Cloud & Networking
Reader small image

You're reading from  Kali Linux Cookbook - Second Edition

Product typeBook
Published inSep 2017
Publisher
ISBN-139781784390303
Edition2nd Edition
Tools
Kali Linux
Concepts
Network Security
Right arrow
Authors (2):
Corey Schultz
Corey Schultz
author image
Corey Schultz

Corey P. Schultz is a technologist focusing on security research, Internet of Things, and the impact of technology on education and learning. He has over 20 years of experience in the security industry doing security architecture, penetration testing, incident response, and forensic analysis. Corey is currently a technical solutions architect for Cisco Systems Global Security Sales Organization. He works on a daily basis with large environments on designing and architecting secure enterprise networks. You can also find Corey active on Twitter @cschultz0000, where you can also see his schedule of speaking engagements and appearances.
Read more about Corey Schultz

Bob Perciaccante
Bob Perciaccante
author image
Bob Perciaccante

Bob Perciaccante is seasoned information security practitioner who has been in the security field for almost 20 years. Currently, he is a consulting systems engineer for Cisco Systems in Pennsylvania where he has worked for the last 10 years focusing on network and data security, network access control, and secure network architectures. His primary day-to-day responsibilities focus on designing secure network solutions for his customers and working to train customers and partners on security solution implementations and daily operations to get the most out of their infrastructure. When not involved in security activities, Bob enjoys eclectic hobbies such as working on cars, 3D printing, and camping. Collaborating with his Cisco peer, Corey P. Schultz, this book is his first security publication.
Read more about Bob Perciaccante

View More author details
Right arrow

Web and Database Specific Recipes

In this chapter, we will cover the following topics:

  • Creating an offline copy of a web application
  • Scanning for vulnerabilities
  • Launching website attacks
  • Scanning WordPress
  • Hacking WordPress
  • Performing SQL injection attacks

Introduction

Evaluating the security of web applications and databases requires a unique set of tools that can be leveraged against them. Websites and databases are highly targeted environments due to the amount of visibility they have and the information they contain. These could be for publicly accessible sites or intranets. In the event that a web application is compromised, it is highly likely that it may then be used as a jumping off point for further network penetration.

Creating an offline copy of a web application

One of the first things that you should do is create an offline copy of the target site. This will allow you to analyze the contents of information such as how forms are submitted, the directory structure of the application, and where files are located. Aside from the technical details of the site's structure, comments, and inactive code can also give you an insight into additional areas of interest. This information can be used to craft site-specific attacks in subsequent portions of this chapter. By creating an offline copy of the site in question, you also limit the number of times that you are touching the site, minimizing the number of records generated in logs, and so on.

Getting ready

...

Scanning for vulnerabilities

Web applications pose a particular risk to organizations as they are accessible to the internet, and therefore can be accessed by anyone. If you consider this carefully, untrusted external entities are being permitted access to applications and systems within the organization's security perimeter, making them an excellent jumping off point for further infiltration, once compromised.

We will now move to the next phase of our approach, using OWASP-ZAP, we will scan the target system for vulnerabilities that can potentially be exploited.

One of the key reasons we perform on an offline copy of a target system is to better craft your tool's configuration to minimize the noise generated by the scanning process. With the exceptional focus on security in the industry as a result of high-profile breaches, many corporations are implementing intrusion...

Launching website attacks

As mentioned in the previous sections, web servers represent a network device that resides on both the internal and external networks and can be used as a pathway to internal segments if successfully compromised. In addition to being a jumping off point to the internal network, web applications frequently handle sensitive data such as customer data, payment information, or medical records – all of which are valuable.

Focusing on the web applications themselves, we will use Vega to perform a deeper analysis on the install applications to identify possible opportunities.

We will be focusing on the web applications specifically since we cover platform and daemon vulnerabilities in Chapter 3, Vulnerability Analysis and Chapter 4, Finding Exploits in the Target.
...

