Basic Security Testing with Kali Linux Giveaway Contest

Want a chance to get a signed copy of my latest Kali Linux book? I am giving away a total of 10 signed copies of “Basic Security Testing with Kali Linux, 3rd Edition”!

Simply follow, like and share this article, or my official Twitter or Instagram announcement, for a chance to win a signed copy of my new book!

10 lucky winners will be randomly selected on October 31st.

The Contest is for those living in the United States only. I may do another one for international readers in the future.

Liking this article & sharing the Official Contest announcements on Twitter and Instagram will increase your chances of winning.  Winners will be notified on October 31st. If a winner cannot be notified or does not respond by the end of the first week of November, another winner will be picked.

Good luck!

 

Advertisements

Book Errata & Updates

List of Updates and Bug Fixes for “Basic Security Testing with Kali Linux, 3rd Edition”:


Webdelivery PowerShell Reverse_tcp Shell not Working


There is currently a Metasploit WebScript PowerShell issue in 2018.3 that prevents the reverse_tcp shell from being created.

Recommended Fix – Download and use Kali Linux 2018.2 for the book.

The Image for 2018.2 can be found at https://cdimage.kali.org/kali-images/kali-2018.2/. Note: If you update 2018.2, it will pull down the current version that has the bug.

The effected Metasploit versions seem to be Framework v4.17.5-dev through Framework v4.17.9-dev. Earlier versions work fine. Both Kali Linux and Metasploit have been notified of the issue.

https://github.com/rapid7/metasploit-framework/issues/10502

New Book Overview: “Basic Security Testing with Kali Linux, 3rd Edition”

My newest book, a cover to cover update of my Basic Kali book is now available! After numerous requests for an update, the new “Basic Security Testing with Kali Linux, 3rd Edition” is here!

What was intended to be a quick version change update, turned into a 6-month overhaul. It is amazing how much can change in the security world in 2 years. All chapters have been revamped, with a lot of new material added. The latest book is also 50 pages longer than the previous version!

What’s New:

  • The entire book was updated to Kali Linux 2018
  • All tools & tutorials updated
  • Obsolete tools removed
  • Many new tools added
  • Password Cracking section expanded
  • Kali on RPi chapter totally revamped
  • Kali NetHunter chapter added

Table of Contents List:

I was going to use Metasploitable3 for the Windows target in this book, but with the install complexity (and install issues) of Ms3, I decided to stay with Windows 7. I also occasionally use Windows 10 as a test target and Server 2016 is mentioned a few times as well. I will most likely use Ms3 for the upcoming advanced book. Metasploitable2 is still used for some of the Linux tutorials, as it is very easy for new users to use and follow.

The Basic Kali book is used by Universities, Training Centers, and in Ethical Hacking classes worldwide. It is also used as a training aid for multiple US Government Agencies. I have also been told numerous times that my Kali series is excellent prep material for the OSCP certification. The book is now in its third revision, with major changes made from user feedback and requests.

I have been completely shocked and humbled by the popularity of a book that was originally written as an extension of my blog posts and has evolved into a worldwide basic training guide for the exceptional Kali Linux ethical hacking platform. This continuing project would have never been possible without the flood of support and feedback from the infosec community. I am very excited to present this new version to the community and look forward to hearing your feedback and comments.

Check it out on Amazon.com.

Thank you so much for your continued support!

Finding Spy Bugs with an RTL-SDR & Salamandra

With the explosion of Internet of Things (IoT) devices, and some hardware now being banned from certain facilities due to spying concerns, it would be nice if there was an easy way to scan your office to see if there are any hidden microphone “spy” devices.

Salamandra is a tool to detect and locate spy microphone devices in closed environments. Usually the “Spy” microphones you can find online will record audio and then re-broadcast it at a certain frequency. Salamandra displays any detected microphone type devices along with its broadcasting frequency. Using a displayed signal strength, it is possible to find the general location of the device.

In this article we will use Kali Linux, an RTL-SDR (I used a NooElec Nesdr Smart with the included extendible antennae), and Salamandra.

Installing RTL-SDR software

On the Kali system, connect your RTL-SDR card. Open a Terminal window and install rtl-sdr:

  • apt install rtl-sdr

Spy_Microphone_SDR1

  • Run “rtl_test” to make sure Kali correctly sees the card.

You should see an output as below:

Spy_Microphone_SDR2

  • Press “Ctrl-c” to stop test.

Installing Salamandra

Tool authors: Sebastian Garcia, Veronic Valeros
Tool Website: https://github.com/eldraco/Salamandra

Download Salamandra with git clone:

Spy_Microphone_SDR3

Change to the Salamandra directory.

You will need to install “pygame” as it is required by Salamandra and is not installed by default in Kali:

  • pip install pygame

Spy_Microphone_SDR4

Now, just run Salamandra with the recommended options:

  • ./salamandra.py -t 0 -a 100 -b 200 -s -S

Spy_Microphone_SDR5

Salamandra will then automatically detect any RF bugs it can find. The display includes the frequency and the signal power. Power is displayed by “#” signs. The stronger the signal, the more “#” signs that will be shown:

Spy_Microphone_SDR6

  • Press “q” to quit.

Listening to a Detected Signal

Now that you have the frequency of the bug, you can listen to and/or record it using Gqrx.

To install Gqrx:

  • apt install gqrx

Spy_Microphone_SDR7

Now run the program:

Spy_Microphone_SDR8

On the “Configure I/O devices” screen, select your device. Mine was the Realtek RTL2838UHID device, as seen below:

Spy_Microphone_SDR9

You may want to drop your sampling rate if you have any issues.

When you click “OK”, you will then see the main Gqrx program interface. Just hit the “Play” icon in the upper left corner to turn it on, and then select your frequency by clicking on the large frequency numbers on the top of the screen:

Spy_Microphone_SDR10

Picking a live radio station (as shown above) is usually the best way to figure these programs out if you are not familiar with them.

Change your mode to the correct signal type. Usually it is one of the FM signals (WFM, NFM). Click in the middle of the graphical signal wave to put the red line in the middle of the highest peak. Then drag the sides to the right and left of the signal slopes, as seen above.

And that is it! If you have the correct settings you should have audio.

  • Now that you know it works using a radio station, tune in to the frequencies that were detected by Salamandra

You may need to play with the setting some to get a clean signal. Most likely there may be nothing there, it may be picking up your headset microphone or something else. But it is very good at picking up analog listening devices.

To Record Signal

In Gqrx, hit “Rec” at bottom right to record.

  • The file will record and save in the “Root” folder.

You can hit the Play button in Gqrx to listen to the file that you just recorded. You could also install a program like Audacity to listen to the saved file.

Conclusion

In this article we covered how to use an SDR-RTL device as a bug scanner. With Internet of Things type devices becoming more common place in the home and office, it isn’t a bad idea to scan to see if any of these may have a built-in microphone. For more information on the tool, see RTL-SDR’s article, which includes a link to a white paper written by the tool authors.