Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Learn Ethical Hacking from Scratch
  • Toc
  • feedback
Learn Ethical Hacking from Scratch

Learn Ethical Hacking from Scratch

By : Sabih
4.4 (17)
close
Learn Ethical Hacking from Scratch

Learn Ethical Hacking from Scratch

4.4 (17)
By: Sabih

Overview of this book

This book starts with the basics of ethical hacking, how to practice hacking safely and legally, and how to install and interact with Kali Linux and the Linux terminal. You will explore network hacking, where you will see how to test the security of wired and wireless networks. You’ll also learn how to crack the password for any Wi-Fi network (whether it uses WEP, WPA, or WPA2) and spy on the connected devices. Moving on, you will discover how to gain access to remote computer systems using client-side and server-side attacks. You will also get the hang of post-exploitation techniques, including remotely controlling and interacting with the systems that you compromised. Towards the end of the book, you will be able to pick up web application hacking techniques. You'll see how to discover, exploit, and prevent a number of website vulnerabilities, such as XSS and SQL injections. The attacks covered are practical techniques that work against real systems and are purely for educational purposes. At the end of each section, you will learn how to detect, prevent, and secure systems from these attacks.
Table of Contents (24 chapters)
close
close
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Get in touch
Free Chapter
1
Introduction
Introduction
What's in this book?
What is hacking?
Why should we learn about hacking?
A glimpse of hacking
Summary
2
Setting Up a Lab
Setting Up a Lab
Lab overview
Installing Kali Linux
Installing Metasploitable
Installing Windows
Creating and using snapshots
Summary
3
Linux Basics
Linux Basics
Overview of Kali Linux
Linux commands
Updating resources
Summary
4
Network Penetration Testing
Network Penetration Testing
What is a network?
Network basics
Connecting to a wireless adapter
MAC addresses
Wireless modes – managed and monitor
Enabling monitor mode manually
Enabling monitor mode using airmon-ng
Summary
5
Pre-Connection Attacks
Pre-Connection Attacks
Packet sniffing basics
Targeted packet sniffing
Deauthentication attack
What is a fake access point?
Creating fake access points with the MANA Toolkit
Summary
6
Network Penetration Testing - Gaining Access
Network Penetration Testing - Gaining Access
WEP theory
Basic web cracking
Fake authentication attack
ARP request replay
WPA introduction
WPS cracking
Handshake theory
Capturing the handshake
Creating a wordlist
Wordlist cracking
Securing network from attacks
Summary
7
Post-Connection Attacks
Post-Connection Attacks
Post-connection attacks
Summary
8
Man-in-the-Middle Attacks
Man-in-the-Middle Attacks
Man-in-the–middle attacks
Wireshark
Summary
9
Network Penetration Testing, Detection, and Security
Network Penetration Testing, Detection, and Security
Detecting ARP poisoning
Detecting suspicious behavior
Summary
10
Gaining Access to Computer Devices
Gaining Access to Computer Devices
Introduction to gaining access
Sever-side attacks
Server-side attack basics
Server-side attacks – Metasploit basics
Metasploit remote code execution
Summary
11
Scanning Vulnerabilities Using Tools
Scanning Vulnerabilities Using Tools
Installing MSFC
MSFC scan
MSFC analysis
Installing Nexpose
Running Nexpose
Nexpose analysis
Summary
12
Client-Side Attacks
Client-Side Attacks
Client-side attacks
Installing Veil
Payloads overview
Generating a Veil backdoor
Listening for connections
Testing the backdoor
Fake bdm1 updates
Client-side attacks using the bdm2 BDFProxy
Protection against delivery methods
Summary
13
Client-Side Attacks - Social Engineering
Client-Side Attacks - Social Engineering
Client-side attacks using social engineering
Maltego overview
Social engineering – linking accounts
Social engineering – Twitter
Social engineering – emails
Social engineering – summary
Downloading and executing AutoIt
Changing the icon and compiling the payload
Changing extensions
Client-side attacks – TDM email spoofing
Summary
14
Attack and Detect Trojans with BeEF
Attack and Detect Trojans with BeEF
The BeEF tool
BeEF – hook using a MITMf
BeEF – basic commands
BeEF – Pretty Theft
BeEF – Meterpreter 1
Detecting Trojans manually
Detecting Trojans using a sandbox
Summary
15
Attacks Outside the Local Network
Attacks Outside the Local Network
Port forwarding
External backdoors
IP forwarding
External BeEF
Summary
16
Post Exploitation
Post Exploitation
An introduction to post exploitation
Meterpreter basics
Filesystem commands
Maintaining access by using simple methods
Maintaining access by using advanced methods
Keylogging
An introduction to pivoting
Pivoting autoroutes
Summary
17
Website Penetration Testing
Website Penetration Testing
What is a website?
Attacking a website
Summary
18
Website Pentesting - Information Gathering
Website Pentesting - Information Gathering
Information gathering using tools
Websites on the same server
Information gathering from target websites
Summary
19
File Upload, Code Execution, and File Inclusion Vulnerabilities
File Upload, Code Execution, and File Inclusion Vulnerabilities
File upload vulnerabilities
Code execution vulnerabilities
Local file inclusion vulnerabilities
Remote file inclusion using Metasploitable
Basic mitigation
Summary
20
SQL Injection Vulnerabilities
chevron up
SQL Injection Vulnerabilities
What is SQL?
The dangers of SQLi
Discovering SQLi
SQLi authorization bypass
Discovering an SQLi using the GET method
Basic SELECT statements
Discovering tables
Reading columns and their data
Reading and writing files on the server
The sqlmap tool
Preventing SQLi
Summary
21
Cross-Site Scripting Vulnerabilities
Cross-Site Scripting Vulnerabilities
Introduction to XSS
Reflected XSS
Stored XSS
XSS BeEF exploitation
XSS protection
Summary
22
Discovering Vulnerabilities Automatically Using OWASP ZAP
Discovering Vulnerabilities Automatically Using OWASP ZAP
OWASP ZAP start
OWASP ZAP results
Summary
23
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think

Reading and writing files on the server

In this section, we will look at how we can use SQLi to read any file in the server. So, even if the file exists outside the /www directory, we'll be able to read it exactly as with a file-disclosure vulnerability, and we'll see how we can use it to write files and upload them to the system, just as with a file-upload vulnerability.

First, let's take a look at reading the file; we are going to set everything to null. So, our statement is going to be as follows:

union select null,load_file('/etc/passwd'),null,null,null

Instead of selecting a column or a table, we want to run a function called load_file(), and we are going to set the file that we want to load. We're going to use the same file that we had a look at in the file-inclusion vulnerability, which was /etc/passwd. The URL command is as follows:

index...
End of Section 10
Next Section
bookmark search playlist download
font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete