Book Image

Kali Linux - An Ethical Hacker's Cookbook

By : Himanshu Sharma
Book Image

Kali Linux - An Ethical Hacker's Cookbook

By: Himanshu Sharma

Overview of this book

With the current rate of hacking, it is very important to pentest your environment in order to ensure advanced-level security. This book is packed with practical recipes that will quickly get you started with Kali Linux (version 2016.2) according to your needs, and move on to core functionalities. This book will start with the installation and configuration of Kali Linux so that you can perform your tests. You will learn how to plan attack strategies and perform web application exploitation using tools such as Burp, and Jexboss. You will also learn how to perform network exploitation using Metasploit, Sparta, and Wireshark. Next, you will perform wireless and password attacks using tools such as Patator, John the Ripper, and airoscript-ng. Lastly, you will learn how to create an optimum quality pentest report! By the end of this book, you will know how to conduct advanced penetration testing thanks to the book’s crisp and task-oriented recipes.
Table of Contents (20 chapters)
Title Page
Credits
Disclaimer
About the Author
About the Reviewer
www.PacktPub.com
Customer Feedback
Preface
6
Wireless Attacks – Getting Past Aircrack-ng

Winning race conditions


Race conditions occur when an action is being performed on the same data in a multiple threaded web application. It basically produces unexpected results when the timing of one action being performed will impact the other action.

Some examples of an application with the race condition vulnerability can be an application that allows transfer of credit from one user to another or an application that allows a voucher code to be added for a discount that can also have a race condition, which may allow an attacker to use the same code multiple times.

How to do it...

We can perform a race condition attack using Burp's Intruder as follows:

  1. We select the request and click on Send to Intruder:
  1. We switch to the Options tab and set the number of threads we want, 20 to 25 are good enough usually:
  1. Then, in the Payloads tab, we choose Null payloads in Payload type as we want to replay the same request:
  1. Then, in the Payload Options, we choose the number of times we want the request to...