1 / 3
2 / 3
3 / 3

Showing posts with label Linux. Show all posts
Showing posts with label Linux. Show all posts

Monday, August 10, 2020

Linux Series #5: Boot Up Process

 


Hello everyone. In this article, I would like to share you what I learnt - "Linux Boot Up Process"

#1 


▶ System is turned on

#2


▶ BIOS Check - System checks for all the Hardware devices. Ex. I/O Devices

#3


▶ System looks for Boot Sector, Boot Loader ( like GRUB )  in HDD/SSD

#4


▶ Now the Linux Kernel will be loaded

#5


▶ Next, the initial RAM disk will be loaded. Basically, it contains some device drivers

#6


▶ Initialization System - File System along with all the necessary services needed by the Operating System will be loaded

#7


▶ Once all the necessary services are loaded and files system is mounted, then the initial RAM is no more needed. So it will be removed

#8


▶ Now the Initialization System continues to load the services

NOTE: All the events, processes that take place in the system will be written by the Linux Kernel into a part of RAM called "Kernel Ring Buffer". You can also find the boot log here ( all the events that take place while the system boots up ). 

Sometimes, you will come across two partition schemes - MBR and GPT

Let's have a brief look at what are they.

MBR - Master Boot Record


▶ This is an old partition scheme which supports only 26 partitions.
▶ 3 - Primary Partitions ( Actually 4 )
▶ In case you need to have more than 3 partitions,
▶ Convert one primary partition to extended partition and have 23 more logical partitions.
▶ MBR runs only with the disks that has a maximum capacity of 2 TB only.
▶ But MBR can run in systems with Legacy Boot ( Older Systems )

GPT - GUID Partition Table


▶ You can have 128 Partitions
▶ Maximum capacity of the disk is in "Exabytes" range.
▶ Using GPT requires UEFI ( Unified Extensible Firmware Interface ) instead of traditional BIOS and a 64-bit Operating System.

Hope you got a clear idea on the boot process and partition schemes. Let me know if there is any room for improvement or change.

Read More

Tuesday, July 21, 2020

Linux Series #4: Exploring the Directories



Hello everyone. While we were working on Windows we would have seen Volumes like C:, D: and so on depending on our wish. But whereas when you see Linux you will not find anything like, instead you can see several folders inside "/" root. Today we will see what all these inside the / root mean.

/bin  - Essential User Binaries


▶ All the User Binaries are present in this directory. Binaries here means compiled source code of the executable files.
▶ You can also find Important System Files/Utilities such as Bash Shell and files related to Linux Commands
▶ Ex. ps, ping, ls, grep

/boot -  Static Boot Files


▶ All the files needed to boot the system is present in this directory but you can't find the config files here.
▶ Ex. GRUB, Linux Kernel files, Static Files

/cdrom -  Historical Mount Point for CD-ROMs


 It is the temporary location for the CDROM inserted into the drive.

/dev - Device Files


▶ When you insert any device into a Linux system it considers them as a file. And these files are present in these folders. 
▶ It is also the home for all the Pseudo/Virtual Devices
▶ Ex. /sda - SATA, USB, Keyboard, etc.,

/etc - Configuration Files


▶ All the files needed for the configuration of the system are present here. Including files for the startup, shutdown, etc., These are editable files.

/home - Home Folders


▶ It is the home folder for each user. It holds all the data, saved and user config files.

/lib - Essential Shared Libraries


▶ Contains all the necessary libraries needed by the binaries.
▶ Contains Kernel modules and shared library required to boot the system and run commands.

/lost+found - Recovered Files


▶ If any files have been corrupted due to system crash or unexpected shutdown then those files are pushed out this directory from which we can recover. But nowadays in modern Linux systems, you can't find such a directory. It's a legacy feature.

/media - Removable Media


▶ This directory includes subdirectories removable media devices. 
▶ Also known as Temporary Mount Directory

/mnt - Temporary Mount Points


▶ To be short it is referred to as Mount Points for Temporary File System like Windows.

