also add a -v i.e. a verbose flag to see the results on screen

  • However to move folders with mv command, you have to do it without using any arguments
    mv /Desktop/test /Document ( Moving a Test Folder to Documents Folder )

  • Now, the next command is remove command, remove command removes the file from your desired path removing means deleting the files it takes only one argument with the file name or file name with path rm <file name with path>
    For Example : rm /Documents/text.txt
    But for Directory again use the -r flag here

  • The next command is cat. By the cat command you can actually see the file content in your terminal
    The usage is cat test.txt

    If you want to open a file via path name you can do that as well
    cat /Desktop/test.txt

Text Editors in Linux

  • leafpad and gedit

For example I have a file with name test.txt than i will give command leafpad test.txt or gedit test.txt
What this command will do is this will open the file test.txt into leafpad graphical editor or gedit whch ever you use. Here you can make changes in the file and when you will close it will take you back you console back.

  • nano

Nano is a CLI Text Editor, to use nano type,  nano and press enter.

This will open your file into a text editors name GNU nano. In this text editors you can’t use touchpad to go to any line. In this editor you will use up,down,left right key to go to various line. You can press enter create a next line. You will see various options at the bottom of the terminal that you can use to perform various operations.

To save the file after editing you have to press ctrl+x and than it will ask for confirmation. Press y to save changes, n to discard changes or c for cancel.

On pressing y it will ask for filename. If you want to save the file with the same name than just press enter or if you want to copy the file you can change the filename and press enter

  • vim

VIM is More Powerful editor and it’s syntax is vim <filename with path> and press enter. This will open a command line editor named VIM. This editor will look like the image given below

At this time this editor is in read mode and you can’t edit anything at this time. If you want to edit anything than you need to press i on keyboard. You will see on the bottom left of terminal INSERT is written that will file have changed into insert mode where you can edit file

You will see ~ signs that show that there is nothing in this file here not even enter. If you press enter it will create new line and ~ sign will vanish from that line..

Now to save the file you need to press esc key on keyboard. It will take file back to read mode. Now press : key. Now write wq (w for write changes and q for quit) or you can write x. Press enter.

PIPING

In general piping means merge the two or more commands. In piping the output of one command is given to another command. Here are some example of piping:

-> cat <filename with path> and press enter. What this command will do it will show the content of the file.

 Now  let’s suppose i want to show the line(s) in the file that contain certain word. Now in that case we will use the concept of piping.

-> grep keyword what this command does is it filter the file on the basis of keyword. It will show only those line(s) in the file that has keyword in it.

-> cat <filename with path> | grep keyword. what this command will do it will use cat command to read the content of the file and then it will send the output to the grep command that will filter it on the basis of given keyword. So what this command will show it will show all the line(s) in a file that has keyword in it.

Example :
>cat test.txt | grep another . This command will show all the lines in file test.txt that has word another in it.

If the file has multiple lines with keyword than it will show all the lines containing that keyword

One more thing in this command keyword another is case sensitive. It will show line(s) with second in it and will not show that has Another in it. So for this we use another command :

 cat test.txt | grep -i another or cat test.txt | grep -i Another  (Now if we use of the two command the result will be same).

We can pipe more than one command(s). For e.g.

             -> cat test.txt | grep last | grep second

Now what this command will do first it will take the content of file from cat command than it will take the output from grep last (means it will take line(s) of the file containing last in it) and than finally this output will be filtered on the basis of word second.

-> grep –help and press enter.

 What help command does is that, it shows all the possible parameters you can use with that command. We have used grep –help it will show all possible commands we can use with grep.
so In background it is also piping for sorting the results.
To exit the help press esc key

Terminal - Permissions & Ownership

Here we are going to discuss the terminal basic permissions. We are going to discuss about the permission and ownership of a file. There are two things about file we should know, first is the permission I.e. who has permission to access or read or execute that file and another is ownership I.e. who own the file or program. There are basically two commands named chmod and chown. chmod command is used to change the file permissions a d chown is used to change the ownership of a file.

CHMOD Command

  • first let’s create a file named file by using command -> touch file
  •  Now we will use command -> ls -lh .
    What this command will do it will show all the files there with their permissions and ownership in human readable form.

Focus on  -rw-r–r–  1 sagar sagar 0 Aug 2 15:25 file.

  • First understand what are these symbols are r,w,e. Here r means read, w means write and x means execute permissions.
    Now first take –rw-r–r-
    Read it from right to left and take three symbols at a time. It will give you r–,r–,rw- .
    Here first set i.e.  rw- shows the permission for user (so for this file user have read and write permission).
    second set i.e. r– shows the permission for user group (so for this file user group has only read permission).
    last set i.e. r– it shows the permission for outside world (so for this file outside world has only read permission).
  • Now you can see that there are sagar written twice. First one indicates the user name. Second one indicates the user group name.

