DEV Community: Md Shykat

How to scan a port and import the results using Metasploitable and Kali Linux

Md Shykat — Fri, 13 Dec 2024 13:53:03 +0000

To scan a port and import the results using Metasploitable (a vulnerable virtual machine for security training) and Kali Linux (a penetration testing operating system), you can follow these steps:

Step 1: Identify the Target

Find the Metasploitable IP Address:

Log in to Metasploitable using default credentials (msfadmin/msfadmin).
Use the command ifconfig to find its IP address (e.g., 192.168.1.101).
Ping the Target from Kali:

Open a terminal in Kali Linux.

Use ping [Metasploitable IP] to verify connectivity.

Step 2: Perform a Port Scan

Using Nmap:
Run an Nmap scan from Kali Linux:

bash

nmap -sS -sV -O 192.168.38.129 -oX M1

-sS: Performs a SYN scan. This is a stealthy scan method that sends SYN packets to identify open ports without completing the TCP handshake.
-sV: Performs service version detection to determine the software and version running on the open ports.
-O: Enables OS detection to identify the target's operating system based on response characteristics.
192.168.38.129: The target IP address to be scanned.
-oX M1: Outputs the scan results in XML format and saves it to a file named M1. This format is useful for importing into tools like Metasploit.

Review Scan Results: The scan results will list open ports and services running on Metasploitable.

Step 3: Import Results into Metasploit

Start Metasploit Framework on Kali Linux:

bash

msfconsole

Import the Nmap scan results:

bash

db_import /path/to/M1

Ensure the database is initialized; run db_status to check. If it's not running, initialize it with:

bash

msfdb init

Verify the imported hosts and services:

bash

hosts
services

Step 5: Analyze and Plan Exploitation

List Vulnerabilities: Use Metasploit's auxiliary scanners to identify potential vulnerabilities based on the open ports and services.

Exploit the Target:

Use appropriate Metasploit modules to exploit vulnerabilities found during the scanning phase.

How to Create a Workspace in Metasploit Console

Md Shykat — Thu, 12 Dec 2024 11:23:46 +0000

Creating a workspace in the Metasploit Framework console is straightforward and helps in organizing your penetration testing activities. Here's how you can do it:

Steps to Create a Workspace in Metasploit Console

1.Start Metasploit Console

Launch the Metasploit Framework console by typing:

bash:

msfconsole

2.List Existing Workspaces (Optional)

To see a list of all current workspaces, use:

bash:

workspace

3.Create a New Workspace

To create a new workspace, use the following command:

bash:

workspace -a <workspace_name>

Replace with the name you want for the workspace. For example:

bash:

workspace -a test_workspace

4.Switch to the New Workspace

Once created, you can switch to the new workspace using:

bash:

workspace <workspace_name>

Example:

bash:

workspace test_workspace

5.Verify the Current Workspace

To confirm you’re in the correct workspace, use:

bash:

workspace

The currently active workspace will be marked with an asterisk*.

6.Delete a Workspace (Optional)

If you no longer need a workspace, you can delete it with:

bash:

workspace -d <workspace_name>

If you like this post, please do share.

How to Activate and Enable the PostgreSQL Service on Your Kali Linux System

Md Shykat — Thu, 12 Dec 2024 11:11:21 +0000

To activate the PostgreSQL service, you can follow these steps:

1. Start the PostgreSQL Service

Run the following command to start the PostgreSQL service:

bash:

sudo systemctl start postgresql

2. Enable PostgreSQL to Start on Boot

To ensure PostgreSQL starts automatically at system boot, enable it using:

bash:

sudo systemctl enable postgresql

3. Check the Service Status

Verify that the service is active and running:

bash:

sudo systemctl status postgresql

The output should show that the service is active (running).

Troubleshooting

If the service does not start, check the logs for detailed information:

bash:

sudo journalctl -u postgresql

Ensure PostgreSQL is installed correctly and the configuration files are not corrupted. Let me know if you encounter any specific issues!

Hydration error while installing NextJS 15

Md Shykat — Thu, 21 Nov 2024 13:56:29 +0000

After creating a new next 15 project and running the server

npm run dev

if you see these error in your development server:

Hydration failed because the server rendered HTML didn't match the client. As a result this tree will be regenerated on the client. This can happen if a SSR-ed Client Component used

A server/client branch if (typeof window !== 'undefined').
Variable input such as Date.now() or Math.random() which changes each time it's called.
Date formatting in a user's locale which doesn't match the server.
External changing data without sending a snapshot of it along with the HTML.
Invalid HTML tag nesting.

It can also happen if the client has a browser extension installed which messes with the HTML before React loaded.

See more info here: https://nextjs.org/docs/messages/react-hydration-error

Here is the solve

use this suppressHydrationWarning attribute in your layout.tsx file

return (
    <html lang='en' suppressHydrationWarning>

if this doesn't solve your problem, then So far these are the mentioned extensions that cause hydration errors I have seen here. You guys can add up further names to gather them in a single place to help other fellow devs:

1 - ColorZilla

2 - Wappalyzer

3 - Urban VPN

4 - LastPass

5 - Hacker Vision

6 - WhatFont

7 - Video Speed Controller for HTML videos

8 - Glot

9 - AI Grammar Checker & Paraphraser – LanguageTool

10 - Grammarly

11 - Invert

12 - Dashlane

Happy Coding :)

🚀 Unlock the Power of Next.js with These Exciting Features! 🚀

Md Shykat — Sat, 19 Oct 2024 20:59:28 +0000

Next.js keeps evolving, making it easier and faster to build incredible web applications. Here are some of the coolest features you don't want to miss:

1️⃣ App Router
Forget about managing complex routing! The new App Router allows for simpler and more powerful routing solutions. No more worrying about nested routes and layouts – it’s all in one file structure.

