This chapter will focus on pass the hash attacks. After reading this chapter, the user will be able to define the characteristics of pass the hash attacks, identify what tools hackers use to pass the hash, and how to defend against this type of attack. We have three labs prepared for this chapter. The first lab will show how to get the hashed passwords and usernames using a RAT. The second lab will focus on passing the administrator's hashed password and then passing it to a second device, gaining access and establishing a session. The third lab will demonstrate how to crack the administrator's hashed password with a tool called John the Ripper. We will also discuss the various authentication protocols, such as Kerberos and NT LAN Manager (NTLM). Towards the end of the chapter, we will go over defense techniques against pass the hash attacks. For the labs in this chapter,...
Applied Network Security
Applied Network Security
Overview of this book
Computer networks are increasing at an exponential rate and the most challenging factor organisations are currently facing is network security. Breaching a network is not considered an ingenious effort anymore, so it is very important to gain expertise in securing your network. The book begins by showing you how to identify malicious network behaviour and improve your wireless security. We will teach you what network sniffing is, the various tools associated with it, and how to scan for vulnerable wireless networks. Then we’ll show you how attackers hide the payloads and bypass the victim’s antivirus. Furthermore, we’ll teach you how to spoof IP / MAC address and perform an SQL injection attack and prevent it on your website. We will create an evil twin and demonstrate how to intercept network traffic. Later, you will get familiar with Shodan and Intrusion Detection and will explore the features and tools associated with it. Toward the end, we cover tools such as Yardstick, Ubertooth, Wifi Pineapple, and Alfa used for wireless penetration testing and auditing. This book will show the tools and platform to ethically hack your own network whether it is for your business or for your personal home Wi-Fi.
Table of Contents (18 chapters)
Introduction to Network Security
Sniffing the Network
How to Crack Wi-Fi Passwords
Creating a RAT Using Msfvenom
Social Engineering Toolkit and Browser Exploitation
Passing and Cracking the Hash
Web Application Exploits
Evil Twins and Spoofing
The Internet of Things
Advance Wireless Security Lab Using the Wi-Fi Pineapple Nano/Tetra