چه کسانی این کتاب را می‌خوانند

دانشجوعلاقه‌مند یادگیری
کتابخوان حرفه‌ایلذت مطالعه
نویسندهالهام‌گیری

Metasploit the penetration tester's guide. - Includes index

David Kennedy; Jim O'Gorman; Devon Kearns; Mati Aharoni

قیمت نهایی

۴۴٬۰۰۰ تومان۴۹٬۰۰۰ تومان۱۰٪ تخفیف
  • تخفیف زمان‌دار−۵٬۰۰۰ تومان

۵٬۰۰۰ تومان صرفه‌جویی نسبت به قیمت اصلی

نسخه اصلی و اورجینال

بلافاصله پس از خرید، فایل کتاب روی دستگاه شما آمادهٔ دانلود است.

تحویل فوری
پرداخت امن
ضمانت فایل
پشتیبانی

مشخصات کتاب

سال انتشار
۲۰۱۱
فرمت
PDF
زبان
انگلیسی
حجم فایل
۷٫۲ مگابایت
شابک
9781593272883، 9781593274023، 159327288X، 1593274025

دربارهٔ کتاب

"The Metasploit Framework makes discovering, exploiting, and sharing vulnerabilities quick and relatively painless. But while Metasploit is used by security professionals everywhere, documentation is lacking and the tool can be hard to grasp for first-time users. Metasploit: A Penetration Tester's Guide fills this gap by teaching you how to harness the Framework, use its many features, and interact with the vibrant community of Metasploit contributors. The authors begin by building a foundation for penetration testing and establishing a fundamental methodology. From there, they explain the Framework's conventions, interfaces, and module system, as they show you how to assess networks with Metasploit by launching simulated attacks. Having mastered the essentials, you'll move on to advanced penetration testing techniques, including network reconnaissance and enumeration, client-side attacks, devastating wireless attacks, and targeted social engineering attacks. Metasploit: A Penetration Tester's Guide will teach you how to: Find and exploit unmaintained, misconfigured, and unpatched systems Perform reconnaissance and find valuable information about your target Bypass anti-virus technologies and circumvent security controls Integrate Nmap, NeXpose, and Nessus with Metasploit to automate discovery Use the Meterpreter shell to launch further attacks from inside the network Harness standalone Metasploit utilities, third-party tools, and plug-ins Learn how to write your own Meterpreter post exploitation modules and scripts You'll even touch on exploit discovery for zero-day research, write a fuzzer, port existing exploits into the Framework, and learn how to cover your tracks. Whether your goal is to make your own networks more secure or to put someone else's to the test, Metasploit: A Penetration Tester's Guide will take you there and beyond"--"How to identify and exploit security vulnerabilities with Metasploit, the world's most popular penetration testing framework"-- Read more... Abstract: "The Metasploit Framework makes discovering, exploiting, and sharing vulnerabilities quick and relatively painless. But while Metasploit is used by security professionals everywhere, documentation is lacking and the tool can be hard to grasp for first-time users. Metasploit: A Penetration Tester's Guide fills this gap by teaching you how to harness the Framework, use its many features, and interact with the vibrant community of Metasploit contributors. The authors begin by building a foundation for penetration testing and establishing a fundamental methodology. From there, they explain the Framework's conventions, interfaces, and module system, as they show you how to assess networks with Metasploit by launching simulated attacks. Having mastered the essentials, you'll move on to advanced penetration testing techniques, including network reconnaissance and enumeration, client-side attacks, devastating wireless attacks, and targeted social engineering attacks. Metasploit: A Penetration Tester's Guide will teach you how to: Find and exploit unmaintained, misconfigured, and unpatched systems Perform reconnaissance and find valuable information about your target Bypass anti-virus technologies and circumvent security controls Integrate Nmap, NeXpose, and Nessus with Metasploit to automate discovery Use the Meterpreter shell to launch further attacks from inside the network Harness standalone Metasploit utilities, third-party tools, and plug-ins Learn how to write your own Meterpreter post exploitation modules and scripts You'll even touch on exploit discovery for zero-day research, write a fuzzer, port existing exploits into the Framework, and learn how to cover your tracks. Whether your goal is to make your own networks more secure or to put someone else's to the test, Metasploit: A Penetration Tester's Guide will take you there and beyond"-- "How to identify and exploit security vulnerabilities with Metasploit, the world's most popular penetration testing framework" Foreword 15 Preface 19 Acknowledgments 21 Special Thanks 22 Introduction 23 Why Do a Penetration Test? 24 Why Metasploit? 