Book Image

Kali Linux 2018: Windows Penetration Testing - Second Edition

By : Wolf Halton, Bo Weaver
Book Image

Kali Linux 2018: Windows Penetration Testing - Second Edition

By: Wolf Halton, Bo Weaver

Overview of this book

Microsoft Windows is one of the two most common OSes, and managing its security has spawned the discipline of IT security. Kali Linux is the premier platform for testing and maintaining Windows security. Kali is built on the Debian distribution of Linux and shares the legendary stability of that OS. This lets you focus on using the network penetration, password cracking, and forensics tools, and not the OS. This book has the most advanced tools and techniques to reproduce the methods used by sophisticated hackers to make you an expert in Kali Linux penetration testing. You will start by learning about the various desktop environments that now come with Kali. The book covers network sniffers and analysis tools to uncover the Windows protocols in use on the network. You will see several tools designed to improve your average in password acquisition, from hash cracking, online attacks, offline attacks, and rainbow tables to social engineering. It also demonstrates several use cases for Kali Linux tools like Social Engineering Toolkit, and Metasploit, to exploit Windows vulnerabilities. Finally, you will learn how to gain full system-level access to your compromised system and then maintain that access. By the end of this book, you will be able to quickly pen test your system and network using easy-to-follow instructions and support images.

Related Content you might be interested in

Current Title:

Small book image
Kali Linux 2018: Windows Penetration Testing - Second Edition
Wolf Halton | Bo Weaver
Oct, 2018 | 404 pages
Small book image
Metasploit Penetration Testing Cookbook
Monika Agarwal | Abhinav Singh | Nipun Jaswal | Daniel Teixeira
Feb, 2018 | 426 pages
Small book image
Kali Linux 2018: Assuring Security by Penetration Testing
Lee Allen | Alex Samm | Shakeel Ali | Damian Boodoo | Tedi Heriyanto | Gerard Johansen | Shiva V N Parasram
Oct, 2018 | 528 pages
Small book image
Hands-On Penetration Testing on Windows
Phil Bramwell
Jul, 2018 | 452 pages
Table of Contents (12 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Get in touch
Disclaimer
Free Chapter
1
Choosing Your Distro
Choosing Your Distro
Desktop environments
Choosing your look and feel
Configuring Kali to be your Daily Driver
Summary
2
Sharpening the Saw
Sharpening the Saw
Technical requirements
Installing Kali Linux to an encrypted USB drive
Running Kali from the Live DVD
Installing and configuring applications
Setting up and configuring OpenVAS
Reporting tests
Running services on Kali Linux
Summary
3
Information Gathering and Vulnerability Assessments
Information Gathering and Vulnerability Assessments
Technical requirements
Footprinting the network
An annotated list of Nmap command options
Using OpenVAS
Using Maltego
Using KeepNote
Summary
Further reading
4
Sniffing and Spoofing
Sniffing and Spoofing
Technical requirements
Sniffing and spoofing network traffic
Sniffing network traffic
Spoofing network traffic
Summary
Further reading
5
Password Attacks
Password Attacks
Password attack planning
My friend, Johnny
John the Ripper (command line)
xHydra
Summary
Further reading
6
NetBIOS Name Service and LLMNR - Obsolete but Still Deadly
NetBIOS Name Service and LLMNR - Obsolete but Still Deadly
Technical requirements
NetBIOS name service and NTLM
Sniffing and capturing traffic
Summary
Further reading
7
Gaining Access
Gaining Access
Pwnage
Technical requirements
Exploiting Windows systems with Metasploit
Using advanced Footprinting
Summary
Further reading
8
Windows Privilege Escalation and Maintaining Access
Windows Privilege Escalation and Maintaining Access
Technical requirements
Windows privilege escalation
MS16-032 Secondary Logon Handle Privilege Escalation
Windows Escalate Service Permissions Local Privilege Escalation
Windows Escalate UAC Protection Bypass (ScriptHost Vulnerability)
Maintaining access
Summary
9
Maintaining Access on Server or Desktop
Maintaining Access on Server or Desktop
Maintaining access or ET Phone Home
Maintaining access with Ncat
The Drop Box
Cracking the Network Access Controller (NAC)
Creating a spear-phishing attack with the Social Engineering Toolkit
Using Backdoor Factory to evade antivirus
Summary
Further reading
10
Reverse Engineering and Stress Testing
Reverse Engineering and Stress Testing
Technical requirements
Setting up a test environment
Reverse Engineering theory
Working with Boolean logic
Practicing Reverse Engineering
Stress testing Windows
Summary
Further reading
11
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think

NetBIOS Name Service and LLMNR - Obsolete but Still Deadly

In this chapter, you will learn how to use those legacy proprietary and broken protocols, still hanging around on almost every network, to your advantage and gain the access that you want. This is Bo's favorite attack vector, his favorite low-hanging fruit, and normally results in the total pwnage of the domain and every account associated with that domain. Over a year, most likely 80% of the epic-fail testing results come from this attack vector in some manner of exploit.

Why is it that the first machines that I target are Windows systems? The answer is: NetBIOS, LLMNR, NTML, and the SMB protocols.

In this chapter, we will cover the following topics:

  • NetBIOS name service and NTLM
  • Sniffing and capturing traffic
Previous Section
End of Section 1
Next Section