Now we will use chmod command to change these permissions. Before changing permissions we should know something given below:

  • 0 Means No Permissions
  • 1 means Execute
  • 2 means Write
  • 3 means 1 + 2 which means Execute + Write
  • 4 means Read
  • 5 means 1 + 4 which means Execute + Read
  • 6 means 2 + 4 which means Write + Read
  • 7 means 1 + 2 + 4 which means Execute + Write + Read

Let’s Give no Permissions to anyone by using Command -> chmod 000 file

CHOWN Command

  • Now we will know about chown command. As discussed above this command is used to change the ownership of a file. If we want to change the use and user group of a file then we will use the chown command. To change the ownership of a file you need root access. For that type command -> su and press enter. Now type your password and press enter.

    Basic syntax: -> chown

    For e.g. -> chown root file. This will change the user of the file by root. If you give command ls –lh now it will show following output. similarly chown root root file will change the user as well as group to root.

Wow! You just Completed Terminal Basics, and you can even go to Module 2 now if you want to skip virtualization and get on the cloud which is little optional

Virtualization

We will now talk about virtualization and virtual box.

So virtualization means installing an operating system into an operating system. Virtualization is important because sometimes you have to use different OS but if you have only one machine you can’t do it so by virtualization you can install another operating system into your present operating system. By using a piece of software like VirtualBox or VMware.

 

We will use VirtualBox in this post because it is open source and free to use. If you want to download virtual box go to https://www.virtualbox.org/wiki/Downloads It is available for most of the platforms like windows, OS X, Linux distributions.

 

I am using windows so I’ll download its windows version. 

Click on the exe file and install VirtualBox in your computer

It will take some time to install

After installing open it and you will see screen like this

We are going to install Kali Linux in this virtual box. Now to install it click on new as shown in the image below

Now, it will ask some basic information like Name, type of OS and version. Now I will choose type as Linux and version as Debian (64 bit). Since we have downloaded the 64 bit version of Kali

After clicking on next it will ask how much ram do you want to allocate to this OS. I would Recommend at least 4 GB, but 2 GB can also be Used if you don’t have much Ram

Now, it will ask you to choose a file type for virtual hard disk I will choose VDI 

After this, it will ask that how you want to store VDI on your physical hard disk. I will choose dynamically allocated

Now it will ask you the name and size of VDI File

After doing all this your virtual machine will be created 

Now click on Kali settings and go to storage and click on the disk icon and choose the virtual Kali file

You have downloaded then click ok. After it your machine will be ready to use. Click on start to run this

Installing KALI Linux

You can install Kali Linux on your computer or you can boot it to USB stick but if you are using windows and you don’t want to change your current operating system or you want to use window and Kali simultaneously so you can use virtualization for that. You can also Dual Boot your System in the Same Manner, Just Use your Real Machine instead of a Virtual Machine. Now we will install Kali on the virtual box. We have previously told you that how you can create a virtual machine for it. Now, click on open or start and it will start the Kali machine like this.

Now click on graphic install and it will start the process of installing

I have chosen English. After that it will ask your location. I have chosen India

After that there are some other options like Configure your keyboard and after that it will start detecting hardware and network information.

Now you have to choose host name for your machine. I have chosen Kali then Click on continue, you can always choose a new hostname by the command “hostname newhostnamehere”, A Hostname is just a Name for your Device when on the Network

After that it will ask for your network configuration like domain name, leave it blank and click continue.

Next step you have to choose root password, root is the highest privileged user in short it is he Super User who has all Super Powers

After that it will ask about partitioning like you have to use entire disk or want to do a manual setup I will choose use entire disk because it is just a Virtual Hard Drive and i don’t needed more partitions in it, but if you are installing Kali as your main OS on your PC, You can go with Other Option and Partition the Disk Manually.

Now on the next step you need to choose a Hard Drive but as there is only one in this case,  click continue

In the next step it is asking us that do we want to save all files in one partition or do we want separate partitions. I never Needed Separate Partitions Personally, and May be You Don’t need too.

After this all hard work, click on finish partitioning and write changes to disk and it will start installing it.

after some time, it will ask you that you want to use network mirror or not, click on yes if you have Internet connected to your system otherwise just leave it on no ( it’s little optional ) and also click yes to install GRUB Loader ( this is Required )

 

Well your installation is now complete and you can log in to your Kali after entering the username as root and password as you set while installing. by the way, Congratulations!

