Book Image

Penetration Testing with the Bash shell

By : Keith Harald Esrick Makan
Book Image

Penetration Testing with the Bash shell

By: Keith Harald Esrick Makan

Overview of this book

Related Content you might be interested in

Current Title:

Small book image
Penetration Testing with the Bash shell
Keith Harald Esrick Makan
May, 2014 | 150 pages
No titles found
Table of Contents (13 chapters)
Penetration Testing with the Bash shell
Penetration Testing with the Bash shell
Credits
Credits
Disclaimer
Disclaimer
About the Author
About the Author
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Getting to Know Bash
Getting to Know Bash
Getting help from the man pages
Navigating and searching the filesystem
Using I/O redirection
Using pipes
Getting to know grep
Summary
Further reading
2
Customizing Your Shell
Customizing Your Shell
Formatting the terminal output
The prompt string
Aliases
Customizing the command history
Customizing tab completion
Summary
Further reading
3
Network Reconnaissance
Network Reconnaissance
Interrogating the Whois servers
Interrogating the DNS servers
Enumerating targets on the local network
Summary
Further reading
4
Exploitation and Reverse Engineering
Exploitation and Reverse Engineering
Using the Metasploit command-line interface
Preparing payloads with Metasploit
Creating and deploying a payload
Disassembling binaries
Debugging binaries for dynamic analysis
Summary
Further reading
5
Network Exploitation and Monitoring
Network Exploitation and Monitoring
MAC and ARP abuse
Man-in-the-middle attacks
Interrogating servers
Brute-forcing authentication
Traffic filtering with TCPDump
Assessing SSL implementation security
Automated web application security assessment
Summary
Further reading
Index
Index

Chapter 1. Getting to Know Bash

The Bourne Again SHell (bash) is arguably one of the most important pieces of software in existence. Without bash shell's many utilities and the problem-solving potential it gives its users by integrating and interfacing system utilities in a programmable way (called bash scripting), many of the very important security-related problems of the modern world would be very tedious to solve. Utilities such as grep, wget, vi, and awk enable their users to do very powerful string processing, data mining, and information management. System administrators, developers, security engineers, and penetration testers all across the world for many years have sworn by its sheer problem-solving potential and effectiveness in enabling them to tackle their day-to-day technical challenges.

Why are discussing the bash shell? Why is it so popular among system administrators, penetration testers, and developers? Well, there may be other reasons, but fundamentally the bash shell is the most standardized and is usually, with regard to most popular operating systems, implemented from a single code base—one source for the official source code. This means one can guarantee a certain base set of execution behaviors for a bash script or collection of commands regardless of the operating system hosting the bash implementation. Operating systems popularly have unique implementations of the Korn Shell (ksh) and other terminal emulator software.

The only disadvantage, if any, of the Linux or Unix environment that bash is native to is that for most people, especially those accustomed to the Graphical User Interface (GUI), the learning curve may be a little steep. This is mainly because the way information is represented. The general Linux/Unix culture and conventions can often be difficult to appreciate for newcomers and possibly due to the lack of tooltips, hints, and rich graphical interaction design and user experience engineering GUIs often benefit from. This book and especially this chapter will introduce some of the witty but brilliant Linux/Unix culture and conventions so that you can get comfortable enough with the bash shell and eventually find your own way around and follow the more advance topics later on in the book.

Throughout the book, the bash environment or the host operating system that will be discussed will be Kali Linux. Kali Linux is a distribution adapted from Debian, and it is packed with utilities focused purely on technical security problem solving and testing. Because knowing how to wield your terminal is strongly associated with knowing your operating system and its various nuances, this chapter and the following chapters will introduce some topics related to the Kali Linux operating system, its configuration setup, and default behavior to enable you to properly use your terminal utilities.

If you're already a seasoned "basher", feel free to skip this chapter and move on to the more security-focused topics in this book.

Previous Section
End of Section 1
Next Section