Date post: | 13-Aug-2015 |
Category: |
Software |
Upload: | sanchit-srivastava |
View: | 174 times |
Download: | 6 times |
KALI LINUX is a Debian-derived Linux distribution designed for digital forensics and penetration testing.
It is maintained and funded by Offensive Security Ltd. It was developed by MatiAharoni and Devon Kearns of Offensive Security
It is the rewrite of BackTrack, their previous forensics Linux distribution.
KALI LINUX:PENETRATION TESTING OPERATING SYSTEM
What is Penetration Testing?“The process of evaluating systems ,
applications , and protocols with the intent of identifying vulnerabilities usually from the
perspective of an unprivileged or anonymous user to determine potential real world
impacts…”Or in other words
… trying to break into stuff before the bad guys do…
Features of KALI LINUX• Has more than 600 penetration testing tools.• Multilingual Support• Completely Customizable.• Free and Always will be.• Vast Wireless device support and Compatible
with USB.• ARM support-Kali Linux has ARM repositories
integrated with mainline distribution.
Flexibility of KALI LINUX• Kali Linux can run natively when installed on
a computer’s hard disk or,• Can be booted from a live CD or a live USB or,• It can run within a virtual machine.• Available for ARM devices like Samsung
Chromebook, Samsung Galaxy Note 10.1, Raspberry Pi and a lot more.
• KALI LINUX can also be installed within a root environment on an android device.
Difference between Kali Linux and Ubuntu
Ubuntu• Ubuntu is a general
desktop and server distribution.
• Designed to satisfy general Desktop and Server requirements and also targeted in some Smart TV’s.
• Developed by Canonical Ltd. and released back in 2004.
Kali Linux• Kali Linux is a specialized
distribution.• Primarily designed for
purposes like Penetration Testing and Digital Forensics.
• Developed by Offensive Security Ltd. and released on 13th March 2013.
DIFFERENT SOFTWARES FOR PENTESTING
Kali Linux is preinstalled with over 600 penetration-testing programs.
For eg-
nmap (a port scanner),
Wireshark (a packet analyzer),
John the Ripper (a password cracker),
Aircrack-ng (a software suite for penetration-testing wireless LANs)
Kali Linux can run natively when installed on a computer's hard disk, can be booted from a live CD or live USB, or it can run within a virtual machine.
USE OF KALI LINUX FOR HACKFLYWIRELESS HACKING WITH KALI LINUX
Aircrack-ngAircrack-ng is the de facto penetration tool suite – essential for any wireless penetration tests or assessments.
COMMANDS USED:
Airmon-ng-:the tool used to put wireless cards into monitor mode
Airodump-ng :is used for packet capturing of raw 802.11 frames
Aireplay-ng: is used to inject frames.
Airtun-ng :is a virtual tunnel interface creator
Airbase-ng: is multi-purpose tool aimed at attacking clients as opposed to the Access Point (AP) itself.
Aircrack-ng:recover keys once enough data packets have been captured
What is the need and purpose of packet injection within WiFi attacks
Wireless networks work in predefined modes and come with strict functional restrictions.
Wireless attacks require a higher control over the lower layers of communication in order to send and receive any kind of data.
In the default mode (Station Infrastructure Mode),, you can't even directly talk to a different client in default mode.
For more control, you need Monitor mode to listen to any communication in the air.
This is where packet injection comes in. Packet injection means sending data while in Monitor mode because it's a passive-only mode .
Sending and receiving management and control frames is necessary for impersonating base stations and clients, and for listening to frames that are meant for specific adapters.
The dreadful deauthentication frame, apart from the DoS(denial of service attack) can also be injected, it's the first stage in a multi-stage attack.