/opt - Optional Packages


▶ It includes the Sub-directories for optional software packages. These are used by the third-party or proprietary software that does not follow standard file system hierarchy. 

/proc - Kernel & Process Files


▶ This directory includes all the files of the system process information, running process, process ID.
▶ Considered as Pseudo Virtual System
▶ They are generated on the go.

/root - Root Home Directory


 This is the home directory of the "root" user.
▶ It is completely different from this root "/"

/run - Application State Files


▶ It provides a standard place for the applications to store transient files
▶ Also considered as a solution for an early-runtime-dir problem

/sbin - System Administration Binaries

 
▶ Has essential binaries that are needed to be run by the root user for system administration and maintenance purposes
▶ Ex: iptables, ifconfig, disk, swapon

/SELinux - SELinux Virtual File System


 Contains all the necessary files required by SELinux

/srv - Service Data


▶ Holds all the server-specific and server related files.
▶ Ex. Apache

/tmp - Temporary Files


▶ All the temporary files generated by the Applications are stored here and it gets deleted when the system gets restarted.
▶ Both the User and root has access to it.

/var - Variable Data Files


▶ It holds all the log, lock, spool, mail, packages and database files.


/usr - User Binaries & Read-Only Data



▶ It contains all the user binaries, documentation, libraries, header files, etc.,


Hope you got a high-level idea on these different directories.
If there's is any doubt or room for improvement please let us know.

Join the Telegram group for more stuff.
Read More

Thursday, April 13, 2017

Penetration Testing with Kali Linux Methodology

Hello Friends,
Kаli Linux is designed for penetrаtion testing. Whether the penetration tester’s stаrting point is white-box testing, black-box testing, or grаy-box testing, there are аlways steps to follow when performing penetration testing with Kali or other tools.





Read More

Tuesday, October 21, 2014

TAILS VERSION 1.2 RELEASED

Hi Friends,

A new version Tails 1.2 has also been released. Tails, also known as 'Amnesiac Incognito Live System', is a free security-focused Debian-based Linux distribution, specially designed and optimized to preserve users' anonymity and privacy.
The operating system came into limelight when the global surveillance whistleblower Edward Snowden said that he had used it in order to remain Anonymous and keep his communications hidden from the law enforcement authorities.
Read More

Tor Browser 4.0 and Tails 1.2 Update Released

Hi Friends..
Like us on facebook:- https://www.facebook.com/justhackitnow
 Tor - Privacy oriented encrypted anonymizing service, has announced the launch of its next version of Tor Browser Bundle, Tor version 4.0, which disables SSL3 to prevent POODLE attack and uses new transports that are intended to defeat the Great Firewall of China and other extremely restrictive firewalls.

Tor is generally thought to be a place where users come online to hide their activities and remain anonymous. Tor is an encrypted anonymizing network considered to be one of the most privacy oriented service and is mostly used by activists, journalists to circumvent online censorship and surveillance efforts by various countries.
Read More

Tuesday, March 11, 2014

10 reasons Why websites get HACKED.

Hi Friends Welcome Back,
For more updates join our facebook group:-
https://www.facebook.com/groups/197622320253974/

Below you will find list of top 10 web vul­ner­a­bil­i­ties clas­si­fied by OWASP, here is also descrip­tion of the prob­lem and some examples.
I will just give you the list in case you missed it before, i will not com­ment on any of these as there is already hot dis­cus­sion about this mat­ter on sev­eral sites/​forums.
Read More

Saturday, March 1, 2014

How to Hack WPA WiFi Passwords by Cracking the WPS PIN

Hi Friends,
we learn today hack WiFi WPA password,
Follow Us on Twitter:- https://twitter.com/JustHackItNow
Follow us On FAcebook:- https://www.facebook.com/justhackitnow 
A flaw in WPS, or WiFi Protected Setup, known about for over a year by TNS, was finally exploited with proof of concept code. Both TNS, the discoverers of the exploit and Stefan at .braindump have created their respective "reaver" and "wpscrack" programs to exploit the WPS vulnerability. From this exploit, the WPA password can be
Read More

