更新时间:2021-07-23 15:54:42
封面
版权信息
Credits
About the Authors
About the Reviewers
www.PacktPub.com
Preface
Chapter 1. Metasploit Quick Tips for Security Professionals
Introduction
Configuring Metasploit on Windows
Configuring Metasploit on Ubuntu
Installing Metasploit with BackTrack 5 R3
Setting up penetration testing using VMware
Setting up Metasploit on a virtual machine with SSH connectivity
Installing and configuring PostgreSQL in BackTrack 5 R3
Using the database to store the penetration testing results
Working with BBQSQL
Chapter 2. Information Gathering and Scanning
Passive information gathering
Port scanning – the Nmap way
Port scanning – the DNmap way
Using keimpx – an SMB credentials scanner
Detecting SSH versions with the SSH version scanner
FTP scanning
SNMP sweeping
Vulnerability scanning with Nessus
Scanning with NeXpose
Working with OpenVAS – a vulnerability scanner
Chapter 3. Operating-System-based Vulnerability Assessment
Penetration testing on a Windows XP SP2 machine
Binding a shell to the target for remote access
Penetration testing on Windows 8
Exploiting a Linux (Ubuntu) machine
Understanding the Windows DLL injection flaws
Chapter 4. Client-side Exploitation and Antivirus Bypass
Exploiting Internet Explorer execCommand Use-After-Free vulnerability
Understanding Adobe Flash Player "new function" invalid pointer use
Understanding Microsoft Word RTF stack buffer overflow
Working with Adobe Reader U3D Memory Corruption
Generating binary and shell code from msfpayload
Msfencoding schemes with the detection ratio
Using the killav.rb script to disable the antivirus programs
Killing the antiviruses' services from the command line
Working with the syringe utility
Chapter 5. Working with Modules for Penetration Testing
Working with scanner auxiliary modules
Working with auxiliary admin modules
SQL injection and DoS attack module
Post-exploitation modules
Understanding the basics of module building
Analyzing an existing module
Building your own post-exploitation module
Chapter 6. Exploring Exploits
Exploiting the module structure
Working with msfvenom
Converting an exploit to a Metasploit module
Porting and testing the new exploit module
Fuzzing with Metasploit
Writing a simple FileZilla FTP fuzzer
Chapter 7. VoIP Penetration Testing
Scanning and enumeration phase
Yielding passwords
VLAN hopping
VoIP MAC spoofing
Impersonation attack
DoS attack
Chapter 8. Wireless Network Penetration Testing
Setting up and running Fern WiFi Cracker
Sniffing interfaces with tcpdump
Cracking WEP and WPA with Fern WiFi Cracker
Session hijacking via a MAC address
Locating a target's geolocation
Understanding an evil twin attack
Configuring Karmetasploit
Chapter 9. Social-Engineer Toolkit
Getting started with the Social-Engineer Toolkit (SET)
Working with the SET config file
Working with the spear-phishing attack vector
Website attack vectors
Working with the multi-attack web method
Infectious media generator
Chapter 10. Working with Meterpreter
Understanding the Meterpreter system commands
Understanding the Meterpreter filesystem commands
Understanding the Meterpreter networking commands
Privilege escalation and process migration
Setting up multiple communication channels with the target
Meterpreter anti-forensics – timestomp
The getdesktop and keystroke sniffing
Using a scraper Meterpreter script
Passing the hash
