Course : Overview
Build your own ethical hacking lab
Steps for Ethical hacking
Scanning with Nmap
Scanning with Nessus
Exploits with Metasploit
Working with Backdoors
Post Exploit : Meterpreter
Gather, Present, and Monitor your report
In order to complete this course :
Memory 4GB
Storage 50 GB free
Proc, any processor supporting Virtual Box VMware
Welcome to penetration testing with Metasploit 4
Exploring VirtualBox
Section 1 Build you own Lab.
We will need to install Kali Linux, Window 10 and Metasploitable on Virtualbox, if we did not have this kind of technology we will need to have three separate machines in order to do all this tasks
Safe working environment ( Machine can be deleted, added, cloned )
Virtually have multiple machine
Internal network option ( separated from our main network )
Free of charge
You will have to go to https://www.virtualbox.org/ and download the version for your machine, Linux, Mac, or MAC.
On windows you will have an exe file, and have to maybe disable any antivirus during install. On Mac open the DMG file and follow the steps
When you first open Virtualbox, you will have a vanilla configuration
On the same download page, you will have also to install the extension pack.
Now you are ready to install any OS on Your virtual Box
Hacker Jargon
Reconnaissance, passive information gathering using open source tools, social media, dumpster diving, Linkedin announcements, Netcraft. where you will get Background, Network, Hosting History, E-Mail settings, Technology related informations Go to https://www.netcraft.com to analyze a website, enter the url, and then go on site report Reconnaissance, passive information gathering using open source tools, social media, dumpster diving, Linkedin announcements, Netcraft. where you will get Background, Network, Hosting History, E-Mail settings, Technology related informations
Netcraft also calculate a risk rating.
Zenmap is the ideal tool to learn Nmap, as we can chose the type of scan we want to run from the profil. The more intense the scan is, the more chance we have to get noticed by the system, the company may run an Intrusion detection system called an IDS.
We are in the active information gathering phase right now, so the the target computer might understand something is going on, and might block you.
Try to do a quick scan, and we get open port. Then an intense scan, no ping to get more detailed information, try until we get the information we need. So if we go to the Ports / Hosts we will have the version of the software they are running, and then we can check according to the version if an exploit actually exist
Mostly used by industry professionals
In-depth analysis
Expensive tool
Nessus home edition
https://www.tenable.com/downloads/nessus
This is where you download Nessus Home edition, make sure you download the 64 bits editions.
To install a Debian package on Kali Linux use :
Exit
root@kali#dpkg -I *.deb
root@kali#service nessusd status
root@kali#service nessusd start
root@kali#service nessusd stop
When your installation is complete, it will take you to a dashboard that look like this. This is the starting point, where you decide which kind of scan you decide to perform
We can also install Nessus on a Mac, or a windows machine.
Once Installed, you will have to open a browser on go to the following url : https://localhost:8834
The results look like this : rom Critical to Info level.
Back to your Nessus Dashboard.
Agressive Network Scan
then, we will have an agressive network scan. Same give it a Name, Description, an target IP ( Metasploitable2 ), and then click on save, then if we need to make a change, we can go back to configuration, otherwise we can just run the scan. If you go to the configuration, you will find the Nessus Plugin, these are used for more in depth scan, if we are scanning a Linux target, of course we can disable all the Linux and the ones we don’t need for the scan to go faster.
Special important Options :
We can add known credential
Enable Safe Checks if uncheck Nessus will work faster, but we might get noticed easily.
Advanced scan takes longer to run than Basic ones, again let have a look at the results.
Section 5 Exploits with Metasploit
Section 6 Backdoors
Understanding Trojan Backdoors
Install Veil on Kali
This will fo the trick to install veil on Kali
root@kali:~# apt-get -y install veil
root@kali:~# /opt/Veil/config/setup.sh --force --silent
Other important apt command on kali linux
root@kali:~# apt-get update
root@kali:~# apt-get upgrade
root@kali:~# apt-get autoremove
root@kali:~# apt search packetname
Now we will deliver the backdoor to the windows machine.
So let’s start an apache server to deliver the payload, then copy the payload at the root of the apache server.
root@kali:~# service apache2 start
root@kali:~# cp /var/lib/veil/output/compiled/test_payload.exe /var/www/
Or an other solution is to use python to server the file as follow :
root@kali:/var/lib/veil/output/compiled# python -m SimpleHTTPServer 8000
Apache will be listening on port 80 as defaults, and python http server on port 8000
UPDATE NEXT WEEK
Congratulations @carael! You have completed the following achievement on the Steem blockchain and have been rewarded with new badge(s) :
Click here to view your Board
If you no longer want to receive notifications, reply to this comment with the word
STOP
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Hello @carael! This is a friendly reminder that you have 3000 Partiko Points unclaimed in your Partiko account!
Partiko is a fast and beautiful mobile app for Steem, and it’s the most popular Steem mobile app out there! Download Partiko using the link below and login using SteemConnect to claim your 3000 Partiko points! You can easily convert them into Steem token!
https://partiko.app/referral/partiko
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Congratulations @carael! You received a personal award!
You can view your badges on your Steem Board and compare to others on the Steem Ranking
Vote for @Steemitboard as a witness to get one more award and increased upvotes!
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit