Ethical Hacking and Penetration Testing Guide



Yüklə 22,44 Mb.
Pdf görüntüsü
səhifə8/235
tarix07.08.2023
ölçüsü22,44 Mb.
#138846
1   ...   4   5   6   7   8   9   10   11   ...   235
Ethical Hacking and Penetration Testing Guide ( PDFDrive )

xii
◾ 
Contents
 7 
Remote Exploitation .................................................................................................163
Understanding Network Protocols ..................................................................................163
Transmission Control Protocol ..............................................................................164
User Datagram Protocol ........................................................................................164
Internet Control Messaging Protocol .....................................................................164
Server Protocols ..............................................................................................................164
Text-Based Protocols (Important) ..........................................................................164
Binary Protocols ....................................................................................................164
FTP ..............................................................................................................165
SMTP ...........................................................................................................165
HTTP ..........................................................................................................165
Further Reading .............................................................................................................165
Resources ........................................................................................................................166
Attacking Network Remote Services ...............................................................................166
Overview of Brute Force Attacks ...........................................................................166
Traditional Brute Force ................................................................................166
Dictionary Attacks .......................................................................................166
Hybrid Attacks .............................................................................................167
Common Target Protocols ..............................................................................................167
Tools of the Trade ...........................................................................................................167
THC Hydra ...........................................................................................................167
Basic Syntax for Hydra ...................................................................................................168
Cracking Services with Hydra ...............................................................................168
Hydra GUI .....................................................................................................................170
Medusa ..................................................................................................................170
Basic Syntax ....................................................................................................................170
OpenSSH Username Discovery Bug ...............................................................................170
Cracking SSH with Medusa ...........................................................................................171
Ncrack ...................................................................................................................171
Basic Syntax ....................................................................................................................171
Cracking an RDP with Ncrack .......................................................................................172
Case Study of a Morto Worm ................................................................................172
Combining Nmap and Ncrack for Optimal Results .......................................................172
Attacking SMTP ...................................................................................................173
Important Commands ....................................................................................................174
Real-Life Example ..........................................................................................................174
Attacking SQL Servers ....................................................................................................175
MySQL Servers ......................................................................................................175
Fingerprinting MySQL Version ......................................................................................175
Testing for Weak Authentication ....................................................................................175
MS SQL Servers .............................................................................................................176
Fingerprinting the Version ..............................................................................................177
Brute Forcing SA Account ..............................................................................................177
Using Null Passwords .....................................................................................................178
Introduction to Metasploit ..............................................................................................178
History of Metasploit ......................................................................................................178


Contents
◾ 
xiii
Metasploit Interfaces .......................................................................................................178
MSFConsole ...................................................................................................................178
MSFcli ...................................................................................................................179
MSFGUI ...............................................................................................................179
Armitage ................................................................................................................179
Metasploit Utilities .........................................................................................................179
MSFPayload ....................................................................................................................179
MSFEncode ....................................................................................................................179
MSFVenom ....................................................................................................................179
Metasploit Basic Commands ..........................................................................................180
Search Feature in Metasploit ...........................................................................................180
Use Command ................................................................................................................181
Info Command ...............................................................................................................181
Show Options .................................................................................................................181
Set/Unset Command ......................................................................................................182
Reconnaissance with Metasploit .....................................................................................182
Port Scanning with Metasploit .......................................................................................182
Metasploit Databases ......................................................................................................182
Storing Information from Nmap into Metasploit Database ............................................183
Useful Scans with Metasploit ..........................................................................................184
Port Scanners .........................................................................................................184
Specific Scanners ...................................................................................................184
Compromising a Windows Host with Metasploit ...........................................................184
Metasploit Autopwn .......................................................................................................188
db _ autopwn
in Action .............................................................................................188
Nessus and Autopwn ......................................................................................................189
Armitage ................................................................................................................189
Interface ..........................................................................................................................190
Launching Armitage .......................................................................................................190
Compromising Your First Target from Armitage ............................................................191
Enumerating and Fingerprinting the Target ...................................................................191
MSF Scans ......................................................................................................................192
Importing Hosts .............................................................................................................192
Vulnerability Assessment ................................................................................................193
Exploitation ....................................................................................................................193
Check Feature .................................................................................................................195
Hail Mary .......................................................................................................................196
Conclusion ......................................................................................................................196
References .......................................................................................................................196

Yüklə 22,44 Mb.

Dostları ilə paylaş:
1   ...   4   5   6   7   8   9   10   11   ...   235




Verilənlər bazası müəlliflik hüququ ilə müdafiə olunur ©azkurs.org 2024
rəhbərliyinə müraciət

gir | qeydiyyatdan keç
    Ana səhifə


yükləyin