Kali Linux 2019.1 Released - What's new?

Since the first release in 2013 with 1.0.0, Kali Linux has updated 24 different versions (in this time) with many upgrades and bug fixes. You can read Kali Linux Release History below:
 * Kali Linux 2019.1 – 18th February, 2019 – The First 2019 Kali Rolling release. Read details here.
 * Kali Linux 2018.4 – 29th October, 2018 – The Fourth 2018 Kali Rolling release. Read details here.
 * Kali Linux 2018.3 – 27th August, 2018 – The Third 2018 Kali Rolling release. Read details here.
 * Kali Linux 2018.2 – 30th April, 2018 – The Second 2018 Kali Rolling release. Read details here.
 * Kali Linux 2018.1 – 6th February, 2018 – The first 2018 Kali Rolling release. Read details here.
 * Kali Linux 2017.3 – 21st November, 2017 – The third 2017 Kali Rolling release. Read details here.
 * Kali Linux 2017.2 – 20th September, 2017 – The second 2017 Kali Rolling release. Read details here.
 * Kali Linux 2017.1 – 25th April, 2017 – The first 2017 Kali Rolling release. Read details here.
 * Kali Linux 2016.2 – 31st August, 2016 – The second Kali Rolling release. Read details here.
 * Kali Linux 2016.1 – 21st January, 2016 – The first Kali Rolling release. Read details here.
 * Kali Linux 2.0 – 11th August, 2015 – Read details here.
 * Kali Linux 1.1.0a – 13th March, 2015.
 * Kali Linux 1.1.0 – 9th Febuary, 2015 – Read details here.
 * Kali Linux 1.0.9a – 6th October, 2014 – Read details here.
 * Kali Linux 1.0.9 – 25th August, 2014 – Read details here.
 * Kali Linux 1.0.8 – 22nd July, 2014 – Read details here.
 * Kali Linux 1.0.7 – 27th May, 2014 – Read details here.
 * Kali Linux 1.0.6 – 9th January, 2014 – Read details here.
 * Kali Linux 1.0.5 – 5th September, 2013.
 * Kali Linux 1.0.4 – 25th July, 2013.
 * Kali Linux 1.0.3 – 26th April, 2013.
 * Kali Linux 1.0.2 – 27th March, 2013.
 * Kali Linux 1.0.1 – 14th March, 2013.
 * Kali Linux 1.0.0 – 13th March, 2013.

And now, Offensive Security has released Kali Linux 2019.1 with many upgrades and bug fixes. So what's new in Kali Linux 2019.1?

Metasploit Framework newest and many tool upgrades
root@kali:~# msfconsole 

     ,           ,
    /             \
   ((__---,,,---__))
      (_) O O (_)_________
         \ _ /            |\
          o_o \   M S F   | \
               \   _____  |  *
                |||   WW|||
                |||     |||


       =[ metasploit v5.0.2-dev                           ]
+ -- --=[ 1852 exploits - 1046 auxiliary - 325 post       ]
+ -- --=[ 541 payloads - 44 encoders - 10 nops            ]
+ -- --=[ 2 evasion                                       ]
+ -- --=[ ** This is Metasploit 5 development branch **   ]


msf5 >
   Metasploit Framework 5.0 is a massive update that includes database and automation APIs, new evasion capabilities, and usability improvements throughout. Check out their in-progress release notes to learn about all the new goodness.
   Kali Linux 2019.1 also includes updated packages for theHarvester, DBeaver, and more. For the complete list of updates, fixes, and additions, please refer to the Kali Bug Tracker Changelog.

ARM Updates: The 2019.1 Kali Linux release for ARM includes the return of Banana Pi and Banana Pro, both of which are on the 4.19 kernel. Veyron has been moved to a 4.19 kernel and the Raspberry Pi images have been simplified so it is easier to figure out which one to use. There are no longer separate Raspberry Pi images for users with TFT LCDs because we now include re4son’s kalipi-tft-config script on all of them, so if you want to set up a board with a TFT, run kalipi-tft-config and follow the prompts.

Download or Upgrade to Kali Linux 2019.1
   If you would like to check out this latest and greatest Kali release, you can find download links for ISOs and Torrents on the Kali Linux Downloads page along with links to the Offensive Security virtual machine and ARM images, which have also been updated to 2019.1. If you already have a Kali installation you’re happy with, you can easily upgrade with the following command:
   apt update && apt -y full-upgrade

Ensuring your Installation is Updated
   To double check your version, first make sure your Kali Linux package repositories are correct.
root@kali:~# cat /etc/apt/sources.list
deb http://http.kali.org/kali kali-rolling main non-free contrib

   Then after running apt -y full-upgrade, you may require a reboot before checking:
root@kali:~# grep VERSION /etc/os-release
VERSION="2019.1"
VERSION_ID="2019.1"
root@kali:~#
root@kali:~# uname -a
Linux kali 4.19.0-kali1-amd64 #1 SMP Debian 4.19.13-1kali1 (2019-01-03) x86_64 GNU/Linux

   If you come across any bugs in Kali Linux, please open a report on their bug tracker. Offensive Security will never be able to fix what they don’t know about.

