The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy
()
About this ebook
The Basics of Hacking and Penetration Testing serves as an introduction to the steps required to complete a penetration test or perform an ethical hack from beginning to end. This book makes ethical hacking and penetration testing easy – no prior hacking experience is required. It shows how to properly utilize and interpret the results of the modern-day hacking tools required to complete a penetration test. With a simple and clean explanation of how to effectively utilize these tools – as well as the introduction to a four-step methodology for conducting a penetration test or hack – the book provides students with the know-how required to jump start their careers and gain a better understanding of offensive security.
The book is organized into 7 chapters that cover hacking tools such as Backtrack Linux, Google reconnaissance, MetaGooFil, dig, Nmap, Nessus, Metasploit, Fast Track Autopwn, Netcat, and Hacker Defender rootkit. Each chapter contains hands-on examples and exercises that are designed to teach learners how to interpret results and utilize those results in later phases. PowerPoint slides are available for use in class.
This book is an ideal reference for security consultants, beginning InfoSec professionals, and students.
- Named a 2011 Best Hacking and Pen Testing Book by InfoSec Reviews
- Each chapter contains hands-on examples and exercises that are designed to teach you how to interpret the results and utilize those results in later phases.
- Writen by an author who works in the field as a Penetration Tester and who teaches Offensive Security, Penetration Testing, and Ethical Hacking, and Exploitation classes at Dakota State University.
- Utilizes the Backtrack Linus distribution and focuses on the seminal tools required to complete a penetration test.
Patrick Engebretson
Dr. Patrick Engebretson obtained his Doctor of Science degree with a specialization in Information Security from Dakota State University. He currently serves as an Assistant Professor of Information Assurance and also works as a Senior Penetration Tester for security firm in the Midwest. His research interests include penetration testing, hacking, intrusion detection, exploitation, honey pots, and malware. In the past several years he has published many peer reviewed journal and conference papers in these areas. Dr. Engebretson has been invited by the Department of Homeland Security to share his research at the Software Assurance Forum in Washington, DC and has also spoken at Black Hat in Las Vegas. He regularly attends advanced exploitation and penetration testing trainings from industry recognized professionals and holds several certifications. He teaches graduate and undergraduate courses in penetration testing, wireless security, and intrusion detection, and advanced exploitation.
Read more from Patrick Engebretson
The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy Rating: 4 out of 5 stars4/5The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy Rating: 4 out of 5 stars4/5
Related to The Basics of Hacking and Penetration Testing
Related ebooks
Kali Linux CTF Blueprints Rating: 0 out of 5 stars0 ratingsCoding for Penetration Testers: Building Better Tools Rating: 0 out of 5 stars0 ratingsWeb Penetration Testing with Kali Linux Rating: 5 out of 5 stars5/5Learning Network Forensics Rating: 5 out of 5 stars5/5Low Tech Hacking: Street Smarts for Security Professionals Rating: 4 out of 5 stars4/5Penetration Testing with the Bash shell Rating: 0 out of 5 stars0 ratingsIntroduction to US Cybersecurity Careers Rating: 3 out of 5 stars3/5Professional Penetration Testing: Volume 1: Creating and Learning in a Hacking Lab Rating: 4 out of 5 stars4/5Hacking into Hackers’ Head: A step towards creating CyberSecurity awareness Rating: 5 out of 5 stars5/5Penetration Testing: Protecting networks and systems Rating: 0 out of 5 stars0 ratingsPenetration Testing with BackBox Rating: 0 out of 5 stars0 ratingsApplied Network Security Monitoring: Collection, Detection, and Analysis Rating: 3 out of 5 stars3/5Hacking Web Apps: Detecting and Preventing Web Application Security