Tag: Kali Linux

If you find yourself needing assistance at any point throughout the tutorial series, feel free to enroll in The Complete Ethical Hacking Course Bundle for 1 on 1 help!

https://josephdelgadillo.com/ethical-hacking/

Below is a list of the courses included in the bundle:

The Complete Ethical Hacking Course for 2018!
http://bit.ly/2leW0j4
Certified Ethical Hacker Boot Camp for 2018!
http://bit.ly/2yKbler
The Complete Ethical Hacker Course: Beginner to Advanced!
http://bit.ly/2i3kirq
Build an Advanced Keylogger for Ethical Hacking!
http://bit.ly/2yMl3gI

Hello everybody and welcome to this tutorial. Today, we will be importing custom chains of proxies. Now I have done literally no prep work for this, deliberately, because I want to see if I
encounter any problems by doing this the first time around on Kali Linux. If I happen to come across any problems, I want to resolve them here together with you because chances are that you will encounter them as well. But, I don’t predict any unsolvable problems here, this should be fairly straightforward.

Let’s just go and type in free sock5 proxies and see if we can find any for ourselves. So, here have Socks proxies – free socks5 and socks4 proxy lists. Let’s see what this website has to offer. So we have a lot of things here that we can use anonymously. I suppose they all claim that they’re anonymous, but that’s very questionable. Generally, you want to be using proxies in countries that have a good reputation for not sharing your private browsing information. So, the countries that do have a good reputation with that, well China doesn’t share much with anybody else. Russia doesn’t share much data either. If they have the Netherlands here that would be awesome, because the Netherlands have fantastic privacy policies in terms of information, in terms of personal user information, and Germany is also not bad. Those are some of the countries which you can use that are fantastic in terms of privacy. They will not share your traffic with pretty much anyone, or so they claim. Who will you trust? That is completely up to you. Again, it doesn’t really matter that much for the sake of this tutorial series, because all of the work that we will be doing here is white hat, and all of it is legal. So, you can use any of these to simulate a real attack. Even if you can reverse tracks and find yourself it’s still okay, as long as you are using some sort of a proxy to give real-time circumstances, and encounter real time problems. Also, to circumvent firewalls and so on, if you want to use Netflix, or something like that, you will need a proxy in the United States. However, a proxy wouldn’t suffice due to the slow speeds, rather you will need a VPN.

Anyway, without further ado, you have the IP address here which we will need, you have a port number here, we won’t need this, we will need this, and we will need a version. Let’s see if there are any any proxies from the Netherlands. No, the Netherlands is not even listed here. Let’s go ahead and select the first five from the list. So I need to copy this, open up my terminal, and let’s arrange the windows to make copy/pasting convenient. There we go. Let’s grab the Firefox browser and just expand it accordingly. So I now have all of the information that I need. I have the port number, version, and the IP address. Let me clear the terminal, nano/etc/proxychain.conf, make sure that dynamic is selected and everything else is commented out. Go ahead and scroll down to the bottom, and let’s get started. Now we need to specify our proxychains. Anything special that we need to know here? No. Type in the host port, user values, nope, doesn’t specify anything special. Let’s go ahead and type in socks5. Let me confirm that this first one is socks5, yep, it is socks5, and paste the IP address. Let’s just go ahead and add tabs here to be on the safe side, so that it all is neatly done and sorted. So, it’s 33169, press ENTER, so socks5, tab, what is the next one? The next one is 9480. Paste it, tab, and the port number is 1080. Let’s add the next one, no this one is actually socks4, and the next one is actually socks5. As you can see, it’s a fairly simple process. I mean, there’s nothing really special that you need to do here, just create a list of proxies which we will end up using. I can assure you that most likely half of these proxies do not work. Not because I can see some information here on the screen that you can’t, but because I have experience with such proxies, and they generally do not tend to work. But, enough of them work for you to be able to anonymize yourself to a good extent. So the next one is 1806, and 0. Make sure you get the ports right. If you put in the wrong port your connections will be dropped by default for that IP address, and you’ll think that the proxy is malfunctioning when it’s not. It’s just you typing in the wrong port. So, again, we have socks5, an IP address here. What is the port number? 1080 again. You will see that some port numbers have been standardized, and they are just repeating, so you don’t need to do that much thinking there. Press Enter. Now I can save save the file, excellent! Okay, so, let’s exit nano.

Let’s go ahead and expand our beloved terminal, the holy grail of power, and type in pretty much the same thing as we typed in the previous tutorials, proxychains Firefox www.duckduckgo.com. Keep in mind you can type in any URL here, and as long as it’s valid it will open it. So let’s just go ahead and see what happens. Press Enter…nothing, literally nothing. What happened? It didn’t start proxychains. Why not? Well, you need to close the browser first, and we unfortunately had this list open that continuously keeps changing as well. That’s a problem, because you cannot have Firefox open and then start it again through proxychains. You need to close it completely, make sure that it is completely closed, I can see nothing in my working menu down there, and let’s try again. Same thing. See, now it’s taking a bit longer. As soon as you see that something flies through with proxychains, you know that something is wrong because there is no way it’s going to be fast. So what do we got here? Timed out, timed out, again we have timeouts, and it’s a dynamic chain so it’s trying to go through all of them, but it’s skipping those that are not functional. When I was first getting started I was like, I’m going to use 50 proxies, and I’m going to be completely anonymous. No, I wasn’t even able to load the most basic of sites, or issue even the most basic of requests with that. You need to keep it low, in terms of proxies, depending on their speed. So, hopefully one of them is going to pass, and one of them is going to work. This is one way of troubleshooting, another way is just looking at the screen and see what’s happening here. So, I’m just waiting for at least one of them, yes, there we go. One of them said, okay, but it needs to go through and try all of the other proxies in our chain. Hopefully, it’s not going to take too much time. So we have all of these timeouts, and only one of them was confirmed as being functional. Which proxy was okay? DNS response duckduckgo.com, there we go. It should be open now, no it is not. This was just a DNS response. Okay, it’s formulating a request again through a different series. Come on, please succeed…excellent! This one didn’t succeed, well, now it has. DNS response is DuckDuckGo.com is 50.18.192.250. Has it opened? No, it has not. Okay, we must wait a bit longer, and this is the sad reality of using free proxies. If I had confirmed that these proxies were functional prior to recording this tutorial it would have made this much simpler, but I just wanted to make a point here and show you that you’re not going to get very far using a lot of free proxies. Imagine scanning a hundred hosts using proxychains like this, and this would be the amount of time that it would take to even load a basic web site. Imagine how long a scan would take. It would take practically forever. Okay, finally it is requesting information on port 443. As you can see, all of the above communication was attempting to get a response from a DNS server. This is how much information has been processed before we even started to load duckduckgo.com. As you can see by the port names, it’s 53, the 53 is our DNS port. If we go down below, you can see that finally I’m looking for port 443 somewhere around here. I swear I saw it a moment ago. 1080, that’s a proxy port, this is a proxy port as well, 53 again, DNS resolution port, yes, there we go, 443 has begun here. It’s still loading it. I wonder if it has opened it? Yes, there we go. It is up and running, and the site is functional, but it has taken us a lot of time to open it using free proxies. I would recommend sticking to two or three at max and it should work, and stick with the ones that have the best grades, reviews, and so on. Stick with the ones that have the greatest up-time as well. In any case, I bid you farewell, and I hope to see you in the next tutorial.