Download Kali Linux

From Kali Linux

Parrot Security OS 4.5 Stable Release!

Dropped 32bit architecture images for Parrot Security OS
      We are in 2019 now, and computers that are not capable of running 64bit and complex applications operating system are mostly old, legacy computers. To add to that, many programs and frameworks are no longer available for 32bit x86 systems.

   Parrot Team has released 32bit (i386 Architecture) images since the beginning of the project, and we worked hard to provide fresh binary updates for the i386 architecture for a long time; However, 32bit-only computers are no longer capable of running a full pentest campaign or providing hardware-accelerated support to our security protection systems.

   Parrot Security OS 4.5 no longer provides any live ISO files for the i386 architecture, even if it is still supported by our repository and our netinstall images. We are slowly planning to drop support for it in the future.

   NOTE: 32bit deprecation does not affect our ARM support, and armhf architecture is still fully supported.

Virtual Appliances of Parrot Security OS

   Parrot Team has released official docker templates for parrot many months ago, and they proved to be a turnkey solution to bring a full parrot pentest stack on top of any operating system supported by docker.

   They released official docker templates for Parrot Security OS many months ago, and they proved to be a turnkey solution to bring a full parrot pentest stack on top of any operating system supported by docker.

   The next step that comes with Parrot Security OS 4.5 is the release of desktop virtual appliances in the OVA format that can be imported in VirtualBox, VMWare and other famous virtualization environments.

   These virtual environments are still experimental, and even if they are the perfect solution to give Parrot Parrot Security OS 4.5 a try and experiment with it, we still recommend a full custom installation from the ISO files for best chances of being supported and easier configuration and troubleshooting.

Linux kernel 4.19 on Parrot Security OS
   Linux kernel 4.19 is the default kernel in Parrot Security OS 4.5, and this new kernel version was already packaged by following our new kernel distribution policy implemented for Parrot Security OS 5.0 LTS.

   Parrot Team has a plan to support 2 Linux kernel branches, a stable kernel and a testing kernel, and provide updates for both. Linux kernel 4.19 is part of our testing branch, while the first release of the stable branch will be released with Parrot Security OS 5.0 itself.


   Read the full PSC here: psc 2 - linux kernel versioning convention

Metasploit Framework 5.0
   Metasploit 5.0 was released with many new important features that we immediately imported and tested for our users.

   Parrot Team absolutely loved the new evasion modules, the opportunity to write shellcode in C, the new search engine, the integrated web services or the json-rpc daemon, and we wanted to offer quick access to this awesome framework through this new Parrot Security OS release.

Better Dev Tools on Parrot Security OS 4.5
   We improved our metapackages for developers, and setting up an advanced development environment for several programming languages and frameworks is now easier than ever:

   parrot-devel: It is pre-installed in Parrot 4.5 and provides the following tools:
    * vscodium - an advanced and extensible text editor.
    * zeal - an offline documentation downloader and browser.
    * git-cola - a graphic client to GIT.
    * meld - a graphic patch inspector.
    * tora - a graphic database frontend compatible with several database backends.

      These packages are included in the metapackage by using the “Recommends” apt directive, and they can be removed individually without triggering the removal of the whole parrot-devel metapackage. The metapackage also recommends the installation of parrot-devel-tools. Using these following commands to install parrot-devel:
      sudo apt update
      sudo apt install parrot-devel

   parrot-devel-tools: It is recommended by parrot-devel and pre-installed in Parrot Security. It provides some useful compilers and interpreters for the most used languages and provides the following packages:
    * GCC/G++ - a compiler collection for C, C++ and other languages.
    * python3 - the cpython interpreter for the python 3.6 and 3.7 language.
    * ruby - the official ruby lang interpreter and basic toolkit (includes irb and ri as well).

