eBook - ePub
Learn Ethical Hacking from Scratch
Your stepping stone to penetration testing
Zaid Sabih
This is a test
Partager le livre
- 564 pages
- English
- ePUB (adapté aux mobiles)
- Disponible sur iOS et Android
eBook - ePub
Learn Ethical Hacking from Scratch
Your stepping stone to penetration testing
Zaid Sabih
DĂ©tails du livre
Aperçu du livre
Table des matiĂšres
Citations
Ă propos de ce livre
Learn how to hack systems like black hat hackers and secure them like security experts
Key Features
- Understand how computer systems work and their vulnerabilities
- Exploit weaknesses and hack into machines to test their security
- Learn how to secure systems from hackers
Book Description
This book starts with the basics of ethical hacking, how to practice hacking safely and legally, and how to install and interact with Kali Linux and the Linux terminal. You will explore network hacking, where you will see how to test the security of wired and wireless networks. You'll also learn how to crack the password for any Wi-Fi network (whether it uses WEP, WPA, or WPA2) and spy on the connected devices.
Moving on, you will discover how to gain access to remote computer systems using client-side and server-side attacks. You will also get the hang of post-exploitation techniques, including remotely controlling and interacting with the systems that you compromised. Towards the end of the book, you will be able to pick up web application hacking techniques. You'll see how to discover, exploit, and prevent a number of website vulnerabilities, such as XSS and SQL injections.
The attacks covered are practical techniques that work against real systems and are purely for educational purposes. At the end of each section, you will learn how to detect, prevent, and secure systems from these attacks.
What you will learn
- Understand ethical hacking and the different fields and types of hackers
- Set up a penetration testing lab to practice safe and legal hacking
- Explore Linux basics, commands, and how to interact with the terminal
- Access password-protected networks and spy on connected clients
- Use server and client-side attacks to hack and control remote computers
- Control a hacked system remotely and use it to hack other systems
- Discover, exploit, and prevent a number of web application vulnerabilities such as XSS and SQL injections
Who this book is for
Learning Ethical Hacking from Scratch is for anyone interested in learning how to hack and test the security of systems like professional hackers and security experts.
Foire aux questions
Comment puis-je résilier mon abonnement ?
Il vous suffit de vous rendre dans la section compte dans paramĂštres et de cliquer sur « RĂ©silier lâabonnement ». Câest aussi simple que cela ! Une fois que vous aurez rĂ©siliĂ© votre abonnement, il restera actif pour le reste de la pĂ©riode pour laquelle vous avez payĂ©. DĂ©couvrez-en plus ici.
Puis-je / comment puis-je télécharger des livres ?
Pour le moment, tous nos livres en format ePub adaptĂ©s aux mobiles peuvent ĂȘtre tĂ©lĂ©chargĂ©s via lâapplication. La plupart de nos PDF sont Ă©galement disponibles en tĂ©lĂ©chargement et les autres seront tĂ©lĂ©chargeables trĂšs prochainement. DĂ©couvrez-en plus ici.
Quelle est la différence entre les formules tarifaires ?
Les deux abonnements vous donnent un accĂšs complet Ă la bibliothĂšque et Ă toutes les fonctionnalitĂ©s de Perlego. Les seules diffĂ©rences sont les tarifs ainsi que la pĂ©riode dâabonnement : avec lâabonnement annuel, vous Ă©conomiserez environ 30 % par rapport Ă 12 mois dâabonnement mensuel.
Quâest-ce que Perlego ?
Nous sommes un service dâabonnement Ă des ouvrages universitaires en ligne, oĂč vous pouvez accĂ©der Ă toute une bibliothĂšque pour un prix infĂ©rieur Ă celui dâun seul livre par mois. Avec plus dâun million de livres sur plus de 1 000 sujets, nous avons ce quâil vous faut ! DĂ©couvrez-en plus ici.
Prenez-vous en charge la synthÚse vocale ?
Recherchez le symbole Ăcouter sur votre prochain livre pour voir si vous pouvez lâĂ©couter. Lâoutil Ăcouter lit le texte Ă haute voix pour vous, en surlignant le passage qui est en cours de lecture. Vous pouvez le mettre sur pause, lâaccĂ©lĂ©rer ou le ralentir. DĂ©couvrez-en plus ici.
Est-ce que Learn Ethical Hacking from Scratch est un PDF/ePUB en ligne ?
Oui, vous pouvez accĂ©der Ă Learn Ethical Hacking from Scratch par Zaid Sabih en format PDF et/ou ePUB ainsi quâĂ dâautres livres populaires dans Computer Science et Computer Networking. Nous disposons de plus dâun million dâouvrages Ă dĂ©couvrir dans notre catalogue.
Informations
Man-in-the-Middle Attacks
In the previous chapter, we covered the ways we can gather information and analyze it with the help of various tools. In this chapter, we will learn about the man-in-the-middle framework (MITMf), which is a toolkit for one of the most powerful attacks. In order to implement MITMf we are going to use ARP spoofing, bypassing HTTPS, and DNS spoofing. We will also use keyloggers, and look at the code injection technique for MITMf implementation.
