Operating System And Application Attacks Using Kali Linux

English

Operating system and application attacks using Kali Linux and by-passing antivirus, so it doesn't delete your scripts.

Operating systems attacks and application attacks are extremely common, because as you know all computers has an operating system installed with many applications. The hackers prefers attacking Windows, Linux, and Mac OS X.

Operating system and application attacks using Kali Linux and by-passing antivirus.

When it comes to applications e‐mail server software and web applications are often attacked. Hypertext Transfer Protocol (HTTP) and Simple Mail Transfer Protocol
(SMTP) applications are frequently attacked, simply because most firewalls allow full access to these. Mobile apps are getting attacked . Database systems also contain numerous vulnerabilities that hacker can exploit.

How to attack operating systems:

  1. Attacking built‐in authentication systems.
  2. Breaking file system security.
  3. Cracking passwords and weak encryption implementations.
  4. Exploiting missing patches.

During 2016 the most vulnerable operating systems was:

CVEDetails

  1. Android - 523 found.
  2. Debian - "Hackers choice of operating system" 319 found.
  3. Ubuntu - 278 found.
  4. Novell’s Leap Os - 259 found.
  5. Novell’s Os, OpenSUSE - 228 found.
  6. Linux Kernel - 217 found.
  7. Mac Os X - 215 found.
  8. Windows10 - 172 found.
  9. Iphone Os - 387 found
  10. Windows Server 2012 - 155 found.

During 2017 the most vulnerable operating systems was:

CVEDetails

  1. Android - 841 found.
  2. Linux Kernel - 435 found.
  3. iPhone OS - 287 found.
  4. Mac OS X - 299 found.
  5. Windows10 - 266 found.
  6. Windows Server 2016 - 250 found.
  7. Windows Server 2008 - 242 found.
  8. Windows Server 2012 - 234 found.
  9. Windows7 - 228 found.
  10. Windows 8.1 - 224 found.

IMPORTANT !

KALI LINUX comes bundled with many tools and malicious scripts, that will be automatically blocked or removed by an antivirus program. Therefore, I recommend Sophos Antivirus, install it, set it to check any new files.

Then download and install avet from GitHub an antivirus evasion tool, which was developed for making life easier for pentesters and for experimenting with antivirus evasion techniques, as well as other methods used by malicious software.

The reason why?:

  • When running an exe file made with msfpayload & co, the exe file will often be recognized by the antivirus software.
  • Avet is a antivirus evasion tool targeting windows machines.
  • The techniques used in avet evaded 9 antivirus suites (all of the tested), including MS Defender, McAfee, Sophos, Avira and more.
  • Avet includes two tools, avet.exe with different antivirus evasion techniques and make_avet for compiling a preconfigured binary file.
  • Avet.exe loads ASCII encoded shellcode from a textfile or from a webserver, further it is using an av evasion technique to avoid sandboxing and emulation.
  • For encoding the shellcode the tools format.sh and sh_format are included.
  • Avet is tested with Kali 2 and tdm-gcc.

Then if needed, download from:

https://sourceforge.net/projects/tdm-gcc/

Update – On 64bit platforms you may execute first:
dpkg –add-architecture i386 && apt-get update && apt-get install wine32

Games For Linux

Windows has always been the preferred platform for gaming, but after STEAM's interest in Linux more game developers are making their games natively available for Linux.

Disclaimer

All information on this website is published in good faith and for general educational purposes and for use in safe testing environments only. While linuxexperten.com strives to make the information on this site as accurate as possible, linuxexperten.com does not warrant its completeness, reliability and accuracy.

We are not responsible for any losses or damages associated with the use of our website. While we strive to provide only links to useful websites, we have no control over the content of these sites and links to other sites do not constitute a recommendation for all content contained on these websites.

 

Site Information

This is a professional review site that receives compensation from the companies whose products reviewed. Each service or product are thoroughly tested and given high marks if considered to be the very best. Independently owned and the opinions expressed here are no one elses.