January 2020

Kali Linux 2020.1 iso released and now available for immediate download

Kali Linux 2020.1 iso was now released and available for immediate download. We had already discussed about few changes like default user name and password for Kali 2020.1 and later latest version being changed, and the OS becoming non-root user default  in our last week's post when the beta edition was released, the changes are now live in this stable edition. But wait, it doesn't stop there Kali Linux has also got few other major changes now. 

Kali Linux 2020.1 changelog/ history

Apart from the above, here are some changes made on Kali Linux 2020.1 

1) You won't get the same ISO to install and try. Ya! from now (2020.1 edition) Kali Linux installer image, network image and live images will be separate. 

This change was made for us to download only the image we need, and to greatly reduce the size of the iso image, the developers confirmed in the blog.

 2) You can choose desktop environment of your choice while installing Kali. 

If you are a long time Kali user, then you might have known this. Kali was available on different desktop environments, And we can choose the ISO image of our choice. But that's now history, because you won't get separate images like Xfce desktop environment iso, KDE desktop environment iso's. Instead we have a kind of upgraded option now. All our desktop environments will be on same installer now. 

So, we can choose desktop environment of our choice at the time of our installation. And the best part ? you can choose to install various desktop environments at the same time.

Kali Linux 2020.1 iso released and now available for immediate download
Image credit : Kali.Org

See: Change desktop environment in Kali Linux Latest version [ How to Guide]

3) NetHunter is now Non-root !

Perhaps, one of the biggest feature that was released. You no longer need to root your phone for Mobile pentest✌

4) Change in theme 

Kali 2020.1 has also got some appearance change. You can see the change in icons and some visual polish being done on this new build.

Xfce became the default theme for this build too. Kali undercover mode also got some addition to give near Windows look..

These are the major changes done on Kali 2020.1 and the installation guide or how do i install Kali 2020.1?

You can install Kali 2020.1 like a normal existing Kali OS. However, if you need one guide then let me know i will update that on our next post.

Kali 2020.1 Download Link -> https://www.kali.org/downloads/

Keep breaking :)

Other posts :

How to checksum or verify File Integrity of downloaded Kali Linux using Windows without any software [ Beginners' Guide]

Find saved WiFi passwords in Kali Linux or any Linux Latest version with a single command [How to Guide]

Kali Linux 2020 live default username and Password changed - Here is the new one for all latest versions

Change grub wallpaper/background image/theme in Kali Linux latest version [How-to]

Windows 10 Insider preview 19555 now available for download to fast ring insiders

Windows 10 insider preview build 19555 is now available for download to Fast ring insiders. This build is the latest build released by Microsoft to Windows 10 insiders. Microsoft fixes issues like cloud recovery option,  external USB drivers becoming unresponsive with Start 10  in this build, which is a good move. But existing bugs that are from previous build 19546 like Narrator (a core part for Visually impacted people) not working on new Microsoft chromium based Edge, update process hanging for longer duration continues to exists in this build with addition to new bug - update getting failed with error codes 0x8007042b & 0xc1900101.

These builds are directly coming from the active development branch, meaning you will get the codes directly from the engineers who actively make code changes, hence it will have lot of bugs that are unknown/ not yet discovered So, if you are a normal user then i recommend you to install slow ring builds or install and try on some Virtualization based apps like virtual box or VmWare.

However, if you are a fast ring insider then you can download and try this preview build 19555 by checking for updates on Settings screen.

I will update the Windows 10 insider preview 19555 build iso download links as soon as its available on trusted public domains, So keep checking for latest updates.

Don't forget to share the links, if you have found the one, which might help someone too :)

Read the complete list here.

How browsers works on Mobile phone [Beginner's guide]

While i was searching new movies released on 2020 to watch online, one of my friend sitting nearby suddenly asked me how browsers can work on Mobile phones ? i was shocked, because the question seems to be little bit strange. Realizing that, he re-framed the question and asked me Can you tell me how browser works on mobile phones? because all this days, i'm using browsers but i don't know how it works, so today i want to learn about that!. As, i was in a mood to watch movies, i asked him to google/bing so that he can learn something. He googled to find the information, but he was unable to understand those contents as they are too technical. So he asked me again to explain in simple terms, which made me write this post.

