Ethical Hacking and Penetration Testing Guide
Yüklə 22,44 Mb. Pdf görüntüsü
|
|
xii
◾ Contents 7 Remote Exploitation .................................................................................................163 Understanding Network Protocols ..................................................................................163 Transmission Control Protocol ..............................................................................164 User Datagram Protocol ........................................................................................164 Internet Control Messaging Protocol .....................................................................164 Server Protocols ..............................................................................................................164 Text-Based Protocols (Important) ..........................................................................164 Binary Protocols ....................................................................................................164 FTP ..............................................................................................................165 SMTP ...........................................................................................................165 HTTP ..........................................................................................................165 Further Reading .............................................................................................................165 Resources ........................................................................................................................166 Attacking Network Remote Services ...............................................................................166 Overview of Brute Force Attacks ...........................................................................166 Traditional Brute Force ................................................................................166 Dictionary Attacks .......................................................................................166 Hybrid Attacks .............................................................................................167 Common Target Protocols ..............................................................................................167 Tools of the Trade ...........................................................................................................167 THC Hydra ...........................................................................................................167 Basic Syntax for Hydra ...................................................................................................168 Cracking Services with Hydra ...............................................................................168 Hydra GUI .....................................................................................................................170 Medusa ..................................................................................................................170 Basic Syntax ....................................................................................................................170 OpenSSH Username Discovery Bug ...............................................................................170 Cracking SSH with Medusa ...........................................................................................171 Ncrack ...................................................................................................................171 Basic Syntax ....................................................................................................................171 Cracking an RDP with Ncrack .......................................................................................172 Case Study of a Morto Worm ................................................................................172 Combining Nmap and Ncrack for Optimal Results .......................................................172 Attacking SMTP ...................................................................................................173 Important Commands ....................................................................................................174 Real-Life Example ..........................................................................................................174 Attacking SQL Servers ....................................................................................................175 MySQL Servers ......................................................................................................175 Fingerprinting MySQL Version ......................................................................................175 Testing for Weak Authentication ....................................................................................175 MS SQL Servers .............................................................................................................176 Fingerprinting the Version ..............................................................................................177 Brute Forcing SA Account ..............................................................................................177 Using Null Passwords .....................................................................................................178 Introduction to Metasploit ..............................................................................................178 History of Metasploit ......................................................................................................178 Contents ◾ xiii Metasploit Interfaces .......................................................................................................178 MSFConsole ...................................................................................................................178 MSFcli ...................................................................................................................179 MSFGUI ...............................................................................................................179 Armitage ................................................................................................................179 Metasploit Utilities .........................................................................................................179 MSFPayload ....................................................................................................................179 MSFEncode ....................................................................................................................179 MSFVenom ....................................................................................................................179 Metasploit Basic Commands ..........................................................................................180 Search Feature in Metasploit ...........................................................................................180 Use Command ................................................................................................................181 Info Command ...............................................................................................................181 Show Options .................................................................................................................181 Set/Unset Command ......................................................................................................182 Reconnaissance with Metasploit .....................................................................................182 Port Scanning with Metasploit .......................................................................................182 Metasploit Databases ......................................................................................................182 Storing Information from Nmap into Metasploit Database ............................................183 Useful Scans with Metasploit ..........................................................................................184 Port Scanners .........................................................................................................184 Specific Scanners ...................................................................................................184 Compromising a Windows Host with Metasploit ...........................................................184 Metasploit Autopwn .......................................................................................................188 db _ autopwn in Action .............................................................................................188 Nessus and Autopwn ......................................................................................................189 Armitage ................................................................................................................189 Interface ..........................................................................................................................190 Launching Armitage .......................................................................................................190 Compromising Your First Target from Armitage ............................................................191 Enumerating and Fingerprinting the Target ...................................................................191 MSF Scans ......................................................................................................................192 Importing Hosts .............................................................................................................192 Vulnerability Assessment ................................................................................................193 Exploitation ....................................................................................................................193 Check Feature .................................................................................................................195 Hail Mary .......................................................................................................................196 Conclusion ......................................................................................................................196 References .......................................................................................................................196 Yüklə 22,44 Mb. Dostları ilə paylaş:
|