Problems Rating: 0 out of 5 stars0 ratings#HACKED: 10 Practical Cybersecurity Tips to Help Protect Personal or Business Inform Rating: 0 out of 5 stars0 ratingsViolent Python: A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers Rating: 4 out of 5 stars4/5Nmap in the Enterprise: Your Guide to Network Scanning Rating: 0 out of 5 stars0 ratingsMalware Forensics Field Guide for Windows Systems: Digital Forensics Field Guides Rating: 4 out of 5 stars4/5Seven Deadliest Web Application Attacks Rating: 0 out of 5 stars0 ratingsThe Basics of Information Security: Understanding the Fundamentals of InfoSec in Theory and Practice Rating: 1 out of 5 stars1/5Web Application Obfuscation: '-/WAFs..Evasion..Filters//alert(/Obfuscation/)-' Rating: 5 out of 5 stars5/5Kali Linux – Assuring Security by Penetration Testing Rating: 3 out of 5 stars3/5Hacking with Kali: Practical Penetration Testing Techniques Rating: 4 out of 5 stars4/5Kali Linux Web Penetration Testing Cookbook Rating: 0 out of 5 stars0 ratingsKali Linux Cookbook Rating: 4 out of 5 stars4/5Hacking Essentials - The Beginner's Guide To Ethical Hacking And Penetration Testing Rating: 3 out of 5 stars3/5Ethical Hacking 101 - How to conduct professional pentestings in 21 days or less!: How to hack, #1 Rating: 5 out of 5 stars5/5Penetration Testing with Kali Linux: Learn Hands-on Penetration Testing Using a Process-Driven Framework (English Edition) Rating: 0 out of 5 stars0 ratingsMastering Kali Linux for Advanced Penetration Testing Rating: 4 out of 5 stars4/5
Information Technology For You
How To Use Chatgpt: Using Chatgpt To Make Money Online Has Never Been This Simple Rating: 0 out of 5 stars0 ratingsCompTIA ITF+ CertMike: Prepare. Practice. Pass the Test! Get Certified!: Exam FC0-U61 Rating: 0 out of 5 stars0 ratingsAWS Certified Cloud Practitioner: Study Guide with Practice Questions and Labs Rating: 5 out of 5 stars5/5Health Informatics: Practical Guide Rating: 0 out of 5 stars0 ratingsHow to Write Effective Emails at Work Rating: 4 out of 5 stars4/5Practical Ethical Hacking from Scratch Rating: 5 out of 5 stars5/5Creating Online Courses with ChatGPT | A Step-by-Step Guide with Prompt Templates Rating: 4 out of 5 stars4/5Windows Registry Forensics: Advanced Digital Forensic Analysis of the Windows Registry Rating: 4 out of 5 stars4/5The Ultimate Guide to Landing a Network Engineering Job Rating: 0 out of 5 stars0 ratingsData Analytics for Beginners: Introduction to Data Analytics Rating: 4 out of 5 stars4/5Computer Science: A Concise Introduction Rating: 4 out of 5 stars4/5Inkscape Beginner’s Guide Rating: 5 out of 5 stars5/5WordPress Plugin Development: Beginner's Guide Rating: 0 out of 5 stars0 ratingsHacking Essentials - The Beginner's Guide To Ethical Hacking And Penetration Testing Rating: 3 out of 5 stars3/5Cybersecurity for Beginners : Learn the Fundamentals of Cybersecurity in an Easy, Step-by-Step Guide: 1 Rating: 0 out of 5 stars0 ratingsCompTIA Network+ CertMike: Prepare. Practice. Pass the Test! Get Certified!: Exam N10-008 Rating: 0 out of 5 stars0 ratingsQuantum Computing for Programmers and Investors: with full implementation of algorithms in C Rating: 5 out of 5 stars5/5The Programmer's Brain: What every programmer needs to know about cognition Rating: 5 out of 5 stars5/5The Certified Fintech Professional Rating: 5 out of 5 stars5/5DNS in Action Rating: 0 out of 5 stars0 ratingsAn Ultimate Guide to Kali Linux for Beginners Rating: 3 out of 5 stars3/5ChatGPT: The Future of Intelligent Conversation Rating: 4 out of 5 stars4/5Summary of Super-Intelligence From Nick Bostrom Rating: 5 out of 5 stars5/5A Civic Technologist's Practice Guide Rating: 0 out of 5 stars0 ratingsSupercommunicator: Explaining the Complicated So Anyone Can Understand Rating: 3 out of 5 stars3/5Panda3d 1.7 Game Developer's Cookbook Rating: 0 out of 5 stars0 ratings
Reviews for The Basics of Hacking and Penetration Testing
0 ratings0 reviews
Book preview
The Basics of Hacking and Penetration Testing - Patrick Engebretson
Table of Contents
Cover image
Front-matter
Copyright
Dedication
Acknowledgments
About the Author
About the Technical Editor
Introduction
Chapter 1. What Is Penetration Testing?