24 A Brief History of Metasploit 24 About This Book 25 What’s in the Book? 25 A Note on Ethics 26 1: The Absolute Basics of Penetration Testing 27 The Phases of the PTES 28 Pre-engagement Interactions 28 Intelligence Gathering 28 Threat Modeling 28 Vulnerability Analysis 29 Exploitation 29 Post Exploitation 29 Reporting 30 Types of Penetration Tests 30 Overt Penetration Testing 31 Covert Penetration Testing 31 Vulnerability Scanners 31 Pulling It All Together 32 2: Metasploit Basics 33 Terminology 33 Exploit 34 Payload 34 Shellcode 34 Module 34 Listener 34 Metasploit Interfaces 34 MSFconsole 35 MSFcli 35 Armitage 37 Metasploit Utilities 38 MSFpayload 38 MSFencode 39 Nasm Shell 39 Metasploit Express and Metasploit Pro 40 Wrapping Up 40 3: Intelligence Gathering 41 Passive Information Gathering 42 whois Lookups 42 Netcraft 43 NSLookup 44 Active Information Gathering 44 Port Scanning with Nmap 44 Working with Databases in Metasploit 46 Port Scanning with Metasploit 51 Targeted Scanning 52 Server Message Block Scanning 52 Hunting for Poorly Configured Microsoft SQL Servers 53 SSH Server Scanning 54 FTP Scanning 55 Simple Network Management Protocol Sweeping 56 Writing a Custom Scanner 57 Looking Ahead 59 4: Vulnerability Scanning 61 The Basic Vulnerability Scan 62 Scanning with NeXpose 63 Configuration 63 Importing Your Report into the Metasploit Framework 68 Running NeXpose Within MSFconsole 69 Scanning with Nessus 70 Nessus Configuration 70 Creating a Nessus Scan Policy 71 Running a Nessus Scan 73 Nessus Reports 73 Importing Results into the Metasploit Framework 74 Scanning with Nessus from Within Metasploit 75 Specialty Vulnerability Scanners 77 Validating SMB Logins 77 Scanning for Open VNC Authentication 78 Scanning for Open X11 Servers 80 Using Scan Results for Autopwning 82 5: The Joy of Exploitation 83 Basic Exploitation 84 msf> show exploits 84 msf> show auxiliary 84 msf> show options 84 msf> show payloads 86 msf> show targets 88 info 89 set and unset 89 setg and unsetg 90 save 90 Exploiting Your First Machine 90 Exploiting an Ubuntu Machine 94 All-Ports Payloads: Brute Forcing Ports 97 Resource Files 98 Wrapping Up 99 6: Meterpreter 101 Compromising a Windows XP Virtual Machine 102 Scanning for Ports with Nmap 102 Attacking MS SQL 102 Brute Forcing MS SQL Server 104 The xp_cmdshell 105 Basic Meterpreter Commands 106 Capturing Keystrokes 107 Dumping Usernames and Passwords 108 Extracting the Password Hashes 108 Dumping the Password Hash 109 Pass the Hash 110 Privilege Escalation 111 Token Impersonation 113 Using ps 113 Pivoting onto Other Systems 115 Using Meterpreter Scripts 118 Migrating a Process 118 Killing Antivirus Software 119 Obtaining System Password Hashes 119 Viewing All Traffic on a Target Machine 119 Scraping a System 119 Using Persistence 120 Leveraging Post Exploitation Modules 121 Upgrading Your Command Shell to Meterpreter 121 Manipulating Windows APIs with the Railgun Add-On 123 Wrapping Up 123 7: Avoiding Detection 125 Creating Stand-Alone Binaries with MSFpayload 126 Evading Antivirus Detection 127 Encoding with MSFencode 128 Multi-encoding 129 Custom Executable Templates 131 Launching a Payload Stealthily 132 Packers 133 A Final Note on Antivirus Software Evasion 134 8: Exploitation Using Client-Side Attacks 135 Browser-Based Exploits 136 How Browser-Based Exploits Work 137 Looking at NOPs 138 Using Immunity Debugger to Decipher NOP Shellcode 138 Exploring the Internet Explorer Aurora Exploit 142 File Format Exploits 145 Sending the Payload 146 Wrapping Up 147 9: Metasploit Auxiliary Modules 149 Auxiliary Modules in Use 152 Anatomy of an Auxiliary Module 154 Going Forward 159 10: The Social-Engineer Toolkit 161 Configuring the Social-Engineer Toolkit 162 Spear-Phishing Attack Vector 163 Web Attack Vectors 168 Java Applet 168 Client-Side Web Exploits 172 Username and Password Harvesting 174 Tabnabbing 176 Man-Left-in-the-Middle 176 Web Jacking 177 Putting It All Together with a Multipronged Attack 179 Infectious Media Generator 183 Teensy USB HID Attack Vector 183 Additional SET Features 186 Looking Ahead 187 11: Fast-Track 189 Microsoft SQL Injection 190 SQL Injector-Query String Attack 191 SQL Injector-POST Parameter Attack 192 Manual Injection 193 MSSQL Bruter 194 SQLPwnage 198 Binary-to-Hex Generator 200 Mass Client-Side Attack 201 A Few Words About Automation 202 