09-09-2019, 01:27 PM
(This post was last modified: 09-09-2019, 01:30 PM by MaskedUser.)
Latest 2019.3 Released on 2nd September 2019 .
Kali Linux 2019.3 Release
September 2, 2019
g0tmi1k
Kali Linux Releases
We also noticed some packages failed to build on certain ARM architectures, which has now been fixed (allowing for more tools to be used on different platforms!).
Helper Scripts
> webshells ~ Collection of webshells
/usr/share/webshells
|--asp
|--aspx
|--cfm
|--jsp
|--perl
|--php
root@kali-dev:/usr/share/webshells#
> mimikatz ~ Uses admin rights on Windows to display passwords in plaintext
/usr/share/windows-resources/mimikatz
|---kiwi_passwords.yar
|---mimicom.idl
|---Win32
|----mimidrv.sys
|----mimikatz.exe
|----mimilib.dll
|----mimilove.exe
|---x64
|----mimidrv.sys
|----mimikatz.exe
|----mimilib.dll
root@kali-dev:/usr/share/windows-resources/mimikatz#
root@kali-dev:/usr/share/windows-resources/mimikatz# shellter
1010101 01 10 0100110 10 01 11001001 0011101 001001
11 10 01 00 01 01 01 10 11 10
0010011 1110001 11011 11 10 00 10011 011001
11 00 10 01 11 01 11 01 01 11
0010010 11 00 0011010 100111 000111 00 1100011 01 10 v7.
Wine Mode
Choose Operation Mode - Auto/Manual (A/M/H):
GNOME Users
Download x86 Iso :
You have No permissions
Download x64 iso :
You have No permissions
Kali Linux 2019.3 Release
September 2, 2019
g0tmi1k
Kali Linux Releases
We are pleased to announce that our third release of 2019, Kali Linux 2019.3, is available immediately for download. This release brings our kernel up to version 5.2.9, and includes various new features across the board with NetHunter, ARM and packages (plus the normal bugs fixes and updates).
As promised in our roadmap blog post, there are both user facing and backend updates.
CloudFlareKali Linux is Open Source, and Cloudflare hearts Open Source – so it’s a perfect match! As a result, CloudFlare has graciously allowed us to use their content delivery network (CDN) to mirror our repository, allowing us to now distribute our content through them. A more technical breakdown can be found on their blog.
We are currently running the CloudFlare services side by side with our standard and community mirrors.
If you notice the
You have No permissions
domain appearing on screen when you run
You have No permissions
, this means you’re using CloudFlare’s services.
Kali StatusCode:
The contents of this section are hidden
domain appearing on screen when you run
Code:
The contents of this section are hidden
, this means you’re using CloudFlare’s services.
We now have a status page – status.kali.org. This provides an overview of all public facing domains and allows you to check if they are responding correctly. We have included all the sites we control, as well as the community mirrors for the repositories, allowing you to see everything you could possibly use (even if you are unaware)!
Note: Our load balancer on http.kali.org should automatically detect when a mirror is not responding and redirect you to one that is. As such,
You have No permissions
should always work (even if slow at times).
MetapackagesCode:
The contents of this section are hidden
should always work (even if slow at times).
We already announced the changes to metapackages in a previous blog post, and the Kali tool listing page goes into more detail on it. However, to recap, the default toolset going forward has changed. To help with this transition, for this release only (Kali 2019.3), there is a one-off, extra image called
You have No permissions
, that contains all previous default tools.
Code:
The contents of this section are hidden
, that contains all previous default tools.
Going forward, during our release cycle, we will be evaluating which tools belong to each group:
- Kali-linux-default – tools we believe are essential to a penetration tester
- Kali-linux-large – for penetration testers who have a wider set of non standard/common situations
- Kali-linux-everything – for those who want it all (and without Internet access during the assessment)
We also noticed some packages failed to build on certain ARM architectures, which has now been fixed (allowing for more tools to be used on different platforms!).
Helper Scripts
There’s a wide range of tools in Kali. Some tools are designed to be used on Linux, some are designed for Windows (and we can still use them with WINE), and some are static resources. During our recent metapackage refresh, we took the time to create a few “helper scripts”.
You may have installed a package, gone ahead and typed in the package name to run it, and the response back was
You have No permissions
. Not any more!
Code:
The contents of this section are hidden
. Not any more!
We understood it may not have been obvious how to use them straight away. As a result, all of our static resources should now be easy to find. Just type in the package name (Such as PayloadsAllTheThings, SecLists, WebShells and Wordlists to a name a few), you’ll see a brief description, a directory listing, and then be moved to the folder.
root@kali-dev:~# webshells> webshells ~ Collection of webshells
/usr/share/webshells
|--asp
|--aspx
|--cfm
|--jsp
|--perl
|--php
root@kali-dev:/usr/share/webshells#
When it comes to Windows binaries (Such as hyperion, mimikatz, and windows-privesc-check), depending on their functionality, it will now either start up WINE or, like above, hotlink you to the location.
root@kali-dev:~# mimikatz> mimikatz ~ Uses admin rights on Windows to display passwords in plaintext
/usr/share/windows-resources/mimikatz
|---kiwi_passwords.yar
|---mimicom.idl
|---Win32
|----mimidrv.sys
|----mimikatz.exe
|----mimilib.dll
|----mimilove.exe
|---x64
|----mimidrv.sys
|----mimikatz.exe
|----mimilib.dll
root@kali-dev:/usr/share/windows-resources/mimikatz#
root@kali-dev:/usr/share/windows-resources/mimikatz# shellter
1010101 01 10 0100110 10 01 11001001 0011101 001001
11 10 01 00 01 01 01 10 11 10
0010011 1110001 11011 11 10 00 10011 011001
11 00 10 01 11 01 11 01 01 11
0010010 11 00 0011010 100111 000111 00 1100011 01 10 v7.
Wine Mode
Choose Operation Mode - Auto/Manual (A/M/H):
On the subject of tool type, we have altered the location of packages related to Windows (which eagle eye readers may have spotted in the example above). These types of tools are now located in
You have No permissions
. For example, our windows binaries used to be in
You have No permissions
, instead, they are in
You have No permissions
.
We have done this to make it easier to discover what resources can be transferred over to a Windows platform and executed directly there. Using this new location as a root path (example: http
You have No permissions
, or samba
You have No permissions
), you can quickly share everything to the target/victim machine.)
Tool Updates & New PackagesCode:
The contents of this section are hidden
. For example, our windows binaries used to be in
Code:
The contents of this section are hidden
, instead, they are in
Code:
The contents of this section are hidden
.
We have done this to make it easier to discover what resources can be transferred over to a Windows platform and executed directly there. Using this new location as a root path (example: http
Code:
The contents of this section are hidden
, or samba
Code:
The contents of this section are hidden
), you can quickly share everything to the target/victim machine.)
As always, we have our updates for all our tools, including (but not limited to):
- Burp Suite
- HostAPd-WPE
- Hyperion
- Kismet
- Nmap
GNOME Users
If you use the default Kali image, it is (currently) using GNOME for the desktop environment. If you used the command line for a period of time, chances are you noticed it was refreshing the repositories in the background. This has now been disabled.
Quote:The contents of this section are hiddenYou have No permissions
Download x86 Iso :
Code:
The contents of this section are hidden
Download x64 iso :
Code:
The contents of this section are hidden