Chapter 2. Reconnaissance
Chapter 3. Scanning
Chapter 4. Exploitation
Chapter 5. Web-Based Exploitation
Chapter 6. Maintaining Access with Backdoors and Rootkits
Chapter 7. Wrapping Up the Penetration Test
Index
Front-matter
The Basics of Hacking and Penetration Testing
The Basics of Hacking and Penetration Testing
Ethical Hacking and Penetration Testing Made Easy
Patrick Engebretson
Technical Editor
James Broad
Syngress Press is an imprint of Elsevier
Copyright
Acquiring Editor: Angelina Ward
Development Editor: Heather Scherer
Project Manager: Jessica Vaughan
Designer: Alisa Andreola
Syngress is an imprint of Elsevier
225 Wyman Street, Waltham, MA 02451, USA
© 2011 Elsevier Inc. All rights reserved
No part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or any information storage and retrieval system, without permission in writing from the publisher. Details on how to seek permission, further information about the Publisher’s permissions policies and our arrangements with organizations such as the Copyright Clearance Center and the Copyright Licensing Agency, can be found at our website: www.elsevier.com/permissions.
This book and the individual contributions contained in it are protected under copyright by the Publisher (other than as may be noted herein).
Notices
Knowledge and best practice in this field are constantly changing. As new research and experience broaden our understanding, changes in research methods or professional practices, may become necessary. Practitioners and researchers must always rely on their own experience and knowledge in evaluating and using any information or methods described herein. In using such information or methods they should be mindful of their own safety and the safety of others, including parties for whom they have a professional responsibility.
To the fullest extent of the law, neither the Publisher nor the authors, contributors, or editors, assume any liability for any injury and/or damage to persons or property as a matter of products liability, negligence or otherwise, or from any use or operation of any methods, products, instructions, or ideas contained in the material herein.
Library of Congress Cataloging-in-Publication Data
Engebretson, Pat (Patrick Henry), 1974-
The basics of hacking and penetration testing : ethical hacking and penetration testing made easy / Patrick Engebretson.
p. cm. – (Syngress basics series)
Includes bibliographical references and index.
ISBN 978-1-59749-655-1 (alk. paper)
1. Computer security. 2. Computer hackers. 3. Computer software–Testing. 4. Computer crimes–Prevention. I. Title.
QA76.9.A25E5443 2010
005.8–dc23
2011018388
British Library Cataloguing-in-Publication Data
A catalogue record for this book is available from the British Library
ISBN: 978-1-59749-655-1
Printed in the United States of America
11 12 13 14 15 10 9 8 7 6 5 4 3 2 1
For information on all Syngress publications visit our website at www.syngress.com
Dedication
This book is dedicated to God, Lorianna, Maggie, and Molly. You are the steel cables that bind me. I love you.
