Kali Linux Your Password Is Incorrect
Piren Cobrin
I recently started doing pen testing on Kali Linux and I've been having some issues with the software "Social Engineering Toolkit". I can boot it up just fine and use it just fine, however when I choose "mass mailer attack" (for legal reasons I am doing this between two emails I own), I am able to start doing the prompts. When I get to "email password" for the email I want to send the emails from, I input my password VERY CAREFULLY as kali won't show the actual password being typed. As it gets to the point of which I assume is where it logs into my account, it says my password is incorrect, even though it's correct. Does anyone know what I'm doing wrong? Any help would be appreciated.
It's not quite that simple, though, because if you go to the "Less secure apps" page you'll find that it's no longer available. However, you can still use "App passwords". An application password is intended to be unique for a single application to access a single section of Google's environment. For example, you could have an application password for receiving/sending email but it would not allow access to the profile or settings for your account.
I was successful in brute forcing the admin credentials. Once I had authenticated to DVWA I needed to find the cookie information (easily done via your browser or Burp Suite). Once I had the cookie information I issued the following command which worked.
Same problem happened to me when I was playing with DVWA. The reason is that you're trying to brute-force YOUR_SERVER/dvwa/vulnerabilities/brute/index.php which needs authentication. Try to visit that page in your browser and you'll be prompted to enter a username and a password (different form from the one you're trying to brute-force)
On the second form you won't get the message "Username and/or password incorrect.", which you told Hydra to use to differentiate between failed and successful logins. Hydra doesn't see that failed login message, so it's assuming that the login was successful.
Supposedly, you can set the cookie in the HTTP headers in Hydra by doing H=Cookie:NAME=VALUE or pointing Hydra to a file which sets the cookie by doing C=/path/to/file. Unfortunately, non of these worked for me.
hydra 192.168.56.2 -l admin -P /home/user/Downloads/pass.txt http-get-form "/vulnerabilities/brute/index.php:username=^USER^&password=^PASS^&Login=Login:Username and/or password incorrect.:H=Cookie: security=low;PHPSESSID=n5ggv5f2b3vcrl9fe15nqu6v95"
The other gotcha was when I was debugging using Wireshark - I was taking the first HTTP request and wondered why the username and password parameters weren't passed. It appears that Hydra makes a HTTP request to the URL without parameters first.
Two days ago I experienced the same issue and found out that my /etc/sudoers reverted back to a default state where no user is allowed to use the sudo command. Could that be the result of a system update?
I used "su" to log into my root account and then visudo to modify the sudoers file accordingly.
Same issue here. Only it's a fresh install and the root pass doesn't work for sudo. It does in most places but not in the terminal... If I su, then password works, but back to user, I get 3 strikes...
Another issues I have is running update under su, I got files that were not accessible... How?
skypeforlinux.desktop could not be removed under su...?
Welcome to the forum!
Its nice that you had a search before posting but since this a 6 month old thread it is better to create a new thread with your report + proper system information as described here:
Kali Linux is the number one security operating system of today, and this is the operating system that the programming world prefers to use to perform penetration testing, or pen-testing. Pen-testing is a methodology where people check their own systems and their own architectures to find vulnerabilities. It is a Debian-based system and widely considered one of the best options for hackers. Kali Linux was developed by offensive security as a rewrite of Backtrack, a Linux distribution that focuses on security. Kali Linux is a distribution that offers many hacking and penetration tools that are up-to-date and software by default and is widely recognized by different Windows users.
Kali Linux requires a minimum storage space of 20 GB to install and begin working. Kali Linux is a heavyweight OS and needs 1GB of RAM. This OS uses a variety of tools that require graphical hardware acceleration using the latest GPUs.
Say you come to the login screen of Kali Linux and you have forgotten your password. If you enter the wrong password, it is going to say that the password is incorrect and to try again. At this point, you should simply restart Kali Linux.
After reading this article, forgetting the password of Kali Linux should no longer be an issue for you. You can simply reset your password by following the simple steps listed above. I hope this article has helped you in solving this issue.
GRUB 2 reads its configuration from the /boot/grub2/grub.cfg file on traditional BIOS-based machines and from the /boot/efi/EFI/fedora/grub.cfg file on UEFI machines. This file contains menu information.
Berkas konfigurasi GRUB 2, grub.cfg, dihasilkan selama instalasi, atau dengan memanggil utilitas /usr/sbin/grub2-mkconfig, dan secara otomatis diperbarui oleh grubby setiap kali kernel baru dipasang. Ketika dibuat ulang secara manual menggunakan grub2-mkconfig, berkas dihasilkan sesuai dengan berkas templat yang terletak di /etc/grub.d/, dan pengaturan khusus di berkas /etc/default/grub. Pengeditan grub.cfg akan hilang kapan saja grub2-mkconfig digunakan untuk meregenerasi berkas, jadi harus berhati-hati untuk mencerminkan perubahan manual apa pun di /etc/default/grub juga.
