Book Image

Learning zANTI2 for Android Pentesting

By : Miroslav Vitula
Book Image

Learning zANTI2 for Android Pentesting

By: Miroslav Vitula

Overview of this book

Related Content you might be interested in

Current Title:

Small book image
Learning zANTI2 for Android Pentesting
Miroslav Vitula
Aug, 2015 | 134 pages
No titles found
Table of Contents (12 chapters)
Learning zANTI2 for Android Pentesting
Learning zANTI2 for Android Pentesting
Credits
Credits
About the Author
About the Author
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Introducing Android Pentesting with zANTI2
Introducing Android Pentesting with zANTI2
Penetration testing
zANTI2
Zetasploit
Summary
2
Scanning for Your Victim
Scanning for Your Victim
Network discovery
Open or closed?
Scan types
Run script
Intense scan
Device type
Running
OS CPE
OS Details
Network distance
Uptime guess
TCP sequence prediction
IP ID sequence generation
Ping scan
Quick scan and OS detection
Quick traceroute
Slow comprehensive scan
IP/ICMP scan
Script execution
Brute-force scripts
Summary
3
Connecting to Open Ports
Connecting to Open Ports
Open ports
Connecting to open ports
Cracking passwords
Microsoft-DS port connection
A remote desktop connection
Summary
4
Vulnerabilities
Vulnerabilities
A vulnerability
Reverse engineering
Shellshock
SSL Poodle
Zetasploit exploits
Summary
5
Attacking – MITM Style
Attacking – MITM Style
Man in the middle?
MITM attacks through zANTI2
Summary
Index
Index

Reverse engineering

New, undiscovered vulnerabilities are often found using a process called reverse engineering. Although the title may be self-explanatory, let's have a closer look at what reverse engineering stands for.

Generally speaking, reverse engineering is the process of extracting information (basically from anything; it could be a building, software, or hardware) and reproducing it based on this information. Let's take an example of disassembling a LEGO building kit. What you do (probably without even realizing it) is that you use some kind of information about the subject and use this information to dig deeper, disassembling every LEGO part, leaving no parts connected. Then you use this information again to assemble the parts into something quite different, let's say an Android mascot.

Although this may sound weird reading all this in a penetration-testing book, it is absolutely the same for real penetration testing, finding and creating exploits for vulnerabilities.

Finding an...

Previous Section
End of Section 3
Next Section