book

Ethical Hacking

by Daniel G. Graham

September 2021

Intermediate to advanced

376 pages

9h 25m

English

No Starch Press

Read now

Unlock full access

Why Read This Book?Installing PythonWhat Is in the Book?Reaching Out
Virtual LabSetting Up VirtualBoxSetting Up pfSenseSetting Up MetasploitableSetting Up Kali LinuxSetting Up the Ubuntu Linux DesktopYour First Hack: Exploiting a Backdoor in Metasploitable
How the Internet Transmits DataARP Spoofing AttacksPerforming an ARP Spoofing AttackDetecting an ARP Spoofing AttackExercises
Packets and the Internet Protocol StackViewing Packets in WiresharkAnalyzing Packets Collected by Your FirewallExercises
Sockets and Process CommunicationAccessing the Victim MachineWriting a Reverse Shell ClientWriting a TCP Server That Listens for Client ConnectionsLoading the Reverse Shell onto the Metasploitable ServerBotnetsExercises
EncryptionEncrypting and Decrypting a FileEmail EncryptionEncrypting a File with RSAWriting RansomwareExercises
Transport Layer SecurityUsing Diffie-Hellman to Compute a Shared KeyElliptic-Curve Diffie-HellmanWriting TLS SocketsSSL Stripping and HSTS BypassExercise: Add Encryption to your Ransomware Server
A Sophisticated and Sneaky Social Engineering AttackFaking EmailsFaking WebsitesCreating Deepfake VideosExercises
Link AnalysisGoogle DorkingScanning the Entire InternetIPv6 and NAT LimitationsVulnerability DatabasesVulnerability ScannersExercises
Case Study: Exploiting the Heartbleed OpenSSL VulnerabilityFuzzingSymbolic ExecutionDynamic Symbolic ExecutionUsing DSE to Crack a PasscodeExercises
Case Study: Re-Creating Drovorub by Using MetasploitHiding an Implant in a Legitimate FileEvading Antivirus by Using EncodersCreating a Windows TrojanCreating an Android TrojanExercises
Writing a Linux Kernel ModuleModifying System CallsHooking the Shutdown SyscallHiding FilesUsing Armitage to Exploit a Host and Install a RootkitExercises
SQL InjectionStealing Passwords from a Website’s DatabaseWriting Your Own SQL Injection ToolUsing SQLMapHashing PasswordsBuilding a Salted Hash CrackerPopular Hash Cracking and Brute-Forcing ToolsExercises
Cross-Site ScriptingFinding Vulnerabilities with OWASP Zed Attack ProxyUsing Browser Exploitation Framework PayloadsMoving from Browser to MachineExercise: Hunting for Bugs in a Bug Bounty Program
Pivoting from a Dual-Homed DeviceExtracting Password Hashes on LinuxExercises
Creating a Windows Virtual LabExtracting Password Hashes with MimikatzPassing the Hash with NT LAN ManagerExploring the Corporate Windows NetworkAttacking the DNS ServiceAttacking Active Directory and LDAP ServicesAttacking KerberosExercise: Kerberoasting
Setting Up a Hardened Hacking EnvironmentOther TopicsConnect with Others

Content preview from Ethical Hacking

3ANALYZING CAPTURED TRAFFIC

The internet is just a world passing notes around a classroom.

–Jon Stewart

In Chapter 2, you learned how a hacker in a coffee shop could use an ARP spoofing attack to intercept a victim’s internet traffic. Now let’s actually view that traffic. In this chapter, we’ll use two tools, Wireshark and TCPDump, to steal private data from the unencrypted packets we intercepted. I’ll also introduce the concept of a protocol and discuss the general software architecture of the internet. We’ll conclude by analyzing the packets collected by your firewall so that you can detect attacks on your network.