Kevin Beaver - Hacking For Dummies

Hacking For Dummies, 5th Edition

Published by: John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030-5774, www.wiley.com

Copyright 2016 by John Wiley & Sons, Inc., Hoboken, New Jersey

Published simultaneously in Canada

No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permitted under Sections 107 or 108 of the 1976 United States Copyright Act, without the prior written permission of the Publisher. Requests to the Publisher for permission should be addressed to the Permissions Department, John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, (201) 748-6011, fax (201) 748-6008, or online at http://www.wiley.com/go/permissions .

Trademarks: Wiley, For Dummies, the Dummies Man logo, Dummies.com, Making Everything Easier, and related trade dress are trademarks or registered trademarks of John Wiley & Sons, Inc. and may not be used without written permission. All other trademarks are the property of their respective owners. John Wiley & Sons, Inc. is not associated with any product or vendor mentioned in this book.

LIMIT OF LIABILITY/DISCLAIMER OF WARRANTY : THE PUBLISHER AND THE AUTHOR MAKE NO REPRESENTATIONS OR WARRANTIES WITH RESPECT TO THE ACCURACY OR COMPLETENESS OF THE CONTENTS OF THIS WORK AND SPECIFICALLY DISCLAIM ALL WARRANTIES, INCLUDING WITHOUT LIMITATION WARRANTIES OF FITNESS FOR A PARTICULAR PURPOSE. NO WARRANTY MAY BE CREATED OR EXTENDED BY SALES OR PROMOTIONAL MATERIALS. THE ADVICE AND STRATEGIES CONTAINED HEREIN MAY NOT BE SUITABLE FOR EVERY SITUATION. THIS WORK IS SOLD WITH THE UNDERSTANDING THAT THE PUBLISHER IS NOT ENGAGED IN RENDERING LEGAL, ACCOUNTING, OR OTHER PROFESSIONAL SERVICES. IF PROFESSIONAL ASSISTANCE IS REQUIRED, THE SERVICES OF A COMPETENT PROFESSIONAL PERSON SHOULD BE SOUGHT. NEITHER THE PUBLISHER NOR THE AUTHOR SHALL BE LIABLE FOR DAMAGES ARISING HEREFROM. THE FACT THAT AN ORGANIZATION OR WEBSITE IS REFERRED TO IN THIS WORK AS A CITATION AND/OR A POTENTIAL SOURCE OF FURTHER INFORMATION DOES NOT MEAN THAT THE AUTHOR OR THE PUBLISHER ENDORSES THE INFORMATION THE ORGANIZATION OR WEBSITE MAY PROVIDE OR RECOMMENDATIONS IT MAY MAKE. FURTHER, READERS SHOULD BE AWARE THAT INTERNET WEBSITES LISTED IN THIS WORK MAY HAVE CHANGED OR DISAPPEARED BETWEEN WHEN THIS WORK WAS WRITTEN AND WHEN IT IS READ.

For general information on our other products and services, please contact our Customer Care Department within the U.S. at 877-762-2974, outside the U.S. at 317-572-3993, or fax 317-572-4002. For technical support, please visit www.wiley.com/techsupport .

Wiley publishes in a variety of print and electronic formats and by print-on-demand. Some material included with standard print versions of this book may not be included in e-books or in print-on-demand. If this book refers to media such as a CD or DVD that is not included in the version you purchased, you may download this material at http://booksupport.wiley.com . For more information about Wiley products, visit www.wiley.com .

Library of Congress Control Number: 2015956627

ISBN 978-1-119-15468-6 (pbk); ISBN 978-1-119-15469-3 (ebk); ISBN 978-1-119-15470-9 (ebk)

1. Table of Contents

There were no books on hacking when I became a penetration tester and security auditor for PricewaterhouseCoopers in 1995. There were tools, techniques, and procedures, though. While the tools have changed dramatically, the techniques and procedures have been remarkably stable, and Kevin Beaver has created the perfect introduction to hacking that incorporates the best procedures with the latest tools. Planning, footprint analysis, scanning, and attacking are all still required. Perhaps there is more emphasis on wireless and web hacking and less on things such as war dialing thanks to changes in the way companies and people are connected. The real value to extract from this book is in understanding the tools and becoming proficient in their use.

Pen testing, or hacking, is the best way to get into the rewarding field of IT security. It is open to anyone with a foundation in computing, coding, or networking. If you do not have a background in all three, you will quickly gain knowledge in the other disciplines because hacking takes you down many paths.

There was a time when a professional hacker had to be a jack-of-all-trades. Now there are thousands of subspecialties within the realm of hacking: mobile app security testing, web app security testing, network penetration, and OS-specific hacking for Mac OS X, Windows, Linux, and Android. Security researchers, specialists who discover new vulnerabilities, are having a big impact on the so-called Internet of Things (IoT) as they discover new ways to hack medical devices, automobiles, airplanes, and industrial control systems, which makes this field that much more exciting and relevant.

Hacking appeals to a special kind of person. Tinkerers, inventors, and just those who are fascinated by the way things work get into IT security through the hacking door.

As Kevin explains though, hacking as a profession requires discipline and careful recordkeeping, perhaps the hardest part for the sometimes brilliant amateur hackers the ones who will stay glued to their consoles for 24 hours, scripting attacks and wending their way through a network until they hit gold.

For me, the most interesting type of hacking is what I have termed business process hacking. When formalized, business process hacking is an example of what Kevin calls knowledge-based hacking. It is best performed with an insiders knowledge of architectures and technology and, most important, the business process. This is where you discover flaws in the way a business is built. Is there a third-party payment processor in the loop of an e-commerce site? Can a subscriber to an information resource abuse his access in ways a hacker cannot? Where are the trust interfaces? Is the only control at those interfaces: We trust the user/system/supplier not to hack us?

You see business process hacking every day. So-called Search Engine Optimization (SEO) experts figure out how to hack Googles page rank algorithms and controls. Tickets to popular concerts and sporting events are sold out in minutes to bots that scarf them up for resale at a profit. Amazon sales ranks are hacked by authors who purchase their own books in quantity.

This book is your introduction to the challenging and engaging world of hacking IT systems. I predict three things: 1. Hacking will accelerate your career as you gain invaluable experience and become indispensable to your organization. 2. New doors will open for you. You will find that you have many options. You can join (or form) a consulting firm. You can move up the ranks inside your organization, perhaps to becoming the Chief Information Security Officer. You can join a vendor that designs and sells security tools in which you have gained proficiency. 3. You will never stop learning. Hacking is one of the few fields where you are never done.

Richard Stiennon
Chief Research Analyst, IT-Harvest
Author of There Will Be Cyberwar

Welcome to Hacking For Dummies, 5th Edition. This book outlines in plain English computer hacker tricks and techniques that you can use to assess the security of your information systems, find the vulnerabilities that matter, and fix the weaknesses before criminal hackers and malicious insiders take advantage of them. This hacking is the professional, aboveboard, and legal type of security testing which I often refer to as