12: Karmetasploit 203 Configuration 204 Launching the Attack 205 Credential Harvesting 207 Getting a Shell 208 Wrapping Up 210 13: Building Your Own Module 211 Getting Command Execution on Microsoft SQL 212 Exploring an Existing Metasploit Module 213 Creating a New Module 215 PowerShell 215 Running the Shell Exploit 216 Creating powershell_upload_exec 218 Conversion from Hex to Binary 218 Counters 220 Running the Exploit 221 The Power of Code Reuse 222 14: Creating Your Own Exploits 223 The Art of Fuzzing 224 Controlling the Structured Exception Handler 227 Hopping Around SEH Restrictions 230 Getting a Return Address 232 Bad Characters and Remote Code Execution 236 Wrapping Up 239 15: Porting Exploits to the Metasploit Framework 241 Assembly Language Basics 242 EIP and ESP Registers 242 The JMP Instruction Set 242 NOPs and NOP Slides 242 Porting a Buffer Overflow 242 Stripping the Existing Exploit 244 Configuring the Exploit Definition 245 Testing Our Base Exploit 246 Implementing Features of the Framework 247 Adding Randomization 248 Removing the NOP Slide 249 Removing the Dummy Shellcode 249 Our Completed Module 250 SEH Overwrite Exploit 252 Wrapping Up 259 16: Meterpreter Scripting 261 Meterpreter Scripting Basics 261 Meterpreter API 267 Printing Output 267 Base API Calls 268 Meterpreter Mixins 268 Rules for Writing Meterpreter Scripts 270 Creating Your Own Meterpreter Script 270 Wrapping Up 276 17: Simulated Penetration Test 277 Simulated Penetration Test 277 Pre-engagement Interactions 278 Intelligence Gathering 278 Threat Modeling 279 Exploitation 281 Customizing MSFconsole 281 Post Exploitation 283 Scanning the Metasploitable System 284 Identifying Vulnerable Services 285 Attacking Apache Tomcat 286 Attacking Obscure Services 288 Covering Your Tracks 290 Wrapping Up 292 A: Configuring Your Target Machines 293 Installing and Setting Up the System 293 Booting Up the Linux Virtual Machines 294 Setting Up a Vulnerable Windows XP Installation 295 Configuring Your Web Server on Windows XP 295 Building a SQL Server 295 Creating a Vulnerable Web Application 298 Updating Back|Track 299 B: Cheat Sheet 301 MSFconsole Commands 301 Meterpreter Commands 303 MSFpayload Commands 306 MSFencode Commands 306 MSFcli Commands 307 MSF, Ninja, Fu 307 MSFvenom 307 Meterpreter Post Exploitation Commands 308 Index 311 Foreword......Page 15 Preface......Page 19 Acknowledgments......Page 21 Special Thanks......Page 22 Introduction......Page 23 A Brief History of Metasploit......Page 24 What’s in the Book?......Page 25 A Note on Ethics......Page 26 1: The Absolute Basics of Penetration Testing......Page 27 Threat Modeling......Page 28 Post Exploitation......Page 29 Types of Penetration Tests......Page 30 Vulnerability Scanners......Page 31 Pulling It All Together......Page 32 Terminology......Page 33 Metasploit Interfaces......Page 34 MSFcli......Page 35 Armitage......Page 37 MSFpayload......Page 38 Nasm Shell......Page 39 Wrapping Up......Page 40 3: Intelligence Gathering......Page 41 whois Lookups......Page 42 Netcraft......Page 43 Port Scanning with Nmap......Page 44 Working with Databases in Metasploit......Page 46 Port Scanning with Metasploit......Page 51 Server Message Block Scanning......Page 52 Hunting for Poorly Configured Microsoft SQL Servers......Page 53 SSH Server Scanning......Page 54 FTP Scanning......Page 55 Simple Network Management Protocol Sweeping......Page 56 Writing a Custom Scanner......Page 57 Looking Ahead......Page 59 4: Vulnerability Scanning......Page 61 The Basic Vulnerability Scan......Page 62 Configuration......Page 63 Importing Your Report into the Metasploit Framework......Page 68 Running NeXpose Within MSFconsole......Page 69 Nessus Configuration......Page 70 Creating a Nessus Scan Policy......Page 71 Nessus Reports......Page 73 Importing Results into the Metasploit Framework......Page 74 Scanning with Nessus from Within Metasploit......Page 75 Validating SMB Logins......Page 77 Scanning for Open VNC Authentication......Page 78 Scanning for Open X11 Servers......Page 80 Using Scan Results for Autopwning......Page 82 5: The Joy of Exploitation......Page 83 msf> show options......Page 84 msf> show payloads......Page 86 msf> show targets......Page 88 set and unset......Page 89 Exploiting Your First Machine......Page 90 Exploiting an Ubuntu Machine......Page 94 All-Ports Payloads: Brute Forcing Ports......Page 97 Resource Files......Page 98 Wrapping Up......Page 99 6: Meterpreter......Page 101 Attacking MS SQL......Page 102 Brute Forcing MS SQL Server......Page 104 The