Conducting Network Penetration and Espionage in a Global Environment

Conducting Network Penetration and Espionage in a Global Environment

by Bruce Middleton
Released April 2014
Publisher(s): Auerbach Publications
ISBN: 9781498760294

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

Penetration testing remains one of the best ways to test the security of private, government, military and corporate computer networks. This book provides step-by-step instruction on how to use tools, available mostly for free, to perform effective penetration tests of today's computer networks. Covering basic and advanced tools and procedures, it categorizes tools according to their use within the standard testing framework. Readers will learn how to perform an organized and efficient penetration test as well as techniques used to bypass anti-virus software and capture keystrokes of remote systems.

Table of contents

  1. Preface
  2. About the Author
  3. Chapter 1 - What You Need to Know First
    1. MATLAB® and SimuLink (MathSoft.com)
    2. Recommended Defensive Measures
    3. Google News Groups
    4. Typical PT Process
    5. Recommended Books/Classes
    6. Last But Not Least—A Pet Peeve
    7. Training
    8. Minimal Paperwork
  4. Chapter 2 - Attack from Christmas Island
  5. Chapter 3 - Indirect Target Information Acquisition (ITIA)
    1. Shodan
    2. Using Google to Obtain Information
    3. TheHarvester
    4. Nslookup
    5. Dig
    6. Dnsenum
    7. Dnswalk
    8. Dnsrecon
    9. Fierce
    10. Smtp-user-enum
    11. Dnsmap
    12. Dmitry
    13. Itrace
    14. Tcptraceroute
    15. Tctrace
    16. Goorecon
    17. Snmpenum
    18. Snmpwalk
    19. Snmpcheck
  6. Chapter 4 - Direct Target Information Acquisition (DTIA)
    1. Target Discovery
      1. Ping
      2. #ping -c 2 <target>
      3. #ping -c 3 -s 1000 IP
      4. Fping
      5. Genlist
      6. Hping
      7. Nbtscan
      8. Nping
      9. Onesixtyone
      10. P0f
      11. Xprobe2
    2. Enumerating Target
    3. Some Miscellaneous Items to Keep in Mind (Refer to as Needed)
      1. Start Networks
      2. Create Videos
      3. Whois xumpidhjns.it.cx
      4. Whois 95.141.28.91
      5. Whois nucebeb.changeip.name
      6. Whois 64.120.252.74
      7. Netcraft
      8. Host
      9. DNS Tools (More)
      10. Nslookup
  7. Chapter 5 - Nmap
    1. Nmap -T0 -O -sTV -vv -p- -PN IP
    2. Nmap -O -sSV -vv -p- -PN IP
    3. Nmap–script http-enum,http-headers,http-methods,http-php-version -p 80 IP
    4. Nmap -A -vvv -p- -PN -iL IPlist.txt
    5. Nmap -f -f -vvv -p- -PN IP
    6. Nmap -sP -PA IP.0/24
    7. Nmap -sS -sU -p U:53,T:22,134-139 IP
    8. Nmap -O -sUV -vvv -p- -PN IP
    9. Nmap -O -sXV -vvv -p- -PN IP
    10. Nmap -O -sNV -vvv -p- -PN IP
    11. Nmap -mtu 16 -vvv -p- -PN IP
    12. Nmap -sM -vvv -p- -PN IP
    13. Nmap -sC -p- -PN IP
    14. Nmap -p 139,445 IP
    15. Nmap -scanflags PSH -p- -PN IP
    16. Nmap -scanflags PSH -p135 IP
    17. Nmap -scanflags SYN -p135 IP
    18. Nmap -sA -scanflags PSH -p- -PN IP
    19. Nmap -sP IP.0/24 -oA Results
    20. Nmap -sP -PA -oN Results IP.0/24
    21. Nmap -n -sP 192.168.4.1-20
    22. Nmap -sP -oG Results IP.0/24
    23. Nmap -v -sP 192.168.0.0/16 10.0.0.0/8
    24. Nmap -sP -PN -PS -reason IP
    25. Nmap -sL IP.1-255
    26. Nmap -sS -sV -O -v IP
    27. Nmap -T0 -vv -b FTP_IP TARGET_IP -oA Results
    28. Nmap -sF -PN -p22 IP
    29. Nmap -sU -p0-65535 IP
    30. Nmap -sU -v -p 1-65535 IP
    31. Nmap -sU -p 161
    32. Nmap -sU -T5 -p 69, 123, 161, 1985 IP
    33. Nmap -PP -PM IP
      1. Nmap -sO IP
      2. Nmap -O IP
      3. Nmap -sV IP
  8. Chapter 6 - MATLAB, SimuLink, and R
  9. Chapter 7 - Metasploit Pro
    1. Now Verify Database Connectivity with Metasploit
    2. Perform an Nmap Scan within Metasploit
    3. Using Auxiliary Modules in Metasploit
    4. Using Metasploit to Exploit
      1. No Options to Set
      2. See Lots of Them