The remainder of the tutorial videos can be found in this YouTube playlist:

You can also enroll in the course and download the videos for offline viewing:

https://jtdigital.teachable.com/p/hacking-free/

Subscribe on YouTube – https://www.youtube.com/c/JosephDelgadillo?sub_confirmation=1

Follow on Steemit – https://steemit.com/@jo3potato

If you find yourself needing assistance at any point throughout the tutorial series, feel free to enroll in The Complete Ethical Hacking Course Bundle for 1 on 1 help!

https://josephdelgadillo.com/ethical-hacking/

Below is a list of the courses included in the bundle:

The Complete Ethical Hacking Course for 2018!
http://bit.ly/2leW0j4
Certified Ethical Hacker Boot Camp for 2018!
http://bit.ly/2yKbler
The Complete Ethical Hacker Course: Beginner to Advanced!
http://bit.ly/2i3kirq
Build an Advanced Keylogger for Ethical Hacking!
http://bit.ly/2yMl3gI

Hello everybody and welcome to this tutorial. I’m just going to pick off from where I left off in the previous one.

As I said before, you have a type of proxy here, and you always want to be using socks5. You don’t want to be using HTTP because it isn’t a very secure protocol, and socks4 doesn’t support very many options. Anyway, this is the IP address of the proxy server, we will enter a few of them manually later on, and this here is the port number on which the proxy server is listening, the port that is open. Over here, these two words, now what some proxy servers, especially paid ones, will always have is a username and a password. You can type them here in plain text, unfortunately, but it is assumed that only you, and you alone, have access to this computer. Besides, not everyone can read this file. So if you type in the username and password here, you will gain access to a certain proxy that you have chosen. These are just examples. We won’t actually be using these proxies. We need to go down below, and here is the end of the file. So if I press ENTER a couple of times, there we go. There is only one proxy active at the moment, it’s socks4, and all traffic is being routed through there. Now tor by default listens on this port, and our connections will be going through tor now, but just in case I want to add socks, and you should really do this, socks5, press tab, and type in exactly the same IP address. By the way, this 127.0.0.1 is the loopback address of your computer. This is for inter device communication. If you ping this address, you’re pinging yourself, basically, and usually people ping this address in order to make sure that the IP protocol is set up correctly. So, let’s just type in 127.0.0.1, same port number, space here, no tabs, 9050. There we go. Press Ctrl + O to save the file, press ENTER, and by the way you don’t need to use Nano to edit this file. You can also use VI or some other text editor in order to edit it. I like using nano. It’s practical and it’s fairly simple. It’s much simpler than VI. I know how to use VI as well but it’s a bit more complicated, so I prefer to keep it out of the tutorials. Anyway, press Ctrl + O to save. It doesn’t hurt to save the file as many times as you like, and then press Ctrl + X to exit. There we go. Now we have the file saved. Clear the screen. You always want to make sure that you are working in a very neat environment. Then go ahead and type in service tor status to see if tor is running. Tor is not running so it gives you an answer, and what we want is to start tor up. So service tor start, press ENTER, there we go. Now the tor service has started, and it is up and running.

So the next thing that we need to do is use proxychains in combination with tor, and in combination with our internet browser, in order to be able to access a third party in order to verify that all of is working properly, and that we are anonymous. A lot of people do the configuration, and they type in service tor start, and that’s it. They don’t verify these settings. They start to scan and what happens? Of course, they get detected because they most likely misconfigured something. What you want to do is go ahead and type in proxychains, so proxychains. Remember, we do not want to browse the Internet as a root user. We’re just going to use it to verify our proxychains settings, and then I’m going to close the web browser. So, I’m only using it for that purpose. We will use proxychains later on for a different purpose, for scanning, and so on and so forth, and then we can use it as root. But, it’s not a good idea for web browsing, for security reasons. Anyway, proxychains and then type in Firefox, or you can type in your preferred web browser. I think Firefox works the best with proxychains since that is the default browser of Kali Linux. Even though it says iceweasel, it’s Firefox, trust me. So type in proxychains Firefox, and we can type in the web site that we wish to visit. So, let’s just type in www.duckduckgo.com. Now duckduckgo is a search engine that also helps to anonymize you. You will have a far greater extent of anonymity than you do when using Google, or an equivalent popular search engine, as they record your traffic, they record your IP addresses, and that can be problematic in itself, especially when you’re doing some sort of footprinting. You do not want to be recorded anywhere. Anyway, let’s just go ahead and press enter, and the web browser is loading. You can see that the loading time is definitely not the fastest, it’s a bit slow, but it has loaded it up. We will just go ahead back to our terminal and see, excellent, so you see that the link has been established here. There are some problems as it says denied somewhere, but that’s OK. You’re bound to encounter errors here, especially when you’re using custom chains. You will see that there will be more error messages than there will be okay messages. But, believe it or not, the connection still manages to pass through somehow and still manages the function in spite of that. Anyway, I’ll just go back and open up our web browser once again, and just type in check for DNS leaks, and press Enter. Okay, so DNS leak test, excellent! Let’s go ahead and click on this one and see what happens. Hello, this is my public IP address now, 217.13.197.5, and it says that I am from Germany. I assure you that I am not from Germany. If you wish to to verify all of this you can open up a new terminal and type in service tor stop, and then open up your regular web browser without the proxychains command, do the same test again, and you will see that you will get a completely different IP address, which will be your real IP address. Anyway, it says hello, this is me from Germany. I’m going to perform a standard test, I’m not going to do an extended test, it’s the same thing for the most part. This one does more rounds but you get the same information, more or less. So it goes query one, excellent! This is my DNS, this is my ISP provider. So look this is what they have concluded in regards to my DNS: it’s level 3 communications, and it says the country is the United States. This makes no sense whatsoever, so I am anonymous now. I can’t be detected, which is a very good thing to have indeed.

