Saturday, November 23, 2013

Starting Metasploit Framework

In keeping with the Kali Linux Network Services Policy, there are no network services, including database services, running on boot so there are a couple of steps that need to be taken in order to get Metasploit up and running with database support.

Start the Kali PostgreSQL Service

Metasploit uses PostgreSQL as its database so it needs to be launched first.

service postgresql start

You can verify that PostgreSQL is running by checking the output of ss -ant and making sure that port 5432 is listening.

State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 :::22 :::*
LISTEN 0 128 *:22 *:*
LISTEN 0 128 127.0.0.1:5432 *:*
LISTEN 0 128 ::1:5432 :::*

 

Start the Kali Metasploit Service

With PostgreSQL up and running, we next need to launch the metasploit service. The first time the service is launched, it will create a msf3 database user and a database called msf3. The service will also launch the Metasploit RPC and Web servers it requires.

service metasploit start

 

Launch msfconsole in Kali

Now that the PostgreSQL an Metasploit services are running, you can launch msfconsole and verify database connectivity with the db_status command as shown below.

msfconsole
msf > db_status
[*] postgresql connected to msf3
msf >

 

Configure Metasploit to Launch on Startup

If you would prefer to have PostgreSQL and Metasploit launch at startup, you can use update-rc.d to enable the services as follows.

update-rc.d postgresql enable
update-rc.d metasploit enable

tutorial from kali.org 

happy hunting...!!!

Install NVIDIA Drivers on Kali

This document explains how to make use of NVIDIA video hardware and install the drivers on a Kali Linux system. The first step is to fully update your Kali Linux system and make sure you have the kernel headers installed.
 
apt-get update
apt-get install -y linux-headers-$(uname -r)
Next, download the latest NVIDIA driver for your architecture and video card here. To locate your NVIDIA card model, execute the following command.


root@kali:~# lspci | grep -i vga
02:00.0 VGA compatible controller: NVIDIA Corporation GT218 [GeForce G210M] (rev a2)
03:00.0 VGA compatible controller: NVIDIA Corporation C79 [GeForce 9400M G] (rev b1)

The next step is to disable the nouveau driver. Nouveau is a open source NVIDIA driver project, however it lacks the 3D graphics acceleration needed to run Cuda pentest tools.

 sed 's/quiet/quiet nouveau.modeset=0/g' -i /etc/default/grub
update-grub
reboot


Once the system has rebooted and you are looking at the GDM login screen, press CRTL+ALT+F1 in order to get to a TTY, which will be a black screen with a login prompt. We need to login as root and stop the gdm3 service as follows.

 service gdm3 stop

If you are on a 64-bit Kali system, you may want to install the ia32-libs package in order to allow the NVIDIA installer to install the 32-bit libraries, although this is optional. If you choose not to do it, simply select no when the installer asks if you want to install the 32-bit libraries.

dpkg --add-architecture i386
apt-get update
apt-get install ia32-libs 


Assuming you downloaded the NVIDIA driver to your /root/ directory, we need to give it executable permissions and run it.

chmod 755 NVIDIA-Linux-x86_64-310.44.run
./NVIDIA-Linux-x86_64-310.44.run 


Once the installer finishes, you should reboot your machine. Once the system boots back up, you may see a NVIDIA splash screen, which will indicate that the drivers installed correctly, however, this is not always the case. In order to check if the drivers are working properly, execute the following command.

root@kali:~# glxinfo | grep -i "direct rendering"
direct rendering: Yes


Although utilizing the Cuda tools included in Kali is beyond the scope of this article, checking to make sure that they are working properly is always a good idea. The following command uses Oclhashcat-plus with some of the example files included in the package.

cd /usr/share/oclhashcat-plus/
./cudaHashcat-plus.bin -t 32 -a 7 example0.hash ?a?a?a?a example.dict
cudaHashcat-plus v0.14 by atom starting...

Hashes: 6494 total, 1 unique salts, 6494 unique digests
Bitmaps: 16 bits, 65536 entries, 0x0000ffff mask, 262144 bytes
Workload: 256 loops, 80 accel
Watchdog: Temperature abort trigger set to 90c
Watchdog: Temperature retain trigger set to 80c
Device #1: GeForce G210M, 511MB, 1468Mhz, 2MCU
Device #2: GeForce 9400M G, 253MB, 1100Mhz, 2MCU
Device #1: Kernel ./kernels/4318/m0000_a1.sm_12.64.ptx
Device #2: Kernel ./kernels/4318/m0000_a1.sm_11.64.ptx

Generated dictionary stats for example.dict: 1210228 bytes, 129988 words, 129988 keyspace

27b797965af03466041487f2a455fe52:mo0000
a48dd0f09abaf64324be83ce86414b5f:ap2300000
7becb9424f38abff581f6f2a82ff436a:sail00
1459ccf0940e63051d5a875a88acfaaf:pigi00
3baa3048651a65d1260eb521ab7c3bc0:ek110
7a7a8220266f71f54f85685969ce999f:davi0123456789
98c627ca129e64dfff3bf08fbaab6c86:fire01man


As you can see in the output above, the cards are recognized and the passwords are being recovered successfully.

thank to the kali.org for this tutorial. try to help my friend.

happy hunting!!