Normal operations on grub.cfg, such as the removal and addition of new kernels, should be done using the grubby tool and, for scripts, using new-kernel-pkg tool. If you use grubby to modify the default kernel the changes will be inherited when new kernels are installed. For more information on grubby, see Making Persistent Changes to a GRUB 2 Menu Using the grubby Tool.
Berkas /etc/default/grub digunakan oleh alat grub2-mkconfig, yang digunakan oleh anaconda saat membuat grub.cfg selama proses instalasi, dan dapat digunakan jika terjadi kegagalan sistem, misalnya jika konfigurasi boot loader perlu dibuat ulang. Secara umum, tidak disarankan untuk mengganti berkas grub.cfg dengan menjalankan grub2-mkconfig secara manual kecuali sebagai upaya terakhir. Perhatikan bahwa setiap perubahan manual ke /etc/default/grub memerlukan pembangunan kembali berkas grub.cfg.
Di antara berbagai cuplikan kode dan direktif, berkas konfigurasi grub.cfg berisi satu atau lebih blok menuentry, masing-masing mewakili satu entri menu boot GRUB 2. Blok-blok ini selalu dimulai dengan kata kunci menuentry diikuti dengan judul, daftar opsi, dan kurung kurawal pembuka, dan diakhiri dengan kurung kurawal penutup. Apa pun antara kurung pembuka dan penutup harus diindentasi. Misalnya, berikut ini adalah contoh blok menuentry untuk 29 dengan kernel Linux 3.17.4-301.fc21.x86_64:
Setiap blok menuentry yang mewakili kernel Linux yang dipasang berisi linux pada IBM POWER Series 64-bit, linux16 pada sistem berbasis BIOS x86_64, dan linuxefi pada sistem berbasis UEFI. Kemudian direktif initrd diikuti oleh path ke kernel dan image initramfs masing-masing. Jika partisi /boot terpisah dibuat, path ke kernel dan image initramfs relatif terhadap /boot. Dalam contoh di atas, baris initrd /initramfs-3.17.4-301.fc21.x86_64.img berarti bahwa image initramfs sebenarnya terletak di /boot/initramfs-3.17.4-301.fc21.x86_64.img ketika sistem berkas root dikait, dan juga untuk path kernel.
Nomor versi kernel seperti yang diberikan pada baris linux16 /vmlinuz-kernel_version harus cocok dengan nomor versi image initramfs yang diberikan pada baris initrd /initramfs-kernel_version.img dari setiap blok menuentry. Untuk informasi lebih lanjut tentang cara memverifikasi image disk RAM awal, lihat Memverifikasi Image Initial RAM Disk.
Dalam blok menuentry, direktif initrd harus menunjuk ke lokasi (relatif terhadap direktori /boot/ jika berada di partisi terpisah) dari berkas initramfs yang sesuai dengan versi kernel yang sama. Direktif ini disebut initrd karena alat sebelumnya yang membuat image disk RAM awal, mkinitrd, menciptakan apa yang dikenal sebagai berkas initrd. Direktif grub.cfg tetap initrd untuk menjaga kompatibilitas dengan alat lain. Konvensi penamaan berkas sistem yang menggunakan utilitas dracut untuk membuat image disk RAM awal adalah initramfs-kernel_version.img.
Pindahkan kursor ke bawah untuk menemukan baris perintah kernel. Baris perintah kernel dimulai dengan linux pada 64-Bit IBM Power Series, linux16 pada sistem berbasis BIOS x86-64, atau linuxefi pada sistem UEFI.
These settings are not persistent and apply only for a single boot. To make persistent changes to a menu entry on a system, use the grubby tool. See Adding and Removing Arguments from a GRUB Menu Entry for more information on using grubby.
The grubby tool can be used to read information from, and make persistent changes to, the grub.cfg file. It enables, for example, changing GRUB menu entries to specify what arguments to pass to a kernel on system start and changing the default kernel.
In Red Hat Enterprise Linux 7, if grubby is invoked manually without specifying a GRUB configuration file, it defaults to searching for /etc/grub2.cfg, which is a symbolic link to the grub.cfg file, whose location is architecture dependent. If that file cannot be found it will search for an architecture dependent default.
The --update-kernel option can be used to update a menu entry when used in combination with --args to add new arguments and --remove-arguments to remove existing arguments. These options accept a quoted space-separated list. The command to simultaneously add and remove arguments a from GRUB menu entry has the follow format:
This command removes the Red Hat graphical boot argument, enables boot message to be seen, and adds a serial console. As the console arguments will be added at the end of the line, the new console will take precedence over any other consoles configured.
c80f0f1006