This post is an beginner friendly and a short one. So, if you are the one, who wants to know about how browser works on mobile phones and PC/ Laptops then i hope it might help you too. 

Ok, let's dig in..

How Browser works :

Everything in this computer world works on two components. CPU central processing Unit and Graphic processing Unit. Understanding both this terms is important to understand how it works. 

CPU is nothing but the heart of our computer/Mobile phones. Hmmm, let's say this way. You might have seen new smartphone's getting released everyday. So, if you asked specification for that device, then they might say, Snapdragon 855 or 635 with Octa core processor, quad core processor right? they are the ones that help our mobile phones process the information(8 Cores means, 8 processors are built in single chip, quadcore means 4)). For example : If you enter 6 + 8 = ? on calculator application then it will display the result  by calculating the values that are already programmed inside itself. Your Phone will calculate those things with the help of this processor, which will work closely with memory. Likewise Gpu will process all graphical elements like images/photos. Those things are hardware's that will be inside your mobile and PC.

So, when reading that, had you thought, how that hardware just a stationary object understand what information you typed ? Simple they do that with the help of Operating system which are nothing but we call OS. Android, Windows 10, Kali Linux, Mac, iOS are the popular OS's. So, this how OS works ? its actually a pretty big concept. I will explain in very short. They are the programming codes that will have instructions on how system should work (like if user asks what is 6 + 8 then it will have instructions like interact with processor and display the results.) that are written and saved in your harddrive/ SSD when an OS is installed, If you are using Windows 10, then you can see operating system files on System 32 and Windows folder. If you are using Android then you can find those information on Android folder inside internal storage.

Next, we will see process and thread. Process is nothing but the executing part of the application. And thread will make the processes alive. I.e; When you open calculator app or any app like chrome app, then a kind of instruction will be sent to the OS that the app is running and will allow the application to do the work as intended. This process is called process. OS will allocate separate process id for different processes. And this OS will manage all the applications( processes)

Application interacts with OS -> OS interacts with hardware -> Hardware does the Job -> Sends the information back to OS -> OS sends the information back to Application.

All this things are happening in very very minute seconds. If you are reading this post, and the moment you clicked on downward arrow mark on keyboard or scrolled your mouse down then the instruction will be like the hardware will sending instructions to OS that user has pressed the down arrow mark, OS will interact with processor and will find what needs to be in our case will scroll down the post. Likewise, every action will be done by our system. 

If you understand the above, then you had understood basics concepts on how systems work and the good part of it is, its common for all mobile and PC's, laptop, tablet devices.

Now, let's see how browser works on mobile phones. As most of us, are using android phones i will explain with the help of android itself. Don't complicate things.  Think Browser as just an application like calculator app, that will just have some additional features. That's it. You know how application works right? the same calculator example we had seen above. 

In android, When you start an application then the screen that is displayed is called Activity, and everything on android is based on activity. For Example : If you are starting chrome app or WhatsApp then the moment you click on the app icon and it will load the chat screen right ? that is called activity. (Ofcourse, the above Operating system concept we had seen will be done on background). An application like browsers will have many activities, and all those activities are collectively formed to be an application. 

The following is also called browser architecture, as they are the ones that help for browser application to work. So, as soon as you start the chrome application, which will load activity screen the following processes will be executed in the background.

1) Browser Process -> Controls everything like the address bar, bookmarks, buttons and other network activity except website displaying area.
2) Rendering process -> Controls how website should be displayed
3) Plugin process -> Controls plugins used by the Website.
4) Gpu Process -> Handles Gpu works

So, the moment when you typed some website name like logeshwaran.org on the address bar controlled by browser process then here what will happen, it will interact with your network first. For example : If you had connected to the WiFi network then, your browser will interact with WiFi drivers of the OS -> Will send information to Router -> Router will send the information to Internet Service provider -> Which will send the DNS request -> Will find the Website server -> Web server will send the information to ISP -> ISP to your Router -> Router will send the information to your device OS -> OS will send the information to your application -> Application displays the information to you . Hmm all this information happens within seconds, that's how technology has now advanced :)

So, once the above information (webpage like .html file or .php file) sent by web server was received, then rendering process will render based on the code. Example : If its a .html file then it will render the codes written inside by the site owner/web developer and will display the site. You can see take our site as an example for this too, your browser has rendered the codes written on css and html languages to display the results.

