Wed. Dec 4th, 2019

Host your Website

Read and learn

FatCow Web Hosting $1.00/mo* Trust your web hosting to the #1 web host provider, GoDaddy!

Kali Linux: Hacking Networks Part 2

3 min read



It’s so easy to hack badly configured networks using Kali Linux! See how easy it is to take out networks using Kali Linux and protocols like Dynamic Trunking Protocol (DTP) and VLAN Trunking Protocol (VTP); and also capture network traffic using Wireshark. Make sure you have configured your networks securely! Otherwise, look at how simple it is to hack networks using Kali Linux running on a Windows 10 computer. Applications like Yersinia make hacking with Kali Linux super easy! It’s important that you as a network professional know how to protect networks from hackers. Even the new Cisco CCNA 200-301 exam covers some of these hacking topics. Don’t just learn the theory of hacking, learn how to hack practically.

In this Ethical Hacking with Kali Linux playlist, I’m going to show you step by step how to hack and protect networks. This is white-hat hacking, not black-hat – in other words this is about teaching you Ethical hacking to help you better secure your networks!

In a previous video I showed you how to get started with Yersinia and hack CDP and Spanning Tree Protocol (STP). In this video I show you how to leverage DTP and VTP to hack networks with kali linux. Make sure you learn how network protocols work and understand their weaknesses. Just because a Cisco switch or router supports a protocol, doesn’t mean you should enable it and use it. In many cases you need to either optimize the network protocol or disable it. Otherwise, hackers using Kali Linux will be able to hack your network and break things.

Menu:
Introduction 0:01
DTP hacks: 2:15
Wireshark: 5:18
VTP attacks: 8:00
Remotely Delete a VLAN: 10:54
Delete all VLANS! 13:33

======================
Previous Videos:
======================
Kali Linux installation video: https://youtu.be/AnwgxRtWXLI
Kali Linux: Hacking Networks Part 1: https://youtu.be/K1bMSPje6pw

======================
CCNA content:
======================
Free CCNA content: https://www.youtube.com/playlist?list=PLhfrWIlLOoKM3niunUBTLjOR4gMt_uR_a

CCNA course: http://bit.ly/2PmTVPD

======================
Free Network Software:
======================
Solar-PuTTY: http://bit.ly/SolarPutty
SolarWinds TFTP Server: http://bit.ly/2mbtD6j
WAN Killer: http://bit.ly/wankiller
Engineers Toolset: http://bit.ly/gns3toolset
IP Address Scanner: http://bit.ly/swipscan
Network Device Scanner: http://bit.ly/swnetscan
Wifi Heat Map: http://bit.ly/wifiheat
Wifi Analyzer: http://bit.ly/swwifianalyzer
SolarWinds NPM: http://bit.ly/getnpm

kali linux
Hacking
Ethical hacking

EVE-NG
GNS3
VIRL
Packet Tracer
10x Engineer
CCNA
Cisco Devnet Associate

CCNP Enterprise
CCNP Security
CCNP Data Center
CCNP Service Provider
CCNP Collaboration
Cisco Certified Devnet Professional
Cisco Certified Network Professional

LPIC 1
LPIC 2
Linux Professional Institute
LX0-103
LX0-104
XK0-004

Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!

========================
Switch configuration:
========================

c2960-CG# sh run
!
version 15.0
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname c2960-CG
!
boot-start-marker
boot-end-marker
!
enable password cisco
!
no aaa new-model
!
ip dhcp pool vlan1
network 10.1.1.0 255.255.255.0
default-router 10.1.1.254
dns-server 10.1.1.254
!
ip dhcp pool vlan2
network 10.1.2.0 255.255.255.0
default-router 10.1.2.254
dns-server 10.1.2.254
!
!
!
!
!
!
spanning-tree mode pvst
spanning-tree extend system-id
!
!
!
!
!
!
!
!
!
vlan internal allocation policy ascending
!
!
!
!
!
!
!
!
!
!
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
switchport access vlan 2
switchport mode access
!
interface GigabitEthernet0/3
switchport access vlan 2
switchport mode access
!
interface GigabitEthernet0/4
!
interface GigabitEthernet0/5
!
interface GigabitEthernet0/6
!
interface GigabitEthernet0/7
!
interface GigabitEthernet0/8
!
interface GigabitEthernet0/9
!
interface GigabitEthernet0/10
!
interface Vlan1
ip address 10.1.1.254 255.255.255.0
no ip route-cache
!
interface Vlan2
ip address 10.1.2.254 255.255.255.0
no ip route-cache
!
ip http server
ip http authentication local
ip http secure-server
!
!
!
!
line con 0
line vty 0 4
password cisco
login
transport input all
line vty 5 15
login
!
end