      3. Did We Obtain a Command Shell?
      4. See the Active Driver, such as postgresql
    5. If You Get an Error While Connecting to the DB
    6. Using the DB to Store Pen Test Results
    7. Analyzing Stored Results of DB
    8. Unfiltered Port
    9. Using Metasploit Auxiliary Module for Scans
      1. Use
      2. Set
      3. Run
    10. To Make the Scan Faster across Multiple Devices
    11. Target Services Scanning with Auxiliary Modules
    12. Vulnerability Scan with Metasploit Using Nessus
    13. Scanning with Nexpose within Metasploit:
    14. Note about Exploit-db
    15. Some Metasploit Exploit Commands
    16. Microsoft Exploit
    17. Exploiting a Windows 2003 Server
    18. Exploiting Windows 7/Server 2008 R2 SMB Client
    19. Exploiting Linux Ubuntu System
    20. Client Side Exploitation and A/V Bypass
    21. Msfpayload Can Be Used to Generate Binary and Shellcode
    22. To Set Up a Listener for the Reverse Connection
    23. Run Some Linux PPC Payloads against the FSB
    24. Generate Shellcode in C
    25. Meterpreter Commands
    26. Executive Summary
    27. Detailed Findings
      1. Tools Utilized
    28. Recommendations to Resolve Issues
  10. Chapter 8 - China, Syria, and the American Intelligence Community
    1. The Burning
    2. China
    3. Syria
  11. Chapter 9 - Building a Penetration Testing Lab
  12. Chapter 10 - Vendor Default Passwords and Default Unix Ports
  13. Chapter 11 - Oldies but Goodies If You Have Physical Access
    1. SafeBack
      1. New Technologies, Inc.
    2. GetTime
      1. New Technologies, Inc.
    3. FileList and FileCnvt and Excel
      1. New Technologies, Inc.
    4. GetFree
      1. New Technologies, Inc.
    5. Swap Files and GetSwap
      1. New Technologies, Inc.
        1. General Information
    6. GetSlack
      1. New Technologies, Inc.
    7. Temporary Files
    8. Filter_I
      1. New Technologies, Inc.
        1. Filter
        2. Intel
        3. Names
        4. Words
    9. Keyword Generation
      1. New Technologies, Inc.
    10. TextSearch Plus
      1. New Technologies, Inc.
    11. Crcmd5
      1. New Technologies, Inc.
    12. DiskSig
      1. New Technologies, Inc.
    13. Doc
      1. New Technologies, Inc.
    14. Mcrypt
      1. New Technologies, Inc.
    15. Micro-Zap
      1. New Technologies, Inc.
    16. Map
      1. New Technologies, Inc.
    17. M-Sweep
      1. New Technologies, Inc.
    18. Net Threat Analyzer
      1. New Technologies, Inc.
    19. AnaDisk
      1. New Technologies, Inc.
    20. Seized
      1. New Technologies, Inc.
    21. Scrub
      1. New Technologies, Inc.
    22. Spaces
      1. New Technologies, Inc.
    23. NTFS FileList
      1. New Technologies, Inc.
        1. Example
        2. General Information
    24. NTFS GetFree
      1. New Technologies, Inc.
        1. Example
        2. General Information
    25. NTFS GetSlack
      1. New Technologies, Inc.
        1. Example
        2. General Information
    26. NTFS VIEW
      1. New Technologies, Inc.
        1. Example
    27. NTFS Check
      1. New Technologies, Inc.
        1. Example
    28. NTIcopy
      1. New Technologies, Inc.
    29. Disk Search 32
      1. New Technologies, Inc.
        1. Example
  14. Chapter 12 - Order of Operations for Your Tools
    1. Reconnaissance
    2. Enumeration
    3. Exploitation
    4. Wireless Networks
    5. VOIP Networks
    6. Reporting
    7. Scripting/Programming/Debugging
  15. Chapter 13 - Using Your iPhone as a Network Scanner
    1. IP Scanner
    2. NetPro
    3. WiFi Scanner
    4. iNet
    5. Net Detective
    6. Net Swiss Army Knife
    7. Ping Analyzer
    8. WiFi Net Info
    9. TraceRoute
    10. PortScan
    11. Net Utility
    12. zTools

Product information

  • Title: Conducting Network Penetration and Espionage in a Global Environment
  • Author(s): Bruce Middleton
  • Release date: April 2014
  • Publisher(s): Auerbach Publications
  • ISBN: 9781498760294