And you guessed it right ! Rendering process will interact with GPU process and Plugin process if the site has those content like images/ plugins and will display the result in our case webpage.

All this actions like Application interacting with OS -> OS installed on hardware interacting with network -> Network finding information sending back to OS -> OS sending back information to application happens every time whenever an site is loaded/viewed in less than seconds

This is how an browse works on mobile phone and PC devices, pretty simple ugh?

Avast sold all your data to third party companies, as per new Investigation ! Antivirus or Virus?

Avast, the antivirus company which claims it has over 435+ million active users was found to be selling all your data to third party large companies like Google through its subsidiary Jumpshot as per the joint investigation by PCMag and Vice

If you are using the Avast free antivirus, which was once believed to be the trusted and most effective antivirus made free then its time for you to look deep and take actions to safeguard your privacy.
Avast sold all your data to third party companies, as per new Investigation ! Antivirus or Virus?

A little bit history/ how it started..

Avast free antivirus and AVG installs an extension in the name of protecting you from third party harmful/malicious websites on most of your browsers, the thing that it will do is simple yet complicated work. It will interfere all the web traffic and will figure out whether the site the user(you) visiting is trust worthy or can it be allowed on the device by comparing previous reviews, behavior from various sources like avast servers on the internet. Once it was found to be trusted site or doesn't have any malicious content, then it will allow the user to visit/access the site, that's how an antivirus extension normally will work.

We thought someone/avast is always there for us! But we were wrong ! because, it didn't stop there. The avast and AVG extensions actually collected all your data instead of necessary ones and sent it to Avast servers for a different work as found by palant.de. This was then sold to third party companies with the help of Jumpshot per this new investigation.

Result ? all the Avast and AVG extensions were removed from the popular browsers like firefox and chrome temporarily !

And now..

As this was found out, and extensions were removed this Jumpshot, which has 100million+ users and Avast used a different approach. They are no longer installing extensions/collecting data through extensions, instead they are making users opt-in for data collection automatically which is a kind of collecting information with user's permission.

"If you had seen Avast displaying Mind Sharing Some data with us ? and ignored the screen or clicked agree without reading! then you might have been victim already!"
As the screen was designed to show what avast is doing and it had given you an option for to disable sending your data!" 

Though avast, says the information sent was anonymous and cannot be decoded/ traced back. Its actually possible to trace back to you, as per various experts.

A simple example : If you are accessing gmail, then what you will do? you will enter the username and password which are unique to you right? Sometimes, if you are accessing the gmail from a different device or from workplace, then you might have seen google saying "Help us identify whether its really you!" and it will ask you to verify mobile number or use any other verification" to prove its really you! How is this possible ? how do you think google knows you are accessing from different system? this is because their servers will analyse various things like whether the account is getting accessed from the same ip or device used earlier, before giving access to your email folder ! If it suspects something can go wrong, then it will ask for those verification's, else it will allow you to access. So by default, you need to know everything will be logged.

Likewise, Avast is logging your deviceid and its sending all your data which includes what is the term you searched on google/bing, at what time you thought of purchasing iPhone or PC, at what time you had clicked on the amazon link, how long you stayed on the webpage,etc things to its web server. Then jumpshot, will sell this data to third parties which will then use this data for understanding user behavior and for various purposes like to serve ads primarily. 

Its just a simple one, there are many ways to identify its you who actually checked the information!

So, if you are the person whom has taken pledge " I won't read terms and conditions, i will directly click agree and continue option" like 5 out of 10 people in the world did then you don't need to worry about your privacy, Yes ! you don't need to worry. The reason for that is because all of your information might be already available with most of the companies in some form. Though its a fact at least, start following safe browsing habits, check what are the information they are collecting and start reading the terms and conditions before you click agree and continue everytime from now on and take control of your privacy. 

We cannot directly blame those companies for selling our data ! We should blame ourselves! Do you think, a huge company be it be avast or any major company will provide services for free, without expecting nothing from us?, in the world were money decides your lifestyle ? then, think again!

Update : Avast ends JumpShot

WhatsApp dark theme was finally released for all android beta testers (Beta 2.20.13 download Now!)

