Book Image

Kali Linux 2018: Windows Penetration Testing - Second Edition

By : Wolf Halton, Bo Weaver
Book Image

Kali Linux 2018: Windows Penetration Testing - Second Edition

By: Wolf Halton, Bo Weaver

Overview of this book

Microsoft Windows is one of the two most common OSes, and managing its security has spawned the discipline of IT security. Kali Linux is the premier platform for testing and maintaining Windows security. Kali is built on the Debian distribution of Linux and shares the legendary stability of that OS. This lets you focus on using the network penetration, password cracking, and forensics tools, and not the OS. This book has the most advanced tools and techniques to reproduce the methods used by sophisticated hackers to make you an expert in Kali Linux penetration testing. You will start by learning about the various desktop environments that now come with Kali. The book covers network sniffers and analysis tools to uncover the Windows protocols in use on the network. You will see several tools designed to improve your average in password acquisition, from hash cracking, online attacks, offline attacks, and rainbow tables to social engineering. It also demonstrates several use cases for Kali Linux tools like Social Engineering Toolkit, and Metasploit, to exploit Windows vulnerabilities. Finally, you will learn how to gain full system-level access to your compromised system and then maintain that access. By the end of this book, you will be able to quickly pen test your system and network using easy-to-follow instructions and support images.

Related Content you might be interested in

Current Title:

Small book image
Kali Linux 2018: Windows Penetration Testing - Second Edition
Wolf Halton | Bo Weaver
Oct, 2018 | 404 pages
Small book image
Metasploit Penetration Testing Cookbook
Monika Agarwal | Abhinav Singh | Nipun Jaswal | Daniel Teixeira
Feb, 2018 | 426 pages
Small book image
Kali Linux 2018: Assuring Security by Penetration Testing
Lee Allen | Alex Samm | Shakeel Ali | Damian Boodoo | Tedi Heriyanto | Gerard Johansen | Shiva V N Parasram
Oct, 2018 | 528 pages
Small book image
Hands-On Penetration Testing on Windows
Phil Bramwell
Jul, 2018 | 452 pages
Table of Contents (12 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Get in touch
Disclaimer
Free Chapter
1
Choosing Your Distro
Choosing Your Distro
Desktop environments
Choosing your look and feel
Configuring Kali to be your Daily Driver
Summary
2
Sharpening the Saw
Sharpening the Saw
Technical requirements
Installing Kali Linux to an encrypted USB drive
Running Kali from the Live DVD
Installing and configuring applications
Setting up and configuring OpenVAS
Reporting tests
Running services on Kali Linux
Summary
3
Information Gathering and Vulnerability Assessments
Information Gathering and Vulnerability Assessments
Technical requirements
Footprinting the network
An annotated list of Nmap command options
Using OpenVAS
Using Maltego
Using KeepNote
Summary
Further reading
4
Sniffing and Spoofing
Sniffing and Spoofing
Technical requirements
Sniffing and spoofing network traffic
Sniffing network traffic
Spoofing network traffic
Summary
Further reading
5
Password Attacks
Password Attacks
Password attack planning
My friend, Johnny
John the Ripper (command line)
xHydra
Summary
Further reading
6
NetBIOS Name Service and LLMNR - Obsolete but Still Deadly
NetBIOS Name Service and LLMNR - Obsolete but Still Deadly
Technical requirements
NetBIOS name service and NTLM
Sniffing and capturing traffic
Summary
Further reading
7
Gaining Access
Gaining Access
Pwnage
Technical requirements
Exploiting Windows systems with Metasploit
Using advanced Footprinting
Summary
Further reading
8
Windows Privilege Escalation and Maintaining Access
Windows Privilege Escalation and Maintaining Access
Technical requirements
Windows privilege escalation
MS16-032 Secondary Logon Handle Privilege Escalation
Windows Escalate Service Permissions Local Privilege Escalation
Windows Escalate UAC Protection Bypass (ScriptHost Vulnerability)
Maintaining access
Summary
9
Maintaining Access on Server or Desktop
Maintaining Access on Server or Desktop
Maintaining access or ET Phone Home
Maintaining access with Ncat
The Drop Box
Cracking the Network Access Controller (NAC)
Creating a spear-phishing attack with the Social Engineering Toolkit
Using Backdoor Factory to evade antivirus
Summary
Further reading
10
Reverse Engineering and Stress Testing
Reverse Engineering and Stress Testing
Technical requirements
Setting up a test environment
Reverse Engineering theory
Working with Boolean logic
Practicing Reverse Engineering
Stress testing Windows
Summary
Further reading
11
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think

My friend, Johnny

First, we will talk about my friend, Johnny. Johnny is a GUI frontend for my other friend, John. For most password cracking tasks, this is an easy way to use John. It uses the normal defaults for most password cracking sessions. Once you have captured some hashes, save them to a text file and open Johnny.

The following is a screenshot from the LxDE desktop showing where Johnny can be found. You can also find it on all the other desktops under the same header location, Applications | 05 - Password Attacks | johnny:

We are using the password hashes from a previous exploit earlier in the book, where we were passing the hash. We have shortened the list to only include the hashes of the two accounts that we think have critical access to the networked systems:

Once Johnny is open, click on the Open Passwd File button and pick the text file where you have saved the...

Previous Section
End of Section 3
Next Section