This IP address will change from time to time. Let me just copy it, and I am going to go ahead and show you that it actually does change. So, accessories, I’m pretty sure there is a text editor here, excellent! So I’m just going paste this IP address, and now what I’m going to do is go ahead and close this browser. I don’t need this, so service tor stop, it’s stopping it, service tor start, it’s starting it. So, you don’t need to actually write start/stop, you can also do service tor restart, and it’s going to do the whole process for you. So you can save a little bit of time there. Let’s just repeat the process. I’m going to go ahead and type in proxychains Firefox, and I will request the same search engine as well. Will it open? Now don’t be discouraged if it doesn’t open it straight away. If it says you don’t have connectivity, or the website is not available, just try typing in the service tor restart command a couple of times until you get it. Sometimes certain IP addresses are blocked and you need to be assigned the one that is not, so don’t immediately jump to a conclusion. Just try resetting it a couple of times and you will resolve the problem. A different IP address will be assigned to you each time. Anyway, let’s just go ahead and type in check for DNS leaks, press Enter, and here we go. I’m just going use the same website, dnsleaktest.com, that’s the name of it, excellent! So you see now I don’t even need to compare the IP, obviously it’s different. So this one is 217.13, this one is 91.109, so completely different IP address here, and from a completely different place. Now it says that I am from the United Kingdom, apparently somewhere in London. I’ll go ahead and issue a standard test to see what sort of resolutions I get here. This might take a while, that’s why I’m doing the standard test, this one was a bit slower. It depends on how far away the servers are. I suppose I’m a bit closer to Germany than I am to United Kingdom. I suppose this depends on the speed of the server’s as well. Anyway, you can see my DNS resolutions here, it’s level 3 communications, again. Yeah, I am completely anonymous with this. I am unlikely to be detected by pretty much anything.

If you wanted to, for example, use proxychains with nmap, I’m not going to go into great detail now, I will show you this when we get to the nmap section, but before we do we can see some verbose output here on how this is actually functioning. So, there are certain domains which are being contacted, you can see pretty much everything that is going on here. It isn’t a bad idea to sometimes go through this sort of information, especially if you do not have connectivity, or if you wish to better understand exactly where your traffic going, where it is passing through, and how is it spinning around. Anyway, let’s just go ahead and clear the screen and use, let’s say, proxychains nmap, and this is all that you would need to do in order to route all of nmaps traffic through proxychains. This is pretty much true for any application. Just invoke the application as you would, so normal nmap invocation would be nmap, and then some IP address here, and then a port number here, and some arguments as well to go along with it. But instead of just typing it like that, you can use proxychains and hide yourself. How would you invoke a browser on a regular basis? You would type in Firefox, press enter, and that would of course open up a Firefox browser. So, any application that you can start through your terminal, and you can start all of them through your terminal, just type in proxychains in front of it, and all the network information generated by that application will be routed through proxychains. Now will it use a preset of proxies or will it use tor? That is up to how you have configured it. There will be a part three to this chapter. I will show you how you can import custom chains of proxies, and how you can use those proxies to access things on the net, or to hide your activity behind them. In any case, I bid you farewell, and I thank you for watching.

The remainder of the tutorial videos can be found in this YouTube playlist:

You can also enroll in the course and download the videos for offline viewing:

https://jtdigital.teachable.com/p/hacking-free/

Subscribe on YouTube – https://www.youtube.com/c/JosephDelgadillo?sub_confirmation=1

Follow on Steemit – https://steemit.com/@jo3potato

If you find yourself needing assistance at any point throughout the tutorial series, feel free to enroll in The Complete Ethical Hacking Course Bundle for 1 on 1 help!

https://josephdelgadillo.com/ethical-hacking/

Below is a list of the courses included in the bundle:

The Complete Ethical Hacking Course for 2018!
http://bit.ly/2leW0j4
Certified Ethical Hacker Boot Camp for 2018!
http://bit.ly/2yKbler
The Complete Ethical Hacker Course: Beginner to Advanced!
http://bit.ly/2i3kirq
Build an Advanced Keylogger for Ethical Hacking!
http://bit.ly/2yMl3gI

Hello everybody and welcome to this tutorial. Today, I will be talking about how you can configure proxychains to work in combination with tor in order to anonymize traffic. Not only web browsing traffic, but rather instead, all network related traffic generated by pretty much all of your applications. Now there are a few applications which will not work in combination with proxychains. Namely, one such application is Metasploit. Now Metasploit is practically a hacking framework, and it is of crucial importance for pretty much any sort of hacking activity in today’s world. It allows automated generation of the code needed to break certain systems, and it also contains a list of vulnerabilities as well. However, what I want to do here today is show you how you can anonymize pretty much all footprinting traffic, or traffic generated by nmap when you’re gathering information, or even when you are web browsing, and how you can cover your tracks in general.

One of the first things that you do need to do, in Kali Linux they come pre-installed, is download tor and proxychains. You may need to install these two software packages on other systems. Tor can be difficult. I have seen systems where tor is not installed by default, and I have shown in the previous tutorial how to install tor without any problems. What we will need to do here on Kali Linux is simply configure the software, and not install anything. So, let’s just navigate over to the etc proxychains configuration file, nano/etc/proxychains.conf, press ENTER, and there we go, we are in the configuration file. What is proxychains? Well, it gives you the ability to route your traffic through a series of proxy servers and stay anonymous by hiding behind them, or by having them forward your request so that it looks as if your requests are coming from them, as opposed to from you. Surprisingly enough, there is a large number of free proxy servers available that you can use, but they’re not very stable, they tend to go up and down, and they’re not very fast. So, for specific targets they can be useful, but not for any form of brute forcing attack. If you are doing something to a certain target, if you’re trying to log in or you’re already logged in, you can definitely do it through proxychains, and it will be reasonably fast and stable. If you’re performing some sort of mass scanning, or you’re brute forcing a password, proxychains with a list of proxies selected from the internet, free proxies that is, will not be very stable. I mean, it’s going to work eventually in a technical sense, but it will consume more time than you can spare. And by more time than you can spare, I mean a month or two to do a simple scan. For the time being, I want to show you how to use proxychains, how to configure them, because they are really useful useful. I use them fairly often, many people do, and it’s a fantastic piece of software.