      The package also recommends the following packages, that can be safely removed without triggering the removal of the entire parrot-devel-tools metapackage:
    * default-jdk - the latest Java OpenJDK distribution for Java 11 (both JDK and JRE).
    * cython3 - a compiler for the cython language, a strongly-typed dialect of python for efficient code.
    * rust/cargo - the rust compiler and devel tools and its package management system.
    * valac - the vala c compiler.
    * mono-devel - the development tools for the MONO framework, an open source implementation of .NET.
    * mono-runtime - the runtime of the MONO framework compatible and interoperable with the latest .net runtime.
    * php-cli - the PHP 7.3 language plus its command line interface and some useful core libraries.
    * perl6 - the PERL 6 interpreter and core libraries.

      Using these following commands to install parrot-devel-tools:
      sudo apt update
      sudo apt install parrot-devel-tools

   parrot-devel-extra: The parrot-devel-extra metapackage is a quick way to install many additional development utilities like advanced IDEs, additional languages, debuggers and extra tools:
    * golang - go language compiler and runtime
    * nodejs - node.js framework
    * npm - node.js package manager
    * atom - advanced and extensible editor by github
    * qtcreator - powerful C, C++ and Qt/QML IDE and debugger.
    * kdevelop - advanced general purpose IDE by KDE.
    * edb-debugger - graphical debugger.
    * jad - Java decompiler.
    * nasm - powerful general purpose x86 assembler.
    * radare2 - advanced command line hexadecimal editor.
    * cmake - cross-platform, open-source make system.
    * valgrind - nstrumentation framework for building dynamic analysis tools.
    * devscripts/build-essential - useful development utilities for debian developers/maintainers.

      Using these following commands to install parrot-devel-extra:
      sudo apt update
      sudo apt install parrot-devel-extra

Other updates: Many more updates were imported since we are currently based on Debian testing, and we included all the latest updates, security patches and new features as usual.

From ParrotSec

Download Parrot Home Edition

Download Parrot Security Edition

[ZeroDay] ZDI-18-1078: Cisco WebEx Network Recording Player NMVC RtpConfig Stack-based Buffer Overflow Remote Code Execution Vulnerability

About ZDI-18-1078
   Cisco WebEx Network Recording Player NMVC RtpConfig Stack-based Buffer Overflow Remote Code Execution Vulnerability

   ZDI ID: ZDI-18-1078 or ZDI-CAN-6254
   CVE ID: CVE-2018-15421
   CVSS SCORE: 5.1, (AV:N/AC:H/Au:N/C:P/I:P/A:P)
   AFFECTED VENDORS: Cisco
   AFFECTED PRODUCTS: WebEx

   Additonal Details
      Cisco has issued an update to correct this vulnerability. More details can be found at: cisco-sa-20180919-webex

   Timeline:
    * 2018-05-24 - Vulnerability reported to vendor
    * 2018-09-21 - Coordinated public release of advisory
    * 2018-09-21 - Advisory Updated

   Credit: Ziad Badawi

   Vulnerability Details
      This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco WebEx Network Recording Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the NMVC.DLL module. When parsing an ARF file, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code under the context of the current process.

Over this past year, several different researchers submitted bug reports in the Cisco Webex suite of programs. However, in their more than 40 submissions, they missed this trivial stack-based buffer overflow. This blog details ZDI-18-1078, a vulnerability in Cisco Webex Network Recording Player version 31.23.2.58 (now reaching its EOL) that results in remote code execution.

The Vulnerability
   When reading an Advanced Recording (.arf) file, the player attempts to access a file in the current directory named RtpConfig.ini. This action is not documented. The .ini file contains the configuration for what is likely a Real-Time Transport Protocol (RTP) service, but since there is no documentation of the file or the service, it may be something different.

Process Monitor showing nbrplay.exe looking for RtpConfig.ini

   The bug occurs in nmvc.dll inside a routine labeled sub_1001F479 that parses RtpConfig.ini and extracts its properties. The following snippet shows how the MinLostRate parameter is getting set up as well as other parameters going downwards.

Setting up different properties

   The culprit here is a sscanf call, a banned function by Microsoft, with no width field in the format string. The sscanf function parses the .ini file contents and reads property values in order to match them to a set of hardcoded parameters. The format used is: %[^ \t#]%*[ \t]%[^ \t#]%n

   Which writes to three arguments. The first and third specifiers (%[^ \t#]) do not use a width value in between the % and [. This means it will read every character until it reaches whitespace. This will write to the passed arguments Str1 and Source disregarding their sizes and could lead to an overflow if input is large enough.

No width in format string

   The .ini file is read in 0x3FF-byte chunks and, since both consecutive variables Source and Str1 are sized 0x100 and 0x106 bytes respectively, an overflow can occur leading to a corrupted stack.