Acknowledgments
Like most people, I have a list. The list is made up of life goals and dreams—things I would like to accomplish at some point in my life. Some of the items on the list are big, some small, some well-defined, stable, and concrete, whereas others are more transient and ambiguous—like early morning fog on the Lutsen Mountains, constantly changing and moving, sometimes even disappearing altogether only to reappear at a later date and time. Obviously, the list is not a stone tablet; it changes and updates as I move through life. A few things, however, have never moved off the list; they stand as the Mount Rushmore’s in my life. Hundreds of feet high, carved into solid granite. Never changing. Always there. They gracefully weather the storms and vicissitudes of life and simply wait to be crossed off. Some are nobler, some are egotistical, and some are even whimsical. I have had the good fortune in my life to be able to cross off many of the items on my list. Even the big ones. This book represents the crossing off of one of my Rushmore
items. A presidential face to be sure (although I am not sure which face it actually represents!).
As with most things in life, this book, the end product that you see, is the culmination of many people’s efforts and energies. So while I do get to cross this off my list, and while my name appears on the cover, please do not take that to mean that this book is my sole creation. Without the dedication, support, help, and advice from everyone involved, there is no doubt you would not be reading these words right now. Writing a proper Acknowledgments
section by truly listing everyone involved would fill many, many pages—below you will find a simple attempt to say thanks. I apologize in advance if I forgot to mention anyone.
My Wife
What can I say that would justify or somehow verbalize what you mean to me? There is no doubt that this book is as much an effort on your part as mine. You gave me the wings of encouragement to fly and the dedication of long lonely days and nights while I worked on it. You never complained, never resisted, and were never upset when I needed more from you. Every man should be so lucky. I am who I am because of you. Thank you.
My Girls
To my little Liebchens—you are the light of my life! I apologize for all early mornings, late nights, and long weekends. Bring on the sunroom, Little People, Mary and Joseph, princesses, Barbie’s, and the Pirate Ship! Daddy loves you more than life itself.
My Family
Thanks to my mother and father for the gift of education and teaching me to understand the value of hard work and dedication to a project. Thanks also to my other mother, who dedicated countless hours to reading and correcting my initial rough drafts.
To the Syngress Team
Thanks for the opportunity! Thanks to the editing team; I appreciate all the hard work and dedication you gave to this project. Special thanks to Angelina Ward who ultimately earned a green light for the project, to Heather Scherer, my editor, for the countless hours and assistance, and to James Broad for the excellent eye and great suggestions throughout the technical review process.
To keep up with news and happenings about the book, or other security-related content, feel free to follow: pengebretson on Twitter or visit my homepage: http://homepages.dsu.edu/pengebretson
About the Author
Dr. Patrick Engebretson obtained his Doctor of Science degree with a specialization in information security from Dakota State University. He currently serves as an assistant professor of information assurance and also works as a senior penetration tester for a security firm in the Midwest. His research interests include penetration testing, hacking, intrusion detection, exploitation, honey pots, and malware. In the past several years, he has published many peer-reviewed journal and conference papers in these areas. He has been invited by the Department of Homeland Security to share his research at the Software Assurance Forum in Washington, DC, and has also spoken at Black Hat in Las Vegas. He regularly attends advanced exploitation and penetration testing trainings from industry-recognized professionals and holds several certifications. He teaches graduate and undergraduate courses in penetration testing, wireless security, and intrusion detection, and advanced exploitation.
About the Technical Editor
James Broad (CISSP, C|EH, C)PTS, Security+, MBA) is the President and owner of Cyber-Recon, LLC, where he and his team of consultants specialize in Information Security, Information Assurance, and Certification and Accreditation and offer other security consultancy services to corporate and government clients.
As a security professional with over 20 years of real-world IT experience, James is an expert in many areas of IT security, specializing in security engineering, penetration testing, and vulnerability analysis and research. He has provided security services in the Nation’s most critical sectors including defense, law enforcement, intelligence, finance, and healthcare.
James has a Master’s of Business Administration degree with specialization in Information Technology (MBA/IT) from the Ken Blanchard College of Business, Bachelor’s degrees in Computer Programming and Security Management from Southwestern University and is currently a Doctoral Learner pursuing a Ph.D. in Information Security from Capella University. He is a member of ISSA and (ISC) 2®. James currently resides in Stafford, Virginia with his family: Deanne, Micheal, and Temara.
