The Kali Linux operating system is described as well as its purpose and possibilities. There are listed groups of tools that Kali Linux has together with the methods of their functioning, as well as a possibility to install and use tools that are not an integral part of Kali. The final part shows a practical testing of web applications using the tools from the Kali Linux operating system. The paper thus shows a part of the posibilities of this operating system in analysing web applications security, which presents the goal of this work. Key words: security, web applications, Kali Linux.
Web applications contain many vulnerabilities that can compromise integrity of web pages, reveal confidential information and disrupt the operation of the application itself. Although there are different mechanisms of protection, new vulnerabilities are revealed daily and attackers can use them for various attacks.
Due to the emergence of new security threats in the area of cyber security, the creators of the BackTrack operating system created a new, specialized Linux distribution intended for Penetration testing, called Kali Linux
Kali Linux operating system
Born and released on March 13th, 2013, Kali Linux is based on Debian and an FHS-compliant filesystem. (Muniz, Lakhani, 2013). Debian was created in 1993 as a Linux distribution. It is completely democratically organized, in hands of community, and its users are generally enthusiasts and Linux experts, because Linux administration, in comparison to other operating systems, is more complicated. Filesystem Hierarchy Standard (FHS) defines the structure of folders and it is primarily intended for Unix programmers.
Kali has many updated tools, synchronized four times a day. This means that users have the latest package updates and security fixes. Kali Linux is essentially a Linux distribution intended for penetration testing. Kali Linux has many possibilities and different types of tools – it can test network security, security of operating systems, communications, applications, etc. It can be downloaded from the Internet in a few different ways.
Kali Linux can be used in a virtual environment, by installation on a virtual machine. Also, it can be run without installation software on the hard disk, accessing an external source such as a USB or DVD. However, this is not reliable, due to a negative effect on the setup and operations of some tools. Because of its speed, accuracy and other performances, it is highly recommended to install Kali Linux on a host hard drive.
There is a possibility of parallel existence and use of two operating systems on one computer, the dual boot method, which is desirable for Windows users and Linux beginners. It is recommended to install Kali Linux in a virtual machine. This paper uses the VMWare Workstation 10 virtualization software and the Kali Linux 1.0.7 operating system.
Kali Linux offers many customized tools designed for penetration testing, categorized in the following groups, (Muniz, Lakhani, 2013),
Tools Type Kali Linux
- Information Gathering: these are reconnaissance tools, used to gather data on target networks and devices. Tools range from identifying devices to protocols
- Vulnerability Analysis: tools from this section focus on evaluating systems for vulnerabilities. Typically, these are run against systems found using the tools from the previous section.
- Web Applications: these are tools used to audit and exploit vulnerabilities in web servers. However, these tools do not always refer to attacks against web servers, they can be web- based tools for testing network
- Password Attacks: this section of tools is primarily used for performing Brute force attacks on passwords used for authentication.
- Wireless Atacks: these tools are used to exploit vulnerabilities found in wireless protocols. In most cases, tools from this section require a wireless adapter that can be configured by the Kali Linux operating system, to be put in a particular operation mode
- Exploitation Tools: these are tools used to exploit vulnerabilities found in
- Sniffing and Spoofing: these are tools used for network packet captures and network packet
- Maintaining Access: tools to be used after establishing access to the target network or system. They provide alternative paths and approaches, if the vulnerability used for access by attacker is found and
- Reverse Engineering: the purpose of these tools is analyzing how a program was developed so it can be copied, modified, or so that it can lead to development of other programs. Reverse engineering is also used for malware analysis or by researchers in discovering vulnerabilities in software
- Stress Testing: these tools are used to evaluate how much data a system can handle. Undesired outcomes could be obtained, such as causing a device controlling network communication to open all communication channels or a system shutting down (also known as a denial of service attack).
- Hardware hacking: this section contain Android tools, which could be classified as mobile, and Ardunio tools that are used for programming and controlling other small electronic
- Forensics: forensics tools are used to monitor and analyze computer network traffic and
- Reporting Tools: these tools serve to deliver information found during a penetration
- System services: this is where Kali Linux services can be enabled or
Using Kali Linux tools in Web application testing
A web application containing vulnerabilities threatens the security of a database and the entire computer system, because the web page must be constantly available to provide services to users. Firewall and other similar programs do not provide protection against malicious activities in such a case, because web applications often have direct access to user databases, but also must be available outside the local network, so it is difficult to ensure security. One of the main problems is to detect web application vulnerabilities before attackers exploit them. (CARNet, 2007), (CARNet, 2008).
Vulnerability scanning uses various tools, both commercial ones and those available on the Internet, which are free for using. The main advantage of commercial tools is the automation of the scanning process offered by almost all commercial versions. The efficiency of each tool depends on the content to be searched, but most tools can conduct basic vulnerability scanning. By studying the basic features of tools, it is easy to find a suitable scanner that should be used to search vulnerabilities of individual applications.
It is recommended to start the specific tools and test web applications to detect and correct security holes prior to its use. Kali Linux is an excellent solution that contains many tools intended for scanning
vulnerabilities and web application security testing. This article covers tools: Burp Suite, XSSer, Nessus, Nikto and Vega. Damn Vulnerable Web Application and Mutilate application are used as test applications.
Burp Suite is an integrated platform for performing security testing of web applications (Burp Suite ). Its various tools support the entire testing process. It allows the combination of advanced manual techniques and automated attacks that accelerate the testing process and make it more effective. Burp Suite includes the following tools:
- Proxy – analyzes and modifies the traffic between the browser and the target application. It intercepts and modifies HTTP traffic, easily analyzes content and manipulates requests sent to the server by a client;
- Spider – analyzes the traffic that goes through the Proxy server and sends requested content to other Burp Suite tools. It keeps the entire work and allows the operation to continue where it stopped the last time;
- Scanner – scans web applications. It provides a complete control of the scanned content and displays the results of scanning;
- Intruder – allows performing improvised attacks that exploit vulnerabilities;
- Repeater – tool for modifying HTTP requests and analyzing the received responses;
- Sequencer – tool for testing randomness of session tokens of applications;
- Decoder –simple tool for encoding and decoding text strings;
- Comparer – this tool is used to compare data, for example to compare two or more HTTP responses;
- Extender – allows different extensions of the functionalities of the Burp Suite platform.
Burp Suite can be run in two ways:
- by typing the burpsuite command in the terminal,
- under Applications | Kali Linux | Web Applications | Web Application Fuzzers |
This paper describes a tool Intruder, which is used to perform an automated brute force attack on the DVWA(damn vulnerable web application) test application. Before performing the attack, it is necessary to configure Proxy. It is necessary to set the IP address and the port on which Proxy works, the localhost address and a specific port number. These settings should match the settings of the web browser
Iceweasel uses the HTTP Proxy server active on port 8080 and the IP address of the localhost, 127.0.0.1. Burp Suite
Proxy must be configured in the same way. It is necessary to select Options on the tab Proxy and enter the required parameters. After that, it is necessary to enable Intercept on the same tab, to intercept requests sent to the server. By a click on the Brute Force tab in the DVWA application, the authentication window shows up.
By a click on login after entering the username and the password, the authentication request will be sent to the server through Burp Proxy, and Proxy will intercept that request. As a result, the intercepted request will be displayed on the tab Intercept in the Burp Suite platform. In the next step, the request is sent to the Intruder. It is necessary to mark the areas over which the attack will be executed, and to select a type of attack . After creating the list of possible usernames and passwords, the attack is launched
Kali Linux Is Key To Learn Ethical Hacking And Web Penetration Testing
Follow Us: instagram.com/ict_message Indian Cyber Troops