Friday, November 22, 2013

Man In the Middle attack using BT5 Ettercap Tutorial

Ettercap

Ettercap is a suite for man in the middle attacks on LAN (local area network ). It features sniffing of live connections, content filtering on the fly and many other interesting tricks.It supports active and passive dissection of many protocols (even ciphered ones) and includes many feature for network and host analysis. In this tutorial i will explain how to sniff (user names,passwords) in LAN using Ettercap.....


The man-in-the-middle attack (also known as a bucket-brigade attack and abbreviated MITM) is a form of active  eavesdropping  in which the attacker makes independent connections with the victims and relays messages between them, making them believe that they are talking directly to each other over a private connection when in fact the entire conversation is controlled by the attacker



There are several kinds man in the middle attacks that we can perform, But in this tutorial we will see attacks based on the ARP protocol




Steps to be followed 

1. Open terminal  and type ettercap -G. This will open GUI based ettercap utility ....
2. Now scan for hosts in your sub net  by going to Hosts ---> scan for hosts




3.   Now open host list from hosts tab and select the IP address of the victim as target 1 and IP address of the router as target 2.




4.. Now start ARP poisoning by going to mitm ---> ARP Poisoning 


























Finally start the sniffer by going to start ---> start sniffing . Now if the victim logs into gmail , face book yahoo mail...etc .we will get his user name and password  

Hope you Enjoyed the article, In my coming posts i will be writing about the countermeasures that you can take against ARP poisoning , MITM ..etc .Till then have a nice time

If you have any doubts please feel free to post a comment.....:) :)

Read More

Tuesday, July 23, 2013

Metasploit Basic Command Tutorial

Hello Friends,
Metasploit is the database of all exploits and a software that contain information about different exploits so here is the basic usage of metasploit, I am using backtrack 5 r3 machine for this tutorial however if you are using other Linux distribution or windows OS than it is fine but the requirement is Metasploit.
Like us on facebook https://www.facebook.com/justhackitnow
oin Just hack it now group on facebook
Join Just hack it now group on facebook - See more at: http://www.justhackitnow.com/2013/07/security-apps-to-help-protect-iphone.html#sthash.1LCxil2q.dpuf
Like us on facebook https://www.facebook.com/justhackitnow
Join Just hack it now group on facebook - See more at: http://www.justhackitnow.com/2013/07/security-apps-to-help-protect-iphone.html#sthash.1LCxil2q.dpuf
Like us on facebook https://www.facebook.com/justhackitnow
Join Just hack it now group on facebook - See more at: http://www.justhackitnow.com/2013/07/security-apps-to-help-protect-iphone.html#sthash.1LCxil2q.dpuf

Read More

Wednesday, April 11, 2012

Hackers gain unauthorized access into Linux source code site

Hi friends,
As Linux Users and fans know, there are two kinds of hackers: the good guys who develop free software, such as the Linux kernel, and the bad guys who break into computers.

The bad guys paid the good guys an unwelcome visit earlier this month, breaking into the Kernel.org website that is home to the Linux project. They gained root access to a server known as Hera and ultimately compromised "a number of servers in the kernel.org infrastructure," according to a note on the kernel.org website Wednesday.

