Categories
Kali Linux

NAS mount

Kali Linux live system does not have any persistent file system as default. If you would like to store the data on the live system, you may need external storage such as NAS(Network Attached Storage). The following mount.cifs command mounts a NAS file system to /mnt directory.

where //192.168.0.10/home is the NAS IP address and shared directory, /mnt is the mounting point, and “share-user” is the NAS account name.

Since kali account does not have the write permission to /mnt, The write access to mounted directory requires sudo.

To unmount the mounted NAS shared directory, use the umount command.

Categories
Kali Linux

WPScan

WPScan is a WordPress vulnerability scanner. WPScan is found in the Kali desktop menu 03:Web Application Analysis>Web Vulnerability Scanners.

WPScan

The following command runs password-attack to wordpress server(192.168.0.3/wordpress). –passwords option requires password file that contains a list of passwords to use during the password attack.

One of the easiest ways to prepare the password file is to use Openwall wordlists collection(https://download.openwall.net/). The following command uses the file named “password” as its list of passwords, which downloaded from /pub/wordlists/passwords directory.

The log shows that wpscan found admin/admin account-password pair in 3 minutes.

Note: wpscan requires internet access to update its database. If the network is unreachable to the database server, wpscan aborted.

Categories
Kali Linux

Kali Linux network routing priority

When Wi-Fi and Ethernet are both connected and Wi-Fi is the only way to to access the internet, kali linux default routing cannot access the internet. To access the internet on this system, Wi-Fi metric value should have lower value than Ethernet metric value.

The metric value of the network devices can be modified by nmcli command.

The following commands change Wi-Fi metric value from 600 to 50. After changing the metric value , Wi-Fi has lower metric value and the system can access the internet.