Ethical Hacking and Penetration Testing Guide



Yüklə 22,44 Mb.
Pdf görüntüsü
səhifə105/235
tarix07.08.2023
ölçüsü22,44 Mb.
#138846
1   ...   101   102   103   104   105   106   107   108   ...   235
Ethical Hacking and Penetration Testing Guide ( PDFDrive )

Further Reading
We will not go into specifics about protocols in this book as it does not deal with that subject. 
But as a penetration tester, sometimes you would run into a protocol that you haven’t seen before. 
The best way to learn is by reading the RFC (Request for Comment) of each protocol, which is 
an official documentation for the book. It contains ins and outs of every protocol. I won’t ask you 
to memorize all the commands because it’s not necessary to do that; what is necessary is to know 
where to get information when needed. The RFC source books are something you want to spend 


166
◾ 
Ethical Hacking and Penetration Testing Guide
some time on every day. In the following, I would recommend some sources that should spend 
some time on before proceeding with this chapter.
Resources
http://www.networksorcery.com/enp/default1101.htm
http://www.networksorcery.com/enp/protocol/http.htm
http://www.networksorcery.com/enp/protocol/smtp.htm
http://www.networksorcery.com/enp/protocol/ftp.htm
Attacking Network Remote Services
In previous chapters, we have learned to enumerate open ports and the corresponding services 
running upon those ports, as well as assessing the vulnerabilities of the services by various meth-
ods. Now it’s time to exploit those vulnerabilities.
In this section, we will learn to use various tools such as Hydra, Medusa, and Ncrack to crack 
usernames and passwords for various network services such as FTP, SSH, and RDP. Any network 
service that supports authentication is often using default or weak passwords, which can be easily 
guessed or cracked via a brute force/dictionary attack. Most penetration testers don’t pay much 
attention to utilizing brute force attacks. But in my opinion, they are the fastest way to gain access 
to a remote system if used in an intelligent manner.
However, the downsides of these attacks are that they can disrupt the service or cause denial-
of-service. Also, they are easily detected by intrusion detection/prevention devices. Therefore, the 
opinion in the community is that brute force attacks should be rarely attempted. What my opin-
ion is that although they generate lots of noise and may be ineffective when the passwords are com-
plex, if they are carried out efficiently they could be very useful and may allow an easy penetration 
into the remote system.
Apart from brute force attacks, we will also discuss various other ways to exploit some network 
services such as FTP, SMTP, and SQL Server.

Yüklə 22,44 Mb.

Dostları ilə paylaş:
1   ...   101   102   103   104   105   106   107   108   ...   235




Verilənlər bazası müəlliflik hüququ ilə müdafiə olunur ©azkurs.org 2024
rəhbərliyinə müraciət

gir | qeydiyyatdan keç
    Ana səhifə


yükləyin