Book Image

Kali Linux 2: Windows Penetration Testing

Book Image

Kali Linux 2: Windows Penetration Testing

Overview of this book

Microsoft Windows is one of the two most common OS and managing its security has spawned the discipline of IT security. Kali Linux is the premier platform for testing and maintaining Windows security. Kali is built on the Debian distribution of Linux and shares the legendary stability of that OS. This lets you focus on using the network penetration, password cracking, forensics tools and not the OS. This book has the most advanced tools and techniques to reproduce the methods used by sophisticated hackers to make you an expert in Kali Linux penetration testing. First, you are introduced to Kali's top ten tools and other useful reporting tools. Then, you will find your way around your target network and determine known vulnerabilities to be able to exploit a system remotely. Next, you will prove that the vulnerabilities you have found are real and exploitable. You will learn to use tools in seven categories of exploitation tools. Further, you perform web access exploits using tools like websploit and more. Security is only as strong as the weakest link in the chain. Passwords are often that weak link. Thus, you learn about password attacks that can be used in concert with other approaches to break into and own a network. Moreover, you come to terms with network sniffing, which helps you understand which users are using services you can exploit, and IP spoofing, which can be used to poison a system's DNS cache. Once you gain access to a machine or network, maintaining access is important. Thus, you not only learn penetrating in the machine you also learn Windows privilege’s escalations. With easy to follow step-by-step instructions and support images, you will be able to quickly pen test your system and network.
Table of Contents (17 chapters)
Kali Linux 2: Windows Penetration Testing
Credits
About the Authors
About the Reviewer
www.PacktPub.com
Preface
Index

Starting Metasploit


OK, let's fire up Metasploit. First, because Metasploit uses a client/server model, we need to turn on the Metasploit services. In Kali 1.x, you had to start the Metasploit server in the Menu Bar. Go to Applications | Kali Linux | System Services | Metasploit | community/pro start:

A terminal window will open and the services will start up. A marked improvement in Kali 2 means that all you have to do is click the Metasploit link on the left side-bar or in the main Applications menu.

Metasploit uses the PostgreSQL v9.1 database server. It can take several minutes for the services to start.

Once the services have started, type msfconsole to start the Metasploit console. When we type workspace, we can see the workspaces. We will set up a new workspace shortly.

Tip

Hacker Tip

The first time you start the Metasploit console, it will create the database, so you will get to watch 90 seconds of SQL language go by.

When the console is ready, it will show you a little talking cow ...