Book Image

Kali Linux Cookbook

Book Image

Kali Linux Cookbook

Overview of this book

In this age, where online information is at its most vulnerable, knowing how to execute the same attacks that hackers use to break into your system or network helps you plug the loopholes before it's too late and can save you countless hours and money. Kali Linux is a Linux distribution designed for penetration testing and security auditing. It is the successor to BackTrack, the world's most popular penetration testing distribution. Discover a variety of popular tools of penetration testing, such as information gathering, vulnerability identification, exploitation, privilege escalation, and covering your tracks. Packed with practical recipes, this useful guide begins by covering the installation of Kali Linux and setting up a virtual environment to perform your tests. You will then learn how to eavesdrop and intercept traffic on wireless networks, bypass intrusion detection systems, and attack web applications, as well as checking for open ports, performing data forensics, and much more. The book follows the logical approach of a penetration test from start to finish with many screenshots and illustrations that help to explain each tool in detail. The Kali Linux Cookbook will serve as an excellent source of information for the security professional and novice alike!

Related Content you might be interested in

Current Title:

Small book image
Kali Linux Cookbook
Oct, 2013 | 260 pages
No titles found
Table of Contents (16 chapters)
Kali Linux Cookbook
Kali Linux Cookbook
Credits
Credits
About the Authors
About the Authors
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Up and Running with Kali Linux
Up and Running with Kali Linux
Introduction
Installing to a hard disk drive
Installing to a USB drive with persistent memory
Installing in VirtualBox
Installing VMware Tools
Fixing the splash screen
Starting network services
Setting up the wireless network
2
Customizing Kali Linux
Customizing Kali Linux
Introduction
Preparing kernel headers
Installing Broadcom drivers
Installing and configuring ATI video card drivers
Installing and configuring nVidia video card drivers
Applying updates and configuring extra security tools
Setting up ProxyChains
Directory encryption
3
Advanced Testing Lab
Advanced Testing Lab
Introduction
Getting comfortable with VirtualBox
Downloading Windows Targets
Downloading Linux Targets
Attacking WordPress and other applications
4
Information Gathering
Information Gathering
Introduction
Service enumeration
Determining network range
Identifying active machines
Finding open ports
Operating system fingerprinting
Service fingerprinting
Threat assessment with Maltego
Mapping the network
5
Vulnerability Assessment
Vulnerability Assessment
Introduction
Installing, configuring, and starting Nessus
Nessus – finding local vulnerabilities
Nessus – finding network vulnerabilities
Nessus – finding Linux-specific vulnerabilities
Nessus – finding Windows-specific vulnerabilities
Installing, configuring, and starting OpenVAS
OpenVAS – finding local vulnerabilities
OpenVAS – finding network vulnerabilities
OpenVAS – finding Linux-specific vulnerabilities
OpenVAS – finding Windows-specific vulnerabilities
6
Exploiting Vulnerabilities
Exploiting Vulnerabilities
Introduction
Installing and configuring Metasploitable
Mastering Armitage, the graphical management tool for Metasploit
Mastering the Metasploit Console (MSFCONSOLE)
Mastering the Metasploit CLI (MSFCLI)
Mastering Meterpreter
Metasploitable MySQL
Metasploitable PostgreSQL
Metasploitable Tomcat
Metasploitable PDF
Implementing browser_autopwn
7
Escalating Privileges
Escalating Privileges
Introduction
Using impersonation tokens
Local privilege escalation attack
Mastering the Social Engineering Toolkit (SET)
Collecting the victim's data
Cleaning up the tracks
Creating a persistent backdoor
Man In The Middle (MITM) attack
8
Password Attacks
Password Attacks
Introduction
Online password attacks
Cracking HTTP passwords
Gaining router access
Password profiling
Cracking a Windows password using John the Ripper
Using dictionary attacks
Using rainbow tables
Using nVidia Compute Unified Device Architecture (CUDA)
Using ATI Stream
Physical access attacks
9
Wireless Attacks
Wireless Attacks
Introduction
Wireless network WEP cracking
Wireless network WPA/WPA2 cracking
Automating wireless network cracking
Accessing clients using a fake AP
URL traffic manipulation
Port redirection
Sniffing network traffic
Index
Index

Nessus – finding Windows-specific vulnerabilities

In this recipe, we will explore how to find Windows-specific vulnerabilities using Nessus. These are vulnerabilities specific to the machines that run Windows on our network.

Getting ready

To complete this recipe, you will need a virtual machine(s) to test against:

  • Windows XP

  • Windows 7

How to do it...

Let's begin the process of finding Windows-specific vulnerabilities with Nessus by opening the Mozilla Firefox web browser:

  1. Log in to Nessus at http://127.0.0.1:8834.

  2. Go to Policies.

  3. Click on Add Policy.

  4. On the General Settings tab, perform the following tasks:

    1. Enter a name for your scan. We chose Windows Vulnerability Scan, but you can choose any name you wish.

    2. Visibility has two options:

      • Shared: Other users have the ability to utilize this scan

      • Private: This scan can only be utilized by you

    3. Take the defaults on the rest of the items on the page.

    4. Click on Submit.

  5. On the Plugins tab, select Disable All and enter the following specific vulnerabilities that...

Previous Section
End of Section 7
Next Section