|
|
#1
| |||||||
| |||||||
تعلم كل اسرار الهاكر مع خالد الزهار السلام عليكم ورحمة الله وبراكاته اليوم اضع بين ايدكم كتاب Practical Hacking Techniques and Countermeasures وهو كتاب يشرح كيفية تطبيق هجمات الهاكرز باستخدام VMware على انظمة الويندوز و لينكس وهذا شرح للكتاب مع محتوياته وهو بلغة الانكليزية Practical Hacking Techniques and Countermeasures examines computer security from the hacker's perspective, demonstrating how a computer system can be successfully attacked and compromised. This book shows how an attack is conceptualized, formulated and performed. With the VMware Workstation software package available on the accompanying CD, it uses virtual computers to illustrate how an attack is executed, including the script, compilation, and results. It offers examples of attacks on Windows and Linux. It also covers such topics as footprinting, scanning, sniffing, passwords, and other attack tools. This text provides valuable information for constructing a system to defend against attacks 1 Preparation .................................................. ..........................................1 Installing VMware Workstation....................................... ..................................... 3 Configuring Virtual Machines.......................................... .................................. 10 Installing a Virtual Windows 2000 Workstation ....................................... 11 Installing VMware Tools for Windows 2000 Virtual Machines................. 29 Installing a Red Hat Version 8 Virtual Machine ....................................... 35 Installing VMware Tools for Red Hat Virtual Machines............................ 55 What Is on the CD?............................................... ............................................ 60 Restrict Anonymous......................................... .................................................. 60 To Restrict Anonymous .................................................. .......................... 60 In Windows NT .................................................. ............................. 60 For Windows XP, 2003.............................................. ....................... 60 For Windows 2000 .................................................. ........................ 61 What Is the Difference? .................................................. ......................... 61 2 Banner Identification.................................... ......................................63 Lab 1: Banner Identification .................................................. ............................ 65 Lab 2: Banner Identification .................................................. ............................ 67 Lab 3: Banner Identification .................................................. ............................ 73 Lab 4: Operating System Identification.................................... ......................... 75 Detect Operating System of Target: Xprobe2 Lab 5: Banner Identification .................................................. ............................ 79 Lab 6: Banner Identification .................................................. ............................ 84 Lab 7: Personal Social Engineering .................................................. ................. 86 Social Engineering Techniques: Dumpster Diving/Personnel 3 Target Enumeration .................................................. ..........................87 Lab 8: Establish a NULL Session........................................... ............................. 89 Establish a NULL Session: NULL Session Lab 9: Enumerate Target MAC Address........................................... ................... 90 Enumerate MAC Address and Total NICs: GETMAC Lab 10: Enumerate SID from User ID .................................................. ............. 91 Enumerate the SID from the Username: USER2SID Lab 11: Enumerate User ID from SID .................................................. ............. 93 Enumerate the Username from the Known SID: SID2USER Lab 12: Enumerate User Information .................................................. .............. 96 Enumerate User Information from Target: USERDUMP Lab 13: Enumerate User Information .................................................. .............. 97 Exploit Data from Target Computer: USERINFO Lab 14: Enumerate User Information .................................................. .............. 98 Exploit User Information from Target: DUMPSEC Lab 15: Host/Domain Enumeration....................................... .......................... 102 Enumerate Hosts and Domains of LAN: Net Commands Lab 16: Target Connectivity/Route .................................................. ................ 105 Detect Target Connectivity: PingG Lab 17: Target Connectivity/Route .................................................. ................ 107 Connectivity/Routing Test: Pathping Lab 18: Operating System Identification.................................... ..................... 109 Identify Target Operating System: Nmap/nmapFE Lab 19: Operating System Identification.................................... ..................... 117 Identify Target Operating System: NmapNT Lab 20: IP/Hostname Enumeration .................................................. ............... 123 Enumerate IP or Hostname: Nslookup Lab 21: IP/Hostname Enumeration .................................................. ............... 124 Enumerate IP or Hostname: Nmblookup Lab 22: RPC Reporting .................................................. .................................. 125 Report the RPC of Target: Rpcinfo Lab 23: ************************/Registrant Identification .................................................. .... 126 Gather Registration Info/Trace Visual Route: Visual Route Lab 24: Registrant Identification .................................................. ................... 128 Gather IP or Hostname: Sam Spade Lab 25: Operating System Identification.................................... ..................... 131 Gather OS Runtime and Registered IPs: Netcraft Lab 26: Operating System Identification.................................... ..................... 133 Scan Open Ports of Target: Sprint Lab 27: Default Shares .................................................. ................................... 135 Disable Default Shares: Windows Operating System Lab 28: Host Enumeration....................................... ........................................ 139 Scan Open Ports of Target: WinFingerprint 4 Scanning.......................................... .................................................. .145 Lab 29: Target Scan/Share Enumeration .................................................. ........ 147 Scan Open Ports of Target: Angry IP Lab 30: Target Scan/Penetration .................................................. .................... 151 Scan Open Ports/Penetration Testing: LANguard Lab 31: Target Scan through Firewall .................................................. ............ 153 Scan Open Ports of Target: Fscan Lab 32: Passive Network Discovery .................................................. .............. 154 Passively Identify Target Information on the LAN: Passifist Lab 33: Network Discovery......................................... .................................... 158 Identify Target Information: LanSpy Lab 34: Open Ports/Services .................................................. ......................... 161 Scan Open Ports/Services of Target: Netcat Lab 35: Port Scan/Service Identification .................................................. ....... 163 Scan Open Ports of Target: SuperScan Lab 36: Port Scanner .................................................. ..................................... 166 Identify Ports Open: Strobe Lab 37: Anonymous FTP Locator........................................... .......................... 169 Locate Anonymous FTP Servers: FTPScanner Lab 38: CGI Vulnerability Scanner........................................... ........................ 171 Identify CGI Vulnerabilities: TCS CGI Scanner Lab 39: Shared Resources Locator .................................................. ................ 178 Identify Open Shared Resources: Hydra Lab 40: Locate Wingate Proxy Servers .................................................. .......... 187 Locate Wingate Proxy Servers: WGateScan/ADM Gates 5 Sniffing Traffic .................................................. ................................193 Lab 41: Packet Capture — Sniffer .................................................. ................. 195 Exploit Data from Network Traffic: Ethereal To Install Ethereal on a Red Hat Linux Computer....................... 196 To Install Ethereal on Microsoft Windows.................................... 206 Lab 42: Packet Capture — Sniffer .................................................. ................. 213 Exploit Data from Network Traffic: Ngrep For Linux .................................................. ..................................... 213 For Windows .................................................. ............................... 219 Lab 43: Packet Capture — Sniffer .................................................. ................. 223 Exploit Data from Network Traffic : TcpDump Lab 44: Packet Capture — Sniffer .................................................. ................. 230 Exploit Data from Network Traffic: WinDump Lab 45: Packet Capture — Sniffer .................................................. ................. 234 Monitor IP Network Traffic Flow: IPDump2 For Linux .................................................. ..................................... 234 For Windows .................................................. .............................. 237 Lab 46: Password Capture — Sniffer .................................................. ............ 240 Exploit Passwords and Sniff the Network: ZxSniffer Lab 47: Exploit Data from Target Computer — Sniffit ................................... 249 6 Spoofing .................................................. ...........................................261 Lab 48: Spoofing IP Addresses......................................... ................................ 263 Send Packets via False IP Address: RafaleX Lab 49: Spoofing MAC Addresses .................................................. .................. 268 Send Packets via a False MAC Address: SMAC Lab 50: Spoofing MAC Addresses .................................................. .................. 277 Send Packets via a False MAC Address: Linux Lab 51: Packet Injection/Capture/Trace............................................. ............. 284 Send Packets via a False IP/MAC Address: Packit Lab 52: Spoof MAC Address .................................................. .......................... 295 Altering the MAC Address: VMware Workstation 7 Brute Force .................................................. ......................................299 Lab 53: Brute-Force FTP Server............................................ ........................... 301 Crack an FTP Password: NETWOX/NETWAG Lab 54: Retrieve Password Hashes .................................................. ................ 309 Extract Password Hashes: FGDump Lab 55: Crack Password Hashes .................................................. .................... 313 Crack and Capture Password Hashes: LC5 Lab 56: Overwrite Administrator Password.......................................... ........... 325 Change the Administrator Password: CHNTPW Lab 57: Brute-Force Passwords......................................... ............................... 337 Brute-Force Passwords for a Hashed File: John the Ripper Lab 58: Brute-Force FTP Password.......................................... ........................ 346 Brute-Force an FTP Password Connection: BruteFTP Lab 59: Brute-Force Terminal Server .................................................. ............. 354 Brute-Force Terminal Server Passwords: TSGrinder II 8 Vulnerability Scanning .................................................. ...................357 Lab 60: Vulnerability Scanner .................................................. ........................ 359 Perform Vulnerability Assessment: SAINT Lab 61: SNMP Walk.............................................. ............................................ 379 Exploit Data via SNMP Walk: NETWOX/NETWAG Lab 62: Brute-Force Community Strings .................................................. ....... 386 Exploit the SNMP Community Strings: Solar Winds Lab 63: Target Assessment .................................................. ............................. 392 Assessment of Target Security: Retina Lab 64: Target Assessment .................................................. ............................. 397 Assessment of Target Security: X-Scan Lab 65: Vulnerability Scanner .................................................. ........................ 402 Perform Vulnerability Assessment: SARA Lab 66: Web Server Target Assessment .................................................. .......... 414 Assessment of Web Server Security: N-Stealth Lab 67: Vulnerability Scanner .................................................. ........................ 421 Exploit Data from Target Computer: Pluto Lab 68: Vulnerability Assessment........................................ ............................. 429 Perform Vulnerability Assessment: Metasploit On Windows........................................... ....................................... 429 On Linux .................................................. ..................................... 441 Lab 69: Web Server Target Assessment .................................................. .......... 451 Assessment of Web Server Security: Nikto Lab 70: Vulnerability Scanner .................................................. ........................ 455 Assessment of Target Security: Shadow Scanner Lab 71: Internet Vulnerability Scanner .................................................. .......... 468 Assessment of Target Security: Cerberus Lab 72: WHAX — Auto Exploit Reverse Shell ................................................ 474 Automatically Exploit the Target: AutoScan Lab 73: Unique Fake Lock Screen XP .................................................. ........... 491 Grab the Administrator Password: Fake Lock Screen XP Lab 74: Bypassing Microsoft Serial Numbers........................................... ....... 499 Bypassing Serial Number Protection: RockXP/Custom Script Lab 75: Vulnerability Exploit .................................................. ......................... 507 Assessment of Target Security: Web Hack Control Center 9 Wireless .................................................. ............................................511 Lab 76: Locate Unsecured Wireless.......................................... ....................... 513 Locate Unsecured Wireless: NetStumbler/Mini-Stumbler Lab 77: Trojan .................................................. ................................................ 519 Unauthorized Access and Control: Back Orifice On the Target Computer .................................................. ............. 519 On the Attacker’s Computer .................................................. ....... 528 Lab 78: Trojan .................................................. ................................................ 534 Unauthorized Access and Control: NetBus On the Target (Server).......................................... ......................... 534 On the Attacker’s Computer .................................................. ....... 540 Lab 79: ICMP Tunnel Backdoor.......................................... ............................. 545 Bidirectional Spoofed ICMP Tunnel: Sneaky-Sneaky On the Target (Server).......................................... ......................... 545 On the Attacker’s Machine........................................... ................. 548 Lab 80: Hiding Tools on the Target............................................ ...................... 553 Hiding Files on the Target: CP Scenario: Hiding Netcat inside the Calculator Application .......... 553 To Verify .................................................. ...................................... 555 Lab 81: Capturing Switched Network Traffic........................................... ....... 556 Intercept/Exploit Traffic: Ettercap Lab 82: Password Capture .................................................. ............................. 