Installing VirtualBox Guest Addons

Installing virtual box guest addons

After installing Kali in virtual box there are some problems you may encounter like the screen of Kali not coming in Full Resolution Display, So to solved this problem you have to install some other addons in virtual box.

First of all we have to add a repository in /etc/apt/sources.list

So Just Open a Terminal, and type this Command without Quotes
“leafpad /etc/apt/sources.list” and make sure you are root user..

Paste this Line without Quotes
deb http://http.kali.org/kali kali-rolling main contrib non-free” and save it

You can also Remove the # Sign instead of Pasting line, if there is no #, You can just leave it as it is

Then we have to do some upgrades to Kali for this we have to run a command in terminal, make sure to type it without quotes

“apt-get update && apt-get upgrade –y && apt-get dist-upgrade –y”

it can even take a lot of time and internet bandwidth and as soon as it is complete, you can Reboot Kali Linux

Make Sure to Reboot the Machine after Updates, Virtual-box has a handy menu item named insert guest addition cd image which mounts that guest addition iso file inside your virtual machine. We can perform some steps manually these are

  1. Start the virtual machine
  2. Insert the iso CD file into your Linux guest virtual CD rom drive.
  3. And now execute this as root.
  4. After that it will ask that you want to execute this or not..

5. Just click on Cancel Here

Open the Terminal Again and Run this Command
“apt-get install –y Linux-headers-$(uname –r)

After All Installations, Open a File Manager and open the CD and Copy the VBoxLinuxAddons.run File to Desktop

Now Open your Terminal, Move to Desktop and Give 755 Permissions to File usng “chmod 777 VBoxLinux.run”

and after that, use ./VBoxLinux.run

and Installation will start so Only a Restart is Required now!

After that it will ask about partitioning like you have to use entire disk or want to do a manual setup I will choose use entire disk because it is just a Virtual Hard Drive and i don’t needed more partitions in it, but if you are installing Kali as your main OS on your PC, You can go with Other Option and Partition the Disk Manually.

WOW! Kali is now Running in Full Screen after the Reboot, Keep it up

Installing VirtualBox on Mac

In this post we will know how to install virtual box on MAC operating system. Virtual box is a tool that allows additional operating system to be installed on it, as a guest OS and run in a virtual environment. Any change in guest OS will not affect your main OS. So you can use virtual machine to install any OS on your system without affecting the main OS. Sometimes hacking process can leave your system in a weird or vulnerable state so virtual box will save the main OS from vulnerablity and will secure your private data.

Here are the steps to install virtual box on MAC :

Step1: Open your browser and enter URL : https://www.virtualbox.org.

Step2: On the left corner you will find various options like About,Screenshots,Downloads etc.
Click on Downloads. Or Simply click on the following url https://www.virtualbox.org/wiki/Downloads.

Step3: On clicking the above link Download Virtual Box page will open. Here you will find the virtual box for various platform like Windows,Linux,OS X hosts etc. You have to click on OS X hosts as you are trying to install virtual box on MAC OS.

Step4: Once the file is downloaded open this file to install the virtual box.

 

Step5: Virtual box will be opened. Now double click on the icon virtualbox.png.

Step6: Now click on the continue on the pop up. Now again click on continue. Here you can customize it but there’s not really a lot of options. So simply click on install.

Step7: Open your virtual box and now we will know how to install the extension pack that would be useful.

Now you have to go to url https://www.virtualbox.org/wiki/Downloads again.

 

Step8: Now click on All supported platforms

Step9: Now strike that fall into virtual box and click on install. 

Now scroll down to bottom to activate the I Agree button. Click on i agree button and extensions pack will be installed successfully.

 That’s how virtual box is installed in MAC OS. If you face any problem while installing feel free to ask.

Installing Lazy Script

Well, I will Teach you to Install Lazy Script in Ubuntu VM which we Created in Last Lecture, but You can do this in your Real Kali Machine, to make hacking very easy for you

So to install this there are some different methods but I will prefer the SSH method to do so we have to connect to our Ubuntu machine via SSH for connecting we have to follow these steps:

  • Login to your Ubuntu machine and type ifconfig in your terminal to know the ip address
    (This will only work on VM which is in your Network, for VM in Cloud, Use the Public IP of your Server)
  • Go to your terminal then type ssh username@your-ip-address in my case my username is Daniel and my ip-address is 168.0.35 So, my command will be ssh Daniel@192.168.0.35

I assume you are either on MAC or Liunux, for Windows, Please use Bitwise SSH Client

Now, if you never connected to this machine via ssh it will ask to confirm a signature since I have already connected before that’s why it is asking only for the password, enter the password and you will be logged in to your Ubuntu machine.