========================

#kalilinux #ethicalhacking #hacker

42 thoughts on “Kali Linux: Hacking Networks Part 2

  1. Menu:
    Introduction 0:01
    DTP hacks: 2:15
    Wireshark: 5:18
    VTP attacks: 8:00
    Remotely Delete a VLAN: 10:54
    Delete all VLANS! 13:33

    ======================
    Previous Videos:
    ======================
    Kali Linux installation video: https://youtu.be/AnwgxRtWXLI
    Kali Linux: Hacking Networks Part 1: https://youtu.be/K1bMSPje6pw

    ======================
    CCNA content:
    ======================
    Free CCNA content: https://www.youtube.com/playlist?list=PLhfrWIlLOoKM3niunUBTLjOR4gMt_uR_a
    CCNA course: http://bit.ly/2PmTVPD

    ======================
    Free Network Software:
    ======================
    Solar-PuTTY: http://bit.ly/SolarPutty
    SolarWinds TFTP Server: http://bit.ly/2mbtD6j
    WAN Killer: http://bit.ly/wankiller
    Engineers Toolset: http://bit.ly/gns3toolset
    IP Address Scanner: http://bit.ly/swipscan
    Network Device Scanner: http://bit.ly/swnetscan
    Wifi Heat Map: http://bit.ly/wifiheat
    Wifi Analyzer: http://bit.ly/swwifianalyzer
    SolarWinds NPM: http://bit.ly/getnpm

    ========================
    Switch configuration:
    ========================

    c2960-CG# sh run
    !
    version 15.0
    no service pad
    service timestamps debug datetime msec
    service timestamps log datetime msec
    no service password-encryption
    !
    hostname c2960-CG
    !
    boot-start-marker
    boot-end-marker
    !
    enable password cisco
    !
    no aaa new-model
    !
    ip dhcp pool vlan1
    network 10.1.1.0 255.255.255.0
    default-router 10.1.1.254
    dns-server 10.1.1.254
    !
    ip dhcp pool vlan2
    network 10.1.2.0 255.255.255.0
    default-router 10.1.2.254
    dns-server 10.1.2.254
    !
    !
    !
    !
    !
    !
    spanning-tree mode pvst
    spanning-tree extend system-id
    !
    !
    !
    !
    !
    !
    !
    !
    !
    vlan internal allocation policy ascending
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    interface GigabitEthernet0/1
    !
    interface GigabitEthernet0/2
    switchport access vlan 2
    switchport mode access
    !
    interface GigabitEthernet0/3
    switchport access vlan 2
    switchport mode access
    !
    interface GigabitEthernet0/4
    !
    interface GigabitEthernet0/5
    !
    interface GigabitEthernet0/6
    !
    interface GigabitEthernet0/7
    !
    interface GigabitEthernet0/8
    !
    interface GigabitEthernet0/9
    !
    interface GigabitEthernet0/10
    !
    interface Vlan1
    ip address 10.1.1.254 255.255.255.0
    no ip route-cache
    !
    interface Vlan2
    ip address 10.1.2.254 255.255.255.0
    no ip route-cache
    !
    ip http server
    ip http authentication local
    ip http secure-server
    !
    !
    !
    !
    line con 0
    line vty 0 4
    password cisco
    login
    transport input all
    line vty 5 15
    login
    !
    end

    ========================

  2. Hello very good video I allow you to leave a comment, I'm on a periscope application is it possible to find the ip of the person using Wireshark or another because a lot of pedophile on this application thanks to you

  3. Hi can you help me out all my data got encrypted by .meka Ransomware. I removed all malwares and Ransomwares but data is not decrypting ,tried lots of software. please if you know something than please let me known

  4. I have a couple things:

    Debian server as a router for multiple subnets with one subnet going to pfSense virtual machine. I once configured my Ubiquiti EdgeRouter X as a router, but I used it as a switch with multiple VLANs.