Scanning WordPress

WordPress is one of the most popular content management systems (CMS) used on the internet and due to its popularity and the ability for programmers to create custom components that integrate with WordPress, it presents a potentially attractive target.

Because of this popularity, there are many tools designed to scan for these vulnerabilities. We will be using one of these tools, WPScan.

Getting ready

To successfully complete this section, we will need the following:

  • Installation and configuration of OWASP-BWA as highlighted in the recipe Installing OWASP-BWA in Chapter 1, Installing Kali and the Lab Setup
  • Network connectivity between your Kali Linux desktop and the OWASP-BWA instance
...

Hacking WordPress

With information on WordPress vulnerabilities available, and with the increase of useful tools to validate the security of WordPress installations, we will now use that information to perform an attack on a WordPress installation targeting the administrative user through an identified SQL injection vulnerability in a third party plugin.

Getting ready

To successfully complete this section, we will need the following:

  • Installation and configuration of OWASP-BWA as highlighted in the recipe Installing OWASP-BWA of Chapter 1, Installing Kali and the Lab Setup
  • Network connectivity between your Kali Linux desktop and the OWASP-BWA instance
  • Results from the WPScan run in the section Scanning WordPress
...

Performing SQL injection attacks

Nearly all model web applications use an underlying database for storage of everything from application configuration, localization, user authentication credentials, sales records, patient records, and more. The information is read from and written to by the web applications that face the internet.

Unfortunately, web applications often are written in a way that allows remote users to insert their own commands into input forms, giving them the ability to change how the application behaves, and potentially giving access directly to the database itself.

Getting ready

To successfully complete this section, you will need the following:

  • Installation and configuration of OWASP-BWA as highlighted...
lock icon
The rest of the chapter is locked
Previous Chapter
Chapter 10 of 11
Next Chapter
You have been reading a chapter from
Kali Linux Cookbook - Second Edition
Published in: Sep 2017Publisher: ISBN-13: 9781784390303
© 2017 Packt Publishing Limited All Rights Reserved
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Sign up now
undefined
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Start free trial
Renews at $15.99/month. Cancel anytime

Authors (2)

author image
Corey Schultz

Corey P. Schultz is a technologist focusing on security research, Internet of Things, and the impact of technology on education and learning. He has over 20 years of experience in the security industry doing security architecture, penetration testing, incident response, and forensic analysis. Corey is currently a technical solutions architect for Cisco Systems Global Security Sales Organization. He works on a daily basis with large environments on designing and architecting secure enterprise networks. You can also find Corey active on Twitter @cschultz0000, where you can also see his schedule of speaking engagements and appearances.
Read more about Corey Schultz

author image
Bob Perciaccante

Bob Perciaccante is seasoned information security practitioner who has been in the security field for almost 20 years. Currently, he is a consulting systems engineer for Cisco Systems in Pennsylvania where he has worked for the last 10 years focusing on network and data security, network access control, and secure network architectures. His primary day-to-day responsibilities focus on designing secure network solutions for his customers and working to train customers and partners on security solution implementations and daily operations to get the most out of their infrastructure. When not involved in security activities, Bob enjoys eclectic hobbies such as working on cars, 3D printing, and camping. Collaborating with his Cisco peer, Corey P. Schultz, this book is his first security publication.
Read more about Bob Perciaccante

Other recommended products

Related to this chapter

Kali Linux Wireless Penetration Testing Beginner's Guide

Kali Linux Wireless Penetration Testing Beginner's Guide

Kali Linux Wireless Penetration Testing Beginner's Guide, Third Edition has been updated to Kali Linux 2017.3 with the latest methodologies, including full coverage of the KRACK attack and how to defend against it. The book presents wireless pentesting from the ground up, introducing all elements of penetration testing and providing detailed coverage of modern hacking methods and attacks.

