Kali Linux Penetration Testing Bible. Gus Khawaja
Читать онлайн книгу.
web application penetration testing and how to use Burp Suite Pro. Finally, you will see how to implement a secure software development lifecycle (SSDLC) in an organization.
Chapter 10: Linux Privilege Escalation
This chapter focuses mainly on Linux operating system privilege escalation. The techniques in this chapter will allow you to gain root privileges on a compromised Linux OS.
Chapter 11: Windows Privilege Escalation
This chapter describes how to get administrator privileges on the compromised Windows OS. First you will learn about how to enumerate the Windows OS, and then you will see how to exploit the Windows system with practical examples.
Chapter 12: Pivoting and Lateral Movement
This chapter describes how to use the pivoting techniques to move laterally on the compromised network. In this chapter, you will learn how Windows hashes work under the hood and how to reuse admin credentials to get the job done.
Chapter 13: Cryptography and Hash Cracking
This chapter describes how to crack hashes during your engagements using Hashcat. Before starting on the cracking topic, you will learn about the basics of cryptography including hashing and encryption.
Chapter 14: Reporting
This chapter explains how to present professional penetration testing reports. Also, you will learn how to evaluate accurately the severity of your findings.
Chapter 15: Assembly Language and Reverse Engineering
This chapter will introduce you to the concept of reverse engineering using the assembly language. You will learn about the basics of the assembly language including registers, assembly instructions, memory segments, and much more.
Chapter 16: Buffer/Stack Overflow
This chapter will use what you learned in the previous chapter to exploit the stack using the buffer overflow technique.
Chapter 17: Programming with Python
This chapter discusses the basics of Python version 3. This programming language is the choice of hackers, so you should learn it too.
Chapter 18: Pentest Automation with Python
This chapter focuses on the automation of the penetration testing phases using the Python language. You will see a complete practical example that can use in your career.
Appendix A: Kali Linux Desktop at a Glance
This appendix focuses on how to manage the interface of the Kali Linux desktop environment. You will learn how to handle this operating system with ease and customize it to your liking.
Appendix B: Building a Lab Environment Using Docker
This appendix will delve deep with Docker, and you will see how images and containers work in practice. Both Docker and hypervisor technologies facilitate the creation of a live lab so we, penetration testers, can have fun with it.
Companion Download Files
As you work through the examples in this book, you may choose either to type in all the code manually or to use the source code files that accompany the book. All the source code used in this book is available for download from www.wiley.com/go/kalilinuxpenbible .
How to Contact the Publisher
If you believe you've found a mistake in this book, please bring it to our attention. At John Wiley & Sons, we understand how important it is to provide our customers with accurate content, but even with our best efforts an error may occur.
To submit your possible errata, please email it to our Customer Service Team at [email protected] with the subject line “Possible Book Errata Submission.”
How to Contact the Author
We appreciate your input and questions about this book! Email the author at [email protected] , or message him on Twitter at @GusKhawaja .
CHAPTER 1 Mastering the Terminal Window
Kali Linux can be summarized in two simple words: terminal window. If you master your terminal window skills, then you will be one of those elite ethical hackers. In this chapter, you will learn all the essentials of the terminal window so you can start using Kali Linux like a boss.
If you already know how to manage the terminal window, please use this chapter as a reference, or maybe go over it quickly in case there is something new that you haven't learned before. The main goal of this chapter is not only to show you the commands of Kali Linux but to help you deeply understand it through practical examples.
Kali Linux is a Debian‐based operating system developed by Offensive Security, so if you're used to Ubuntu, for example, the commands in the terminal window will look the same since Debian and Kali share an equal distribution.
Here's what this chapter covers:
Kali Linux file system
Terminal window basics
Managing users and groups
Manipulating files and folders
Handling remote connections
Kali Linux system management
Dealing with networking in Kali Linux
Kali Linux File System
Understanding the structure of the file system in Kali Linux is crucial. The directory structure of your Kali OS is based on the Unix Filesystem Hierarchy Standard (FHS), and that's how the directories are structured inside Kali Linux. In Windows, the root directory is C:\ , but in Kali Linux, it's a forward slash ( / ). Do not confuse the term root directory with the root user's home directory, which is /root , because they are two different things; the latter is the home directory for the root user. Speaking about the root user, it's essential to understand that this user is the equivalent to the Administrator user on Windows operating systems. In the Kali 2020.1 release, Offensive Security introduced the nonroot user by default, which means that you'll need to execute the sudo command if you want to run high‐privilege tools.
To get a visual representation of the Kali Linux file system directories, open the terminal window and execute the ls command to list the contents of the root system directory. Take note that by default you will be in the user home directory. To change it, you must execute the cd / command:
kali@kali:~$ cd / kali@kali:/$ ls bin boot dev etc home initrd.img initrd.img.old lib lib32 lib64 libx32 lost+found media mnt opt proc root run sbin srv sys tmp usr var vmlinuz vmlinuz.old
/bin (binaries): This directory holds Linux binaries like the ls command that we executed earlier.
/sbin (system binaries): This directory contains system binary files that serve as administrative commands (e.g., fdisk ).
/ boot : This directory contains the Linux bootloader files.
/ dev (devices): This directory contains the device configuration