You're reading from Kali Linux 2 ??? Assuring Security by Penetration Testing Achieve the gold standard in penetration testing with Kali using this masterpiece, now in its third edition!

Product type Paperback

Published in Sep 2016

Publisher Packt

ISBN-13 9781785888427

Length 572 pages

Edition 3rd Edition

Tools

Kali Linux

Concepts

Penetration Testing

Authors (4):

Tedi Heriyanto

Gerard Johansen

Lee Allen

Shakeel Ali

View More author details

Table of Contents (18) Chapters

Preface

1. Beginning with Kali Linux FREE CHAPTER

2. Penetration Testing Methodology

3. Target Scoping

4. Information Gathering

5. Target Discovery

6. Enumerating Target

7. Vulnerability Mapping

8. Social Engineering

9. Target Exploitation

10. Privilege Escalation

11. Maintaining Access

12. Wireless Penetration Testing

13. Kali Nethunter

14. Documentation and Reporting

A. Supplementary Tools

B. Key Resources

Index

Installing a vulnerable server

In this section, we will install a vulnerable virtual machine as a target virtual machine. This target will be used in several chapters of the book, when we explain particular topics. The reason we chose to set up a vulnerable server in our machine instead of using vulnerable servers available on the Internet is because we don't want you to break any laws. We should emphasize that you should never pen test other servers without written permission. Another purpose of installing another virtual machine would be to improve your skills in a controlled manner. This way, it is easy to fix issues and understand what is going on in the target machine when attacks do not work.

In several countries, even port scanning a machine that you don't own can be considered a criminal act. Also, if something happens to the operating system using a virtual machine, we can repair it easily.

The vulnerable virtual machine that we are going to use is Metasploitable 2. The famous HD Moore of Rapid7 creates this vulnerable system.

Note

There are other deliberately vulnerable systems besides Metasploitable 2 that you can use for your penetration testing learning process, as can be seen on the following site: http://www.felipemartins.info/2011/05/pentesting-vulnerable-study-frameworks-complete-list/.

Metasploitable 2 has many vulnerabilities in the operating system, network, and web application layers.

Note

Information about the vulnerabilities contained in Metasploitable 2 can be found on the Rapid7 site at https://community.rapid7.com/docs/DOC-1875.

To install Metasploitable 2 in Virtual Box, you can perform the following steps:

Download the Metasploitable 2 file from http://sourceforge.net/projects/metasploitable/files/Metasploitable2/.
Extract the Metasploitable 2 ZIP file. After the extraction process is completed successfully, you will find five files:
```
Metasploitable.nvram
Metasploitable.vmdk
Metasploitable.vmsd
Metasploitable.vmx
Metasploitable.vmxf
```
Create a new virtual machine in VirtualBox. Set Name to Metasploitable2, operating system to Linux, and Version to Ubuntu.
Set the memory to 1024MB.
In the Virtual Hard Disk setting, select Use existing hard disk. Choose the Metasploitable files that we have already extracted in the previous step:
Change the network setting to Host-only adapter to make sure that this server is accessible only from the host machine and the Kali Linux virtual machine. The Kali Linux virtual machine's network setting should also be set to Host-only adapter for pen-testing local VMs.
Start the Metasploitable 2 virtual machine. After the boot process is finished, you can log in to the Metasploitable 2 console using the following credentials:
- Username: msfadmin
- Password: msfadmin

The following is the Metasploitable 2 console after you have logged in successfully:

You're reading from Kali Linux 2 ??? Assuring Security by Penetration Testing Achieve the gold standard in penetration testing with Kali using this masterpiece, now in its third edition!

Table of Contents (18) Chapters

Installing a vulnerable server

Note

Note

Authors (4)

Personalised recommendations for you