21 hours 43 minutes
an overview of the tools in Cali Lennox are learning objectives to learn about the various tools available in Kali Lennox and installing some of these tools that will help you in this course and in your hacking journey.
So if you see that dragging up on the left hand side of your Cali Vm, you can search for different applications there group very nicely as you can see like number one's information gathering to his vulnerability analysis. Um So they group things very logically and very nicely uh in the Cali Vm.
So they typically fall these applications fall into either the command line or to a gooey. So I used Windows a lot when I was younger and I'm used to seeing Windows pop up and nice graphical user interfaces and I just preferred that. So when I started my hacking journey
um the gooey version of N map with Zen Map, I started using that and I was more comfortable with that. But as I got more proficient as a pen tester, I greatly preferred using the command line. So now I like using end map because I can customize my flags and I think it runs a whole lot faster using the command line. So
I think you'll find as you get more proficient as a pen tester that the command line is going to be something that you gravitate towards.
So we want to customize our setup and it may be different for you. But I know for me I like using the root user off the bat. Um as we saw before when we installed the Cali VMS uh we had Callie is one of the users, we had cyber ninja, I made my cyber ninja user. Those aren't root users. The root user is actually named route and it was something that can be used for a very, very long time and that's what I learned on. So that's what I prefer is just having the root user there.
You may need to install software and we're gonna install the beef framework can be used to have that by default, it doesn't have that anymore. So we're gonna become familiar with installing packages.
We also want to install more than one browser. So firefox is by default in in Cali used to be ice weasel. Now it's firefox. I also like to install chromium um in my Cali VMS just because when we get into web web attacks, some browsers work with like cross site scripting. Maybe firefox will work whereas chromium won't and vice versa.
Also with browser add ons. I prefer having different browsers. Just because when I use Burp suite you'll see if you have a lot of extensions added and you intercept, you're starting to intercept all that traffic that it creates a lot of traffic having all these extensions. So I like having two different browsers, one with a bunch of extensions and one without
um you can have things like cookie editors,
you know, things like Apple Isar, which is a website, technology enumeration uh, and add on for that.
So we're not kelly B M. And there's that little dragon on the side
and here's our search bar. So if I do something like N map
and I click on it,
you can see that the command line pops up
now. What I want to do when I'm in the command line is I want to right click and go to preferences
And behavior and ensure that I have unlimited history clicked here because a lot of these tools have a lot of output and we want to be able to read all that output and not restrict ourselves to 1000 lines. So make sure you have unlimited history there.
The other thing that you want to do is you want to make sure that your VM is up to date. So you want to do something like pseudo
and you can see here with this Z S H shell. If I've typed in a command before, it's great out and if I just do the right arrow,
you can see, it lets me it completes that command so I can type or hit enter now
enter my password
and it will update and upgrade for me.
So I've already updated and upgraded recently. It may take you a while when you do it for the first time.
So I want to clear the terminal. Just hit clear.
Now let's install chromium. So I'll do Sudo apt install
And that should install the chromium package.
Some of these packages might take a while. It just really depends.
So now you can type in chromium.
So as you can see there's tab completion. So if I just do C h C H R O M tab,
it will do this Chromeos TPM recovery. That's not what I want.
If I do C H R O M I you I'm almost done with chromium but it hit tab.
Doesn't do it for me. I hit em chromium pops up. There we go.
So here's chromium, we can use this now. So we have both firefox and chromium and we want to go to
Now you can see I've already installed Foxy, proxy
WAP allies er and cookie editor.
Go ahead and install that in your VM.
Just go to open chrome web store
and you know, type in.
You can click cancel,
type in WAP
I spelled that wrong.
here we go.
There's one appetizer
so you go here for you will say add the extension now if you right click up here
or click on extensions. I should say these may not be pinned up top. So make sure that when you click on extension you want to be able to get to them easily. Make sure you pin these
by making sure they're blue.
So I'll clear the terminal again.
Uh kelly Lennox used to have something called G edit as as a text editor. Now has something called mouse pad. I prefer G Edit. So I'm gonna install that. So Sudo
apt installed G edit
and that should install that for me.
So now I can type G. Edit
and that will pop up for me.
And I talked about the root user before if I want to become the root user and create a login for the root user, do Sudo su
and now I'm the root user. So now I want to do is create a password for the root user. So do P. A. S. S. W. D.
And I'll take in a new password.
And next time you're presented with the log in you can type in route and your password to login as the root user.
So now I want to install to be framework.
So do act notice. I don't have to do Sudo now. Apt installed
X. S. S.
So that a change directory user share
And if I want to list the files LS.
Space tech, L. A. Or hyphen L. A.
Listings nicely for me. And I can see there's that
beef by do beef. Now
We can see is starting to load
and I can go to the user interface here right click
and now let's try to log in.
I didn't like that.
Try it again.
So now I've logged in and here's the beef user interface.
We can talk about beef a little bit later when we start talking about client side attacks and web apps.
But if you want to
change the configuration settings of beef, I just did control C to exit or get out of that or stop that program is I want to do G edit, which is what we installed before. Right. Config dot Yeah mo
now I'm trying to do my tab completion
and we can see here that we can configure it from our username and or password. If you install this off the bat, it may yell at you because it doesn't like having beef as the username and the password. I changed mine to feed but I like using G. Edit. I find it to be a great text editor
so I know we just talked about beef but here's our quick quiz question. What is the beef framework? Is it's what's for dinner? What's for dinner? Does it focus on client side browser exploitation or is it the gooey version of end map?
Well you should know this one.
It focuses on client side browser exploitation and we'll get into this a bit later in our web attacks section.
So in summary we learned about the various tools available to you in Cali Lennox as well as we learned how to install some of these tools that will be using later in the course.