WhatsApp's much anticipated dark theme was finally released for Android beta testers in today's update 2.20.13. This dark mode was once said to be released on end of November-December last year, but because of various issues this dark theme was postponed to now and then and was finally released now. So, if you are an android beta tester of WhatsApp then go ahead and update your WhatsApp beta app to get the dark theme right on your mobile.

Once, you updated your app you can activate dark theme by following the steps below.

Activate Dark theme on WhatsApp beta - How to guide

1) Go to Settings

2) Click on Chats

3) There, you will see the theme section. Click on it

It will popup three options :

Light, dark and Set by battery saver. Select Dark -> Click ok.

WhatsApp dark theme is finally released for all android beta testers (Beta 2.20.13 download Now!)

That's it. You had successfully activated the dark theme for your WhatsApp.

i) Light - Set this option to get back from dark theme. Normal WhatsApp white color

ii) Dark - Select this option to activate dark.

iii) Set by battery saver - Select this option to automatically switch between light and dark themes.

How do i join WhatsApp beta program now to download dark theme WhatsApp ?

Unfortunately, the beta program is now full. So, you cannot join the existing beta program. But you don't need to worry. We have alternatives for you too. Visit any trusted android apk downloading sites like apkmirror, download whatsApp beta app version 2.20.13 of Android and install as usual. 

Follow the above steps, activate the dark theme and Enjoy.

Microsoft Edge Chromium installs on a different language than Windows default language - Here is how to change default browser language

Microsoft Edge or Ms Edge Chromium was released yesterday, but there is an problem lot of users have complained that this new chromium based Microsoft Edge is getting installed on a different language than their Windows default language. To be more specific, If their Windows default language was English then Microsoft Edge chromium will be installed on Chinese or Spanish or sometimes an unknown language. So, in this post let's see how to change default browser language in Microsoft Edge Chromium. If you are the one who is experiencing the similar kind of issue then you can change language to English using the following steps.

There are two ways in which we can actually change the language, one is changing the language using the inbuilt settings and another one is downloading and installing it separately. We'll first see how to change the default language using inbuilt settings option.

Change default browser language in MS Edge Chromium [How to]

1) Open MS Edge browser.

2) Type edge://settings/languages in the address bar.

(Address bar is nothing but the tab where you will type bing.com, google.com, etc)

3) Select the language of your choice example : English.

That's it.

If your language is not listed, then click on add language, which will be the first button on the top right corner sidebar.

4) Once its added, select Display Microsoft Edge in this language option.

Done :) 

If it didn't work, then try restarting the browser for couple of times, else download and install latest version of MS Edge directly on your PC.

Microsoft Edge Chromium Offline installer download for Windows 10 64-Bit, 32-Bit and Mac -[Official links are here]

Microsoft Edge based on chromium was released today Jan 15, 2020. So, if you are a Windows 10 or Mac user, then you can download and enjoy the latest version for free now. But the problem is Microsoft download site holds only Online installer making us to install this new Edge chromium only with the help of internet, which sounds bad for users like us who prefer the Offline installers. So, in this post i will share the way to download ms edge chromium offline from Official sources for both Windows 10 64-bit, 32 bit and Mac.

Let's directly enter to the post.

Download MS Edge chromium Offline Installer - How to [Guide]

1) Go to the below link, which is the Official link.

Link : https://www.microsoft.com/en-us/edge/business/download

2) Select the channel/ build you want to install. Beta and dev (developer) or pre-release editions, that will have new features but will have bugs.

So, choose stable from the drop down. Example : Stable 79.0.309.65

3) Now, select the platform. 

If you are using Windows 32-bit, select Windows 32-bit. If you are using Windows 64-bit then Choose that.

In the same way if you are using Mac, then select Mac.

4) Click the Download option.

And install the edge by following Onscreen instructions.


Other posts:

Google announces its finally Moving Forward from Chrome Apps

What is Botnet ? and how it works ? [You might be a victim already too..]

Google announces its finally Moving Forward from Chrome Apps

Google has announced the end of chrome apps which you might be using very rarely in a 
blog post titled "Moving forward from Google apps" today. You don't to worry as deprecating this feature will not cause any effect in the way we browse our PC. Chrome apps are just a normal apps that will run inside chrome browser when you launched directly from desktop(the feature which most of us are not aware of). Only this feature is going to deprecated that too not immediately. 

