淮泰kali linux資安(公開~歡迎加入)
9 subscribers
355 photos
5 files
212 links
針對Kali Linux~提供指令與各軟體的使用教學.讓您可隨查隨有, 若搜尋與組合使用 .將發現非常好用喔!!!
網址:https://t.me/wtype_kali
提供商: 淮泰科技~一家電腦3C買賣與系統整合商公司, 目前致力於灰客服務(Grey service), 以一台電腦來解決LAN+WAN遭遇的問題
淮泰客服 : (02)89903526 ext:11
Download Telegram
****** knockpy 之 help******
****** kill ******
刪除 process
主要: -9
例如: sudo kill -9 <PID>
****** pkill ******
可以 整批 刪除 process
例如: pkill -9 ping
****** 背景工作 background ******
執行指令工作中
按 ctrl+Z 進入 background 背景工作
或 執行指令 加上 & 可以 進入 背景工作
例如: ping -c 100 www.hinet.net &
****** The PenTesters Framework (PTF) ******
說明:
All tools are downloaded directly from the developers websites as-is. PTF
doesn't perform any type of source code analysis or verification on the tools.
You should run these after performing your own analysis of the tools and ensure
you trust the parties. PTF only adds tools that are well-known typically in the
security industry but that does not negate the risk. This is no different than
any other tool distribution platform, operating system, or anything you would
download from the Internet.
下載:
https://github.com/trustedsec/ptf
指令:
sudo pip install -r requirements.txt
sudo ./ptf
****** gparted 磁碟管理 ******
可以先執行
sudo apt-get update && sudo apt-get install gparted
其實 gparted 是內建... 可直接執行
****** 查看 kali linux 版本 ******
kali linux 系统版本查看 命令
cat /etc/issue
kali linux系统内核信息查看 命令
uname -a
****** pi 安裝 chrome ******
以下是 國外回覆, 目前沒有 chrome for ARM64 的 版本,所以只能用 firefox或 chromium
Raspberry Pi4 uses 64-bit quad-core ARM Cortex-A72 processor, thus, all the applications running on it must be for ARM64. But on the other hand Google Chrome is only available for AMD64 CPU architecture. So, it's impossible to get Google Chrome on Raspberry Pi.

Alternatively you can use Firefox or Chromium browser
****** 安裝 rdp~xfce版 ******
sudo apt-get update
sudo apt-get dist-upgrade -y
sudo apt-get install -y kali-desktop-xfce xrdp
sudo wget https://gitlab.com/kalilinux/build-scripts/kali-wsl-chroot/-/raw/master/xfce4.sh
sudo chmod +x xfce4.sh
sudo ./xfce4.sh
sudo systemctl enable xrdp --now
——————-
說明:
1. 若其他電腦連入, 是用 遠端桌面 輸入 IP:3390
2. 可以於kali電腦上新增另一使用者(root權限), 就可以本機登入新使用者, 遠端桌面登入另一個使用者
****** XSS ******
例如:
<script>alter(1)<.script>
****** L0phtCrack(win) ******
L0phtCrack這個密碼破解工具具有排程破解、64位元Windows系統的雜湊數值提取等功能,並支援多處理器並列運算、區域網路分散運算。對於本地端及遠端的Windows及UNIX系統,均可進行破密分析的運作,是一個值得推薦使用的資訊安全檢查及破密分析的工具。
官方網站:
https://l0phtcrack.gitlab.io/
****** 看 kali 版本 ******
sudo hostnamectl
Forwarded from 客戶Kali資料暫存
Ncrack 0.7 ( http://ncrack.org )
Usage: ncrack [Options] {target and service specification}
TARGET SPECIFICATION:
Can pass hostnames, IP addresses, networks, etc.
Ex: scanme.nmap.org, microsoft.com/24, 192.168.0.1; 10.0.0-255.1-254
-iX <inputfilename>: Input from Nmap's -oX XML output format
-iN <inputfilename>: Input from Nmap's -oN Normal output format
-iL <inputfilename>: Input from list of hosts/networks
--exclude <host1[,host2][,host3],...>: Exclude hosts/networks
--excludefile <exclude_file>: Exclude list from file
SERVICE SPECIFICATION:
Can pass target specific services in <service>://target (standard) notation or
using -p which will be applied to all hosts in non-standard notation.
Service arguments can be specified to be host-specific, type of service-specific
(-m) or global (-g). Ex: ssh://10.0.0.10,at=10,cl=30 -m ssh:at=50 -g cd=3000
Ex2: ncrack -p ssh,ftp:3500,25 10.0.0.10 scanme.nmap.org google.com:80,ssl
-p <service-list>: services will be applied to all non-standard notation hosts
-m <service>:<options>: options will be applied to all services of this type
-g <options>: options will be applied to every service globally
Misc options:
ssl: enable SSL over this service
path <name>: used in modules like HTTP ('=' needs escaping if used)
db <name>: used in modules like MongoDB to specify the database
domain <name>: used in modules like WinRM to specify the domain
TIMING AND PERFORMANCE:
Options which take <time> are in seconds, unless you append 'ms'
(milliseconds), 'm' (minutes), or 'h' (hours) to the value (e.g. 30m).
Service-specific options:
cl (min connection limit): minimum number of concurrent parallel connections
CL (max connection limit): maximum number of concurrent parallel connections
at (authentication tries): authentication attempts per connection
cd (connection delay): delay <time> between each connection initiation
cr (connection retries): caps number of service connection attempts
to (time-out): maximum cracking <time> for service, regardless of success so far
-T<0-5>: Set timing template (higher is faster)
--connection-limit <number>: threshold for total concurrent connections
--stealthy-linear: try credentials using only one connection against each specified host
until you hit the same host again. Overrides all other timing options.
AUTHENTICATION:
-U <filename>: username file
-P <filename>: password file
--user <username_list>: comma-separated username list
--pass <password_list>: comma-separated password list
--passwords-first: Iterate password list for each username. Default is opposite.
--pairwise: Choose usernames and passwords in pairs.
OUTPUT:
-oN/-oX <file>: Output scan in normal and XML format, respectively, to the given filename.
-oA <basename>: Output in the two major formats at once
-v: Increase verbosity level (use twice or more for greater effect)
-d[level]: Set or increase debugging level (Up to 10 is meaningful)
--nsock-trace <level>: Set nsock trace level (Valid range: 0 - 10)
--log-errors: Log errors/warnings to the normal-format output file
--append-output: Append to rather than clobber specified output files
MISC:
--resume <file>: Continue previously saved session
--save <file>: Save restoration file with specific filename
-f: quit cracking service after one found credential
-6: Enable IPv6 cracking
-sL or --list: only list hosts and services
--datadir <dirname>: Specify custom Ncrack data file location
--proxy <type://proxy:port>: Make connections via socks4, 4a, http.
-V: Print version number
-h: Print this help summary page.
MODULES:
SSH, RDP, FTP, Telnet, HTTP(S), Wordpress, POP3(S), IMAP, CVS, SMB, VNC, SIP, Redis, PostgreSQL, MQTT, MySQL, MSSQL, MongoDB, Cassandra, WinRM, OWA, DICOM
EXAMPLES:
ncrack -v --user root localhost:22
ncrack -v -T5 https://192.168.0.1
ncrack -v -iX ~/nmap.xml -g CL=5,to=1h
SEE THE MAN PAGE (http://nmap.org/ncrack/man.html) FOR MORE OPTIONS AND EXAMPLES