OffensiveSecurity。

需积分: 21 274 浏览量更新于2023-05-20 评论收藏 10.45MB PDF 举报

身份认证购VIP最低享 7 折!

领优惠券(最高得80元）

资源详情

资源评论

资源推荐

Offensive Security

Penetration Testing with

BackTrack

PWB Online Lab Guide

v.3.2

Table of Contents

Before We Begin .............................................................................................................................................................. 16

i. Legal Stuff ................................................................................................................................................................ 16

ii. Important Notes ..................................................................................................................................................... 16

iii. Labs and IP Address Spaces .................................................................................................................................... 16

iv. Control Panel ......................................................................................................................................................... 17

Network Keys / Secrets ......................................................................................................................................... 17

v. PWB VPN Labs ........................................................................................................................................................ 18

vi. How to Approach This Course................................................................................................................................. 19

vii. Reporting .............................................................................................................................................................. 19

Reporting for PWB ................................................................................................................................................ 21

Interim Documentation ......................................................................................................................................... 22

viii. Penetration Testing Methodology......................................................................................................................... 23

1. Module 1: BackTrack Basics .......................................................................................................................................... 25

1.1 Finding Your Way around BackTrack ..................................................................................................................... 26

1.1.1 Exercises....................................................................................................................................................... 28

1.2 BackTrack Services ................................................................................................................................................ 29

1.2.1 DHCP ............................................................................................................................................................ 29

1.2.2 Static IP Assignment ..................................................................................................................................... 30

1.2.3 SSHD ............................................................................................................................................................ 30

1.2.4 Apache ......................................................................................................................................................... 32

1.2.5 FTP ............................................................................................................................................................... 33

OS-7561-PWB

1.2.6 TFTPD ........................................................................................................................................................... 34

1.2.7 VNC Server ................................................................................................................................................... 35

1.2.8 Additional Resources .................................................................................................................................... 35

1.2.9 Exercises....................................................................................................................................................... 36

1.3 The Bash Environment .......................................................................................................................................... 37

1.3.1 Simple Bash Scripting .................................................................................................................................... 37

1.3.2 Sample Exercise ............................................................................................................................................ 37

1.3.3 Sample Solution ............................................................................................................................................ 39

1.3.4 Additional Resources .................................................................................................................................... 43

1.3.5 Exercises....................................................................................................................................................... 44

1.4 Netcat the Almighty .............................................................................................................................................. 45

1.4.1 Connecting to a TCP/UDP Port with Netcat ................................................................................................... 45

1.4.2 Listening on a TCP/UDP Port with Netcat ...................................................................................................... 48

1.4.3 Transferring Files with Netcat ....................................................................................................................... 49

1.4.4 Remote Administration with Netcat .............................................................................................................. 50

1.4.5 Exercises....................................................................................................................................................... 55

1.5 Using Wireshark .................................................................................................................................................... 56

1.5.1 Peeking at a Sniffer ....................................................................................................................................... 56

1.5.2 Capture and Display Filters ........................................................................................................................... 59

1.5.3 Following TCP Streams .................................................................................................................................. 60

1.5.4 Additional Resources .................................................................................................................................... 60

1.5.5 Exercises....................................................................................................................................................... 61

OS-7561-PWB

2. Module 2: Information Gathering Techniques............................................................................................................... 62

2.1 Open Web Information Gathering ......................................................................................................................... 64

2.1.1 Google Hacking ............................................................................................................................................. 64

2.2. Miscellaneous Web Resources ............................................................................................................................. 79

2.2.1 Other Search Engines .................................................................................................................................... 79

2.2.2 Netcraft ........................................................................................................................................................ 79

2.2.3 Whois Reconnaissance.................................................................................................................................. 81

2.3 Exercises ............................................................................................................................................................... 86

3. Module 3: Open Services Information Gathering .......................................................................................................... 87

3.1 DNS Reconnaissance ............................................................................................................................................. 87

3.1.1 Interacting with a DNS Server ....................................................................................................................... 88

3.1.2 Automating Lookups ..................................................................................................................................... 90

3.1.3 Forward Lookup Brute Force ......................................................................................................................... 91

3.1.4 Reverse Lookup Brute Force ......................................................................................................................... 95

3.1.5 DNS Zone Transfers ...................................................................................................................................... 97

3.1.6 Exercises..................................................................................................................................................... 103

3.2 SNMP Reconnaissance ........................................................................................................................................ 104

3.2.1 Enumerating Windows Users ...................................................................................................................... 105

3.2.2 Enumerating Running Services .................................................................................................................... 105

3.2.3 Enumerating Open TCP Ports ...................................................................................................................... 106

3.2.4 Enumerating Installed Software .................................................................................................................. 107

3.2.5 Exercises..................................................................................................................................................... 110

OS-7561-PWB

3.3 SMTP Reconnaissance ......................................................................................................................................... 111

3.3.1 Exercises..................................................................................................................................................... 112

3.4 Microsoft NetBIOS Information Gathering ........................................................................................................... 113

3.4.1 Null Sessions ............................................................................................................................................... 113

3.4.2 Scanning for the NetBIOS Service ................................................................................................................ 114

3.4.3 Enumerating Username/Password Policies ................................................................................................. 115

3.4.4 Exercises..................................................................................................................................................... 119

3.5 Maltego .............................................................................................................................................................. 120

3.5.1 Network Infrastructure ............................................................................................................................... 120

3.5.2 Social Infrastructure ................................................................................................................................... 121

4. Module 4: Port Scanning ............................................................................................................................................ 122

4.1 TCP Port Scanning Basics ..................................................................................................................................... 123

4.2 UDP Port Scanning Basics .................................................................................................................................... 125

4.3 Port Scanning Pitfalls .......................................................................................................................................... 125

4.4 Nmap.................................................................................................................................................................. 125

4.4.1 Network Sweeping...................................................................................................................................... 128

4.4.2 OS Fingerprinting ........................................................................................................................................ 130

4.4.3 Banner Grabbing/Service Enumeration ....................................................................................................... 131

4.4.4 Nmap Scripting Engine ................................................................................................................................ 132

4.5 PBNJ ................................................................................................................................................................... 136

4.6 Unicornscan ........................................................................................................................................................ 142

4.7 Exercises ............................................................................................................................................................. 144

剩余338页未读，继续阅读