573 Capture Passwords Traversing the Network: Dsniff Lab 83: Data Manipulation .................................................. ............................ 574 Manipulate the Live Data Stream: Achilles Lab 84: Covert Reverse Telnet Session........................................... ................. 588 Create a Reverse Telnet Session: Netcat Lab 85: Covert Channel — Reverse Shell .................................................. ..... 596 Exploit Data from Target Computer: Reverse Shell 10 Redirection....................................... .................................................. 603 Lab 86: PortMapper .................................................. ....................................... 605 Traffic Redirection: PortMapper Lab 87: Executing Applications — Elitewrap......................................... ......... 618 Executing Hidden Applications: Elitewrap Lab 88: TCP Relay — Bypass Firewalls......................................... ................... 627 Traffic Redirection: Fpipe Lab 89: Remote Execution .................................................. ............................ 633 Remote Execution on Target: PsExec Lab 90: TCP Relay — Bypass Firewalls......................................... ................... 638 Traffic Redirection: NETWOX/NETWAG 11 Denial-of-Service (DoS)............................................. ........................643 Lab 91: Denial-of-Service — Land Attack .................................................. ...... 645 DoS Land Attack: Land Attack Lab 92: Denial-of-Service — Smurf Attack .................................................. .... 650 DoS Smurf Attack: Smurf Attack Lab 93: Denial-of-Service — SYN Attack .................................................. ....... 655 DoS Land Attack: SYN Attack Lab 94: Denial-of-Service — UDP Flood .................................................. ....... 660 DoS UDP Flood Attack: UDP Flood Attack Lab 95: Denial-of-Service — Trash2.c .................................................. ............ 665 Create Denial-of-Service Traffic: Trash2.c Appendix A: References .................................................. .........................671 Appendix B: Tool Syntax............................................ .............................. المصدر: منتديات مدينة الاحلام jugl ;g hsvhv hgih;v lu ohg] hg.ihv jugdl ih;v |
25 - 12 - 2009, 19:43 | رقم المشاركة : [2] | |||
| | |||
25 - 12 - 2009, 20:01 | رقم المشاركة : [3] | ||
| رائع والله ماننحرمش منك ومن جديدك ياغالي دمت بكل سعاده تقبل مروري ... وودي | ||
26 - 12 - 2009, 03:24 | رقم المشاركة : [4] | ||||
| اقتباس:
[/type]http://www.dreamscity.net/vb/t23271.html#post232438 http://www.dreamscity.net/vb/t23319.html#post233183 http://www.dreamscity.net/vb/t23310.html http://www.dreamscity.net/vb/t23309.html http://www.dreamscity.net/vb/t23308.html http://www.dreamscity.net/vb/t23307.html | ||||
26 - 12 - 2009, 14:18 | رقم المشاركة : [5] | |||
| مشكوررررررررررر اخى الكريم | |||
27 - 12 - 2009, 08:26 | رقم المشاركة : [6] | |||
| | |||
28 - 12 - 2009, 08:45 | رقم المشاركة : [7] | |||
| [type=811613] مشكورين على الاهتمام و انتظر المزيد شكرااا [/type] | |||
29 - 12 - 2009, 09:23 | رقم المشاركة : [8] | |||
| أسف جدااا على التاخير ولكن هناك بغض المشاكل التقنية بالنت عندى اسف تانى | |||
29 - 12 - 2009, 20:49 | رقم المشاركة : [9] | |||
| مشكووووور و يعطيك العافية | |||
30 - 12 - 2009, 10:21 | رقم المشاركة : [10] | |||
| [type=305016][align=center]كلمة من قلب ونظرة من كل الى بيحب ما احر شوقي إليكى ما احوجني إلى لمســـة حنان منك .. ونظــرة حب وكلمـــة ناعمــة وهمســــة دافئـــــه .. انني لا ابــالغ فيمــا اقول فمثلمـــا الإنســــان بحـــاجة إلى الماء ليرويــــه والارض في حاجـــه إلى الشمس لتدفئها والجــسد في حاجة إلى نبضات القلب ليعيش فأنا في حاجة لحبـــك حبيبت عمــــري احبــــك حب الطيـــر للحريــــه وحب الورد للنــــدى .. احبـــك ولا استطيـــع ان اكذب على قلبي .. احبك حبا يعجز ان يترجمه لك قلمي احبـــك بالرغم من اننا لم نلتقى ثانيه .. إلا انني لا املك إلا ان احبـــــك واعفو عنــــك .. لان القلب الذي يحب لا يعرف ان يغضب او يكره.. مهما حصـــل احبـــك حبيبتي أني أحبك.. [/align][/type] | |||
01 - 01 - 2010, 17:47 | رقم المشاركة : [11] | |||
| thanxxxxxxxxxxxx | |||
02 - 01 - 2010, 05:41 | رقم المشاركة : [12] | |||
| | |||
04 - 01 - 2010, 17:49 | رقم المشاركة : [13] | |||
| thanxxxxxxxxxxxxxxxxxxxxxxxxxxxxx | |||
05 - 01 - 2010, 13:29 | رقم المشاركة : [14] | |||
| | |||
06 - 01 - 2010, 19:48 | رقم المشاركة : [15] | |||
| thanxxxxxxxxxxxxxxxxxxxxxx | |||
07 - 01 - 2010, 14:42 | رقم المشاركة : [16] | ||
| مشكوررررررررررر اخى الكريم | ||
07 - 01 - 2010, 15:05 | رقم المشاركة : [17] | |||
| مشكوووووووووووووووووووووووووووووووووووور | |||
08 - 01 - 2010, 02:26 | رقم المشاركة : [18] | |||
| *=== (( ما يلفظ من قول إلا لديه رقيب عتيد )) ===* | |||
08 - 01 - 2010, 14:20 | رقم المشاركة : [19] | |||
| مشكور اخى ([you]) | |||
08 - 01 - 2010, 21:43 | رقم المشاركة : [20] | |||
| what i can say to you ? ![you] | |||
مواقع النشر (المفضلة) |
الكلمات الدلالية (Tags) |
تعليم هاكر |
| |
المواضيع المتشابهه | ||||
الموضوع | كاتب الموضوع | المنتدى | مشاركات | آخر مشاركة |
هل تعلم | قلب جرئ | المنقولات العـــامة | 5 | 26 - 12 - 2009 19:28 |
اسرار العيون (2) | عافك الخاطر | قسم القصص والرويات | 2 | 05 - 06 - 2009 04:32 |
اسرار تعلم اللغة الانجليزية | البرق | قسم اللغات والترجمة | 14 | 30 - 05 - 2009 05:00 |
قصة ولد مع بنت عمه على الماسنجر | ابن حماس | قسم القصص والرويات | 10 | 23 - 11 - 2008 23:38 |
كل ما تود معرفته عن الأختراق والهكرز وطرق الحماية...(هام) | أبوالطيب | قسم البرامج المشروحة | 2 | 10 - 10 - 2008 23:25 |