The penetration testing technology today is riddled with oversimplified Graphical User Interfaces. Though easy to use, they often offer very little control over the operations they perform and don't offer a very informative experience to their users. Another drawback is that many of these security assessment solutions are only developed to identify and automate exploitation for the most obvious and unobfuscated instances of vulnerabilities. For every other practical instance of a vulnerability, penetration testers need to rely on their own scripts and assessment tools.
The basic skill set of a good penetration tester includes at least rudimentary skills in a scripting or software development languages such as bash scripting, Python, Go, Ruby, and so on. This is so that they can handle the weird and outlier instances of vulnerabilities with their own customized tools and are capable of automating security testing according to their own terms. Firewalls, intrusion detection/prevention systems, and other security monitoring solutions are becoming smarter, and the only way we, as penetration testers, are ever going to beat them is by learning to build our own tools to "weaponize" our command lines.
This book introduces some of the fundamental skills, tips, tricks, and command-line-driven utilities that the best penetration testers from all across the world use to ensure that they have as much control over their testing activities as possible. Anyone interested in introducing themselves to the command line specifically for penetration testing or penetration testing as a whole, will benefit from reading this book.
Chapter 1, Getting to Know Bash, introduces readers to the fundamental concepts involved in using the bash terminal. It covers utilities that readers will find helpful in their day-to-day activities as penetration testers, system administrators, and security-orientated developers.
Chapter 2, Customizing Your Shell, focuses on tips and tricks that readers can use to customize the behavior of the shells to suit their needs. It shows readers how to customize the cursor to format text, how to control command history securely, how to use aliases, and how to enable tab completion to make command-line utilities more user-friendly and easy to use.
Chapter 3, Network Reconnaissance, covers command-line utilities that readers can use to perform target enumeration and exfilterate information from common network services. This chapter introduces numerous tools, including Dnsmap, Nmap, and Whois among others, as well as useful ways to integrate these tools with the other command-line tools.
Chapter 4, Exploitation and Reverse Engineering, focuses on demonstrating and discussing the fundamental reverse engineering and host-based exploitation command-line driven tools. The chapter covers tools such as msfcli, msfpayload, GNU gdb, and various techniques, and shows how readers can combine these tools in useful ways with the help of bash scripting.
Chapter 5, Network Exploitation and Monitoring, shifts the focus to network exploitation tools and the utilities that the readers will likely use in their day-to-day penetration tests. The chapter covers tools such as ARPSpoof, Ettercap, and SSLyze, and also introduces readers to useful bash scripts and commands that optimize the usage of these commands and automates many common tasks.
The only software requirement for this book is the Kali Linux operating system, which you can download in the ISO format from http://www.kali.org.
Command line hacking is a book for anyone interested in learning how to wield their Kali Linux command lines to perform effective penetration testing, as well as automate common tasks and become more proficient in using common utilities to solve technical security-oriented problems. Newcomers to penetration testing, security testing, system administration, and security engineering will benefit greatly from this book.
In this book, you will find a number of styles of text that distinguish between different kinds of information. Here are some examples of these styles, and an explanation of their meaning.
Code words in text are shown as follows: "The [FILE] or [DIRECTORY] argument would be any path or file you wish to fire ls at."
A block of code is set as follows:
#!/bin/bash
HOST=$1
SSL_PORT=$2
KEY_LEN_LIMIT=$3
VULN_SUIT_LIST=$4
echo -e "[*] assessing host \e[3;36m $HOST:$SSL_PORT\e[0m"
for cipher in `sslyze --regular $HOST:$SSL_PORT | awk -F\ '/[0-9]* bits/ { print $1"_"$2"_"$3 }'`When we wish to draw your attention to a particular part of a code block, the relevant lines or items are set in bold:
if [ "$color_prompt" = yes ]; then PS1='${debian_chroot:+($debian_chroot)}\[\033[01;32m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\n\$' else PS1='${debian_chroot:+($debian_chroot)}{\j}\u@[\w]\n\$' fi unset color_prompt force_color_prompt
Any command-line input or output is written as follows:
medusa –h 192.168.10.105 –u k3170makan –P /usr/share/wordlists/rockyou.txt –M ssh
New terms and important words are shown in bold. Words that you see on the screen, in menus or dialog boxes for example, appear in the text like this: "The Global Regular Expression Print (grep) utility is a staple for all command-line jockeys."
Feedback from our readers is always welcome. Let us know what you think about this book—what you liked or may have disliked. Reader feedback is important for us to develop titles that you really get the most out of.
To send us general feedback, simply send an e-mail to <[email protected]>, and mention the book title via the subject of your message.
If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, see our author guide on www.packtpub.com/authors.
Now that you are the proud owner of a Packt book, we have a number of things to help you to get the most from your purchase.
You can download the example code files for all Packt books you have purchased from your account at http://www.packtpub.com. If you purchased this book elsewhere, you can visit http://www.packtpub.com/support and register to have the files e-mailed directly to you.
Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you find a mistake in one of our books—maybe a mistake in the text or the code—we would be grateful if you would report this to us. By doing so, you can save other readers from frustration and help us improve subsequent versions of this book. If you find any errata, please report them by visiting http://www.packtpub.com/submit-errata, selecting your book, clicking on the errata submission form link, and entering the details of your errata. Once your errata are verified, your submission will be accepted and the errata will be uploaded on our website, or added to any list of existing errata, under the Errata section of that title. Any existing errata can be viewed by selecting your title from http://www.packtpub.com/support.
Piracy of copyright material on the Internet is an ongoing problem across all media. At Packt, we take the protection of our copyright and licenses very seriously. If you come across any illegal copies of our works, in any form, on the Internet, please provide us with the location address or website name immediately so that we can pursue a remedy.
Please contact us at <[email protected]> with a link to the suspected pirated material.
We appreciate your help in protecting our authors, and our ability to bring you valuable content.
You can contact us at <[email protected]> if you are having a problem with any aspect of the book, and we will do our best to address it.