BookDec 2017210 pages
Kali Linux Intrusion and Exploitation Cookbook

Kali Linux Intrusion and Exploitation Cookbook

Born from it predecessor, Kali Linux 2.0 is the most popular Linux distribution designed for security professionals who build defensive strategies around their systems with an offensive mindset. This book aims at introducing you to the most common and not -so- common pre-installed penetration testing tools and create custom complex images in the form of easy to follow recipes. Right Information gathering, vulnerability assessment & penetration testing for Web, wired and wireless Network this book will help you get grips on exploiting vulnerabilities in your system and fix those security anomalies in no time.

BookApr 2017512 pages
Network Scanning Cookbook

Network Scanning Cookbook

Network Scanning Cookbook enables a reader to understand how to perform a Network Scan, which includes Discovery, Scanning, Enumeration, Vulnerability detection etc using scanning tools like Nessus and Nmap. If the reader is an auditor, they will be able to determine the security state of the client's network and recommend remediations accordingly.

BookSep 2018304 pages
Learn Penetration Testing

Learn Penetration Testing

A penetration test, also known as a pen test, is a simulated cyberattack against your computer system to check for exploitable vulnerabilities. In the context of web application security, penetration testing is commonly used to augment a web application firewall (WAF). This book teaches you various penetration testing techniques in order to become a proficient Penetration tester.

BookMay 2019424 pages
Metasploit 5.0 for Beginners

Metasploit 5.0 for Beginners

Metasploit 5.x for Beginners will provide a good starting point to perform penetration testing and identify threats and vulnerabilities to secure your IT environment. You will be able to analyze, identify, and exploit threats and vulnerabilities to secure your IT environment.

BookApr 2020246 pages
Learn Kali Linux 2019

Learn Kali Linux 2019

The current trend of various hacking and security breaches displays how important it has become to pentest your environment, to ensure end point protection. This book will take you through the latest version of Kali Linux to efficiently deal with various crucial security aspects such as confidentiality, integrity, access control and authentication.

BookNov 2019550 pages
Applied Network Security

Applied Network Security

Computer networks are increasing at an exponential rate and the most challenging factor organisations are currently facing is network security. Breaching a network is not considered an ingenious effort anymore, so it is very important to gain expertise in securing your network.

BookApr 2017350 pages
Metasploit Penetration Testing Cookbook

Metasploit Penetration Testing Cookbook

Metasploit is the world's leading penetration testing tool and helps security and IT professionals find, exploit, and validate vulnerabilities. Metasploit allows penetration testing automation, password auditing, web application scanning, social engineering, post exploitation, evidence collection, and reporting. Metasploit's integration with InsightVM (or Nexpose), Nessus, OpenVas, and other vulnerability scanners provides a validation solution that simplifies vulnerability prioritization and remediation reporting. Teams can collaborate in Metasploit and present their findings in consolidated reports.

BookFeb 2018426 pages
Learn Ethical Hacking from Scratch

Learn Ethical Hacking from Scratch

This book is designed to help you learn the basics, it assumes that you have no prior knowledge in hacking, and by the end of it you'll be at a high intermediate level being able launch attacks and hack computer systems just like black-hat hackers do, not only that but you'll also learn how to secure systems from these attacks.

BookJul 2018564 pages5
Metasploit for Beginners

Metasploit for Beginners

Metasploit for Beginners will provide a good starting point to perform penetration testing and identify threats and vulnerabilities to secure your IT environment. This book would help the reader absorb the essential concepts on using Metasploit framework for comprehensive penetration testing. By the end of the book, the reader would feel confident on having gained sufficient hands-on knowledge on effectively utilizing the framework in real world scenarios.

BookJul 2017190 pages
Kali Linux Network Scanning Cookbook

Kali Linux Network Scanning Cookbook

With the ever-increasing amount of data flowing in today’s world, information security has become vital to any application. This is where Kali Linux comes in. Kali Linux focuses mainly on security auditing and penetration testing. This step-by-step cookbook on network scanning trains you in important scanning concepts based on version 2016.2. It will enable you to conquer any network environment through a range of network scanning techniques and will also equip you to script your very own tools.