Example: Define your route with just one file under the /app directory. Next.js takes care of everything!

2️⃣ Server Actions
Say goodbye to client-side JavaScript overload! Server Actions now enable running logic on the server directly, helping reduce page load times and improving performance.

Example: Perform heavy database queries or API calls on the server and send minimal data to the client, keeping your app super fast.

3️⃣ React Server Components
Next.js now integrates React Server Components, allowing you to render components on the server and send only HTML to the browser. This is perfect for rendering parts of the page that don’t require JavaScript interactivity.

Example: Use React Server Components for things like navigation bars, static content, or other UI elements that don’t need constant client-side interaction.

4️⃣ Turbopack
Meet the all-new bundler, Turbopack. It's 10x faster than Webpack, giving you instant feedback during development and faster builds.

Example: Just swap Webpack with Turbopack in your Next.js config, and experience lightning-fast bundling and hot-reloading during development.

5️⃣ Automatic Static Optimization
Next.js automatically optimizes pages that don’t have server-side code, delivering them as static files. This means even faster load times for static content pages!

Example: Build your landing pages, blogs, or portfolios with Next.js, and let the framework optimize them for blazing speed!

💻 Ready to supercharge your Next.js projects? Dive into these new features today and experience the future of web development!

VS Code is insanely slow

Md Shykat — Mon, 19 Aug 2024 12:50:56 +0000

I did the following:

Remove the ESLint extension by Microsoft
Disabled autosave
Disabled quick suggestions, only show If ctrl+space

The most notable improvement I got was when I disabled the auto-save feature in VScode that I enabled a long time ago, it must've been triggering some other stuff such as IntelliSense, code snippets, etc.

Game Zone - gaming community

Md Shykat — Sat, 13 Jul 2024 09:30:06 +0000

This is a submission for the Wix Studio Challenge .

What I Built

Demo

https://himulol123.wixstudio.io/game-zone

Development Journey

Differences between Asp.net and Asp.net Core

Md Shykat — Wed, 26 Jun 2024 18:34:54 +0000

ASP.NET and ASP.NET Core are both frameworks for building web applications and services, but they have several key differences. Here are the main distinctions between the two:

1. Cross-Platform Support

ASP.NET: Primarily designed to run on Windows. It can run on Windows Server and Internet Information Services (IIS).
ASP.NET Core: Cross-platform, running on Windows, macOS, and Linux. It supports different web servers like Kestrel and IIS and can run in containers and cloud environments.

2. Performance

ASP.NET: Performance is good but not as optimized as ASP.NET Core.
ASP.NET Core: Highly optimized for performance. It is known for its high throughput and low latency, making it one of the fastest web frameworks available.

3. Modularity

ASP.NET: Monolithic framework, where many libraries and features are built-in and used by default.
ASP.NET Core: Modular framework, allowing developers to include only the libraries and features they need. This results in a smaller application footprint and better performance.

4. Unified Framework

ASP.NET: Separate frameworks for different tasks (e.g., ASP.NET MVC for web applications, ASP.NET Web API for building APIs).
ASP.NET Core: Unified framework combining MVC, Web API, and Razor Pages into a single programming model, simplifying development.

5. Dependency Injection

ASP.NET: Limited and less flexible support for dependency injection, often requiring third-party libraries.
ASP.NET Core: Built-in support for dependency injection, making it easier to manage dependencies and promote better software design practices.

6. Configuration and Logging

ASP.NET: Configuration is usually done via web.config files, and logging support is more basic.
ASP.NET Core: Uses a more flexible configuration system that supports various sources (e.g., JSON files, environment variables). It also includes a robust logging framework out of the box.

7. Razor Pages

ASP.NET: Does not have a direct equivalent to Razor Pages.
ASP.NET Core: Introduces Razor Pages, a page-based programming model that simplifies the development of page-centric web applications.

8. Blazor

ASP.NET: Does not support Blazor.
ASP.NET Core: Includes Blazor, a framework for building interactive web UIs with C#. Blazor WebAssembly runs in the browser, while Blazor Server runs on the server.

9. Open Source and Community

ASP.NET: Developed as a closed-source framework initially, with some components later open-sourced.
ASP.NET Core: Fully open-source from the start, with active contributions from the developer community, ensuring continuous improvement and innovation.

10. Hosting and Deployment

ASP.NET: Typically hosted on IIS on Windows Server.
ASP.NET Core: More flexible hosting options, including IIS, Kestrel, Nginx, Apache, and can be hosted in various environments like Docker containers and cloud services (e.g., Azure, AWS).

11. Cross-Platform Support

ASP.NET: Primarily developed using Visual Studio on Windows.
ASP.NET Core: Supports development with Visual Studio, Visual Studio Code, and the .NET CLI across all supported platforms (Windows, macOS, Linux).

Greedy Algorithm

Md Shykat — Fri, 21 Jun 2024 00:07:40 +0000

A Greedy Algorithm is a simple, step-by-step way to solve problems. It picks the best choice at each step without looking ahead. It's fast but doesn't always find the perfect solution. Examples include finding the shortest path or making change with the fewest coins.