The end of the beginning will commence on March 2020, Starting that month Chrome will no longer accept chrome apps from developers on its chrome web store. 

Developers will still be able to update their existing apps till June 2022 which is the  deadline for all users including chrome OS users. But if you are a Windows, Mac or Linux user then this feature will end for us on Coming June 2020.

Here is the timeline ..

  • March 2020: Chrome Web Store will stop accepting new Chrome Apps. Developers will be able to update existing Chrome Apps through June 2022.
  • June 2020: End support for Chrome Apps on Windows, Mac, and Linux. Customers who have Chrome Enterprise and Chrome Education Upgrade will have access to a policy to extend support through December 2020.
  • December 2020: End support for Chrome Apps on Windows, Mac, and Linux.
  • June 2021: End support for NaCl, PNaCl, and PPAPI APIs.
  • June 2021: End support for Chrome Apps on Chrome OS. Customers who have Chrome Enterprise and Chrome Education Upgrade will have access to a policy to extend support through June 2022.
  • June 2022: End support for Chrome Apps on Chrome OS for all customers.
Support for extensions doesn't have any issue, as Google clarified that it will keep on accepting and will allow the extensions to be installed and there is no change in it. However, if you are a web developer then you can move forward with Google by developing PWA's.

Oops, something has gone wrong. Please contact your software vendor. Network Manager needs to be running,no WiFi adapter error in Kali Linux [Solved]

Oops, something has gone wrong. Please contact your software vendor. Network Manager needs to be running this is the error message i got in Kali Linux. Currently, Wi-Fi is disconnected, not working / not visible in settings icon too, system says no wifi adapter found (which worked fine before that) when network manager service was restarted, any idea on how to fix this bro ?, i'm running Kali Linux latest version ! asked one of our blog reader (who seems to be newbie to linux world). 

So, i decided to write a separate post on this. If you are experiencing this same issue (WiFi not working or missing on settings icon] then i hope this post might help you too.

Oops, something has gone wrong. Please contact your software vendor. Network Manager needs to be running, no wifi adapter found error in Kali Linux [Solved]

Hmm, i will share the solution with my personal experience. I was also once a learner and new to Linux world. In order, to learn fast i tried experimenting few things like running multiple commands at once (i tried to do a kinda of scripting, which ofcourse went in vain). Result ? some how My WiFi got disabled. When i opened Settings icon and clicked on WiFi option now it says, " Oops, something has gone wrong. Please contact your software vendor. Network Manager needs to be running" I was like ok, network manager needs to be running right? so let's start network Manager. 

I opened terminal, and ran service network-manager restart as root. Now i got added problem. After running the above command now, my WiFi option was gone, it was missing from the settings. I did searching for it and Finally found the option but this time one more greeting from my Kali linux machine "No WiFi adapter found" Make sure you have a WiFi adapter plugged and turned on" i was little bit shocked and thought "Ok, Congrats we had successfully disabled the WiFi adapter on hardware level", now what? do i had to break the laptop and open the trays/circuits, to find missing WiFi device or write some coding to restore the Wifi services? no way! i tried to recall all the things i did but nothing worked. Finally i tried one crazy idea the monitoring WiFi networks around me and surprisingly i found the solution with that, because the device successfully scanned and listed the WiFi networks around me. With now, i found the rootcause, which is nothing but the WiFi being in monitored mode, i got back the WiFi.

Here, is what you have to do...

Open terminal as root by elevating permissions and stop the airomon-ng monitoring mode/service.

I.e; Open terminal and type sudo airmon-ng stop (Your WiFi interface name)

Example :  sudo airmon-ng stop wlan0

Make sure, you replace Wlan0 with your interface name. It might be Wlan0 on Some systems, and Wlan0mon on most of the systems. You can find your WiFi interface name on ifconfig and it failed try looking for the previous commands that you ran on the terminal.

After running that command, now restart the network manager. 

i.e.; Service network-manager restart

Now, go back to settings and see your WiFi will be there, which means our WiFi device was restored. 

