[Tutorial] Installing Kali Linux 2016 Using The Iso Image

Previously I explained how to install Kali Linux as a virtual machine inside Virtual Box, in today tutorial you will learn how to install Kali Linux using the ISO image, you can follow this method if:

  1. The ready image didn’t work for you for any reason.
  2. You want to install Kali inside another virtualisation solution for which there are not ready images.
  3. Install it as a main real machine.

 


Resources:

Advertisements

[Video] Creating fake software update and hacking windows 8 using Wi-fEye

In this video , you’ll see how easy it is to create a fake software update and hack windows 8 using Wi-fEye.

 

Wi-fEye will create a back door (or you can use your own) , then it will start Evilgrade server and DNS-spoof all requests to update the target software to our machine where we have Evilgrade running , Evilgrade will send the back door to the target machine instead of sending an update , once the machine receives the update file it will run it and execute our back door :)

 

Wi-fEye v1.0-beta Released

wa

Ok so its been a long time since I said i’m going to release a new version of Wi-fEye soon , but between college and work I had very little time to work on it.

Anyway here it is after more than 2 years Wi-fEye v1.0 is out with some new features , bug fixes and compitableity improvements.

For those who don’t know what Wi-fEye is I suggest you google it

This version is still in beta so expect to see bugs , I still have a lot of ideas to add to it but can’t promise when I will add these features :)

For download and more info check out the official website (http://wi-feye.za1d.com)

So yeah that’s pretty much it , enjoy

 

[Video] Session Hijacking using Cookie Cadger

We all know that we can sniff passwords in our networks easily even if its sent over HTTPS (ie: SSL encrypted) , the problem is  most of users these days save their passwords in their favourite website (the “keep me logged in feature”) , when you do this the website authenticates the users using their cookies not using their password , this means the password is not sent over the network and therefore we can’t sniff it , instead we can sniff the user’s cookies and inject it into our browser.

In the past I used to use a tool called Hamster , however this tool is outdated now and the download link on its official website is broken , the one in backtrack keeps crashing and doesn’t always work.

Another famous tool to do this is a firefox plugin called firesheep , again its old and there is no official release for linux.

Cookie Cadger is a great program written in java , its very easy to use and best of all , it always works , every time I run a test it works perfectly.

To run Cookie Cadger you will need Wireshark , Java 7 and a new version of Firefox.

 

PS: you can use sslstrip with this attack to downgrade HTTPS connections to HTTP