xp_cmdshell......Page 105 Basic Meterpreter Commands......Page 106 Capturing Keystrokes......Page 107 Extracting the Password Hashes......Page 108 Dumping the Password Hash......Page 109 Pass the Hash......Page 110 Privilege Escalation......Page 111 Using ps......Page 113 Pivoting onto Other Systems......Page 115 Migrating a Process......Page 118 Scraping a System......Page 119 Using Persistence......Page 120 Upgrading Your Command Shell to Meterpreter......Page 121 Wrapping Up......Page 123 7: Avoiding Detection......Page 125 Creating Stand-Alone Binaries with MSFpayload......Page 126 Evading Antivirus Detection......Page 127 Encoding with MSFencode......Page 128 Multi-encoding......Page 129 Custom Executable Templates......Page 131 Launching a Payload Stealthily......Page 132 Packers......Page 133 A Final Note on Antivirus Software Evasion......Page 134 8: Exploitation Using Client-Side Attacks......Page 135 Browser-Based Exploits......Page 136 How Browser-Based Exploits Work......Page 137 Using Immunity Debugger to Decipher NOP Shellcode......Page 138 Exploring the Internet Explorer Aurora Exploit......Page 142 File Format Exploits......Page 145 Sending the Payload......Page 146 Wrapping Up......Page 147 9: Metasploit Auxiliary Modules......Page 149 Auxiliary Modules in Use......Page 152 Anatomy of an Auxiliary Module......Page 154 Going Forward......Page 159 10: The Social-Engineer Toolkit......Page 161 Configuring the Social-Engineer Toolkit......Page 162 Spear-Phishing Attack Vector......Page 163 Java Applet......Page 168 Client-Side Web Exploits......Page 172 Username and Password Harvesting......Page 174 Man-Left-in-the-Middle......Page 176 Web Jacking......Page 177 Putting It All Together with a Multipronged Attack......Page 179 Teensy USB HID Attack Vector......Page 183 Additional SET Features......Page 186 Looking Ahead......Page 187 11: Fast-Track......Page 189 Microsoft SQL Injection......Page 190 SQL Injector-Query String Attack......Page 191 SQL Injector-POST Parameter Attack......Page 192 Manual Injection......Page 193 MSSQL Bruter......Page 194 SQLPwnage......Page 198 Binary-to-Hex Generator......Page 200 Mass Client-Side Attack......Page 201 A Few Words About Automation......Page 202 12: Karmetasploit......Page 203 Configuration......Page 204 Launching the Attack......Page 205 Credential Harvesting......Page 207 Getting a Shell......Page 208 Wrapping Up......Page 210 13: Building Your Own Module......Page 211 Getting Command Execution on Microsoft SQL......Page 212 Exploring an Existing Metasploit Module......Page 213 PowerShell......Page 215 Running the Shell Exploit......Page 216 Conversion from Hex to Binary......Page 218 Counters......Page 220 Running the Exploit......Page 221 The Power of Code Reuse......Page 222 14: Creating Your Own Exploits......Page 223 The Art of Fuzzing......Page 224 Controlling the Structured Exception Handler......Page 227 Hopping Around SEH Restrictions......Page 230 Getting a Return Address......Page 232 Bad Characters and Remote Code Execution......Page 236 Wrapping Up......Page 239 15: Porting Exploits to the Metasploit Framework......Page 241 Porting a Buffer Overflow......Page 242 Stripping the Existing Exploit......Page 244 Configuring the Exploit Definition......Page 245 Testing Our Base Exploit......Page 246 Implementing Features of the Framework......Page 247 Adding Randomization......Page 248 Removing the Dummy Shellcode......Page 249 Our Completed Module......Page 250 SEH Overwrite Exploit......Page 252 Wrapping Up......Page 259 Meterpreter Scripting Basics......Page 261 Printing Output......Page 267 Meterpreter Mixins......Page 268 Creating Your Own Meterpreter Script......Page 270 Wrapping Up......Page 276 Simulated Penetration Test......Page 277 Intelligence Gathering......Page 278 Threat Modeling......Page 279 Customizing MSFconsole......Page 281 Post Exploitation......Page 283 Scanning the Metasploitable System......Page 284 Identifying Vulnerable Services......Page 285 Attacking Apache Tomcat......Page 286 Attacking Obscure Services......Page 288 Covering Your Tracks......Page 290 Wrapping Up......Page 292 Installing and Setting Up the System......Page 293 Booting Up the Linux Virtual Machines......Page 294 Building a SQL Server......Page 295 Creating a Vulnerable Web Application......Page 298 Updating Back|Track......Page 299 MSFconsole Commands......Page 301 Meterpreter Commands......Page 303 MSFencode Commands......Page 306 MSFvenom......Page 307 Meterpreter Post Exploitation Commands......Page 308 Index......Page 311