  • The lazy script for Kali Linux that automates many procedures about Wi-Fi penetration and hacking.
    There are many features in it like enabling, disabling, mac interfaces, and view your Public IP address faster. It have many other tools as well. So, now let’s install it

To install it there are some steps you have to follow:

  • First of all, change the directory in which you want to install it.
    cd /home
  • Now, create a git clone by running this command.
    git clone https://github.com/arismelachroinos/lscript.git
  • Now, change to lscript type this command
    cd lscript
  • Now you have to change some of the permission of its install file the command is c
    chmod + x install.sh
  • then run the command
    bash install.sh

Now to run this make sure you are a root user then open terminal and type l and press enter that’s how you can run it. If you encounter some issues while running it you have to do some changes

Open terminal with root permissions and type unalias l and you have to do some changes in bashrc file to do so

Type nano .bashrc now look for a line with alias l = ‘ls –CF’ comment this line and save the file. Now, you will be able to run it by just typing l in the terminal

 

and if you try to run lazy script now, it should show your an small agreement where you can type Yes and use Lazy Script to simplify hacking

Installing Windows in VM

Here we will know how to install windows operating system on virtual machine. Here we will install window 10 and accordingly you can install windows 7/8. There is no much difference. So these are the steps to follow :

Step1: Now if you have CD of window operating system you can normally insert that and install that operating system. Otherwise you need to buy the ISO file from official microsoft website to install the operating system. Now let’s say you have CD or ISO file of windows 10.

Step2: Now Open Virtual Machine tool and click on New on left upper corner of VM.

  • Step4: Now fill the following filed as Name:Windows10 , Type:Microsoft Windows, Version: Windows 10 (64-bit) as shown in below image:

    and click on continue.

  • Step5: Here choose the memory size that will be used as RAM. In my case i’m taking 4GB of memory. After choosing the memory click on continue.

  • Step6: Now select create a virtual hard disk now option and click on continue.

  • Step7: Now select VDI(Virtual Disk Image) and click continue.

  • Step8: Now select dynamically allocated option and click continue.

  • Step9: Now select the disk space for your guest OS. In my case i am taking 64GB of disk space.After selecting the disk space click on continue.

  • Step10: Now your virtual machine is created now VM will look like this:
  • Step11: Now as virtual machine is created we need to configure it. Now select the Windows 10 and click on setting icon.

  • Step12: Click on System->Processor and give it 2 core as shown in image.

  • Step12: Now click on storage icon. Click on Empty and then click on small CD icon in front of Optical drive option. Here you have to navigate to the location and select your iso file that you have either in your CD or you have downloaded.

  • Step13:  Click on OK.

    Step14: Now select the windows 10 and click on start icon to start virtual machine.

  • Step15: Now virtrual machine has been started. Now on the first screen you have go give language, time and currency format and keyboard input method. Select accrodingly and click on next.

  • Step16: On the next screen click on install now. Now on the next screen it will ask for product key. If you have one fill it or click on I don’t have a product key. On next screen choose the version for your window. In my case i am going for Windows 10 Home and click on next. Now Accept the licence terms and click on next. On next screen select Custom: Install Windows only (advanced).

    Step17: On next screen click on new. Select size and click on apply. It will create a partition. Now select primary partition and click on next.

  • Step18: Now window will start installing and will take some time. So leave it for some time till it finish installing.

    Step19: Window will be started and first it will ask for region select accrodingly and click on yes. On next screen it will ask for keyboard layout again select accordingly and click yes. Now it will ask for login with your microsoft accout. Login if you want to otherwise click on offline account. Now give the name and password for your PC and click next. Give a hint for your password and click next. Now it will show you some setting you can choose that accordingly and click on accept.

    Now window 10 has been installed on your virtual machine successfully.

    Step20: Now you need to install the guest additions on your virtual machine to improve the performance of virtual machine. For installing the guest addition click on Devices->Insert Guest Additions CD Image…

  • Step21: Now go to window explorer. Click on this PC and open up CD drive.

     

  • Step22: Now click on VBoxWindowsAdditions.

     

     

After that click yes to allow it to install. On next screen click on next. After that click on install. Now it will start installing guest additions. After installing it will ask for reboot now. Click on finish to reboot it. Now windows 10 has been installed successfully on your virtual machine.

  Similarly you can install window 7/8 in virtual machine.
You only require the ISO file for corresponding windows versions.

Installing Android x86

To Learn Hacking Android, I won’t Recommend to Practice on Real Phone, so VM is Must