Download Ethical Hacking and Penetration Testing Guide PDF

TitleEthical Hacking and Penetration Testing Guide
Author
LanguageEnglish
File Size22.4 MB
Total Pages523
Table of Contents
                            Front Cover
Contents
Preface
Acknowledgments
Author
Chapter 1: Introduction to Hacking
Chapter 2: Linux Basics
Chapter 3: Information Gathering Techniques
Chapter 4: Target Enumeration and Port Scanning Techniques
Chapter 5: Vulnerability Assessment
Chapter 6: Network Sniffing
Chapter 7: Remote Exploitation
Chapter 8: Client Side Exploitation
Chapter 9: Postexploitation
Chapter 10: Windows Exploit Development Basics
Chapter 11: Wireless Hacking
Chapter 12: Web Hacking
Back Cover
	Uploaded by [StormRG]
                        
Document Text Contents
Page 1

Information Technology / Security & Auditing

Requiring no prior hacking experience, Ethical Hacking and Penetration Testing Guide
supplies a complete introduction to the steps required to complete a penetration test, or
ethical hack, from beginning to end. You will learn how to properly utilize and interpret the
results of modern-day hacking tools that are required to complete a penetration test.

The book covers a wide range of tools, including Backtrack Linux, Google Reconnaissance,
MetaGooFil, dig, Nmap, Nessus, Metasploit, Fast Track Autopwn, Netcat, and Hacker
Defender rootkit. Supplying a simple and clean explanation of how to effectively utilize
these tools, it details a four-step methodology for conducting an effective penetration test
or hack.

Providing an accessible introduction to penetration testing and hacking, the book supplies
you with a fundamental understanding of offensive security. After completing the book you
will be prepared to take on in-depth and advanced topics in hacking and penetration testing.

The book walks you through each of the steps and tools in a structured, orderly manner
allowing you to understand how the output from each tool can be fully utilized in the
subsequent phases of the penetration test. This process will allow you to clearly see how the
various tools and phases relate to each other.

An ideal resource for those who want to learn about ethical hacking but don’t know
where to start, this book will help take your hacking skills to the next level. The topics
described in this book comply with international standards and with what is being taught
in international certifications.

ISBN: 978-1-4822-3161-8

9 781482 231618

90000

ETHICAL HACKING
AND PENETRATION

TESTING GUIDE
B

A
L

O
C

H
E

T
H

IC
A

L
H

A
C

K
IN

G
A

N
D

P
E

N
E

T
R

A
T

IO
N

T
E

ST
IN

G
G

U
ID

E
RAFAY BALOCH

6000 Broken Sound Parkway, NW
Suite 300, Boca Raton, FL 33487
711 Third Avenue
New York, NY 10017
2 Park Square, Milton Park
Abingdon, Oxon OX14 4RN, UK

an informa business

www.crcpress.com

K22730

www.auerbach-publications.com

Page 261

231

Chapter 9

Postexploitation

So we have successfully exploited the target and managed to gain access to it. Now we are into the
postexploitation phase, which is the last phase of our penetration testing process. In this phase, we
will learn to exploit our targets further, escalating privileges and penetrating the internal network
even more. Meterpreter, which is the heart of this chapter, makes the postexploitation process
much easier.

Meterpreter contains many built-in scripts written in ruby; we can also add and modify meter-
preter scripts based on our requirements or just for exploration.

The goals of this chapter are as follows:

Gaining situation awareness in Windows/Linux after target compromise
Using Meterpreter scripts to perform reconnaissance
Using various methods for escalating privileges
Maintaining access
Penetrating the internal network further

Acquiring Situation Awareness
Immediately after compromising a host, you need to gain information about where the host is
located on the internal network and its functionality, which would include hostname, interfaces,
routes, and services that our host is listening to. The more you are familiar with the operating
system the more you can enumerate.

Enumerating a Windows Machine
Windows would be one of our common targets, since it is the most used operating system in the
corporate environment. Since most of you are familiar with Windows, it would be easy to enumer-
ate it. Our main goals would be to enumerate the network, mainly where the host is, find out what
other hosts are reachable from our compromised host, the interfaces, and the services.

So let’s assume that we have already compromised a Windows host, say, by using our
favorite ms08 _ 067 _ netapi exploit, and opened up a meterpreter session. From within

Page 262

232 ◾ Ethical Hacking and Penetration Testing Guide

our Meterpreter session, we can type the “shell” command, which will open our command
prompt.

So here are some of the Windows shell commands to gain situation awareness:

ipconfig—This command will list all the interfaces, the IP addresses, gateways, and the
MAC addresses.

ipconfig/all—This command will list additional information about the interfaces such as
DNS servers.

ipconfig/displaydns—This command will display the DNS cache. The screenshot
shows the A record of the host rafayhackingarticles.net.

arp –a—You must be familiar with this command from our “Network Sniffing” chapter
(Chapter 6). This command displays the Arp cache; using it you can figure out reachable
systems from our hosts.

netstat –ano—A very useful command, this can be used to list all the connections estab-
lished from the current computer on a particular port.

Route Print—This will display the routing table of our computer; the netstat –r
command can also be used for this.

tasklist/svc—This is a very useful command to enumerate all the services running on our
target computer. From the following screenshot we can see that our victim is running AVG
antivirus; this knowledge would be very helpful for us when we try to bypass the antivirus.

Page 523

Information Technology / Security & Auditing

Requiring no prior hacking experience, Ethical Hacking and Penetration Testing Guide
supplies a complete introduction to the steps required to complete a penetration test, or
ethical hack, from beginning to end. You will learn how to properly utilize and interpret the
results of modern-day hacking tools that are required to complete a penetration test.

The book covers a wide range of tools, including Backtrack Linux, Google Reconnaissance,
MetaGooFil, dig, Nmap, Nessus, Metasploit, Fast Track Autopwn, Netcat, and Hacker
Defender rootkit. Supplying a simple and clean explanation of how to effectively utilize
these tools, it details a four-step methodology for conducting an effective penetration test
or hack.

Providing an accessible introduction to penetration testing and hacking, the book supplies
you with a fundamental understanding of offensive security. After completing the book you
will be prepared to take on in-depth and advanced topics in hacking and penetration testing.

The book walks you through each of the steps and tools in a structured, orderly manner
allowing you to understand how the output from each tool can be fully utilized in the
subsequent phases of the penetration test. This process will allow you to clearly see how the
various tools and phases relate to each other.

An ideal resource for those who want to learn about ethical hacking but don’t know
where to start, this book will help take your hacking skills to the next level. The topics
described in this book comply with international standards and with what is being taught
in international certifications.

ISBN: 978-1-4822-3161-8

9 781482 231618

90000

ETHICAL HACKING
AND PENETRATION

TESTING GUIDE

B
A

L
O

C
H

E
T

H
IC

A
L

H
A

C
K

IN
G

A
N

D
P

E
N

E
T

R
A

T
IO

N
T

E
ST

IN
G

G
U

ID
E

RAFAY BALOCH

6000 Broken Sound Parkway, NW
Suite 300, Boca Raton, FL 33487
711 Third Avenue
New York, NY 10017
2 Park Square, Milton Park
Abingdon, Oxon OX14 4RN, UK

an informa business

www.crcpress.com

K22730

www.auerbach-publications.com

uploaded by [stormrg]

Similer Documents