Administrators of the website learned of the problem Sunday and soon discovered a number of bad things were happening on their servers. Files were modified, a malicious program was added to the server's startup scripts and some user data was logged.
Read More

Quick Tips to Backup your Linux Computer

Hi Friends,
Linux gives you plenty of control over your computer, but with great power comes great responsibility. That means backing up your files regularly (among other things), and while cloud storage is attractive, for many of us, it's not enough. Here's how to back up your data (note: I am using Ubuntu, so the details may differ somewhat if you use a different distribution):

Related Post: 16 Cool Ubuntu Tips for Linux Users

1. From the search bar, just type "backup" to bring up preinstalled options. I'll be using Simple Backup Suite.

Read More

16 Cool Ubuntu Tips For Linux Users

Hi Friends,
 I wrote about books that  teach themselves Linux. Today in the Linux section we have something for the power users. Here are a few tips you should try out if you are an avid Ubuntu Linux user.

1. Get lightning fast and clever at the command line
Read More

Wednesday, April 4, 2012

THC SSL DOS/DDOS Tool Released For Download

Hi Friends,
A German group of Hackers known as Hackers Choice have released a program they assert will allow a single computer to take down a Web server using a secure connection

THC-SSL-DOS is a tool to verify the performance of SSL.Establishing a secure SSL connection requires 15x more processing power on the server than on the client. THC-SSL-DOS exploits this asymmetric property by overloading the server and knocking it off the Internet.

This problem affects all SSL implementations today. The vendors are aware of this problem since 2003 and the topic has been widely discussed. This attack further exploits the SSL secure Renegotiation feature to trigger thousands of renegotiations via single TCP connection.
Read More

Tuesday, March 20, 2012

Keylogger For Linux


 Hi Friends,
Many people`s say that Linux is very Secure and on it any type of hacking software and key logger not work on it.
and i want to say they are fully wrong.......

Similarly lots of people actually believe that Trojans are invalid against Linux Operating Systems. But really is something difficult to digest, they are present but in a different maanner.

I am Talking about a very famous keylogger LKL,  that runs under Linux on the x86 arch. LKL sniffs and logs everything that passes through the hardware keyboard port (0×60). It translates keycodes to ASCII with a keymap file.


Installation:-

The ‘configure’ shell script attempts to guess correct values for various system-dependent variables used during compilation.

It uses those values to create a ‘Makefile’ in each directory of the package. It may also create one or more ‘.h’ files containing system-dependent definitions.

Finally, it creates a shell script ‘config.status’ that you can run in the future to recreate the current configuration, a file ‘config.cache’ that saves the results of its tests to speed up
reconfiguring, and a file ‘config.log’ containing compiler output (useful mainly for debugging ‘configure’).

If you need to do unusual things to compile the package, please try to figure out how ‘configure’ could check whether to do them, and mail diffs or instructions to the address given in the ‘README’ so they can be considered for the next release.

If at some point ‘config.cache’ contains results you don’t want to keep, you may remove or edit it.

The file ‘configure.in’ is used to create ‘configure’ by a program called ‘autoconf’. You only need ‘configure.in’ if you want to change it or regenerate ‘configure’ using a newer version of ‘autoconf’.
The simplest way to compile this package is:

1. ‘cd’ to the directory containing the package’s source code and type ‘./configure’ to configure the package for your system.

If you’re using ‘csh’ on an old version of System V, you might need to type ‘sh ./configure’ instead to prevent ‘csh’ from trying to execute ‘configure’ itself.

Running ‘configure’ takes awhile. While running, it prints some messages telling which features it is checking for.

2. Type ‘make’ to compile the package.

3. Optionally, type ‘make check’ to run any self-tests that come with the package.

4. Type ‘make install’ to install the programs and any data files and documentation.

5. You can remove the program binaries and object files from the source code directory by typing ‘make clean’. To also remove the files that ‘configure’ created (so you can compile the package for a different kind of computer), type ‘make distclean’.

There is also a ‘make maintainer-clean’ target, but that is intended mainly for the package’s developers. If you use it, you may have to get all sorts of other programs in order to regenerate files that came with the distribution.
Download LKL Keylogger here.

Read More

How To Install Linux And Window In Same Drive

Hi Friends,
If you are face a problem how to install Linux and window in a same drive......... then don`t worry i have a trick to solve that problem...

