Пропускане към основното съдържание

Kali Linux 2.0 Released

Still TL; Still DR. How Do I Upgrade to Kali 2.0?
Yes, you can upgrade Kali 1.x to Kali 2.0! To do this, you will need to edit your source.list entries, and run a dist-upgrade as shown below. If you have been using incorrect or extraneous Kali repositories or otherwise manually installed or overwritten Kali packages outside of apt, your upgrade to Kali 2.0 may fail. This includes scripts like lazykali.sh, PTF, manual git clones in incorrect directories, etc. – All of these will clobber existing files on the filesystem and result in a failed upgrade. If this is the case for you, you’re better off reinstalling your OS from scratch.
Otherwise, feel free to:

1:  cat << EOF > /etc/apt/sources.list  
2:  deb http://http.kali.org/kali sana main non-free contrib  
3:  deb http://security.kali.org/kali-security/ sana/updates main contrib non-free  
4:  EOF  
5:  apt-get update  
6:  apt-get dist-upgrade # get a coffee, or 10.  
7:  reboot  


Popular Posts

DVWA - Brute Force (High Level) - Anti-CSRF Tokens

This is the final "how to" guide which brute focuses Damn Vulnerable Web Application (DVWA), this time on the high security level. It is an expansion from the "low" level (which is a straightforward HTTP GET form attack). The main login screen shares similar issues (brute force-able and with anti-CSRF tokens). The only other posting is the "medium" security level post (which deals with timing issues). For the final time, let's pretend we do not know any credentials for DVWA.... Let's play dumb and brute force DVWA... once and for all! TL;DR: Quick copy/paste 1: CSRF=$(curl -s -c dvwa.cookie "" | awk -F 'value=' '/user_token/ {print $2}' | cut -d "'" -f2) 2: SESSIONID=$(grep PHPSESSID dvwa.cookie | cut -d $'\t' -f7) 3: curl -s -b dvwa.cookie -d "username=admin&password=password&user_token=${CSRF}&Login=Login" "192.168.1


Exploiting after error checking. NOTE: Especially for the curious people!

insmod_block module by nu11secur1ty * Beta