Introduction
I suppose there are several questions that may be running through your head as you contemplate reading this book: Who is the intended audience for this book? How is this book different from book ‘x’ (insert your favorite title here)? Why should I buy it? Because these are all fair questions and I am asking you to plunk down your hard-earned cash, it is important to provide some answers to these questions.
For people who are interested in learning about hacking and penetration testing, walking into a well-stocked bookstore can be as confusing as searching for hacking
books at amazon.com. Initially, there appears to be an almost endless selection to choose from. Most large bookstores have several shelves dedicated to computer security books. They include books on programming security, web application security, rootkits and malware, penetration testing, and, of course, hacking. However, even the hacking books seem to vary in content and subject matter. Some books focus on using tools but do not discuss how these tools fit together. Other books focus on hacking a particular subject but lack the broad picture.
This book is intended to address these issues. It is meant to be a single starting point for anyone interested in the topics of hacking or penetration testing. The book will certainly cover specific tools and topics but will also examine how the tools fit together and how they rely on one another to be successful.
Who is the Intended Audience for this Book?
This book is meant to be a very gentle yet thorough guide to the world of hacking and penetration testing. It is specifically aimed at helping you master the basic steps needed to complete a hack or penetration test without overwhelming you. By the time you finish this book, you will have a solid understanding of the penetration testing process and you will be comfortable with the basic tools needed to complete the job.
Specifically, this book is aimed at people who are new to the world of hacking and penetration testing, for those with little or no previous experience, for those who are frustrated by the inability to see the big picture (how the various tools and phases fit together), or for those looking to expand their knowledge of offensive security.
In short this book is written for anyone who is interested in computer security, hacking, or penetration testing but has no prior experience and is not sure where to begin. A colleague and I call this concept zero entry hacking
(ZEH), much like modern-day swimming pools. Zero entry pools gradually slope from the dry end to the deep end, allowing swimmers to wade in without feeling overwhelmed or without having a fear of drowning. The zero entry
concept allows everyone the ability to use the pool regardless of age or swimming ability. This book employs a similar technique. ZEH is designed to expose you to the basic concepts without overwhelming you. Completion of ZEH will prepare you for advanced courses and books.
How is this Book different from Book ‘X’?
When not spending time with my family, there are two things I enjoy doing: reading and hacking. Most of the time, I combine these hobbies by reading about hacking. As a professor and a penetration tester, you can imagine that my bookshelf is lined with many books on hacking, security, and penetration testing. As with most things in life, the quality and value of every book is different. Some books are excellent resources that have been used so many times that the bindings are literally falling apart. Others are less helpful and remain in nearly new condition. A book that does a good job of explaining the details without losing the reader is worth its weight in gold. Unfortunately, most of my personal favorites, those that are worn and tattered, are either very lengthy (500+ pages) or very focused (an in-depth guide to a single topic). Neither of these is a bad thing; in fact, quite the opposite, it is the level of detail and the clarity of the authors’ explanation that make them so great. But at the same time, a very large tome focused on a detailed subject of security can seem overwhelming to newcomers.
Unfortunately, as a beginner trying to break into the security field and learn the basics of hacking, tackling one of these books can be both daunting and confusing. This book is different from other publications in two ways. First, it is meant for beginners; recall the concept of zero entry.
If you have never performed any type of hacking or you have used a few tools but are not quite sure what to do next (or how to interpret the results of the tool), this book is for you. The goal is not to bury you with details but to present a broad overview of the entire field.
Naturally, the book will still cover each of the major tools needed to complete the steps in a penetration test, but it will not stop to examine all the in-depth or additional functionality for each of these tools. This will be helpful from the standpoint that it will focus on the basics, and in most cases allow us to avoid confusion caused by advanced features or minor differences in tool versions.
