You're reading from The Ultimate Kali Linux Book Perform advanced penetration testing using Nmap, Metasploit, Aircrack-ng, and Empire

Product type Paperback

Published in Feb 2022

Publisher Packt

ISBN-13 9781801818933

Length 742 pages

Edition 2nd Edition

Tools

Kali Linux

Concepts

Cybersecurity

Author (1):

Glen D. Singh

View More author details

Table of Contents (23) Chapters

Preface

1. Section 1: Getting Started with Penetration Testing FREE CHAPTER

2. Chapter 1: Introduction to Ethical Hacking

3. Chapter 2: Building a Penetration Testing Lab

4. Chapter 3: Setting Up for Advanced Hacking Techniques

5. Section 2: Reconnaissance and Network Penetration Testing

6. Chapter 4: Reconnaissance and Footprinting

7. Chapter 5: Exploring Active Information Gathering

8. Chapter 6: Performing Vulnerability Assessments

9. Chapter 7: Understanding Network Penetration Testing

10. Chapter 8: Performing Network Penetration Testing

11. Section 3: Red Teaming Techniques

12. Chapter 9: Advanced Network Penetration Testing — Post Exploitation

13. Chapter 10: Working with Active Directory Attacks

14. Chapter 11: Advanced Active Directory Attacks

15. Chapter 12: Delving into Command and Control Tactics

16. Chapter 13: Advanced Wireless Penetration Testing

17. Section 4: Social Engineering and Web Application Attacks

18. Chapter 14: Performing Client-Side Attacks – Social Engineering

19. Chapter 15: Understanding Website Application Security

20. Chapter 16: Advanced Website Penetration Testing

21. Chapter 17: Best Practices for the Real World

22. Other Books You May Enjoy

Working with bind and reverse shells

In a bind shell scenario, let's imagine your target is on a public network such as the internet and has a public IP address, while your attacker machine is behind a firewall. Traffic originating from the internet that goes to an internal network is blocked by the firewall by default. Firewalls are configured to block traffic that originates from a less trusted network zone to a more trusted network zone. However, if you want to connect to the target, you will need to establish a connection from a more trusted network zone, such as the internal network, to a less trusted network zone.

If the target system is running a listener, it can be configured to be bound to the Windows Command Prompt or Linux Terminal shell with the target's IP address and a unique service port number. This will allow the attacker machine to connect to the target via its public IP address and port number, and obtain a remote bind shell on the target system.

...