Linux can be installed on the same logical partition or drive where windows is installed and without deleting any windows content.

We can use a tool for installing Ubuntu linux into our PCs without harming Windows installation.One of the latest releases by Ubuntu, Wubi can do it for us. With Wubi we can install or uninstall Ubuntu on Windows in same folder.Wubi is a Windows application which runs in windows environment and can be downloaded for free here.




Link to download Wubi:->
Read More

Monday, January 30, 2012

Top 10 Tricks to exploit SQL Server Systems

Hi fnds i have tp ten trick to exloit sql server


It is through manual poking and prodding or the use of security testing tools, malicious attackers employ a variety of tricks to break into SQL Server systems, both inside and outside your firewall. It stands to reason then, if the hackers are doing it, you need to carry the same attacks to test the security strength of your systems. Here are 10 hacker tricks to gain access and violate systems running SQL Server.

1. Direct connections via the Internet

These connections can be used to attach to SQL Servers sitting naked without firewall protection for the entire world to see (and access). DShield's Port Report shows just how many systems are sitting out there waiting to be attacked. I don't understand the logic behind making a critical server like this directly accessible from the Internet, but I still find this flaw in my assessments, and we all remember the effect the SQL Slammer worm had on so many vulnerable SQL Server systems.

Read More

Monday, December 19, 2011

Resetting Root Authorization in Linux and Prevention

The root authentications can be reset to NULL value from the following method.

Do not use this information for committing cyber crimes.

AT Grub Loader.
highlight the desired kernel which you want to boot ‘fedora core fc9′

press ‘e’ to edit the run levels and other options
then the second menu arrives as ..
 (hd0,1)
 <kernel name> <execution arguments> rhgb quiethighlight the part with quiet and then again press ‘e’
Read More

Creating An Anonymous FTP Server With Publicfile


 Its explains about creating a server that needs to support anonymous FTP (ftp without a password) and doesn’t need to have the ability for anyone to have ‘real’ logins. The whole thing should be read-only, no write permissions. And as with everything I support, security is a must.

There are a boatload of FTP servers, almost all of which have had some vulnerability of some kind – in fact most have had bugs that lead to shell or root access. Many have added on additional security measures, such as the ability to chroot real users as well as anonymous users. However this FTP server’s needs are so minimal, any FTP server software with boatloads of configuration options are just overkill.

Publicfile: Another offering from Dan Bernstein, author of DJBDNS, another one of my favorite software packages. Publicfile offers both an FTP and HTTP server.
Read More

Friday, December 16, 2011

How to setup internet using mobile in Linux, Ubuntu, Linux Mint

Many of you want to connect your mobile phone to their laptop and PC to browse Internet if you are using windows then PC Suit of every company is available for this work but if you have to connect it on Linux it is a work of bit problem
So I am going to explain how to do this work in four simple steps


Step 1 : Connect your phone and create a new ‘Mobile Broadband’ connection from the appeared wizard. You can Select ‘Airtel’ in ‘Service Provider’ which we will change to suit Docomo Internet.
Read More

Sunday, April 10, 2011

How To Customize Your GRUB2 Boot Loader On Ubuntu

Customize Your GRUB2 Boot Loader On Ubuntu How To Customize Your GRUB2 Boot Loader On Ubuntu
Got bored with default Ubuntu Grub bootloader? Looking for a nice GUI instead of Grub? Then try out Burg.This post is dedticated to all Ubuntu fans who love to customize there dafault Grub bootloader. icon smile How To Customize Your GRUB2 Boot Loader On Ubuntu Install Burg, a Brand-new Universal loader based on Grub.BURG has much prettier GUI and it supports themes and customizations. icon wink How To Customize Your GRUB2 Boot Loader On Ubuntu

How to Install BURG?

Read More

Search This Blog

Powered by Blogger.

Pages