For example, when we discuss port scanning, the chapter will discuss how to run the basic scans with the very popular port scanner Nmap. Because the book focuses on the basics, it becomes less important exactly which version of Nmap the user is running. Running a SYN scan using Nmap is exactly the same regardless of whether you are conducting your scan with Nmap version 2 or version 5. This technique will be employed as often as possible, doing so should allow the reader to learn Nmap (or any tool) without having to worry about the changes in functionality that often accompany advanced features in version changes.
The goal of this book is to provide general knowledge that will allow you to tackle advanced topics and books. Remember, once you have a firm grasp of the basics, you can always go back and learn the specific details and advanced features of a tool. In addition, each chapter will end with a list of suggested tools and topics that are outside the scope of this book but can be used for further study and to advance your knowledge.
Beyond just being written for beginners, this book actually presents the information in a very unique way. All the tools and techniques we use in this book will be carried out in a specific order against a small number of related targets (all target machines will belong to the same subnet, and the reader will be able to easily recreate this target
network to follow along). Readers will be shown how to interpret tool output and how to utilize that output to continue the attack from one chapter to the next.
The use of a sequential and singular rolling example throughout the book will help readers see the big picture and better comprehend how the various tools and phases fit together. This is different from many other books on the market today, which often discuss various tools and attacks but fail to explain how those tools can be effectively chained together. Presenting information in a way that shows the user how to clearly move from one phase to another will provide valuable experience and allow the reader to complete an entire penetration test by simply following along with the examples in the book. This concept should allow the reader to get a clear understanding of the fundamental knowledge while learning how the various tools and phases connect.
Why should I buy this Book?
Even though the immediate answers to this question are highlighted in the preceding sections, below you will find a condensed list of reasons:
■ You want to learn more about hacking and penetration testing but you are unsure of where to start.
■ You have dabbled in hacking and penetration testing but you are not sure how all the pieces fit together.
■ You want to learn more about the tools and processes that are used by hackers and penetration testers to gain access to networks and systems.
■ You are looking for a good place to start building offensive security knowledge.
■ You enjoy a challenge.
Chapter 1. What Is Penetration Testing?
Information in This Chapter:
■ Introduction to Backtrack Linux: Tools. Lots of Tools
■ Working with Backtrack: Starting the Engine
■ The Use and Creation of a Hacking Lab
■ Phases of a Penetration Test
This chapter introduces the reader to the concept of penetration testing and ethical hacking. A formal methodology is introduced and explained. Information about Backtrack Linux is presented, which includes setting up a network connection and working with a terminal window. The use and creation of a penetration testing lab for completing and following along with the examples in this book is outlined. The chapter concludes with a summary and a look at the remaining chapters.
Keywords
Backtrack Linux, creating a hacking lab, penetration testing, penetration testing methodologies
Introduction
Penetration testing can be defined as a legal and authorized attempt to locate and successfully exploit computer systems for the purpose of making those systems more secure. The process includes probing for vulnerabilities as well as providing proof of concept (POC) attacks to demonstrate the vulnerabilities are real. Proper penetration testing always ends with specific recommendations for addressing and fixing the issues that were discovered during the test. On the whole, this process is used to help secure computers and networks against future attacks.
Penetration testing is also known as
■ Pen Testing
■ PT
■ Hacking
■ Ethical Hacking
■ White Hat Hacking
It is important to spend a few moments discussing the difference between penetration testing and vulnerability assessment. Many people (and vendors) in the security community incorrectly use these terms interchangeably. A vulnerability assessment is the process of reviewing services and systems for potential security issues, whereas a penetration test actually performs exploitation and POC attacks to prove that a security issue exists. Penetration tests go a step beyond vulnerability assessments by simulating hacker activity and delivering live payloads. In this book, we will cover the process of vulnerability assessment as one of the steps utilized to complete a penetration test.
Setting the Stage
Understanding all the various players and positions in the world of hacking and penetration testing is central to comprehending the big picture. Let us start by painting the picture with broad brush strokes. Please understand that the following is a gross oversimplification; however, it should help you see the differences between the various groups of people involved.
It may help to consider the