Towards the end of the chapter, we will learn about a special tool called Wireshark, which is very efficient when it comes to analyzing a network. With it, we can capture packets and learn the information they carry within them. In this section of the chapter, we are going to learn how to operate this tool and also how to use a few filters.
In this chapter, we will cover the following topics:
- Man-in-the-middle-attacks
- Wireshark
Man-in-theâmiddle attacks
In the next few sections, we're going to talk about what are known as man-in-the-middle (MITM) attacks. This is one of the most dangerous and effective attacks that we can carry out in a network. We can only do it once we have connected to the network. It can be used to redirect the flow of packets from any client to our device. This means that any packet that is sent to or from the client will have to go through our device, and since we know the password we know the key to the network, so we will be able to read those packets. They won't be encrypted, and we will be able to modify them, drop them, or just read them to see if they contain passwords or important information. This attack is so effective because it's very hard to protect against. We're going to talk about the ways to protect against it, but it's very hard to fully protect against this attack. This is due to the way the ARP protocol works. It was programmed in a way that's very simple and very effective, but it's not secure enough.
ARP has two main security issues. The first one is that each ARP request or response is trusted, so whatever our device says to other devices that are in our network will be trusted. We can just tell any device that's on our network that we are the router and the device will trust us. It will not try to make sure that we are actually the router. It will not run any tests to ensure our identity. If we tell any device that we are the router, the device will believe us. In the same way, if we tell the router that we are someone else on the network, the router will trust us and will start treating us as that device; so, that's the first security issue. The second security issue is that clients can accept responses even if they didn't send a request. So, for example, when a device connects to the network, the first thing it's going to ask is, who is the router? And then the router will send a response saying "I am the router." Now, we can just send a response without the device asking who the router is. We can just tell the device we are the router, and because the devices trust anyone, they will trust us start sending us packets instead of sending the packets to the router.
So, let's have a deeper look at how this MITM attack works. It's going to work using a technique called ARP poisoning, or ARP spoofing. This is done by exploiting the two security issues that we talked about in the previous paragraph. That's a typical Wi-Fi network, and we can see in the following diagram that when the client requests something it will send the request to the Wi-Fi router, and then the router will get the request from the internet and come back with the responses to the Client:
Now, all this is done using packets. So, what we are going to do is we're going to send an ARP response to the Client so that we can send responses without the Client asking them. The Client didn't ask for anything, but we can still send it a response. We're going to say that our IP is the router IP. So, the router, for example, has the IP 192.168.1.1; we're going to tell the Client the device with the IP 192.168.1.1 has our MAC address, so we're going to tell the Client that we are the router, basically.
This will cause the Client to start sending the packets to us instead of sending the packets to the router. The following diagram illustrates this:
After that, we're going to do the opposite to the Wi-Fi router. We're going to tell the router that we are the client. We'll do this by telling the router that our IP is the Client IP, and that Client has our MAC address, so the communication of packets will be done through the MAC address, and the Wi-Fi router will start sending any packet that's meant to go to the Client to us instead. This will redirect the flow of packets through our device, so when the Client wants to send a request it will send the request to us:
So, for example, as seen in the following screenshot, when the Client wants to open Google it will send the request to our device instead of sending it to the Wi-Fi router:
Now, our device will go to the Wi-Fi router, it'll get Google, the Wi-Fi router will send the response to our device instead of the Client, and then we will send the packet back. So, this means that each packet that is sent to the Client or from the Client, will have to go through us. Since it's going through us and we have the key, we can read these packets, we can modify them, or we can just drop them.
So, that's the basic principle of the MITM attack and ARP poisoning. Basically, we're going to tell the Client that we are the Wi-Fi router, and then we're going to tell the router that we are the Client. This will put us in the middle of the packet flow, between the Client and the Wi-Fi router, and all the packets will start flowing through our device. Then we can read the packets, modify them, or drop them.
ARP spoofing using arpspoof
Now, let's see how to run an actual ARP poisoning attack, redirecting the flow of packets and making it flow through our device. We're going to talk about a tool called arpspoof, which is part of a suite called dsniff. dsniff is a suite that contains a number of programs that can be used to launch MITM attacks. We're just going to talk about arpspoof, and we're going to see how to use it to carry out ARP poisoning, which redirects the flow of packets through our device. The arpspoof tool is old, but it still works, and because it's so simple it's been ported to Android, iOS, and other smaller operating systems. There's a lot of people that actually like to use it to do ARP poisoning, which is why we're going to show you how to use this tool. In the next section and all the sections after that, we're going to use a tool called ettercap. We'll see how we use it and how to do ARP poisoning with it, but for this section we just want to show how to use arpspoof because it's going to be used a lot, so we need to know how to use it. It's very simple, anyway.
So, we are connected now to the target network. Let's see how we use the tool. It's going to be arpspoof -i, to choose our internet card (virtual card), so it's eth0. Then we're going to put in the target IP address. So, our target is the Windows device, with...