Table of Contents for
Kali Linux 2 – Assuring Security by Penetration Testing - Third Edition

Version ebook / Retour

Cover image for bash Cookbook, 2nd Edition Kali Linux 2 – Assuring Security by Penetration Testing - Third Edition by Gerard Johansen Published by Packt Publishing, 2016
  1. Cover
  2. Table of Contents
  3. Kali Linux 2 – Assuring Security by Penetration Testing Third Edition
  4. Kali Linux 2 – Assuring Security by Penetration Testing Third Edition
  5. Credits
  6. Disclaimer
  7. About the Authors
  8. About the Reviewer
  9. www.PacktPub.com
  10. Preface
  11. What you need for this book
  12. Who this book is for
  13. Conventions
  14. Reader feedback
  15. Customer support
  16. 1. Beginning with Kali Linux
  17. Kali Linux tool categories
  18. Downloading Kali Linux
  19. Using Kali Linux
  20. Configuring the virtual machine
  21. Updating Kali Linux
  22. Network services in Kali Linux
  23. Installing a vulnerable server
  24. Installing additional weapons
  25. Summary
  26. 2. Penetration Testing Methodology
  27. Vulnerability assessment versus penetration testing
  28. Security testing methodologies
  29. General penetration testing framework
  30. Information gathering
  31. The ethics
  32. Summary
  33. 3. Target Scoping
  34. Preparing the test plan
  35. Profiling test boundaries
  36. Defining business objectives
  37. Project management and scheduling
  38. Summary
  39. 4. Information Gathering
  40. Using public resources
  41. Querying the domain registration information
  42. Analyzing the DNS records
  43. Getting network routing information
  44. Utilizing the search engine
  45. Metagoofil
  46. Accessing leaked information
  47. Summary
  48. 5. Target Discovery
  49. Identifying the target machine
  50. OS fingerprinting
  51. Summary
  52. 6. Enumerating Target
  53. Understanding the TCP/IP protocol
  54. Understanding the TCP and UDP message format
  55. The network scanner
  56. Unicornscan
  57. Zenmap
  58. Amap
  59. SMB enumeration
  60. SNMP enumeration
  61. VPN enumeration
  62. Summary
  63. 7. Vulnerability Mapping
  64. Vulnerability taxonomy
  65. Automated vulnerability scanning
  66. Network vulnerability scanning
  67. Web application analysis
  68. Fuzz analysis
  69. Database assessment tools
  70. Summary
  71. 8. Social Engineering
  72. Attack process
  73. Attack methods
  74. Social Engineering Toolkit
  75. Summary
  76. 9. Target Exploitation
  77. Vulnerability and exploit repositories
  78. Advanced exploitation toolkit
  79. MSFConsole
  80. MSFCLI
  81. Ninja 101 drills
  82. Writing exploit modules
  83. Summary
  84. 10. Privilege Escalation
  85. Password attack tools
  86. Network spoofing tools
  87. Network sniffers
  88. Summary
  89. 11. Maintaining Access
  90. Working with tunneling tools
  91. Creating web backdoors
  92. Summary
  93. 12. Wireless Penetration Testing
  94. Wireless network recon
  95. Wireless testing tools
  96. Post cracking
  97. Sniffing wireless traffic
  98. Summary
  99. 13. Kali Nethunter
  100. Installing Kali Nethunter
  101. Nethunter icons
  102. Nethunter tools
  103. Third-party applications
  104. Wireless attacks
  105. HID attacks
  106. Summary
  107. 14. Documentation and Reporting
  108. Types of reports
  109. The executive report
  110. The management report
  111. The technical report
  112. Network penetration testing report (sample contents)
  113. Preparing your presentation
  114. Post-testing procedures
  115. Summary
  116. A. Supplementary Tools
  117. Web application tools
  118. Network tool
  119. Summary
  120. B. Key Resources
  121. Paid incentive programs
  122. Reverse engineering resources
  123. Penetration testing learning resources
  124. Exploit development learning resources
  125. Penetration testing on a vulnerable environment
  126. Online web application challenges
  127. Virtual machines and ISO images
  128. Network ports
  129. Index

