digip

SSH is disabled by default, yes, but has been that way in Kali from day one, for security reasons. You can build an ISO with it enabled though before installing, and also customize everything you want under the sun to your needs. Not sure if Re4son's Pi has SSH disabled out of the box as well, but something others might want to look at too, a lot of his changes get rolled into the mainline for drivers and such, but SSH will always be disabled unless you build a custom ISO and install script. I think BackTrack was this way as well towards the later versions, which also disabled network settings on live boot as well if not mistaken.

I second crunch, can split files by line or bytes as I recall, and super fast. Can do on the fly as well, but if it locks at 40, you'd hit it in like under a second. Crunch is super fast. Just be sure to save the files in a new folder, don't run from root if you're going to split into thousands of files, and pick a good naming convention for when you want to remove them, making it easier to delete and clean up later.

Is your card compatible? try airmon-ng check wlan0 or whatever your card is. See if it shows up, and if you need to shut down any other apps. If you get a list of items to kill, then run airmon-ng check kill If it shows none, then you can try airmon-ng start wlan0 Once in monitor mode, the card ID will change most likely to something like wlan0mon, which is what you'll need to feed to mdk3 or aireplay-ng.

Download 7zip. It's free and can open RAR files. If it shows as corrupt, you can try repairing, but don't expect it to work. Best is to have backups to restore from, but we all know that no one really backs their stuff up at home.

#dontclickshit and you shouldn't have any issues(for the most part).

Try loading it in virustotal or googles safe browsing search - https://transparencyreport.google.com/safe-browsing/search If it is malicious, virustotal might be able to detect some stuff, or it may already be listed as unsafe, but you can also report sites that are unsafe if you have proof : https://safebrowsing.google.com/safebrowsing/report_badware/

Give this a try - http://blog.packetheader.net/2011/07/using-metasploit-meterpreter-scripts.html

Something tells me, he doesn't understand plain English(or rules in general, theirs or ours). 1, not yours. 2, we don't care. 3, nothing you say, will change this.

I have a request for you (or anyone with a Raspberry Pi 2/3) we have an image on Offsec site that is kali 2017.3, which us supposed to have these changes rolled in and fixed for onboard and other cards now. If anyone can test and compare with the Re4son kernel, need to know if they are working the same for wifi cards that were previously having issues. If you're on 2017.2 or older, please update to the latest[ apt update, apt upgrade, apt dist-upgrade ] I want to know how the wifi cards compare, as this should now be fixed. Can get them here: https://www.offensive-security.com/kali-linux-arm-images/ https://images.offensive-security.com/arm-images/kali-2017.3-rpi3-nexmon.img.xz make sure you match the Sha256sum hash. 1.47gb download (although our site says 0.9) the hash is the proper hash below and on our site. 2017.3 BA0F0DCB9053E6D24218B768553F664AF090CB9C328D291C5A6CFB6415145737

You literally could have just left the link instead of listing every tool(and we aren't always 100% up to date, you can use the [ apt search ] feature to find a lot of things that might already be in there not listed on the site, or just for general purpose linux tools and programs you may need, like say, Chromium vs default FF.

I tend to use a few things regularly. nmap, gobuster, nc/ncat/netcat, python and perl for TTY and reverse shells, john for password cracking, occasionally nikto, sqlmap, and hydra There are some other things here and there, but those are my basic staples, at least when attacking linux boxes. I don't really mess with windows, and in general, if it has an unpatched vuln, just throw metasploit at it, but I try to avoid metasploit at all costs. 1, don't use it enough to be fluid with it, and 2, I'm not learning anything if I can just throw it at something and it falls over.

Squid will do what you need, but nothing is 100% full proof if someone really wants to get around it. If you only allow http and https to flow over the proxy then you should be good. if your kids know how to SSH tunnel or VPN out, then you're shit out of luck :)

With Android, users need to allow unknown sources, which is not always on by default, an don some developer mode to be on, although it's probably a lot easier to get them on Android than iOS. If they jailbreak their iOS, then it's possible to do much the same with 3rd party apps. If you can social engineer someone to click something, on any OS, that's often all you need though, regardless of what is turned on or not. If an exploit takes control of the system, you can run nearly anything, even when not rooted, although in most cases, you won't get full control of the device, or root without something specific, and possibly a reboot, you should be able to sniff or gather info from the device and certain levels of communications.

