Đang tải... (xem toàn văn)
Đây là bộ sách tiếng anh cho dân công nghệ thông tin chuyên về bảo mật,lập trình.Thích hợp cho những ai đam mê về công nghệ thông tin,tìm hiểu về bảo mật và lập trình.
www.it-ebooks.info Web Penetration Testing with Kali Linux A practical guide to implementing penetration testing strategies on websites, web applications, and standard web protocols with Kali Linux. Joseph Muniz Aamir Lakhani BIRMINGHAM - MUMBAI www.it-ebooks.info [ FM-2 ] Web Penetration Testing with Kali Linux Copyright © 2013 Packt Publishing All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews. Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the authors, nor Packt Publishing, and its dealers and distributors will be held liable for any damages caused or alleged to be caused directly or indirectly by this book. Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information. First published: September 2013 Production Reference: 1180913 Published by Packt Publishing Ltd. Livery Place 35 Livery Street Birmingham B3 2PB, UK. ISBN 978-1-78216-316-9 www.packtpub.com Cover Image by Karl Moore (karl.moore@ukonline.co.uk) www.it-ebooks.info [ FM-3 ] Credits Authors Joseph Muniz Aamir Lakhani Reviewers Adrian Hayter Danang Heriyadi Tajinder Singh Kalsi Brian Sak Kunal Sehgal Nitin.K. Sookun (Ish) Acquisition Editor Vinay Argekar Lead Technical Editor Amey Varangaonkar Technical Editors Pooja Arondekar Sampreshita Maheshwari Menza Mathew Project Coordinator Anugya Khurana Proofreaders Christopher Smith Clyde Jenkins Indexer Monica Ajmera Mehta Graphics Ronak Dhruv Production Coordinator Aditi Gajjar Cover Work Aditi Gajjar www.it-ebooks.info [ FM-4 ] About the Authors Joseph Muniz is a technical solutions architect and security researcher. He started his career in software development and later managed networks as a contracted technical resource. Joseph moved into consulting and found a passion for security while meeting with a variety of customers. He has been involved with the design and implementation of multiple projects ranging from Fortune 500 corporations to large federal networks. Joseph runs TheSecurityBlogger.com website, a popular resources regarding security and product implementation. You can also nd Joseph speaking at live events as well as involved with other publications. Recent events include speaker for Social Media Deception at the 2013 ASIS International conference, speaker for Eliminate Network Blind Spots with Data Center Security webinar, speaker for Making Bring Your Own Device (BYOD) Work at the Government Solutions Forum, Washington DC, and an article on Compromising Passwords in PenTest Magazine - Backtrack Compendium, July 2013. Outside of work, he can be found behind turntables scratching classic vinyl or on the soccer pitch hacking away at the local club teams. This book could not have been done without the support of my charming wife Ning and creative inspirations from my daughter Raylin. I also must credit my passion for learning to my brother Alex, who raised me along with my loving parents Irene and Ray. And I would like to give a nal thank you to all of my friends, family, and colleagues who have supported me over the years. www.it-ebooks.info [ FM-5 ] Aamir Lakhani is a leading Cyber Security and Cyber Counterintelligence architect. He is responsible for providing IT security solutions to major commercial and federal enterprise organizations. Lakhani leads projects that implement security postures for Fortune 500 companies, the US Department of Defense, major healthcare providers, educational institutions, and nancial and media organizations. Lakhani has designed offensive counter defense measures for defense and intelligence agencies, and has assisted organizations in defending themselves from active strike back attacks perpetrated by underground cyber groups. Lakhani is considered an industry leader in support of detailed architectural engagements and projects on topics related to cyber defense, mobile application threats, malware, and Advanced Persistent Threat (APT) research, and Dark Security. Lakhani is the author and contributor of several books, and has appeared on National Public Radio as an expert on Cyber Security. Writing under the pseudonym Dr. Chaos, Lakhani also operates the DrChaos.com blog. In their recent list of 46 Federal Technology Experts to Follow on Twitter, Forbes magazine described Aamir Lakhani as "a blogger, infosec specialist, superhero , and all around good guy." I would like to dedicate this book to my parents, Mahmood and Nasreen, and sisters, Noureen and Zahra. Thank you for always encouraging the little hacker in me. I could not have done this without your support. Thank you mom and dad for your sacrices. I would also additionally like to thank my friends and colleagues for your countless encouragement and mentorship. I am truly blessed to be working with the smartest and most dedicated people in the world. www.it-ebooks.info [ FM-6 ] About the Reviewers Adrian Hayter is a penetration tester with over 10 years of experience developing and breaking into web applications. He holds an M.Sc. degree in Information Security and a B.Sc. degree in Computer Science from Royal Holloway, University of London. Danang Heriyadi is an Indonesian computer security researcher specialized in reverse engineering and software exploitation with more than ve years hands on experience. He is currently working at Hatsecure as an Instructor for "Advanced Exploit and ShellCode Development". As a researcher, he loves to share IT Security knowledge in his blog at FuzzerByte ( http://www.fuzzerbyte.com). I would like to thank my parents for giving me life, without them, I wouldn't be here today, my girlfriend for supporting me every day with smile and love, my friends, whom I can't describe one-by-one. www.it-ebooks.info [ FM-7 ] Tajinder Singh Kalsi is the co-founder and Chief Technical Evangelist at Virscent Technologies Pvt Ltd with more than six years of working experience in the eld of IT. He commenced his career with WIPRO as a Technical Associate, and later became an IT Consultant cum Trainer. As of now, he conducts seminars in colleges all across India, on topics, such as information security, Android application development, website development, and cloud computing, and has covered more than 100 colleges and nearly 8500 plus students till now. Apart from training, he also maintains a blog (www.virscent.com/blog), which pounds into various hacking tricks. Catch him on facebook at—www.facebook.com/tajinder.kalsi.tj or follow his website—www.tajinderkalsi.com. I would specially like to thank Krunal Rajawadha (Author Relationship Executive at Packt Publishing) for coming across me through my blog and offering me this opportunity. I would also like to thank my family and close friends for supporting me while I was working on this project. Brian Sak, CCIE #14441, is currently a Technical Solutions Architect at Cisco Systems, where he is engaged in solutions development and helps Cisco partners build and improve their consulting services. Prior to Cisco, Brian performed security consulting and assessment services for large nancial institutions, US government agencies, and enterprises in the Fortune 500. He has nearly 20 years of industry experience with the majority of that spent in Information Security. In addition to numerous technical security and industry certications, Brian has a Master's degree in Information Security and Assurance, and is a contributor to The Center for Internet Security and other security-focused books and publications. www.it-ebooks.info [ FM-8 ] Kunal Sehgal (KunSeh.com) got into the IT Security industry after completing the Cyberspace Security course from Georgian College (Canada), and has been associated with nancial organizations since. This has not only given him experience at a place where security is crucial, but has also provided him with valuable expertise in the eld. Currently, he heads is heading IT Security operations, for the APAC Region of one of the largest European banks. Overall, he has about 10 years of experience in diverse functions ranging from vulnerability assessment, to security governance and from risk assessment to security monitoring. He holds a number of certications to his name, including Backtrack's very own OSCP, and others, such as TCNA, CISM, CCSK, Security+, Cisco Router Security, ISO 27001 LA, ITIL. Nitin Sookun (MBCS) is a passionate computer geek residing in the heart of Indian ocean on the beautiful island of Mauritius. He started his computing career as an entrepreneur and founded Indra Co. Ltd. In the quest for more challenge, he handed management of the business over to his family and joined Linkbynet Indian Ocean Ltd as a Unix/Linux System Engineer. He is currently an engineer at Orange Business Services. Nitin has been an openSUSE Advocate since 2009 and spends his free time evangelizing Linux and FOSS. He is an active member of various user groups and open source projects, among them openSUSE Project, MATE Desktop Project, Free Software Foundation, Linux User Group of Mauritius, and the Mauritius Software Craftsmanship Community. He enjoys scripting in Bash, Perl, and Python, and usually publishes his work on his blog. His latest work "Project Evil Genius" is a script adapted to port/install Penetration Testing tools on openSUSE. His tutorials are often translated to various languages and shared within the open source community. Nitin is a free thinker and believes in sharing knowledge. He enjoys socializing with professionals from various elds. www.it-ebooks.info [ FM-9 ] www.PacktPub.com Support les, eBooks, discount offers and more You might want to visit www.PacktPub.com for support les and downloads related to your book. Did you know that Packt offers eBook versions of every book published, with PDF and ePub les available? You can upgrade to the eBook version at www.PacktPub. com and as a print book customer, you are entitled to a discount on the eBook copy. Get in touch with us at service@packtpub.com for more details. At www.PacktPub.com, you can also read a collection of free technical articles, sign up for a range of free newsletters and receive exclusive discounts and offers on Packt books and eBooks. TM http://PacktLib.PacktPub.com Do you need instant solutions to your IT questions? PacktLib is Packt's online digital book library. Here, you can access, read and search across Packt's entire library of books. Why Subscribe? • Fully searchable across every book published by Packt • Copy and paste, print and bookmark content • On demand and accessible via web browser Free Access for Packt account holders If you have an account with Packt at www.PacktPub.com, you can use this to access PacktLib today and view nine entirely free books. Simply use your login credentials for immediate access. www.it-ebooks.info [...]