Book Image

Kali Linux 2018: Windows Penetration Testing - Second Edition

By : Wolf Halton, Bo Weaver
Book Image

Kali Linux 2018: Windows Penetration Testing - Second Edition

By: Wolf Halton, Bo Weaver

Overview of this book

Microsoft Windows is one of the two most common OSes, and managing its security has spawned the discipline of IT security. Kali Linux is the premier platform for testing and maintaining Windows security. Kali is built on the Debian distribution of Linux and shares the legendary stability of that OS. This lets you focus on using the network penetration, password cracking, and forensics tools, and not the OS. This book has the most advanced tools and techniques to reproduce the methods used by sophisticated hackers to make you an expert in Kali Linux penetration testing. You will start by learning about the various desktop environments that now come with Kali. The book covers network sniffers and analysis tools to uncover the Windows protocols in use on the network. You will see several tools designed to improve your average in password acquisition, from hash cracking, online attacks, offline attacks, and rainbow tables to social engineering. It also demonstrates several use cases for Kali Linux tools like Social Engineering Toolkit, and Metasploit, to exploit Windows vulnerabilities. Finally, you will learn how to gain full system-level access to your compromised system and then maintain that access. By the end of this book, you will be able to quickly pen test your system and network using easy-to-follow instructions and support images.

Related Content you might be interested in

Current Title:

Small book image
Kali Linux 2018: Windows Penetration Testing - Second Edition
Wolf Halton | Bo Weaver
Oct, 2018 | 404 pages
Small book image
Metasploit Penetration Testing Cookbook
Monika Agarwal | Abhinav Singh | Nipun Jaswal | Daniel Teixeira
Feb, 2018 | 426 pages
Small book image
Kali Linux 2018: Assuring Security by Penetration Testing
Lee Allen | Alex Samm | Shakeel Ali | Damian Boodoo | Tedi Heriyanto | Gerard Johansen | Shiva V N Parasram
Oct, 2018 | 528 pages
Small book image
Hands-On Penetration Testing on Windows
Phil Bramwell
Jul, 2018 | 452 pages
Table of Contents (12 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Get in touch
Disclaimer
Free Chapter
1
Choosing Your Distro
Choosing Your Distro
Desktop environments
Choosing your look and feel
Configuring Kali to be your Daily Driver
Summary
2
Sharpening the Saw
Sharpening the Saw
Technical requirements
Installing Kali Linux to an encrypted USB drive
Running Kali from the Live DVD
Installing and configuring applications
Setting up and configuring OpenVAS
Reporting tests
Running services on Kali Linux
Summary
3
Information Gathering and Vulnerability Assessments
Information Gathering and Vulnerability Assessments
Technical requirements
Footprinting the network
An annotated list of Nmap command options
Using OpenVAS
Using Maltego
Using KeepNote
Summary
Further reading
4
Sniffing and Spoofing
Sniffing and Spoofing
Technical requirements
Sniffing and spoofing network traffic
Sniffing network traffic
Spoofing network traffic
Summary
Further reading
5
Password Attacks
Password Attacks
Password attack planning
My friend, Johnny
John the Ripper (command line)
xHydra
Summary
Further reading
6
NetBIOS Name Service and LLMNR - Obsolete but Still Deadly
NetBIOS Name Service and LLMNR - Obsolete but Still Deadly
Technical requirements
NetBIOS name service and NTLM
Sniffing and capturing traffic
Summary
Further reading
7
Gaining Access
Gaining Access
Pwnage
Technical requirements
Exploiting Windows systems with Metasploit
Using advanced Footprinting
Summary
Further reading
8
Windows Privilege Escalation and Maintaining Access
Windows Privilege Escalation and Maintaining Access
Technical requirements
Windows privilege escalation
MS16-032 Secondary Logon Handle Privilege Escalation
Windows Escalate Service Permissions Local Privilege Escalation
Windows Escalate UAC Protection Bypass (ScriptHost Vulnerability)
Maintaining access
Summary
9
Maintaining Access on Server or Desktop
Maintaining Access on Server or Desktop
Maintaining access or ET Phone Home
Maintaining access with Ncat
The Drop Box
Cracking the Network Access Controller (NAC)
Creating a spear-phishing attack with the Social Engineering Toolkit
Using Backdoor Factory to evade antivirus
Summary
Further reading
10
Reverse Engineering and Stress Testing
Reverse Engineering and Stress Testing
Technical requirements
Setting up a test environment
Reverse Engineering theory
Working with Boolean logic
Practicing Reverse Engineering
Stress testing Windows
Summary
Further reading
11
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think

Using advanced Footprinting

Vulnerability scans only provide some information. When actually attacking the machine, you want to do some deep level probes to check for helpful information leaks. From the scans, we can see a Windows Domain Controller and a Windows File Server, both running Windows 2008 Server. Both have SMB/NetBIOS services running. This looks like the most likely path of attack. SMB/NetBIOS services have known weaknesses. So, let's look closer at these services.

Before we get fully into footprinting, a note about notes. Especially when getting into manual probes, remember to keep notes on your outputs and your findings. Copy/paste is your best friend. Vulnerability scans always produce nice reports, with the data all compiled in one place. Manually probing doesn't, so it's up to you and you will gather a lot of data you'll want later. Use KeepNote...

Previous Section
End of Section 5
Next Section