Linux Format

Python scanning

Kali’s smorgasbor­d of tooling can be overwhelmi­ng at first, but we can leverage Python to simplify things.

-

Having installed Kali, let’s get straight to business and do some hacking with Python. Never mind if this is entirely new to you, or if you’re already a seasoned coder. We’re going to use GitHub user scavngr’s RapidScan tool (https://github.com/skavngr/rapidscan) to do some introducto­ry ethical hacking.

RapidScan is a good place to start because it automates scanning with hundreds (OK, high tens) of the tools included in Kali Linux. In the repo descriptio­n’s own words, this makes “binge tool scanning” much easier.

Before we go any further, we’ll stress what should be obvious: don’t be a script kiddie. Don’t go running this, or any other tools from Kali, to seek out vulnerabil­ities on machines that aren’t your own, or that you don’t have explicit permission to penetratio­ntest. This might get you in a lot of trouble. Especially if you target Linuxforma­t.com. You’re not going to find something exploitabl­e on Microsoft, Google and so on domains. And while we show you how to use hacking tools, we omit to show you what is just as important for black and grey-hat hackers: how to cover your tracks.

That responsibl­e disclaimer out of the way, let’s get

RapidScan installed. Boot up Kali and log in (username and password are both kali ). Then open a terminal window using the shortcut on the top bar. You should update Kali first using the first two commands from the Nvidia box on the previous page, otherwise you’ll have problems later. Now let’s install the thing with:

$ git clone https://github.com/skavngr/rapidscan.git

Instead of jumping in and scanning remote hosts, start locally. Use RapidScan to scan the host machine:

$ cd ~/rapidscan

$ python rapidscan.py localhost

It takes a few seconds to run, then displays a short summary. Don’t be alarmed if you see that some vulnerabil­ities were detected; these are often false positives. Instead, check the log file with:

$ cat rs.vul.localhost.2024-03-01

The last part of the filename is the date, so use tab-completion if you’re too lazy to copy it from the command output. You’ll see, for example, that DMitry, a passive email scanner, uses Google to search for public email addresses on the @localhost domain. Your local machine is probably not running any email server, let alone one with accounts detected from Big G. There’s also a debug log at rs.dbg.localhost.2024-03-01, for instance. As most users don’t (knowingly) run any services on their own machines, it’s unlikely RapidScan

will turn up anything of interest. So, your next step is to scan your router (which almost certainly is running a web server), which involves executing something like:

$ python rapidscan.py 192.168.0.1

?? ?? We hope you enjoy RapidScan’s colourful progress bar as much as we did. Use Ctrl+C to skip any tests that take too long.
We hope you enjoy RapidScan’s colourful progress bar as much as we did. Use Ctrl+C to skip any tests that take too long.
?? ?? Nikto is one of the many tools used by RapidScan. We’ve already checked Linuxforma­t.com, so please leave it be.
Nikto is one of the many tools used by RapidScan. We’ve already checked Linuxforma­t.com, so please leave it be.

Newspapers in English

Newspapers from Australia