The best guide to the Metasploit Framework. -HD Moore, Founder of the Metasploit Project

The Metasploit Framework makes discovering, exploiting, and sharing vulnerabilities quick and relatively painless. But while Metasploit is used by security professionals everywhere, the tool can be hard to grasp for first-time users. Metasploit: The Penetration Tester's Guide fills this gap by teaching you how to harness the Framework and interact with the vibrant community of Metasploit contributors.

Once you've built your foundation for penetration testing, you'll learn the Framework's conventions, interfaces, and module system as you launch simulated attacks. You'll move on to advanced penetration testing techniques, including network reconnaissance and enumeration, client-side attacks, wireless attacks, and targeted social-engineering attacks.

Learn how to:

  • Find and exploit unmaintained, misconfigured, and unpatched systems
  • Perform reconnaissance and find valuable information about your target
  • Bypass anti-virus technologies and circumvent security controls
  • Integrate Nmap, NeXpose, and Nessus with Metasploit to automate discovery
  • Use the Meterpreter shell to launch further attacks from inside the network
  • Harness standalone Metasploit utilities, third-party tools, and plug-ins
  • Learn how to write your own Meterpreter post exploitation modules and scripts

You'll even touch on exploit discovery for zero-day research, write a fuzzer, port existing exploits into the Framework, and learn how to cover your tracks. Whether your goal is to secure your own networks or to put someone else's to the test, Metasploit: The Penetration Tester's Guide will take you there and beyond.

"The best guide to the Metasploit Framework." HD Moore, Founder of the Metasploit Project The Metasploit Framework makes discovering, exploiting, and sharing vulnerabilities quick and relatively painless. But while Metasploit is used by security professionals everywhere, the tool can be hard to grasp for first-time users. Metasploit: The Penetration Tester's Guide fills this gap by teaching you how to harness the Framework and interact with the vibrant community of Metasploit contributors. Once you've built your foundation for penetration testing, you'll learn the Framework's conventions, interfaces, and module system as you launch simulated attacks. You'll move on to advanced penetration testing techniques, including network reconnaissance and enumeration, client-side attacks, wireless attacks, and targeted social-engineering attacks. Learn how to: Find and exploit unmaintained, misconfigured, and unpatched systems Perform reconnaissance and find valuable information about your target Bypass anti-virus technologies and circumvent security controls Integrate Nmap, NeXpose, and Nessus with Metasploit to automate discovery Use the Meterpreter shell to launch further attacks from inside the network Harness standalone Metasploit utilities, third-party tools, and plug-ins Learn how to write your own Meterpreter post exploitation modules and scripts You'll even touch on exploit discovery for zero-day research, write a fuzzer, port existing exploits into the Framework, and learn how to cover your tracks. Whether your goal is to secure your own networks or to put someone else's to the test, Metasploit: The Penetration Tester's Guide will take you there and beyond. The Metasploit Framework is a powerful suite of tools that hackers and security researchers use to investigate, exploit, and repair potential software vulnerabilities. It is the de facto solution for offensive security research and penetration testing worldwide. Metasploit: The Penetration Tester's Guide is the definitive manual for using the Metasploit Framework to evaluate network security by launching malicious attacks. It takes readers from the basics of information security to advanced techniques for penetration testing, including network reconnaissance and enumeration, server- and client

قیمت نهایی

۴۴٬۰۰۰ تومان