    My Debian server is configured as follows:

    Intel 4-port Gigabit card

    Port 1 (ens3s0f0): Bridged to pfSense VM via "ethbrwan" for WAN
    Port 2 (ens3s0f1): Bridged to ethbr0 with IP address of 172.20.0.0/27; pfSense (LAN), UniFi Controller, UniFi AP-AC-Lite, and EdgeRouter X going to a couple of devices including AP-AC-Lite.
    Port 3: (ens4s0f0): Bridged to ethbr1 with IP address of 172.20.0.32/27; My computer, laptop, and smartphone.
    Port 4: (enp4s0f1): Bridged to ethbr2 with IP address of 172.20.5.0/24; Home Assistant, a discontinued Insteon hub with no default gateway, HDHomeRun
    ens3s0f1.10: Bridged to ethbr1
    enp3s0f1.20: Bridged to ethbr2
    enp3s0f1.30: Bridged to ethbr3 with an IP address of 172.20.10.0/24; Home Assistant, Mr. Coffee Wemo Coffee Maker (for brewing tea), and Google Home
    enp3s0f1.255: Guest network; Bridged to wlanbr255 with an IP address of 172.25.255.0/27; My family's smartphone and laptop

    My pfSense's static route is as follows:

    172.20.0.32/27
    172.20.5.0/24
    172.20.10.32/27 (ethbr3; my Wemo Coffee Maker is not NATed, so it cannot communicate over the Internet; anything Wemo won't be in 172.20.10.32/27)
    172.20.16.0/23 (vmbr0 for virtual machines)

    I tried not assigning a default gateway through DHCP reservation for my Mr. Coffee Wemo Coffee Maker, but once I do that, my Wemo Coffee Maker will disconnect from my Wi-Fi network, reconnect, disconnect, reconnect, and again and again until I assign my Coffee Maker a default gateway.

    I also like to assign my own DNS server's IP address that I already have for Google Home, but Google Home hardwired its own configuration as 8.8.8.8. I also watched the firewall logs in pfSense and saw that Google Home does ping 8.8.8.8 from time to time (and even time to time is a lot to me). At least to make sure the Internet is working for Google Home. I could try to block ping requests to 8.8.8.8, but decided to leave it off.

    My guest network is completely and fully segregated in pfSense, so my devices can't see my family's devices and my family's devices cannot see my devices in my home network. In other words, 172.20.x.x/16 and 172.25.x.x/16 cannot see each other. Plus, I also configure my Debian server's firewall to block communications between 172.20.0.32/27 and 172.20.10.0/24 except for 172.20.0.48, which is my smartphone.

    So with that said, what tools would you recommend for penetration testing with Kali Linux? It seems your networking video is all about Cisco switches which I don't have. I might plan to buy a Ubiquiti EdgeSwitch as I do not want to deal with having UniFi Controller installed along with outdated MongoDB and Java 8. My UniFi Controller Linux container (LXC) resides in 172.20.0.0/27 subnet.

    Alas, my setup is more of a home environment.

  5. Finally !!!! I just landed to a Channel with Divinely loaded Stuff. It's really going like a ButterSmooth Clear Cut info & an interest to learn something about. Sir Please Continue these Parts till the end of the Course. Love your Video's You got a Sub & Bell sir !!

  6. Great video and I'm hoping to see more! In my opinion it would be great if in the future you could talk more about how the tools you use on Kali actually work and what they do. Keep up the great work

Comments are closed.

Copyright © All rights reserved. | Newsphere by AF themes.