book

Ethical Hacking

by Daniel G. Graham

September 2021

Intermediate to advanced

376 pages

9h 25m

English

No Starch Press

Read now

Unlock full access

Why Read This Book?Installing PythonWhat Is in the Book?Reaching Out
Virtual LabSetting Up VirtualBoxSetting Up pfSenseSetting Up MetasploitableSetting Up Kali LinuxSetting Up the Ubuntu Linux DesktopYour First Hack: Exploiting a Backdoor in Metasploitable
How the Internet Transmits DataARP Spoofing AttacksPerforming an ARP Spoofing AttackDetecting an ARP Spoofing AttackExercises
Packets and the Internet Protocol StackViewing Packets in WiresharkAnalyzing Packets Collected by Your FirewallExercises
Sockets and Process CommunicationAccessing the Victim MachineWriting a Reverse Shell ClientWriting a TCP Server That Listens for Client ConnectionsLoading the Reverse Shell onto the Metasploitable ServerBotnetsExercises
EncryptionEncrypting and Decrypting a FileEmail EncryptionEncrypting a File with RSAWriting RansomwareExercises
Transport Layer SecurityUsing Diffie-Hellman to Compute a Shared KeyElliptic-Curve Diffie-HellmanWriting TLS SocketsSSL Stripping and HSTS BypassExercise: Add Encryption to your Ransomware Server
A Sophisticated and Sneaky Social Engineering AttackFaking EmailsFaking WebsitesCreating Deepfake VideosExercises
Link AnalysisGoogle DorkingScanning the Entire InternetIPv6 and NAT LimitationsVulnerability DatabasesVulnerability ScannersExercises
Case Study: Exploiting the Heartbleed OpenSSL VulnerabilityFuzzingSymbolic ExecutionDynamic Symbolic ExecutionUsing DSE to Crack a PasscodeExercises
Case Study: Re-Creating Drovorub by Using MetasploitHiding an Implant in a Legitimate FileEvading Antivirus by Using EncodersCreating a Windows TrojanCreating an Android TrojanExercises
Writing a Linux Kernel ModuleModifying System CallsHooking the Shutdown SyscallHiding FilesUsing Armitage to Exploit a Host and Install a RootkitExercises
SQL InjectionStealing Passwords from a Website’s DatabaseWriting Your Own SQL Injection ToolUsing SQLMapHashing PasswordsBuilding a Salted Hash CrackerPopular Hash Cracking and Brute-Forcing ToolsExercises
Cross-Site ScriptingFinding Vulnerabilities with OWASP Zed Attack ProxyUsing Browser Exploitation Framework PayloadsMoving from Browser to MachineExercise: Hunting for Bugs in a Bug Bounty Program
Pivoting from a Dual-Homed DeviceExtracting Password Hashes on LinuxExercises
Creating a Windows Virtual LabExtracting Password Hashes with MimikatzPassing the Hash with NT LAN ManagerExploring the Corporate Windows NetworkAttacking the DNS ServiceAttacking Active Directory and LDAP ServicesAttacking KerberosExercise: Kerberoasting
Setting Up a Hardened Hacking EnvironmentOther TopicsConnect with Others

Content preview from Ethical Hacking

12STEALING AND CRACKING PASSWORDS

For the want of a nail the shoe was lost, For the want of a shoe the horse was lost, For the want of a horse the rider was lost, For the want of a rider the battle was lost, For the want of a battle the kingdom was lost, And all for the want of a horseshoe-nail.

–Benjamin Franklin

Hackers often compromise websites and APIs by finding ways to inject their own code. This chapter will introduce you to one of these techniques, called SQL injection, and you will use it to extract a database of usernames and passwords from a web server. As a security measure, servers often store hashes of the passwords instead of plaintext ...