-There is nothing wrong in breaking things, that's how you will learn new things :)

Happy breaking :)

Related posts:

Kali Linux 2020 live default username and Password changed - Here is the new one for all latest versions

Do you know you can Change grub wallpaper/background image/theme in Kali Linux latest version? here is an guide for you...

Oracle to patch 333 critical security Vulnerabilities today - Jan 14, 2020

After confidential news of Microsoft going to patch one of the severe vulnerability through Tuesday update of Jan 14, 2020 went viral, Oracle has now announced that it's too going to release patch for 333 critical security vulnerabilities today (Jan 14, 2020) and asks everyone to update As soon as possible as most of the patches that was planned to release today are going to fix the vulnerabilities that may be exploited over a network without requiring user credentials, Oracle said in its blog.

Oracle is going to release patch for many applications that includes design communications, Diameter Signaling Router (DSR), versions 8.0, 8.1, 8.2, 8.3, 8.4,Interactive Session Recorder, versions 6.0, 6.1, 6.2, 6.3, IP Service Activator, versions 7.3.4, 7.4.0, Border Controller, versions 7.4, 8.0, 8.1, 8.2, 8.3, Session Router, versions 7.4, 8.0, 8.1, 8.2, 8.3, Subscriber-Aware Load Balancer, versions 7.3, 8.1, 8.2, 8.3,Unified Inventory Management, versions 7.3, 7.4, Oracle Enterprise Communications Broker, versions PCz3.0, PCz3.1, PCz3.2 and Oracle Enterprise Session Border Controller, versions 7.5, 8.0, 8.1, 8.2, 8.3.

                    "No wonder Oracle claiming, CVSS((Common Vulnerability Scoring System) Score for them is 9.8 Out of 10 (10 is the Maximum, meaning Most severe vulnerability) as out of 21 security patches 19 of these vulnerabilities may be remotely exploitable without authentication"

Other than the above, you can expect Patch for Oracle Financial Services Applications like  Banking Corporate Lending, versions 12.3.0-12.4.0, 14.0.0-14.3.0, Oracle Banking Payments, versions 14.1.0-14.3.0, Oracle Financial Services Analytical Applications Infrastructure, versions 7.3.3-7.3.5, 8.0.0-8.0.8,Oracle Financial Services Funds Transfer Pricing, versions 8.0.2-8.0.7, Oracle Financial Services Revenue Management and Billing, versions,,,Oracle FLEXCUBE Investor Servicing, versions 12.1.0-12.4.0, 14.0.0-14.1.0, Oracle FLEXCUBE Universal Banking, versions 12.0.1-12.4.0, 14.0.0-14.3.0 

Oracle Food and Beverage Applications like Hospitality Suites Management, Oracle Fusion Middleware applications like Identity Manager, Oracle Big Data Discovery, Business Intelligence Enterprise Edition, Oracle Coherence, Oracle Endeca Information Discovery Integrator, Oracle Endeca Information Discovery Studio,Oracle Enterprise Repository, version,Oracle HTTP Server, versions,,, Oracle Outside In Technology, version 8.5.4,Oracle Reports Developer, versions,,Oracle Security Service, versions,,,Oracle Tuxedo, versions,,Oracle WebCenter Sites, versions,, Oracle WebLogic Server, versions,,,

Oracle Retail Applications like Oracle Retail Assortment Planning, versions 14.1.3, 15.0.3, 16.0.3,, Oracle Retail Brand Compliance Management Cloud Service, version 18.1,Oracle Retail Clearance Optimization Engine, versions 13.4, 14.0, 14.0.3, 14.0.5,Oracle Retail Customer Management and Segmentation Foundation, versions 16.0, 17.0, 18.0,Oracle Retail Markdown Optimization, versions 13.4, 13.4.4, Oracle Retail Order Broker, versions 5.2, 15.0, 16.0, 18.0,Oracle Retail Predictive Application Server, versions 15.0.3, 16.0.3, Oracle Retail Sales Audit, version 12.0

They do have CVSS score of 9.8

Apart from the above Oracle is going to release patch for many Oracle Software's like Oracle Utilities applications, Virtualization based ,etc ones so don't miss to patch to safeguard you and your users..

You can read the complete list of patch details on the Official source.

Credits and Source : Oracle