any kinds of clues on the logs anywhere, dmesg or syslog, boot logs? Could try adding a startup script that purposely also kills and starts the network card and does a DHCP request. I do this in Kali on my VM's as they don't always work the way I need, but I use static IP addressing, where I find dhcp can be wonky and have issues when an address is already in use but used it previously and didn't clear them on the local machine, so I delete them with a script, and paste back in static info, and then shutdown the network manager. Probably not the best way, and I'm sure I'm doing 100 things backwards in not tracking down and fixing the real issue, but it gets shit done, like also forcing the screen size that doesn't exist in the VM to force my resolution to what I need, which works. note: one thing i just thought of that I've had happen, is when you previously had an eth0 connection, but on reboot, the nic doesn't use this naming convention, and switches to the bios naming convention like espl01 type shit, there is something you can append to the kernel line on boot, to force the older naming convention for the nic so on boot, dhcp will work(if that is, the case with your device, as I've had that happen to me personally). I think you add net.ifnames=0 biosdevname=0 on the boot line of grub.

If your IP isn't masked by something like say, gmail, then possibly you can do GEO IP lookup. Most email servers today, also require SPF records, or they get rejected by a lot of other systems, which using an SPF, identifies the true sending server, so even if using webmail, your IP would show your sending email server, which can then be looked at to see about who's email server it is, and then start deducing users, back to the real person. However, spoofing emails, is not hard, even with all these things in place.

start the postgresql service, then restart msfconsole.

Speaking of which, just found http://www.penguintutor.com/linux/raspberrypi-kidsafe which might work in this scenario.

I've actually had to send copies of my license to sites before, which I won't go into, but it happens. Age verification, proof of residence, these things are often things that when using a CC, they want 2 forms of ID for certain things. I'll admit, it's not common to see it with an online purchase, but like I said, you can try something like PayPal as an alternative, which verifies you via your bank. I personally don't like to use my CC, and will shop other places when I can't use PayPal because of putting my CC out there, to me, is one thing I don't want to end up being dumped on some carding site, and always use PP where possible. PP requires you to login every time(unless you save the settings) to finalize the purchase, unlike some sites that store your CC info for new purchases, which I don't like when it comes to online shopping. Having had a business of my own, PP made it simple to handle transactions without having to do the chasing and verifying for billing. Just my 2 cents.

Depending on how old the kids are, they could turn it off if they know what they are doing, although from the sound of it, they are a bit younger and might not know about these sorts of things(yet). It's one of the things I worry about with my kids, as they do a lot of homework stuff online and watch YouTUBE a lot, which in itself, is not the best place for kids, as they don't exactly have a lot of filtering options there other than relying on people to flag content or owners to set their own stuff for age groups. There's porn on youtube if you look hard enough and plenty of adult shows not suited for kids on there. Balancing act to keep them from getting into too much without us knowing, which is a lot harder the more savvy they become with the computer.

Internal squid proxy with URL filtering, or like OpenDNS, setup custom rules in OpenDNS dashboard, which can do similar, and block by domain name, type of site, etc.

I don;t know about you, but EVERY department store I've made a puchase with CC from, asks me for my license. It's common practice. Just because you're online, doesn't mean the same doesn't apply, although, it can be a bit weird to see that with online purchases. Another option, use PayPal, which verifies its users trough their banks, or some other payment method that does similar, which negates the need to show ID to a site you aren't comfortable giving it to.

I'm not sure I 100% understand the situation, but if it's a windows email program with saved password you don't remember, try mailpassv to recover it. https://www.nirsoft.net/utils/mailpv.html

Um. Open a command prompt. Go to the place where "MyStuff" was(the aprent directory), and do the following: dir /ahs Now, CD into the listed hidden directory. Now do dir again(or add the /ahs if all files are set to the same attributes and hidden) This does nothing other than change the files attributes, to hidden, and system, which can still be seen and accessed. Basically: ren "poop" "poop2.{21EC2020-3AEA-1069-A2DD-08002B30309D}" attrib +h +s "poop2.{21EC2020-3AEA-1069-A2DD-08002B30309D}" dir /ahs attrib -h -s "poop2.{21EC2020-3AEA-1069-A2DD-08002B30309D}" ren "poop2.{21EC2020-3AEA-1069-A2DD-08002B30309D}" "poop" dir

Buy your own router(and if using an all-in-one modem/router, buy that too) and setup your own equipment. You'll only have to tell them to enable your new modem and they will ask for the MAC address, but if only need a router, get your own and just swap them, then reboot the modem, and it will assign you a new IP from the ISP(or should in most cases). If you're on some special equipment like ISDN or DSL(I know some people still have this shitty stuff) then get out of the stone age and find a better ISP.

You should be able to acquire the current headers with your current distro state if you're already past the version you listed above apt install linux-headers-$(uname -r) If you need older headers, best to install the older ISO, or track down archived files. This may help - http://old.kali.org/kali-images/