BookMay 2017634 pages
Kali Linux 2018: Assuring Security by Penetration Testing

Kali Linux 2018: Assuring Security by Penetration Testing

This book is a fully focused, structured book providing guidance on developing practical penetration testing skills by demonstrating cutting-edge hacker tools and techniques. It offers you all of the essential lab preparation and testing procedures that reflect real-world attack scenarios from a business perspective, in today's digital age.

BookOct 2018528 pages

Personalised recommendations for you

Based on your interests and search pattern

Designing and Implementing Microsoft Azure Networking Solutions

Designing and Implementing Microsoft Azure Networking Solutions

Designing and Implementing Microsoft Azure Networking Solutions Exam Ref AZ-700 is an all-encompassing guide to the AZ-700 exam and contains all the information you need to succeed in the world of virtual networking with Azure. With this book, you will be fully prepared for the exam and the world of cloud networking.

BookAug 2023524 pages
Microsoft 365 Security, Compliance, and Identity Administration

Microsoft 365 Security, Compliance, and Identity Administration

The Microsoft 365 Security, Compliance, and Identity Administration is a comprehensive guide that helps you employ Microsoft 365's robust suite of features and empowers you to optimize your administrative tasks.

BookAug 2023630 pages
Zero Trust Overview and Playbook Introduction

Zero Trust Overview and Playbook Introduction

Get started on Zero Trust with this step-by-step playbook and learn everything you need to know for a successful Zero Trust journey with tailored guidance for every role, covering strategy, operations, architecture, implementation, and measuring success. This book will become an indispensable reference for everyone in your organization.

BookOct 2023240 pages
The Self-Taught Cloud Computing Engineer

The Self-Taught Cloud Computing Engineer

This self-study book helps you master multiple clouds, including AWS, Azure, and GCP, and serves as a roadmap to becoming a certified cloud computing expert. The book will guide you to develop a professional cloud career by helping you build a broad cloud knowledge base, developing hands-on cloud computing skills, and getting cloud certified.

BookSep 2023472 pages
Technology Operating Models for Cloud and Edge

Technology Operating Models for Cloud and Edge

This book will help you build and create ownership of a technology operating model, as well as connect your leadership with engineering and operations, keeping your internal and external customers in mind. It provides practical tips on why, where, and how to make the cloud and edge platform paradigm sing for you, your team, and your organization.

BookAug 2023228 pages
Azure Architecture Explained

Azure Architecture Explained

Azure is the preferred platform to build mission-critical and secure apps. This book provides comprehensive coverage of essential Azure products, services, and solutions vital for every solution architect's success. Elevate your knowledge and master the critical components of Azure to excel in your role with Azure Architecture Explained.

BookSep 2023446 pages
Pentesting Active Directory and Windows-based Infrastructure

Pentesting Active Directory and Windows-based Infrastructure

This practical guide helps you explore the pentesting of Microsoft infrastructure in detail, and enhances your offensive skillset by showing you the different ways to perform security assessment. This book will help blue teamers and IT engineers get up to speed with possible security issues they may encounter in their Windows environments.

BookNov 2023360 pages
Practical Ansible

Practical Ansible

In Practical Ansible, you'll work with the latest release of Ansible and learn to solve complex issues quickly with the help of task-oriented scenarios. You'll start by installing and configuring Ansible to automate monotonous and repetitive IT tasks and get to grips with concepts such as playbooks, inventories, plugins, collections, and network modules.

BookSep 2023420 pages
Windows 11 for Enterprise Administrators

Windows 11 for Enterprise Administrators

Microsoft’s launch of Windows 11 is a step toward satisfying the enterprise administrator’s needs for better management and enhanced user experience customization. This book provides the enterprise administrator with the knowledge needed to fully utilize the advanced feature set of Windows 11 Enterprise.

BookOct 2023286 pages
The Linux DevOps Handbook

The Linux DevOps Handbook

This book is for software and IT professionals seeking knowledge on Linux systems and DevOps practices. This book will provide you with guidance and tools to learn and gain proficiency in managing Linux-based infrastructures and knowledge of DevOps.

BookNov 2023428 pages2