Chapter 13. Kali Nethunter

In the previous chapters, we have covered a wide variety of tools that Kali Linux offers a penetration tester. All of these tools are part of, or can easily be incorporated into, the Kali Linux platform. The one drawback to using these tools in a penetration test is portability. Even running Kali Linux on a laptop computer with an external antenna can be a cumbersome task. In certain circumstances, it may be conspicuous and alert our target. As a result, to give a greater degree of flexibility with those conducing, Offensive Security and members of the Kali Linux community have developed a version of Kali Linux called Kali Nethunter. This version of Kali Linux is specifically designed to run on the Android mobile platform, giving penetration testers a greater degree of flexibility and mobility.

Kali Nethunter has many of the tools we have discussed and some additional tools that allow for more mobile penetration testing. In this chapter, we will discuss installing Kali Nethunter and how the key tools can be put into action. Finally, there will be a discussion of use cases where the Nethunter platform has a significant advantage over trying to use a more traditional method of Kali Linux.

In this chapter, we are going to discuss the following:

  • An overview of Kali Linux Nethunter
  • Deploying Nethunter
  • General overview of installing Nethunter
  • Tools and techniques
  • Wireless attacks
  • Human Interface Device attacks

Kali Nethunter

Nethunter is the first mobile penetration testing operating system built on the Open Source Android platform. It was a collaborative development between Offensive Security and the Kali Community member "Binky Bear." Nethunter can be installed on the following Google Nexus devices; Nexus 5, Nexus 6, Nexus 7, Nexus 9, Nexus 10, and the OnePlus One. Offensive Security provides a number of Nethunter images based upon the device, and in some cases, the year of manufacturer.

Note

Because of the collaborative nature of the production, Kali Nethunter is not supported by Offensive Security. As a result, some of the tools may or may not function based upon any number of factors. It is recommended that users test their tools out before moving toward a production environment or penetration testing engagement.

Deployment

Due to its size, Nethunter can be deployed in three general ways. Each of these leverages tools within the Nethunter platform as well as additional hardware that can easily be acquired. These deployment strategies allow penetration testers to test a wide range of security measures found in a variety of environments.

Network deployment

The vast majority of previous chapters have been devoted to the tools and techniques available to the penetration tester for testing either remote or local networks. These tools require access to these networks through a physical connection. Nethunter has the same ability. Utilizing a combination of a USB Android adapter and a USB ethernet adapter, the penetration tester can connect directly into a wall jack or, if they are able to gain access to network hardware, directly into a switch.

This deployment strategy is good for those testers who may want to surreptitiously gain access to areas without the bulk of a laptop. Using a Nexus smartphone or even a small tablet, the penetration tester can connect to the physical network, compromise a local system and set up persistence there, and move one. This approach is also useful when testing the security around publicly available network jacks.

Wireless deployment

Chapter 12, Wireless Penetration Testing, was an in-depth discussion of how Kali Linux can be utilized to test the security of wireless networks. Nethunter includes a great many of the same tools in a portable package. In certain penetration tests, the ability to move around a large campus identifying networks and capturing wireless traffic for later cracking is made much easier with a tablet or smartphone testing platform rather than a laptop.

To deploy Nethunter in such a fashion requires the use of an external antenna and a USB to Android adapter. Once connected, these hardware tools allow for the full use of Nethunter's wireless tools.

Host deployment

One advantage that the Nethunter platform has over the Kali Linux platform is the native USB support found in the Android OS. This allows a penetration tester the ability to connect the Nethunter platform directly to hosts such as laptops and desktops. This ability allows the penetration tester the ability to utilize tools that carry out Human Interface Device attacks. In these attacks, the penetration tester is able to leverage tools that allow for connection to host devices and mimic what are known as Human Interface Devices (HID). HIDs are devices such as keyboards and mice that connect to the host via USB.

HID attacks use this feature to force the host system to perform commands or to download payload scripts directly to the system. What makes this attack significantly more difficult to stop is that event with data loss prevention controls that do not allow USB storage devices to connect, HID devices are allowed.