First off, you have different types of proxies here which you can use. You have HTTP, socks4, and socks5. Now there are fundamental differences between these protocols. You always want to find yourselves a socks5 proxy, as that is the most advanced protocol, and it has the ability to anonymize all sorts of traffic. HTTP, well as the name itself says, it’s for HTTP traffic, and socks4 is very similar to socks5 but it does not support the ipv6 protocol, and it does not support the UDP protocol. So, socks4 can be rather problematic. You always want to make sure that you’re using sock5 whenever possible. Anyway, down below you have these options which we will go over. To enable these options you don’t need to type in any complex lines of code, or anything of a kind, you just delete the hash and that’s it. Save the file, the option is enabled. This hash presents a commented out line, meaning that the system reading this file will ignore it if there is a hash. If there isn’t a hash it will take it into consideration and interpret it accordingly. Anyway, what we have here are statements which allow us to specify how we want our traffic to be routed. So, first off, we have dynamic chain. Dynamic chain is an option which you will find people using the most. It is the most commonly used option, a preferable one, and I honestly think it’s the best one because it’s the most stable one. Here’s why. Suppose you have ABCD proxies, so those are some servers with IP addresses with open ports. If you have a strict chain policy like we have here, you will only be able to access any site by going through ABCD. So, you have to go through all of them, and you have to go through them in that specific order, ABCD. I am sure you can already see how that could present problems. I mean, if you’re paying for five proxies that’s not a problem because they will always be operational, they will always be up. That’s not a bad option at all. However, most people use free proxies, and they don’t tend to pay for them. Why would you pay for 5-10 proxies for a simple scan? They’re not free, they cost money, they’re not that expensive either, but still, the act of paying itself identifies you, and it diminishes the amount of anonymity you have on the net. There are some complex payment methods with which you can use to anonymize yourself, such as cryptocurrency, but still, it’s far simpler to use dynamic chains. So I’m going to go ahead and un-comment this line of code. Strict chains will no longer be used. I will be using dynamic chains. One more thing to note here is that if you want to use proxychains in combination with tor, so if you want to route all of your traffic through the Tor network, not just web traffic, you must enable dynamic chains. I mean there is a chance that it will work with strict chains, but due to the instability of tor nodes it is highly unlikely. Anyway, if you are using dynamic chains it gives you the ability to go from ABCD, to your desired destination, by not having to adhere to any order. So let’s say that C is down. You would go through ABD and it would work without any problems. If B was down you would go through AD, and you would still reach your destination. So, as long as one single proxy is functional it’s going to work, and it doesn’t require a specific order.

Down below you have random chain. Now random chains are, in effect, basically the same thing as resetting your services. If you’re resetting tor you will be assigned a new IP address, I mean tor assigns you a new IP address every 10 minutes or so, but with the random chain option you can specify a list of IPs. And then you can tell your computer, OK, I want you to connect to this point, and every time you connect, every time you transmit a packet, I want you to use a different proxy. We can do that as well, that’s definitely a viable option. You can say, OK, use this one five times and then change it to another one, or something like that. There are a lot of options to specify here, primarily the chain length. If we go ahead down below there’s the quiet mode, and you don’t really need that. Proxy DNS requests – no leak for DNS data, this is very important. You cannot have any DNS leaks. Let me explain to you what DNS leaks are. Even though somebody cannot get your particular IP address, they can get the IP address of the DNS server that you are using. What DNS servers do is resolve the domains to IP addresses, and vice-versa. So, for example, if you typed in youtube.com, the DNS server of your local ISP provider will resolve that into some sort of an IP address that YouTube has, and it will make a request. You do not want that happening because your local DNS server will be discovered, and that information can be used in order to figure out your personal IP address, and then your physical location is pretty much compromised. You definitely need proxy DNS here. It might slow you down a bit, but without it you won’t be anonymous. It is just a matter of time before somebody finds you. If you go down below we have some other options here, but we’re not really interested in them at the moment. What we got here are formats for entering proxies, and I’m going leave it at that. We will cover the rest in the follow-up tutorial. But, just a key note before you go onto the next tutorial, have a look at these. You don’t need to go on the internet and read anything about it, just have a look at the format here, how they are written. This is an example of proxychains and how you can write them down. So you have a type of proxy, you have an IP address, figure out what this number is, what this name is, and what this word here is. I will of course explain all of this in the next tutorial, but just try to figure it out on your own. It’s pretty simple. In any case, I bid you farewell, and I’ll see you in the next tutorial.

The remainder of the tutorial videos can be found in this YouTube playlist:

You can also enroll in the course and download the videos for offline viewing:

https://jtdigital.teachable.com/p/hacking-free/

Subscribe on YouTube – https://www.youtube.com/c/JosephDelgadillo?sub_confirmation=1

Follow on Steemit – https://steemit.com/@jo3potato

If you find yourself needing assistance at any point throughout the tutorial series, feel free to enroll in The Complete Ethical Hacking Course Bundle for 1 on 1 help!

https://josephdelgadillo.com/ethical-hacking/

Below is a list of the courses included in the bundle:

The Complete Ethical Hacking Course for 2018!
http://bit.ly/2leW0j4
Certified Ethical Hacker Boot Camp for 2018!
http://bit.ly/2yKbler
The Complete Ethical Hacker Course: Beginner to Advanced!
http://bit.ly/2i3kirq
Build an Advanced Keylogger for Ethical Hacking!
http://bit.ly/2yMl3gI

Hello everybody and welcome to this follow-up tutorial. Today, I will show you how to install TOR itself. We’ll go through the installation procedure, and in order for us to do that we will need to use the new user that we have created, test.

First, we will need to switch users. In order for you to do that you need to log out, and in order for you to log out in Kali Linux just go ahead and click in the upper right corner where it says root, scroll down to switch user, and there we go. Excellent! It now says the active user is test. I’m already logged in as test because I have done this previously, but it’s going to prompt me for a password as well. So, just go ahead and type in the password for your user, press enter, very simple. There is a browser icon in the upper left corner, it’s blue, it’s a reliable browser. Go ahead and click on the icon, navigate to your favorite search engine, type in tor, press enter, and open the first site in the search results. It should read tor project: anonymity online. Make sure, absolutely make sure, that you are downloading this browser from the official source. In the browser it says “https”, make sure there is an “s” at the end. Make sure that the domain is correct as well, so torproject.org. It’s not .com, it’s not dot some country extension, it’s .org. Anyway, go ahead and click on download tor, and I need the 64-bit tor browser for gnu/linux. In case you’re using another operating system, over here you have it for Microsoft Windows, Apple OSX, etc. We are going to go ahead and use the Linux/UNIX version. There are some addition resources here on the site, you have forums, questions, FAQ, and some other things as well. I would strongly advise that you browse around the site for a bit. For the time being, I’m going to go ahead and click on download, yes I wish to save a file, and the download will proceed. It should only take about a minute or less to download.

