Book Image

Kali Linux 2 - Assuring Security by Penetration Testing - Third Edition

By : Gerard Johansen, Lee Allen, Tedi Heriyanto, Shakeel Ali
Book Image

Kali Linux 2 - Assuring Security by Penetration Testing - Third Edition

By: Gerard Johansen, Lee Allen, Tedi Heriyanto, Shakeel Ali

Overview of this book

Kali Linux is a comprehensive penetration testing platform with advanced tools to identify, detect, and exploit the vulnerabilities uncovered in the target network environment. With Kali Linux, you can apply appropriate testing methodology with defined business objectives and a scheduled test plan, resulting in a successful penetration testing project engagement. Kali Linux – Assuring Security by Penetration Testing is a fully focused, structured book providing guidance on developing practical penetration testing skills by demonstrating cutting-edge hacker tools and techniques with a coherent, step-by-step approach. This book offers you all of the essential lab preparation and testing procedures that reflect real-world attack scenarios from a business perspective, in today's digital age.

Related Content you might be interested in

Current Title:

Small book image
Kali Linux 2 - Assuring Security by Penetration Testing - Third Edition
Gerard Johansen | Lee Allen | Tedi Heriyanto | Shakeel Ali
Sep, 2016 | 572 pages
No titles found
Table of Contents (24 chapters)
Kali Linux 2 – Assuring Security by Penetration Testing Third Edition
Kali Linux 2 – Assuring Security by Penetration Testing Third Edition
Credits
Credits
Disclaimer
Disclaimer
About the Authors
About the Authors
About the Reviewer
About the Reviewer
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Beginning with Kali Linux
Beginning with Kali Linux
A brief history of Kali Linux
Kali Linux tool categories
Downloading Kali Linux
Using Kali Linux
Configuring the virtual machine
Updating Kali Linux
Network services in Kali Linux
Installing a vulnerable server
Installing additional weapons
Summary
2
Penetration Testing Methodology
Penetration Testing Methodology
Types of penetration testing
Vulnerability assessment versus penetration testing
Security testing methodologies
General penetration testing framework
Information gathering
The ethics
Summary
3
Target Scoping
Target Scoping
Gathering client requirements
Preparing the test plan
Profiling test boundaries
Defining business objectives
Project management and scheduling
Summary
4
Information Gathering
Information Gathering
Open Source Intelligence
Using public resources
Querying the domain registration information
Analyzing the DNS records
Getting network routing information
Utilizing the search engine
Metagoofil
Accessing leaked information
Summary
5
Target Discovery
Target Discovery
Starting off with target discovery
Identifying the target machine
OS fingerprinting
Summary
6
Enumerating Target
Enumerating Target
Introducing port scanning
Understanding the TCP/IP protocol
Understanding the TCP and UDP message format
The network scanner
Unicornscan
Zenmap
Amap
SMB enumeration
SNMP enumeration
VPN enumeration
Summary
7
Vulnerability Mapping
Vulnerability Mapping
Types of vulnerabilities
Vulnerability taxonomy
Automated vulnerability scanning
Network vulnerability scanning
Web application analysis
Fuzz analysis
Database assessment tools
Summary
8
Social Engineering
Social Engineering
Modeling the human psychology
Attack process
Attack methods
Social Engineering Toolkit
Summary
9
Target Exploitation
Target Exploitation
Vulnerability research
Vulnerability and exploit repositories
Advanced exploitation toolkit
MSFConsole
MSFCLI
Ninja 101 drills
Writing exploit modules
Summary
10
Privilege Escalation
Privilege Escalation
Privilege escalation using a local exploit
Password attack tools
Network spoofing tools
Network sniffers
Summary
11
Maintaining Access
Maintaining Access
Using operating system backdoors
Working with tunneling tools
Creating web backdoors
Summary
12
Wireless Penetration Testing
Wireless Penetration Testing
Wireless networking
Wireless network recon
Wireless testing tools
Post cracking
Sniffing wireless traffic
Summary
13
Kali Nethunter
Kali Nethunter
Kali Nethunter
Installing Kali Nethunter
Nethunter icons
Nethunter tools
Third-party applications
Wireless attacks
HID attacks
Summary
14
Documentation and Reporting
Documentation and Reporting
Documentation and results verification
Types of reports
The executive report
The management report
The technical report
Network penetration testing report (sample contents)
Preparing your presentation
Post-testing procedures
Summary
Supplementary Tools
Supplementary Tools
Reconnaissance tool
Web application tools
Network tool
Summary
Key Resources
Key Resources
Vulnerability disclosure and tracking
Paid incentive programs
Reverse engineering resources
Penetration testing learning resources
Exploit development learning resources
Penetration testing on a vulnerable environment
Online web application challenges
Virtual machines and ISO images
Network ports
Index
Index

Installing a vulnerable server

In this section, we will install a vulnerable virtual machine as a target virtual machine. This target will be used in several chapters of the book, when we explain particular topics. The reason we chose to set up a vulnerable server in our machine instead of using vulnerable servers available on the Internet is because we don't want you to break any laws. We should emphasize that you should never pen test other servers without written permission. Another purpose of installing another virtual machine would be to improve your skills in a controlled manner. This way, it is easy to fix issues and understand what is going on in the target machine when attacks do not work.

In several countries, even port scanning a machine that you don't own can be considered a criminal act. Also, if something happens to the operating system using a virtual machine, we can repair it easily.

The vulnerable virtual machine that we are going to use is Metasploitable 2. The famous HD Moore of Rapid7 creates this vulnerable system.

Note

There are other deliberately vulnerable systems besides Metasploitable 2 that you can use for your penetration testing learning process, as can be seen on the following site: http://www.felipemartins.info/2011/05/pentesting-vulnerable-study-frameworks-complete-list/.

Metasploitable 2 has many vulnerabilities in the operating system, network, and web application layers.

Note

Information about the vulnerabilities contained in Metasploitable 2 can be found on the Rapid7 site at https://community.rapid7.com/docs/DOC-1875.

To install Metasploitable 2 in Virtual Box, you can perform the following steps:

  1. Download the Metasploitable 2 file from http://sourceforge.net/projects/metasploitable/files/Metasploitable2/.

  2. Extract the Metasploitable 2 ZIP file. After the extraction process is completed successfully, you will find five files:

    Metasploitable.nvram
Metasploitable.vmdk
Metasploitable.vmsd
Metasploitable.vmx
Metasploitable.vmxf

  3. Create a new virtual machine in VirtualBox. Set Name to Metasploitable2, operating system to Linux, and Version to Ubuntu.

  4. Set the memory to 1024MB.

  5. In the Virtual Hard Disk setting, select Use existing hard disk. Choose the Metasploitable files that we have already extracted in the previous step:

  6. Change the network setting to Host-only adapter to make sure that this server is accessible only from the host machine and the Kali Linux virtual machine. The Kali Linux virtual machine's network setting should also be set to Host-only adapter for pen-testing local VMs.

  7. Start the Metasploitable 2 virtual machine. After the boot process is finished, you can log in to the Metasploitable 2 console using the following credentials:

    • Username: msfadmin

    • Password: msfadmin

The following is the Metasploitable 2 console after you have logged in successfully:

Previous Section
End of Section 9
Next Section