Astudillo - Ethical Hacking 101 How to conduct professional pentestings in 21 days or less! : Volume 1

ETHICAL HACKING 101

How to conduct professional pentestings in 21 days or less!

Understanding the hackers mind, making reconnaissance, scanning and enumeration, exploiting vulnerabilities, writing a professional report and more!

By:

Karina Astudillo B.

http://www.SeguridadInformaticaFacil.com

ETHICAL HACKING 101

How to conduct professional pentestings in 21 days or less!

Understanding the hackers mind, making reconnaissance, scanning and enumeration, exploiting vulnerabilities, writing a professional report and more!

Karina Astudillo B.

http://www.SeguridadInformaticaFacil.com

Copyright Karina Astudillo B., 2015

Translated and Updated from the Spanish First Edition (IEPI Registration, Certificate No. GYE-004179)

Note: All rights reserved. No part of this book shall be reproduced, distributed, or transmitted in any form or by any means, or stored in a database or retrieval system, without the prior written permission of the publisher and the author, exception made of brief quotes or quotations included in media articles or reviews.

All trademarks mentioned in this book belong to their respective owners and are used here for informational purposes only.

No patent liability is assumed with respect to the use of the information contained herein .

Although every precaution has been made in the preparation of this book, the publisher and author assume no responsibility for errors or omissions. Nor is any liability assumed for damages resulting from the use of the information contained herein.

To my family, especially my parents Laura and Pancho, for their unconditional love and support.

To my business partner and dear friend, Cecibel Andre, for encouraging my crazy dreams and knowing the proper time for bringing me back to Earth.

Contents at a glance

Preface

Information security has gained popularity in recent years and has gone from being considered a cost, to be seen as an investment by managers of companies and organizations worldwide.

In some countries this has happened very fast, in others the pace has been slower; but ultimately we all converged in a digital world where information is the most valuable intangible asset that we have.

And being an asset, we must protect it from loss, theft, misuse, etc. It is here that plays an important role a previously unknown actor: the ethical hacker .

The role of the ethical hacker is to make - from the point of view of a cracker - a controlled attack over the client's IT infrastructure, detecting and exploiting potential vulnerabilities that could allow penetrating the target networks defenses, but without damaging the services and systems audited. And all this for the sole purpose of alerting the clients organization of present security risks and how to fix them.

This individual must have the ability to know when it is best not to exploit a security hole and when it is safe to run an exploit to demonstrate the vulnerability severity. It's a mix between the criminal mind of Hannibal , the actions of Mother Teresa and the professional background of a true nerd!

But where are these heroes? The answer to this question becomes increasingly difficult if we believe in the studies made by leading consulting firms, which indicate that each year the gap between demand and offer of certified information security professionals widens.

And it is for this reason that it becomes essential to discover professional technology enthusiasts, but especially with high ethical and moral values, to be ready to accept the challenge of becoming pentesters.

This book is for them.

No previous knowledge of ethical hacking is required, the book has an introductory level and therefore starts from scratch in that area; however, it is essential to have a background in computational systems and information technologies.

What are the requirements?

How the book is divided?

The book unfolds in seven chapters and it is estimated that the student will spend about 21 days to complete it, with minimal time commitment of 2 hours per day. Nonetheless, the reader is free to move at their own pace and take more or less time.

My only suggestion is that the student completes all the proposed laboratories, even with different target operating systems. Always remember, Practice makes the master.

Chapter 1 - Introduction to Ethical Hacking covers the basics about this profession and describes the different types of pentesting. It also includes tips on how to conduct the initial phase of gathering information in order to prepare a proposal adjusted to our clients needs.

Chapter 2 - Reconnaissance reviews methodologies that help the ethical hacker to discover the environment of the target network, as well as useful software tools and commands. Emphasis is done on the use of Maltego and Google Hacking techniques to successfully conduct this phase.

In Chapters 3 and 4, Scanning and Enumeration techniques used by ethical hackers and crackers are described for detecting the services present in the target hosts and discern what operating systems and applications our victims use. The successful execution of these stages provides the pentester with helpful resources for enumerating user accounts, groups, shared folders, registry keys, etc., in order to detect potential security holes to be exploited later. Well cover the usage of popular software tools such as NMAP port scanner and OpenVAS and Nexpose vulnerability analyzers under the famous Kali Linux distro (former Backtrack ).

Chapter 5 - Hacking , key concepts are covered in this chapter as pentesting frameworks and hacking mechanisms. Here well perform step-by-step labs using the Metasploit Framework and its various interfaces. Detailed workshops for key attacks such as man in the middle, phishing, malware injection, wireless hacking, and so on are also included. In the labs well use popular applications such as Ettercap , Wireshark , Aircrack-ng suite and the Social Engineering Toolkit (SET).

Then, in Chapter 6 - Writing the audit report without suffering a mental breakdown , tips are given to make this phase as painless as possible for the auditor, while at the same time suggestions are made to deliver a useful report for our clients top management.

Later, in Chapter 7 - relevant international certifications , we review information security and ethical hacking top certifications that would be useful for the curriculum of a pentester.

We also believe that, despite being a book of hacking, the same could not be complete without including at each stage of the circle of hacking relevant defense mechanisms that may be suggested to the client in the audit report.

Finally, in Appendix A - Tips for successful laboratories , hardware and software requirements are shown to successfully run the workshops and provide the reader guidelines on where to download the installers for the required operating systems.

Thanks for purchasing this book! I wish you nothing but success in your new career as a Professional Ethical Hacker.

Chapter 1 Introduction to Ethical Hacking

When we talk about ethical hacking, we mean the act of making controlled penetration tests on computer systems; it means that the consultant or pentester, acting from the point of view of a cracker, will try to find vulnerabilities in the audited computers that can be exploited, providing - in some cases - access to the affected system; but always in a controlled environment and never jeopardizing the operation of the computer services being audited. It is important to emphasize that while there is no doubt that the pentester should possess sound knowledge of technology to perform ethical hacking, computer knowledge is not enough to run successfully an audit of this type. It is also required to follow a methodology that enables us to keep our work in order to maximize our time in the operational phase, in addition to applying our common sense and experience. Even though, unfortunately the experience and common sense cannot be transferred in a book, I will do my best to convey the methodology and best practices that I have acquired over the years of practice as an information security auditor.