Hacking tutorial part1

in #linux6 years ago

Course : Overview

Build your own ethical hacking lab
Steps for Ethical hacking
Scanning with Nmap
Scanning with Nessus
Exploits with Metasploit
Working with Backdoors
Post Exploit : Meterpreter
Gather, Present, and Monitor your report

In order to complete this course :

Memory 4GB
Storage 50 GB free
Proc, any processor supporting Virtual Box VMware

Welcome to penetration testing with Metasploit 4
Exploring VirtualBox
Section 1 Build you own Lab.

We will need to install Kali Linux, Window 10 and Metasploitable on Virtualbox, if we did not have this kind of technology we will need to have three separate machines in order to do all this tasks

Safe working environment ( Machine can be deleted, added, cloned )
Virtually have multiple machine
Internal network option ( separated from our main network )
Free of charge

You will have to go to https://www.virtualbox.org/ and download the version for your machine, Linux, Mac, or MAC.

On windows you will have an exe file, and have to maybe disable any antivirus during install. On Mac open the DMG file and follow the steps

When you first open Virtualbox, you will have a vanilla configuration

On the same download page, you will have also to install the extension pack.

Now you are ready to install any OS on Your virtual Box

Hacker Jargon

Reconnaissance, passive information gathering using open source tools, social media, dumpster diving, Linkedin announcements, Netcraft. where you will get Background, Network, Hosting History, E-Mail settings, Technology related informations Go to https://www.netcraft.com to analyze a website, enter the url, and then go on site report Reconnaissance, passive information gathering using open source tools, social media, dumpster diving, Linkedin announcements, Netcraft. where you will get Background, Network, Hosting History, E-Mail settings, Technology related informations

Netcraft also calculate a risk rating.
Zenmap is the ideal tool to learn Nmap, as we can chose the type of scan we want to run from the profil. The more intense the scan is, the more chance we have to get noticed by the system, the company may run an Intrusion detection system called an IDS.

We are in the active information gathering phase right now, so the the target computer might understand something is going on, and might block you.

Try to do a quick scan, and we get open port. Then an intense scan, no ping to get more detailed information, try until we get the information we need. So if we go to the Ports / Hosts we will have the version of the software they are running, and then we can check according to the version if an exploit actually exist

Mostly used by industry professionals
In-depth analysis
Expensive tool
Nessus home edition

https://www.tenable.com/downloads/nessus

This is where you download Nessus Home edition, make sure you download the 64 bits editions.

To install a Debian package on Kali Linux use :
Exit
root@kali#dpkg -I *.deb
root@kali#service nessusd status
root@kali#service nessusd start
root@kali#service nessusd stop

When your installation is complete, it will take you to a dashboard that look like this. This is the starting point, where you decide which kind of scan you decide to perform

We can also install Nessus on a Mac, or a windows machine.

Once Installed, you will have to open a browser on go to the following url : https://localhost:8834

The results look like this : rom Critical to Info level.
Back to your Nessus Dashboard.

Agressive Network Scan
then, we will have an agressive network scan. Same give it a Name, Description, an target IP ( Metasploitable2 ), and then click on save, then if we need to make a change, we can go back to configuration, otherwise we can just run the scan. If you go to the configuration, you will find the Nessus Plugin, these are used for more in depth scan, if we are scanning a Linux target, of course we can disable all the Linux and the ones we don’t need for the scan to go faster.

Special important Options :

We can add known credential
Enable Safe Checks if uncheck Nessus will work faster, but we might get noticed easily.

Advanced scan takes longer to run than Basic ones, again let have a look at the results.

Section 5 Exploits with Metasploit

Section 6 Backdoors
Understanding Trojan Backdoors
Install Veil on Kali
This will fo the trick to install veil on Kali

root@kali:~# apt-get -y install veil
root@kali:~# /opt/Veil/config/setup.sh --force --silent

Other important apt command on kali linux

root@kali:~# apt-get update
root@kali:~# apt-get upgrade
root@kali:~# apt-get autoremove
root@kali:~# apt search packetname

Now we will deliver the backdoor to the windows machine.

So let’s start an apache server to deliver the payload, then copy the payload at the root of the apache server.

root@kali:~# service apache2 start
root@kali:~# cp /var/lib/veil/output/compiled/test_payload.exe /var/www/

Or an other solution is to use python to server the file as follow :

root@kali:/var/lib/veil/output/compiled# python -m SimpleHTTPServer 8000

Apache will be listening on port 80 as defaults, and python http server on port 8000

UPDATE NEXT WEEK

Sort:  

Congratulations @carael! You have completed the following achievement on the Steem blockchain and have been rewarded with new badge(s) :

You published more than 10 posts. Your next target is to reach 20 posts.

Click here to view your Board
If you no longer want to receive notifications, reply to this comment with the word STOP

Support SteemitBoard's project! Vote for its witness and get one more award!

Hello @carael! This is a friendly reminder that you have 3000 Partiko Points unclaimed in your Partiko account!

Partiko is a fast and beautiful mobile app for Steem, and it’s the most popular Steem mobile app out there! Download Partiko using the link below and login using SteemConnect to claim your 3000 Partiko points! You can easily convert them into Steem token!

https://partiko.app/referral/partiko

Congratulations @carael! You received a personal award!

Happy Birthday! - You are on the Steem blockchain for 1 year!

You can view your badges on your Steem Board and compare to others on the Steem Ranking

Vote for @Steemitboard as a witness to get one more award and increased upvotes!

Coin Marketplace

STEEM 0.20
TRX 0.25
JST 0.039
BTC 97402.80
ETH 3477.48
USDT 1.00
SBD 3.19