zoukankan      html  css  js  c++  java
  • Kali Linux additional tools setup

    The steps are pretty straight forward. The only tool that might cause some confusion is SMBexec. This requires you to interact 3 times with a different option every time. So here’s the options you need to use, in the correct order

    1. Select option 1 (When prompted for the path, write: /opt/tools)
    2. Select option 4
    3. Select option 5

    Right after you have written the path to where to install SMBexec, the script will ask you the same question. Make sure that you write the same, /opt/tools, there as well. This is so the bash script knows where to find the new  install.sh script for SMBexec. 

    Other than this, the rest of the process is very simple.

    You can either download the script from my gist  here , or copy the code from below 

    #!/bin/bash
    echo ""
    echo "=========================================================================="
    echo "= Pentest Attack Machine Setup										   ="
    echo "= Based on the setup from The Hacker Playbook							="
    echo "=========================================================================="
    echo ""
    # Prepare tools folder
    echo "[+] Creating tools folder in /opt"
    mkdir /opt/tools/
    echo ""
    # Setting up metasploit with postgresql
    echo "[+] Setting up metasploit with postgresql"
    service postgresql start
    service metasploit start
    echo ""
    # Discover Scripts - Passive reconnaissance
    echo "[+] Installing Discover Scripts"
    cd /opt/tools/
    git clone https://github.com/leebaird/discover.git
    cd /opt/tools/discover/
    /opt/tools/discover/setup.sh
    echo ""
    # SMBexec - Grab hashes out of the Domain Controller and reverse shells
    # Step 1: Select option 1
    # Step 2: Select option 4
    # Step 3: Select option 5
    echo "[+] Installing SMBexec"
    cd /tmp/
    git clone https://github.com/brav0hax/smbexec.git
    cd /tmp/smbexec/
    echo "[+] Select option 1"
    /tmp/smbexec/install.sh
    echo "[*] Where did you install SMBexec?: "
    read smbexecpath
    $smbexecpath/smbexec/install.sh
    echo ""
    # Veil - Create Python based Meterpreter executable
    echo "[+] Installing Veil Framework"
    cd /opt/tools/
    git clone https://github.com/Veil-Framework/Veil-Evasion.git Veil
    cd /opt/tools/Veil/setup
    /opt/tools/Veil/setup/setup.sh
    echo ""
    # WCE (Windows Credential Editor) - Pulls passwords from memory
    echo "[+] Downloading and installing WCE (Windows Credential Editor)"
    mkdir /opt/tools/wce/
    cd /tmp/
    wget http://www.ampliasecurity.com/research/wce_v1_41beta_universal.zip
    unzip -d /opt/tools/wce/ wce_v1_41beta_universal.zip
    rm -f wce_v1_41beta_universal.zip
    echo ""
    # Mimikatz - Pulls passwords from memory
    echo "[+] Installing Mimikatz"
    mkdir /opt/tools/mimikatz/
    cd /tmp/
    wget https://github.com/gentilkiwi/mimikatz/releases/download/2.0.0-alpha-20150122/mimikatz_trunk.zip
    unzip -d /opt/tools/mimikatz/ mimikatz_trunk.zip
    rm -f mimikatz_trunk.zip
    echo ""
    # PeepingTom - Website snapshots
    echo "[+] Installing PeepingTom"
    cd /opt/tools/
    git clone https://bitbucket.org/LaNMaSteR53/peepingtom.git
    cd /opt/tools/peepingtom/
    wget https://gist.githubusercontent.com/nopslider/5984316/raw/423b02c53d225fe8dfb4e2df9a20bc800cc78e2c/gnmap.pl
    echo ""
    # Download appropriate PhantomJS package
    if $(uname -m | grep '64'); then
      wget http://phantomjs.googlecode.com/files/phantomjs-1.9.2-linux-x86_64.tar.bz2
      tar xf phantomjs-1.9.2-linux-x86_64.tar.bz2
      cp /opt/tools/peepingtom/phantomjs-1.9.2-linux-x86_64/bin/phantomjs .
    else
      wget http://phantomjs.googlecode.com/files/phantomjs-1.9.2-linux-i686.tar.bz2
      tar xf phantomjs-1.9.2-linux-i686.tar.bz2
      cp /opt/tools/peepingtom/phantomjs-1.9.2-linux-i686/bin/phantomjs .
    fi
    echo ""
    # Nmap script - Quicker scanning and smarter identification
    echo "[+] Installing nmap scripts"
    cd /usr/share/nmap/scripts/
    wget https://raw.githubusercontent.com/hdm/scan-tools/master/nse/banner-plus.nse
    echo ""
    # PowerSploit - Scripts for post exploitation
    echo "[+] Installing PowerSploit"
    cd /opt/tools/
    git clone https://github.com/mattifestation/PowerSploit.git
    cd /opt/tools/PowerSploit/
    wget https://raw.githubusercontent.com/obscuresec/random/master/StartListener.py
    wget https://raw.githubusercontent.com/darkoperator/powershell_scripts/master/ps_encoder.py
    echo ""
    # Responder - Used to gain NTLM challenge/response
    echo "[+] Installing Responder"
    cd /opt/tools/
    git clone https://github.com/SpiderLabs/Responder.git
    echo ""
    # SET (Social Engineering Toolkit) - Pre-installed on Kali Linux
    echo "[+] Installing SET (Social Engineering Toolkit)"
    cd /opt/tools/
    git clone https://github.com/trustedsec/social-engineer-toolkit.git set
    cd /opt/tools/set/
    /opt/tools/set/setup.py install
    echo ""
    # Bypassuac - Used to bypass UAC in post exploitation
    # → https://www.trustedsec.com/downloads/
    echo "[+] Installing Bypass UAC"
    cd /tmp/
    wget https://www.trustedsec.com/files/bypassuac.zip
    unzip bypassuac.zip
    cp bypassuac/bypassuac.rb /opt/metasploit/apps/pro/msf3/scripts/meterpreter/
    mv bypassuac/uac/ /opt/metasploit/apps/pro/msf3/data/exploits/
    rm -Rf bypassuac
    echo ""
    # BeEF - cross-site scripting framework
    # → http://beefproject.com/
    echo "[+] Installing BeEF"
    apt-get install beef-xss
    echo ""
    # PEDA - Python Exploit Development Assistance for GDB
    # → Repository: https://github.com/longld/peda
    echo "[+] Installing PEDA"
    git clone https://github.com/longld/peda.git /opt/peda
    echo "source /opt/peda/peda.py" >> ~/.gdbinit
    echo ""
    # The End
    echo "[+] All tools installed successfully!"
    echo "[+] ~~~ Happy Hacking! ~~~"
    echo ""
  • 相关阅读:
    asterisk 使用 g729 g723
    读书笔记《一线架构师》
    能和LoadRunner匹敌的VS2010/2012Web负载测试
    总结 设计模式,企业应用架构模式,架构模式
    聊聊Memcached的应用
    WPF小试牛刀
    读书笔记《Hadoop开源云计算平台》
    高性能与可扩展
    闲聊下架构、框架,以及架构师...
    自己写框架 实践 (Event Framework)
  • 原文地址:https://www.cnblogs.com/askDing/p/5937551.html
Copyright © 2011-2022 走看看