What you do with tor is simply route your traffic to go through certain points, and every time it hops there is an encryption layer. It makes your connection very secure and there are these things that are called inner nodes. So, for example, you go from one computer, nodes are basically computers or servers through which you go, so you make a request to a certain website, and then your connection goes from your computer to some other computer, and then from that computer to some other, and so on and so forth, until it reaches the exit node. All of these devices are a part of the TOR network. Once it reaches the exit node, it is the exit node that actually makes the request for the site that you wanted. Basically, you are using a lot of proxies, that would be the very basic explanation, but there is a lot more to it. The encryption being the major part of it. So, there are multiple layers of encryption there and it is nearly impossible to figure out where a request is coming from, unless you are controlling these nodes, or something like that, which is highly unlikely. Basically, using the TOR network is a fantastic way of staying anonymous. You do not need to necessarily use the tor browser just to access the hidden web, rather instead you can use TOR to torrify, that is the term, to torrify your applications. Once you torrify them all of traffic generated by those applications will be routed through the TOR network, and you will be anonymous to a very large extent. Although, keep in mind that connections, all things using TOR, are very slow because your connection is being routed through a lot of devices, and there are a lot of people out there that are using those devices. Anybody can contribute, really. You can find additional information on the TOR official website.

In this particular tutorial I wanted to introduce you to TOR and show you the dark web. So, go ahead and click on the file you downloaded. It says reading archive please wait, excellent! I am going to extract it to test/desktop, so go ahead and proceed. Let’s see if it’s going to succeed. Extracting files from archive, don’t cancel it just quit it, excellent! Go ahead and open up this folder and start the TOR browser. Just go ahead and click on start tor browser, run, and this process might take a bit of time. Now you might ask yourselves, what is so special about this TOR browser? It looks like a regular internet browser. The TOR browser gives you the ability to access the .onion domains, and here’s how we do that. The first thing that I’m going to do is type in hidden wiki. The hidden wiki links to a large number of other .onion domains, to those of significance anyway, and it’s URL continuously changes. That is why I am searching for it in the video, as opposed to pre-loading it, primarily to show you how you can find it. It’s not really that difficult, you can just type it in to the search engine. So, let’s just go ahead and open up a couple of these websites. So here we have .onion domains, a list of them, quite a large list, but I’m not actually interested in those. Here it tells us that the hidden wiki has been hacked, this is the new URL, spread it. Don’t worry about this, this happens like all of the time. This is just one of those things that you have to learn to live with. I know it’s a bit inconvenient to have to search for the URL all of the time, but if you want to access the dark web things are not as stable as they are on the on the regular web. So it says, welcome to the hidden wiki, new hidden wiki URL added to bookmarks and spread it, excellent!

Let me explain where we are. This is a rather large list of links for .onion domains, as I said, and you have many different resources here. Some of them are illegal and we will not go into those, basically where you have people who are selling PayPal accounts, credit card numbers, and so on and so forth. That is not somewhere we should go. Perhaps, if you would like to check out if your PayPal has been hacked, or something like that, you can go on to those websites and search for it to see if it’s actually there. Other than that, I really see no other reason why you should visit them. There are also a lot of things concerned with the anonymity of payment online, so Bitcoin, prepaid cards, etc. Anyway, down below you have commercial services. I wouldn’t recommend buying anything that needs to be shipped to a physical address. They have an anonymity and security section. Here you have some things concerning proxies, the TOR network, etc. The primary purpose of why I am showing you how to access the hidden web is so you can use a large amount of these external resources during your pen-testing exercises. What we are mainly interested in are the forums. So you have forums, boards, chans, and so on and so forth. Let’s take a look at a few of them. Keep in mind that they tend to be down, that the URLs tend change, and this can be problematic. So let’s try BlackBook, HackForum…yeah, you see there’s a problem loading this page. This is not going to open. Hack The Planet, let’s see what they got there. The Intel Exchange, excellent! I think this is one of the better forums. Let’s go through these pages and see if we can find anything of use. We are in the intel exchange. This is one of the forums where you will need to register, but I mean nobody’s asking for your credit card information. Just fill in the basic information like your user name, password, how you wish to be addressed, and so on and so forth. You have general discussions, we don’t really want that, we have software, excellent! This is what we were looking for, software. So hacking, programming, TOR, and everything else about software. Let’s see what’s here. By the way, whatever code you download from these websites you will need to run within a virtual environment, or do not run it at all. I’m just going to go ahead and say that you should not run it on your regular machines, or on anybody’s regular machines, because that’s never a good idea. So, what do we have here? Best programming language for making an OS. Well, we don’t you really need that. That can be rather complicated. Down below, is it safe to download PDFs on TOR? You shouldn’t do that, you shouldn’t download anything on TOR that you will use on your regular machine. So we have some fairly silly things here which we will never use, but there are some very nice resources. We have IP address questions. So, what can you do with an IP address, and so on and so forth. I can’t open any of these because I’m not registered, but I have been on these forums and they can be quite useful. I don’t think I’ve been on this one in particular, but I have been on forums on the darknet, and you can find some interesting things that people have done, some interesting methods. Usually things tend to be published here first and then they hit the general public, or they regular web. We have keyloggers here. So you can find some information on keyloggers, how to use them, where to find them, but I was just reading the reviews mainly here, and the suggestions, and then figuring out where you download it. It is important to check if software is open or closed source. If it’s open source perhaps you can go to their website and download it from there and be safe in that manner. So that’s not a bad idea. You see hacking tools, SQL injections, operating systems for hacking, root kits, and so on and so forth. You have a ton of information here which I would strongly recommend you explore. Do not do anything illegal, just go ahead and visit the forums and see what sort of information can you extract from it. That’s all. In any case, this will conclude the tutorial here. I hope you find the dark web to be a useful asset in your pen-testing career, or your pen testing activities in general. I believe it is. You can find a lot of useful things as I keep restating. The connections can be rather slow, but it is safe to install the TOR browser on your regular machine so long as you download it from the official site, which is torproject.org, under the https protocol. In any case, I bid you farewell, and I hope to see you in the next tutorial.

The remainder of the tutorial videos can be found in this YouTube playlist:

You can also enroll in the course and download the videos for offline viewing:

https://jtdigital.teachable.com/p/hacking-free/

Subscribe on YouTube – https://www.youtube.com/c/JosephDelgadillo?sub_confirmation=1

Follow on Steemit – https://steemit.com/@jo3potato

If you find yourself needing assistance at any point throughout the tutorial series, feel free to enroll in The Complete Ethical Hacking Course Bundle for 1 on 1 help!

https://josephdelgadillo.com/ethical-hacking/

Below is a list of the courses included in the bundle:

The Complete Ethical Hacking Course for 2018!
http://bit.ly/2leW0j4
Certified Ethical Hacker Boot Camp for 2018!
http://bit.ly/2yKbler
The Complete Ethical Hacker Course: Beginner to Advanced!
http://bit.ly/2i3kirq
Build an Advanced Keylogger for Ethical Hacking!
http://bit.ly/2yMl3gI

Hello everybody and welcome to this tutorial. Today, I will open up a chapter on how to stay anonymous.