... Chapter 1: Penetration Testing and Setup 7 Web application Penetration Testing concepts 8 Penetration Testing methodology 9 Calculating risk 14 Kali Penetration Testing concepts 17 Step 1 – Reconnaissance 17 Step 2 – Target evaluation 18 Step 3 – Exploitation 19 Step 4 – Privilege Escalation 19 Step 5 – maintaining a foothold 20 Introducing Kali Linux 21 Kali system setup 21 Running Kali Linux from... methodology for executing Penetration Testing services as well as for how to report what is found Kali Penetration Testing concepts Kali Linux is designed to follow the flow of a Penetration Testing service engagement Regardless if the starting point is White, Black, or Gray box testing, there is a set of steps that should be followed when Penetration Testing a target with Kali or other tools Step 1... are divided into tasks used in real world web application Penetration Testing Chapter 1, Penetration Testing and Setup, provides an overview of Penetration Testing basic concepts, professional service strategies, background on the Kali Linux environment, and setting up Kali for topics presented in this book Chapters 2-6, cover various web application Penetration Testing concepts including configuration... Preface Kali is a Debian Linux based Penetration Testing arsenal used by security professionals (and others) to perform security assessments Kali offers a range of toolsets customized for identifying and exploiting vulnerabilities in systems This book is written leveraging tools available in Kali Linux released March 13th, 2013 as well as other open source applications Web Penetration Testing with Kali Linux. .. setting up a Kali Linux testing or real environment Web application Penetration Testing concepts A web application is any application that uses a web browser as a client This can be a simple message board or a very complex spreadsheet Web applications are popular based on ease of access to services and centralized management of a system used by multiple parties Requirements for accessing a web application... accessing devices, and data depository should be tested along with communication between the tiers during a web application Penetration Testing exercise An example for developing a scope for a web application Penetration Test is testing a Linux server hosting applications for mobile devices The scope of work at a minimum should include evaluating the Linux server (operating system, network configuration,... vulnerabilities in web applications as well as clients using web application services, defending web applications against common attacks, and building Penetration Testing deliverables for professional services practice We believe this book is great for anyone who is interested in learning how to become a Penetration Tester, users who are new to Kali Linux and want to learn the features and differences in Kali versus... for a valuable asset Penetration Testing does not make networks more secure! www.it-ebooks.info Penetration Testing and Setup This is a common misinterpretation and should be clearly explained to all potential customers Penetration Testing evaluates the effectiveness of existing security If a customer does not have strong security then they will receive little value from Penetration Testing services As... vulnerabilities that are found Best practice is working with your customer during a design session to develop an acceptable scope of work that doesn't impact the value of the results Web Penetration Testing with Kali Linux the next generation of BackTrack—is a hands-on guide that will provide you step-by-step methods for finding vulnerabilities and exploiting web applications This book will cover researching... www.it-ebooks.info Preface What this book covers Chapter 1, Penetration Testing and Setup, covers fundamentals of building a professional Penetration Testing practice Topics include differentiating a Penetration Test from other services, methodology overview, and targeting web applications This chapter also provides steps used to set up a Kali Linux environment for tasks covered in this book Chapter 2, . www.it-ebooks.info Web Penetration Testing with Kali Linux A practical guide to implementing penetration testing strategies on websites, web applications,. standard web protocols with Kali Linux. Joseph Muniz Aamir Lakhani BIRMINGHAM - MUMBAI www.it-ebooks.info [ FM-2 ] Web Penetration Testing with Kali Linux Copyright