Book Image

Kali Linux Cookbook

Book Image

Kali Linux Cookbook

Overview of this book

In this age, where online information is at its most vulnerable, knowing how to execute the same attacks that hackers use to break into your system or network helps you plug the loopholes before it's too late and can save you countless hours and money. Kali Linux is a Linux distribution designed for penetration testing and security auditing. It is the successor to BackTrack, the world's most popular penetration testing distribution. Discover a variety of popular tools of penetration testing, such as information gathering, vulnerability identification, exploitation, privilege escalation, and covering your tracks. Packed with practical recipes, this useful guide begins by covering the installation of Kali Linux and setting up a virtual environment to perform your tests. You will then learn how to eavesdrop and intercept traffic on wireless networks, bypass intrusion detection systems, and attack web applications, as well as checking for open ports, performing data forensics, and much more. The book follows the logical approach of a penetration test from start to finish with many screenshots and illustrations that help to explain each tool in detail. The Kali Linux Cookbook will serve as an excellent source of information for the security professional and novice alike!

Related Content you might be interested in

Current Title:

Small book image
Kali Linux Cookbook
Oct, 2013 | 260 pages
No titles found
Table of Contents (16 chapters)
Kali Linux Cookbook
Kali Linux Cookbook
Credits
Credits
About the Authors
About the Authors
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Up and Running with Kali Linux
Up and Running with Kali Linux
Introduction
Installing to a hard disk drive
Installing to a USB drive with persistent memory
Installing in VirtualBox
Installing VMware Tools
Fixing the splash screen
Starting network services
Setting up the wireless network
2
Customizing Kali Linux
Customizing Kali Linux
Introduction
Preparing kernel headers
Installing Broadcom drivers
Installing and configuring ATI video card drivers
Installing and configuring nVidia video card drivers
Applying updates and configuring extra security tools
Setting up ProxyChains
Directory encryption
3
Advanced Testing Lab
Advanced Testing Lab
Introduction
Getting comfortable with VirtualBox
Downloading Windows Targets
Downloading Linux Targets
Attacking WordPress and other applications
4
Information Gathering
Information Gathering
Introduction
Service enumeration
Determining network range
Identifying active machines
Finding open ports
Operating system fingerprinting
Service fingerprinting
Threat assessment with Maltego
Mapping the network
5
Vulnerability Assessment
Vulnerability Assessment
Introduction
Installing, configuring, and starting Nessus
Nessus – finding local vulnerabilities
Nessus – finding network vulnerabilities
Nessus – finding Linux-specific vulnerabilities
Nessus – finding Windows-specific vulnerabilities
Installing, configuring, and starting OpenVAS
OpenVAS – finding local vulnerabilities
OpenVAS – finding network vulnerabilities
OpenVAS – finding Linux-specific vulnerabilities
OpenVAS – finding Windows-specific vulnerabilities
6
Exploiting Vulnerabilities
Exploiting Vulnerabilities
Introduction
Installing and configuring Metasploitable
Mastering Armitage, the graphical management tool for Metasploit
Mastering the Metasploit Console (MSFCONSOLE)
Mastering the Metasploit CLI (MSFCLI)
Mastering Meterpreter
Metasploitable MySQL
Metasploitable PostgreSQL
Metasploitable Tomcat
Metasploitable PDF
Implementing browser_autopwn
7
Escalating Privileges
Escalating Privileges
Introduction
Using impersonation tokens
Local privilege escalation attack
Mastering the Social Engineering Toolkit (SET)
Collecting the victim's data
Cleaning up the tracks
Creating a persistent backdoor
Man In The Middle (MITM) attack
8
Password Attacks
Password Attacks
Introduction
Online password attacks
Cracking HTTP passwords
Gaining router access
Password profiling
Cracking a Windows password using John the Ripper
Using dictionary attacks
Using rainbow tables
Using nVidia Compute Unified Device Architecture (CUDA)
Using ATI Stream
Physical access attacks
9
Wireless Attacks
Wireless Attacks
Introduction
Wireless network WEP cracking
Wireless network WPA/WPA2 cracking
Automating wireless network cracking
Accessing clients using a fake AP
URL traffic manipulation
Port redirection
Sniffing network traffic
Index
Index

Cracking a Windows password using John the Ripper

In this recipe, we will utilize John the Ripper (John) to crack a Windows Security Access Manager (SAM) file. The SAM file stores the usernames and password hashes of users of the target Windows system. For security reasons, the SAM file is protected from unauthorized access by not being able to be opened manually or be copied while the Windows system is in operation.

Getting ready

You will need access to a SAM file.

For this recipe, we will assume that you have gained access to a Windows host machine.

How to do it...

Let's begin the process of cracking a Windows SAM file using John the Ripper. We are assuming that you have accessed the Windows machine via either a remote exploit hack or you have physical access to the computer and are using Kali Linux on a USB or DVD-ROM drive.

  1. Check for the hard drive you wish to mount:

    Fdisk –l

  2. Mount the hard drive and set target as its mount point:

    mount /dev/sda1 /target/

  3. Change directories to the location...

Previous Section
End of Section 7
Next Section