So, there are several methods that you can use. First off, you’ve probably heard of proxies. Proxies route your connection through several different points. This can be very slow depending on the speed of the proxies, and you also know nothing of the other side. You know nothing of the server’s through which your packets are going. If you’re using proxies to log in somewhere with your password credentials that is potentially dangerous, and you should not do that. The other option is to use a VPN service to encrypt your traffic. A VPN can be very fast, especially if you use a reputable provider. A yearly subscription will cost you around $100, and a monthly subscription is roughly $10. You will get a dedicated VPN, static IP address, and you shouldn’t notice any delays with your connection to the internet. Furthermore, your traffic is encrypted, and the only way to lose anonymity is if the VPN service provider relinquishes your information. However, this does not happen often, especially if you get a VPN in certain parts of the world where they value privacy. What we are going to be using VPNs and proxies for is to bypass firewall settings, or firewall limitations.

Here’s a real-life example that people are using pretty much on a daily basis. Netflix, for example, has a certain range of IP addresses from which it allows connections. So, if you are elsewhere in the world, and \do not belong to that IP address range, it will not allow you to view anything on the website. However, if you use a proxy, a good one, or if you use a VPN, you will be able to access the site as though you were coming from the country which falls within the IP address range list. That’s just one of the common examples for why people use VPNs. Not exactly legal, but people have been doing it. It’s not exactly harmful, you’re not taking servers down, or something like that. People use VPNs in order to watch Netflix from a cell phone while they’re traveling, or something like that. In any case, there are numerous other examples of when you want to bypass certain firewall settings. For example, if you have a certain server whose traffic is mainly generated from a single area, from a single country, and you do not want to be, for example, scanning from an IP address in China. A network administrator would see that IP address and they will know that it’s an anomaly of some sort, and that it doesn’t belong there. This will draw unnecessary attention to yourself. You want to be accessing the server from where all the other users are.

In any case, that is what we shall be doing in this chapter, but for the time being, for this tutorial, I want to show you how you can access the dark web, or the hidden web, whatever you wish to refer to it as. Now rumor has it that the dark web is a lot bigger than the regular internet, that there’s a lot more information there. To access it you will need to install the tor browser, and with the tor browser you will be able to access the darknet. It is not installed by default on Kali, and this is one of the rare situations where we will actually need a different user other than root in order to be able to do anything with tor, in order to be able to start it. So, first off, I’m going to go ahead and create a new user. Open up your virtual machine, you see mine is already opened up here, and I have my terminal up and running here. Just open up your terminal and type in the following commands. First off, we need tor. I will explain what tor is in a moment, but you just type in apt-get install tor -y, and press ENTER. You will of course need an active internet connection to install the software. The -y argument in the command simply tells the system to answer “yes” to any prompts within the setup. Let’s just go ahead and clear the screen.

The next thing that we need to do is create a new user. Go ahead and type in the command adduser. Just a key note here, there is also a command called useradd. Do not use this command for the time being because it causes some unnecessary complications. So just go ahead and type in adduser, and now you can name your user whatever you wish. You cannot use capital letters if I remember correctly, that’s the rule in Debian systems, so I’m just going to call my user test. It says adding user test, adding new group test, adding new user test with group test. It will also create a home directory for that user. You will need this folder because we are going to be doing things here which you cannot do with root. Now go ahead and type in your password here. It doesn’t show anything when you type because that’s the standard way of UNIX passwords, in order to prevent anybody from seeing the length of your password on the screen. Go ahead and press Enter. Now you are prompted here for some information in regards to that user. Completely irrelevant for our purpose today, so we don’t type in the full name, room number, work phone, home phone, other, etc. Press ENTER, and there we go. We have just effectively created our new user, test, to which we need to login, and then from there conduct our work. Now a key thing to note here is that even though there is a way of configuring the tor browser to run as root, don’t. It’s not even a good idea to browse the Internet as a root user. If you pick a virus up, any sort of malicious code, it’s going to run as root. Not good, even if it is a virtual machine. I don’t want you to develop any bad habits. Otherwise, we will be using the root user throughout the majority of the course. All of the pen-testing tools require, more or less, root permission. Anyway, I will cut the tutorial here, and I’ll see you in the second part of it.

The remainder of the tutorial videos can be found in this YouTube playlist:

You can also enroll in the course and download the videos for offline viewing:

https://jtdigital.teachable.com/p/hacking-free/

Subscribe on YouTube – https://www.youtube.com/c/JosephDelgadillo?sub_confirmation=1

Follow on Steemit – https://steemit.com/@jo3potato

If you find yourself needing assistance at any point throughout the tutorial series, feel free to enroll in The Complete Ethical Hacking Course Bundle for 1 on 1 help!

https://josephdelgadillo.com/ethical-hacking/

Below is a list of the courses included in the bundle:

The Complete Ethical Hacking Course for 2018!
http://bit.ly/2leW0j4
Certified Ethical Hacker Boot Camp for 2018!
http://bit.ly/2yKbler
The Complete Ethical Hacker Course: Beginner to Advanced!
http://bit.ly/2i3kirq
Build an Advanced Keylogger for Ethical Hacking!
http://bit.ly/2yMl3gI

Hello everybody and welcome to this tutorial. Today, I will continue from where I left off in the previous video. Now if you remember we issued the apt-get update and apt-get upgrade commands that took a bit of time to finish and process. I was prompted once, I was given a readme file in regards to the wget packet, and the way you handle it is you press Q to exit. You do not close the terminal and terminate the updates, you just press Q to exit the readme file, and the update process will continue without any problems.

Now we need to configure the sources list. These are the list of repositories from which your Linux distro actually pulls various packets and information from. If you go onto the Kali Linux website, you will find links to the official repository list:

https://docs.kali.org/general-use/kali-linux-sources-list-repositories

To manually add the repositories in Kali Linux, open up terminal, type in cd /etc.apt/, ls, and you will see sources.list. Go ahead and type nano sources.list, press ENTER, and you are now in the repository file. This is where they are listed, this is where you can add/remove them. So let’s go ahead and copy these two. Duplicate repositories are not going to break anything. The system is smart enough to realize that for itself. Just copy all four of them, press Ctrl + O, Enter, Ctrl + X to exit, and there you go. So, once again, Ctrl + O to save a file, so press Ctrl + O, Enter, and then Ctrl + X to exit. Excellent! Go ahead and clear your terminal. Now we need to enter apt-get update. So we’re not upgrading the system, we’re just updating the repository lists. This should go through relatively fast, and at the end it is most likely going to report duplicates, but that is fine. Why are we doing this? Well, we do need these repositories in order to install the necessary headers for the Kali Linux kernel, which we will need in order to install VirtualBox guest additions. If we continue to work in this smaller screen it wouldn’t be ideal, trust me. We’re going to be multi-tasking, we’re going to have multiple windows open, and a small screen would present difficulties. We received an error. It’s a w, so it’s a warning. It says duplicate sources.list, duplicate sources.list, duplicate sources.list, no big deal. We can correct these problems later on, if we wish, but for the time being there is no need. Let me just go ahead and clear the screen.