Corrupted stack

Conclusion
   Cisco patched this and two other vulnerabilities with advisory cisco-sa-20180919-webex. It is good to know that these versions are reaching their EOL, as many similar bugs have been submitted to the program. Hopefully, the newer versions are more secure. Bug submissions in enterprise software are on the rise, putting this category just behind Desktop Application and SCADA submissions. Considering how many of these programs exist in enterprises, this trend will likely continue.

   You can find author on Twitter@ziadrb and follow the his team for the latest exploit techniques and security patches.

And have something to say about GitHackTools or ZDI-18-1078 (or CVE-2018-15421)? Comment below or share this post from GitHackTools Facebook, GitHackTools Twitter and GitHackTools Google Plus.

From Zero Day Initiative

Leaked? 2.0 Released - A Checking tool for Hash codes, Passwords and Emails leaked

Read more: Leaked? 1.1 - A Checking tool for Hash codes and Passwords leaked

Leaked? 2.0 is an upgrade of Leaked? 1.1

About Leaked? 2.0
   Leaked? is A Checking tool for Hash codes and Passwords and Emails leaked, uses leakz module from Aidan Holland, and leakz module uses API from Aurelius Wendelken.

   Leaked? can work in any OS if they have support Python 3 and 2.

What's new in Leaked 2.0?
 * Check email leaked
 * Update
 * More friendly for users
 * Support Python 2 and 3

Features of Leaked? 2.0:
 * Check passwords leaked
 * Check hash code leaked
 * Check email leaked NEW!
 * Update NEW!
 * Exit
 * About Author

Install and Run Leaked? 2.0 in Linux 

Install and Run Leaked? 2.0 in Windows
   Download and run Python 3 setup file from Python.org. In Install Python 3 , enable Add Python 3.7 to PATH and For all users.

   Download and run Git setup file from Git-scm.com, choose Use Git from Windows Command Propmt.

   Afther that, Run Command Propmt or PowerShell and enter this commands:
   git clone https://github.com/GitHackTools/Leaked
   cd Leaked
   pip install -r requirements.txt
   python leaked.py


And have something to say about GitHackTools or Leaked 2.0? Comment below or share this post from GitHackTools Facebook, GitHackTools Twitter and GitHackTools Google Plus.

Screenshots of Leaked? 2.0

Download Leaked? 2.0

ParrotSec 4.2.2 Stable Released!

ParrotSec Team are proud to announce the release of Parrot 4.2.2

It was a very problematic release for our team because of the many important updates under the hood of a system that looks almost identical to its previous release, except for a new background designed by Federica Marasà and a new graphic theme (ARK-Dark).

Updated kernel and core packages on Parrot Security OS 4.2.2
   Parrot 4.2 is powered by the latest Linux kernel 4.18 debianized kernel with all the usual wireless patches.

   A new version of the Debian-Installer now powers our netinstall images and the standard Parrot images.
   Firmware packages were updated to add broader hardware support, including wireless devices and AMD vega graphics.
   AppArmor and Firejail profiles were adjusted to offer a good compromise of security and usability for most of the desktop and CLI applications and services.

Important destkop updates on ParrotSec 4.2.2
   Parrot 4.2 now provides the latest LibreOffice 6.1 release, Firefox 62 and many other important updates.
   Desktop users will also find useful the inclusion of default .vimrc and .emacs config files with syntax highlight and line number columns.

Important tools updates on Parrot Security OS 4.2.2
   Armitage was finally updated and fixed, and the “missing RHOSTS error” was fixed.
   We also imported the latest Metasploit 4.17.11 version. Wireshark 2.6, hashcat 4.2, edb-debugger 1.0 and many many other updated tools.

New documentation portal of ParrotSec
   We are working to drop our previous DokuWiki documentation portal and replace it with a full static documentation portal written in markdown which would be easier to maintain through our GIT server.

   The new documentation portal can be visited here. feel free to contribute and expand our documentation by sending us a push request on Parrot Documentation.

And have something to say about GitHackTools or Parrot Security OS 4.2.2? Comment below or share this post from GitHackTools Facebook, GitHackTools Twitter and GitHackTools Google Plus.

Download ParrotSec

From Parrot Blog

Kali Linux 2018.3 Released

Another edition of Hacker Summer Camp has come and gone. Kali Linux Team had a great time meeting our users, new and old, particularly at our Black Hat and DEF CON Dojos, which were led by our great friend @ihackstuff and the rest of the Offensive Security crew. Now that everyone is back home, it’s time for their third Kali release of 2018, which is available for immediate download.

Kali 2018.3 brings the kernel up to version 4.17.0 and while 4.17.0 did not introduce many changes, 4.16.0 had a huge number of additions and improvements including more Spectre and Meltdown fixes, improved power management, and better GPU support.