Now what we need to do is install two more packages which will allow us to install and run VirtualBox guest additions. I have a prebuilt command here that I’m going to run. You have apt-get, you’re calling the packet manager, you’re telling it to do an update. Since we already did a few updates, I don’t actually need that portion of the command. I’m just going to go ahead and use apt-get install -y, and then I have dkms, that’s one package. And then I have another package, because you can specify multiple packages here, and then I have linux-headers- This is a variable, this dollar sign, this is some sort of variable, a string, and whatever this command uname -r outputs will be stored into this variable, and it will be added to this text line here. So let me just show you. I have uname -r that I ran here on my terminal, and what I got was the kernel version and the system architecture, 64 or 32 bit. I’m going go ahead and press Enter. There is nothing to do as I have previously installed them. I didn’t want to waste time during this tutorial. This command should process without any problems. The -y argument tells your packet manager to answer any questions with yes. I’m going to go ahead and run apt-get upgrade, and let me clear the screen.

Let’s proceed with he VirtualBox guest additions installation. Go ahead and click on devices, insert the guest additions CD image, and there we go. This is a warning of the Kali Linux issues, and the many other Linux operating system issues. If you have content that is on a CD, or a USB, or something like that, and if it’s configured to run automatically, the system will block it, and then it will ask you for permission to run it. So, the medium contains software intended to be automatically started. Would you like to run it? I’m going to go ahead and click run and most likely get an error. There we go, error autotorunning software, cannot find the autorun program. Now the error message, yeah, it doesn’t really tell us much in this case. I suppose we could take a look at the log files, but here is the solution which you can apply as this is a common problem that people encounter. So just go ahead and type cd in the terminal to change the working directory. Navigate over to where the VirtualBox guest additions CD is, you can use the same path that I’m using. So, media and then ls, and cd cdrom0/. So we are now here, and I have a listing of pretty much all of the contents of the CD. This is a virtual CD, it’s not a real one, but it works pretty much the same. So this is the file that I want. I want to move it from here, so I’m just gonna go ahead and use the command co. You can also use the move command, but you’re permanently going to remove it from here, and that is not what we want to do. So just type in cp for copy, type the name of whatever you wish to copy, very simple, and then specify the path to where you want the file to be copied. I want it to be copied in my home directory. Press ENTER, and there we go. Now navigate over to your home directory, get a listing, there it is. To run a script in Linux, any executable file in general, type ./ and then the name of that file, press Enter. There we go, it is running. The guest additions are being installed. I have attempted this process before just to make sure everything would run smoothly, and that’s why it says removing existing things. Anyway, it might take a while for it to finish, but I assure you it will. There is a lot of things to do, and that’s why it’s taking a bit more of your time. Now aside from the full screen functionality that we’re going to get by installing VirtualBox guest additions, just in case you think it’s a bit of a pointless effort if you are a student, you also have other devices, drag-and-drop, and shared clipboard. What are these? Well, drag and drop, the name itself is self-explanatory. You just pull a file from somewhere and then pull it onto your virtual machine, or vice versa, but I don’t like to enable drag-and-drop. What I do like to do is enable shared clipboard, host to guest. Now, here’s why. I use my web browser on my host to watch YouTube videos, and you don’t want to bother with installing flash on Kali Linux, it can be problematic. So, host guest copy pasting is very useful and you will need it, I assure you. There is a shared folder settings. You can either construct a shared folder or you can have a localized web server on both machines where you can pull the information from, and put the information there if configured properly, but shared folders are better for such purposes. Anyway, you can view what has happened here, it has been listed here. The most important part of it all is that you don’t have any reports of anything failing. Let’s go ahead and type reboot in terminal and press Enter. Let me just load the full screen, and let us see if it will actually happen, if the VirtualBox guest additions that we have installed will work. If they do work, great. If they don’t, we’re going to have to try something else, as these things do have a tendency to break. Okay, I need to login first to root, and test below, excellent, there we go. I have a full screen, and the image is being adjusted, excellent! So we have Kali Linux now running in full-screen mode which is fantastic. If you were using KaliLinux as your main machine, as your host machine, you wouldn’t need to bother with install guest additions. But, as I stated previously, it is not recommended.

In any case, that will be it for this tutorial. These are pretty much all of the preparations that you needed to make, and next up we’re going to get into the Linux command line interface. I need to acquaint you with it. Even though we have covered aa few of the commands, they are a very small portion of what we need to learn, and I do need to explain them in greater depth. And with that I bid you farewell, and sincerely hope to see you in the next tutorial.

The remainder of the tutorial videos can be found in this YouTube playlist:

You can also enroll in the course and download the videos for offline viewing:

https://jtdigital.teachable.com/p/hacking-free/

Subscribe on YouTube – https://www.youtube.com/c/JosephDelgadillo?sub_confirmation=1

Follow on Steemit – https://steemit.com/@jo3potato

If you find yourself needing assistance at any point throughout the tutorial series, feel free to enroll in The Complete Ethical Hacking Course Bundle for 1 on 1 help!

https://josephdelgadillo.com/ethical-hacking/

Below is a list of the courses included in the bundle:

The Complete Ethical Hacking Course for 2018!
http://bit.ly/2leW0j4
Certified Ethical Hacker Boot Camp for 2018!
http://bit.ly/2yKbler
The Complete Ethical Hacker Course: Beginner to Advanced!
http://bit.ly/2i3kirq
Build an Advanced Keylogger for Ethical Hacking!
http://bit.ly/2yMl3gI

Hello everybody and welcome to this tutorial! I have the Kali Linux machine running. I left the installation process in the last tutorial because it was, quite frankly, pointless to just sit and wait through it, and wait for it to complete. The Kali Linux installation tends to be a bit longer than the installation of other Linux operating systems because of the prepackaged tools that come with it. However, there were a few screenshots that I have taken which show some of the options that you were given throughout the installation process.

So, there were three options given during the installation. I’m just going to go ahead and open them up here. So, the first one was, do you want to use a network mirror to supplement the software that is included on the CD-rom? This may also make newer versions of software available. I said no because I’m going to do an update as soon as I finish the installation process, and as soon as I configure everything in a proper way. No, I do not want to use any mirrors. I’m going to say no and go ahead and proceed with the installation. So, next up is the grub bootloader. So it is asking me, do you want to install the grub boot loader to the Master Boot Record? Yes, I do. Just click on it, as this is the only operating system on this machine, on this computer. There is nothing that I can mess up by installing the grub boot loader to the Master Boot Record, of the first hard drive, as it is stated here in the instructions. You can use the grub bootloader in order to configure dual boots, or you can put three, four, five operating systems, as many as you like, as many as your hardware can support. Not at the same time of course, but at boot time you will be prompted and asked which operating system you wish to boot. That’s also one of the options that you can have with grub. There’s a final step, it simply states that the installation is complete. If you have used a CD to complete this installation, or a USB, you will need to remove that media and reboot the system, in order for all of this to function. So, that is it. I was prompted with those three very simple questions, and you have the answers here. Just go through them, it will not make much of a difference in the final account of things.

Go ahead and close this, and now I’m going to go ahead and login into my Kali Linux virtual machine. So the username is…this is actually one of the rare occasions where I log into the GUI with root. But, as you can see, as you will soon realize, in Kali Linux everybody just logs in with root. You are not using Kali Linux to browse the web, you are usually using it, 99% of the time, to perform some sort of an attack. And for all of those tools you need to, pretty much for all those tools, you need to be a root user, or have root privileges. Most of the time, there’s no point in having any other users on a Kali Linux distro. So, type in root, press Enter, password was test, press Enter. Your password is whatever you created during the setup. Okay, first I need to do a few things, like updates, in order for me to be able to install VirtualBox Guest Additions. Guest Additions will enable us to use full screen and the shared clipboard, etc. Let me just go ahead and change this. Open up my terminal. Set the view. This is non-technical stuff, this you can configure any way you would like. I’m just zooming it in for the purposes of this tutorial, so that you may see the screen better. But, before we can do updates, before we can do anything, we must verify that we have connectivity to the Internet. So, ping yahoo.com. Nothing is happening. So I cannot ping yahoo.com, meaning that I don’t have access to the external network. I cannot access the Internet. That’s a pretty big problem because pretty much whatever we do will need Internet connectivity for it in order to download packets from the repositories, to perform updates, and to conduct possible scans. So just go ahead and click on devices, find network, network settings, and here you can see by default it will be set to NAT. But, you don’t want NAT, you want bridged adapter, and you want to choose your adapter here. Mine is p8p1, see what yours is, and click allow VMs, virtual machines. So, OK, if you don’t know what the adapter on your machine is, and you are using a Linux system, just go ahead open up your terminal and type in ifconfig. Here you will be able to see a listing of adapters that you have. So you have lo which is loopback, you have p8p1 which is my ethernet connection, this is for some virtual machines as well, and I have wlp2s0 which is my wireless interface. So I know that for a fact that I’m using p8p1, because my network manager tells me that I am. You see connected to p8p1. This is also a better way of actually checking what you are connected to, which adapter you are using. So just open up your network manager in the upper right corner, and p8p1 says connected. Your network managers position can vary depending on how you configure your system. By default it will be in the bottom right corner, but that is easy enough to find either way. Let’s just go ahead and close this terminal. Now we know that we have actually configured our network. But, still, I’m pretty sure I won’t have internet connectivity. Let me just try pinging again, and you see it is simply not working. So let’s just go ahead and check the Kali Linux network manager, and it says wired network but device not managed. That can be a problem, and that is a general problem which you will face with wired interfaces pretty much all of the time. There’s a relatively easy fix to it. You just navigate over in the terminal, type in cd, which stands for change directory, to /etc/NetworkManager. Let’s see what’s in it. We have NetworkManager.conf. I’m going to go ahead and type in nano, which is the text editor that I’m going to be using, and then type in NetworkManager.conf. Press Enter, there we go. It opens up the configuration file. You do need to be root in order to make any changes here. It says main plugins ifupdown, keyfile, ifupdown, managed = false. So where it says “false” just delete this and replace it with “true”. Ctrl + O to save, press Enter, Ctrl + X to exit. Now we need to actually restart our network manager. So just go ahead and type in service network, there we go network manager, restart. Stopping and starting, excellent! Connection established. You are now connected to if updown eth0. Let’s check the connectivity. So ping yahoo.com, excellent! So now we have Internet connectivity. These steps here are quite important. Not so much for the ethical hacking as they are to actually setting up the environment. Setting up the environment itself can be troublesome, you can encounter multiple problems, bugs, etc., and then instead of having to go from one forum to the other trying to find the solution, you can just go through this tutorial. Pay attention and I will show you how to resolve pretty much all of the issues that you might encounter. I myself am doing a fresh install here, and I would be encountering the same problems that anybody else would, and I would like to go over them. More likely than not, if you are performing a virtual machine installation, you will encounter similar problems as I have. Although, should you encounter any other problems please, please feel free to post questions, and I will be more than happy to provide any answers that I can. So let’s just go ahead and clear the screen.

Now that we have Internet connectivity, I would like to perform some necessary updates. Believe me, you need to perform regular updates of the system because you will find that certain things will not work after a while. So let me just change the directory, clear the screen again, type in apt-get update. So I could do this with one command in Fedora, but here I’m going to need two of them. So it’s picking up things from the repositories, excellent! Now I need to type in apt-get upgrade, press Enter, and you see it says after this operation 73 megabytes of additional disk space will be used. That is quite a bit in terms of updates. I mean look at all of the packages, these are all the packages that are going to be updated. The list goes on and on. So, anyway, just type in yes, you don’t actually need to type in a capital Y, you can just type in y, press ENTER, and the update process will begin. Now depending on your internet internet connection, this might take shorter or longer amounts of time. I will leave it here until the updates actually finish, because I don’t want to be standing here in front of the screen. But in any case, these updates will be completed. You’re not going to be posed with any questions like in the Kali installation process. You might be notified of some things, a screen might pop up with some text, that’s perfectly fine. You can read through it and then close it. Those are readme files specifying the characteristics of certain packages and what has been upgraded. Later on, if you wish, you can do further exploration and actually discover what each of these packages contains. In any case, we will continue this process in the follow up tutorial. Until then, I bid you all farewell.

The remainder of the tutorial videos can be found in this YouTube playlist:

You can also enroll in the course and download the videos for offline viewing:

https://jtdigital.teachable.com/p/hacking-free/

Subscribe on YouTube – https://www.youtube.com/c/JosephDelgadillo?sub_confirmation=1

Follow on Steemit – https://steemit.com/@jo3potato