New Tools and Tool Upgrades on Kali Linux 2018.3
   Since Kali last release, Kali Team have added a number of new tools to the repositories, including:
    * idb – An iOS research / penetration testing tool
    * gdb-peda – Python Exploit Development Assistance for GDB
    * datasploit – OSINT Framework to perform various recon techniques
    * kerberoast – Kerberos assessment tools

   In addition to these new packages, we have also upgraded a number of tools in our repos including aircrack-ng, burpsuite, openvas, wifite, and wpscan.
   For the complete list of updates, fixes, and additions, please refer to the Kali Bug Tracker Changelog.

Download Kali Linux 2018.3
   If you would like to check out this latest and greatest Kali release, you can find download links for ISOs and Torrents on the Kali Downloads page along with links to the Offensive Security virtual machine and ARM images, which have also been updated to 2018.3. If you already have a Kali installation you’re happy with, you can easily upgrade by this following command:
      apt update && apt -y full-upgrade

Making sure your Kali Linux are up-to-date
   To double check your version, first make sure your Kali package repositories are correct.
      root@kali:~# cat /etc/apt/sources.list
      deb https://http.kali.org/kali kali-rolling main non-free contrib

   Then after running apt -y full-upgrade, you may require a reboot before checking:
      root@kali:~# grep VERSION /etc/os-release
      VERSION="2018.3"
      VERSION_ID="2018.3"

If you come across any bugs in Kali Linux, please open a report on their bug tracker. It’s more than a little challenging to fix what Kali Team don’t know about.

And have something to say about GitHackTools or Kali Linux 2018.3? Comment below or share this post from GitHackTools Facebook, GitHackTools Twitter and GitHackTools Google Plus.

Download Kali Linux

From Kali Linux

Parrot Security OS 4.2 Beta Released

Read the Vietnamese version

ParrotSec 4.2 Beta for testers program
   Parrot 4.2 is almost ready and ParrotSec Dev Team want you to test it and report us what works and what needs to be fixed before the final release.

   This is not the proper place where to post your ideas and tips. Use the Parrot 4.2 development discussions topic to discuss opinions and ideas: Parrot 4.2 development discussions - Development - Parrot Community

   These are the instructions for Parrot Security OS 4.2 beta testers:
    * If you want to become a Parrot Beta tester, you have to download the latest beta images from https://archive.parrotsec.org/parrot/iso/testing/

    * Things that need to be tested: Use the system in all the possible conditions both in live mode and installed on virtual machines and real hardware, both in standard and uncommon configurations, but please don’t report errors for configurations that are not meant to work on Debian.

    * How to report bugs: We expect our beta testers to write a final report that collects the result of all their tests, and to report both working and broken things, and eventually suggest how to solve issues (if a solution is known by the tester).

    * The report have to be posted as a comment to this topic.

   In case of confidential reports, ParrotSec Dev Team also take in consideration all the reports sent to palinuro@parrotsec.org or team@parrotsec.org, but we strongly prefer comments to this topic.

   What a beta tester is not supposed to do?
      Parrot is not a software, it is a whole operating system. An operating system, by definition, is a collection of many many system components and completely independent programs that ParotSec Team don’t develop.

      Reports released after the final stable release may not be taken in consideration, but if you spot something important, we may decide to schedule a new emergency release that addresses critical bugs, but we consider these cases as exceptions, and latecomers are usually just ignored

      If a parrot bug is caused by a bug in a specific parrot software, that bug should be reported to that program developers, and not to the Parrot Developers.

      Brief comments are not full reports. Don’t comment to this topic if you don’t have a complete report. So help ParrotSec Team to keep this topic as clean as possible. Discussions have their dedicated topic: Parrot 4.2 development discussions - Development - Parrot Community

      Tests done on older versions of the system make no sense for ParotSec Team, as the purpose of this beta testing program is to spot issues on the ISO files for Parrot 4.2 that the release team proposes during the Beta testing phase.

ParrotSec 4.2 development discussions
   Parrot 4.2 is ready and the first beta images are available for Beta testers
   Let’s start this topic to collect the latest suggestions for this new release.

   RULES:
    * This topic is not the proper place where to report bugs, and the beta testers have their own topic where to report parrot 4.2 bugs.
    * We are not going to implement suggestions that involve drastic system changes in any way, but we are open to listen to your opinions and ideas.

    Parrot Security OS 4.2 beta testers program: https://community.parrotsec.org/t/parrot-4-2-beta-testers-program/

And have something to say about GitHackTools or Parrot Security OS 4.2 Beta? Comment below or share this post from GitHackTools Facebook, GitHackTools Twitter and GitHackTools Google Plus.