Ethical Hacking Using Kali Linux PDF

Summary

This document is an introduction to ethical hacking and Kali Linux. It discusses cyber attacks, how they work, and the ways to protect yourself. The document has illustrations and examples of real-world situations that help the reader. It covers basic concepts and techniques, as well as tools used in penetration testing.

Full Transcript

2 Unit Two:

on
Ethical
Hacking Using

iz
Kali Linux
or
H
ht
ig
Br
 1
Cyber Attack

on
iz
or
While Adam was watching TV with his family, a news report came
on about a famous bank that had been hit by a serious cyber attack,
H
which led to its bankruptcy. Curious about what this meant, Adam
decided to ask his computer science teacher the next day about
what a cyber attack is and how people can protect themselves
from it. Here’s how their conversation went:
ht

Teacher: “Cyber attack
​​ is one of the most dangerous and common
electronic threats in light of the circumstances we live in. We rely
heavily on electronic devices in various fields, and hackers seek
ig

to access these devices to carry out their illegal actions. This
type of attack often targets computers.”
Adam: “So, what is a cyber attack?”
Br

Teacher: “It is any attempt by individuals or groups to penetrate,
sabotage, or obtain information from computer systems or
networks illegally, and the matter can amount to an attempt to
destroy the infrastructure of institutions.”
Adam: “How can I protect myself and my friends from these
attacks?”

40
 Teacher: “There are several ways to stay safe. First, avoid opening
suspicious messages or clicking on unfamiliar links. Hackers
often send fake messages to trick you into giving away personal
information, like your passwords.”
For example, be careful with messages that ask for your personal

on
information. Imagine you get a message saying, ‘Hello Adam,
I’m from Facebook and there was a problem with your login.
Please send me your login details so I can fix it.’ This is a trick to
steal your information. On a larger scale, protecting institutions
is more complex because hackers might target their servers and

iz
data in many different ways.”

Activity 1:
or
These messages arrived in Adam’s email. Which of these
messages might be a way to hack Adam’s device?
H
1 New Messages

To : Adam cc : bcc :

Subject : Congratulations! You’ve Won the Jackpot!
ht

Congrats! You’ve won the grand prize of $1,000,000! Click the
link below to confirm your email and log in to start the process
ig

of receiving your prize.
Click here to confirm
Best regards,
Br

The Grand Prix Team

Send

41
 2 New Messages

To : Adam cc : bcc :

Subject : Assignment Reminder

on
Hello,
I just wanted to remind you about the assignment that’s due
next Monday. Please make sure to start working on it before
the deadline.

iz
Best regards,

Teacher William

Send
or
H
3 New Messages

To : Adam cc : bcc :
ht

Subject : Invitation to the Cybersecurity Conference

Dear Valued Customer,
We are excited to invite you to our Virtual Cybersecurity
ig

Conference on July 20. The conference will cover the latest
updates and developments in the field of cybersecurity.
To register, please click the link below:
Br

Click here to register
Best regards,
The Internet Security Team

Send

42
 Common Types of Cyber Attacks:

1 Malicious Software (Viruses): These are harmful programs from
unknown or untrusted sources. They can include spyware or
viruses that damage your system. Malicious software might

on
stop certain functions from working or completely disable your
device.

2 Cyber Attack through Information Escalation: This is one of the
most dangerous and widespread threats. It involves sending

iz
fraudulent messages via email that appear to be from a reliable
source, tricking the victim to carry out unethical actions such
as stealing credit card information or login data for social media

3
accounts.
or
Cyber Attack through Ransomware: These attacks involve
malicious programs in which the hacker encrypts the victim’s
H
files and demands a ransom for decryption or threatens to
publish the data.

Note: The hacker does not actually possess the victim’s data
ht

but uses the threat of data exposure to extort the ransom.

Cyber Attack via Man-in-the-Middle (MitM) Attack: Also known
ig

4

as cyber-middle attacks, this type of attack involves the
hacker intercepting communication between the victim and
the Internet. This can be accomplished either by connecting
Br

the victim to an insecure network set up by the hacker or
through malicious programs that grant the hacker access to
the victim’s data.

43
 Activity 2:
In this activity, we will learn how to keep Windows updated
to ensure device security and protect it from cyber threats.
Companies work diligently to address security vulnerabilities
and safeguard their systems against hackers. Microsoft provides

on
security updates for its systems on a monthly basis.

1 Click the Start button on the taskbar.

iz
or
H
ht

2 Click the Settings icon to open the Windows settings.
ig
Br

44
 3 Click Update & Security.

on
iz
4 or
Click Check for updates.
H
ht
ig
Br

45
 5 Wait for the update to complete.

on
iz
6 or
To install the update, click Restart now.
H
ht
ig
Br

46
 7 Amazing! The update is complete, and your device is now more
secure.

on
iz
Activity 3:
or
In this activity, we will learn how to scan your computer using the
H
Avast Free Antivirus tool to ensure it is free of viruses.

1 Go to the search box on the taskbar, type Microsoft Store to
search for the online store where you can download computer
ht

programs, and then click on the store.
ig
Br

47
 2 In the search box, type the name of the program you will use to
scan the computer for viruses: Avast Free Antivirus.

on
iz
3
or
Click the search icon.
H
ht
ig
Br

48
 4 Click Install.

on
iz
5 or
Wait for the download to finish.
A message will appear requesting permission for the program
to make changes to the computer. Click OK.
H
ht
ig
Br

49
 6 Go to the Start menu, where the application will appear at the
top of the list, and click on it.

on
iz
7
or
If the program requests a restart, click RESTART NOW.
H
Note: This step can be skipped if the program does not
request a restart.
ht
ig
Br

50
 on
iz
8 or
Click RUN SMART SCAN.
H
ht
ig
Br

51
 9 Wait for the scan to complete. If any viruses are detected, click
RESOLVE ALL.

on
iz
or
H
ht
ig
Br

52
 10 After removing the viruses, click NEXT.

on
iz
or
H
ht

My device is
ig

now virus-free.
Br

53
 Hackers
Who is a hacker?
A hacker is an individual with expertise in software and
networks who discovers vulnerabilities in systems and
exploits them. The nature of their activities—whether ethical

on
or unethical—depends on the type of hacker they are.

There are three classifications of hackers:
1 White Hat Hacker: Also known as an ethical hacker, this

iz
individual aims to protect devices from hacking by identifying
vulnerabilities in electronic systems. Upon discovering these
vulnerabilities, they inform the legal owner and assist in

2
or
finding appropriate solutions.

Black Hat Hacker: Also known as an unethical hacker, this
individual engages in malicious activities such as stealing
H
data, blackmail, sabotage, or causing chaos within systems.

3 Gray Hat Hacker: Also known as a gray hacker, this person
operates without a clear direction. They may engage in
ht

illegal activities with the intention of doing good, or commit
immoral actions without intending to cause harm. While gray
hat hackers possess the same skills as other types, their
ig

ethical stance and motives vary.

Note: Creating strong passwords is one of
Br

the most important defenses against
hacking personal accounts.

54
 Activity 4:
In this activity, we will explore a tool designed to create strong
passwords that are nearly impossible for hackers to guess.
1 Open the following link in your preferred browser:

on
https://delinea.com/resources/password-generator-it-tool

The password generator window will appear. Choose the settings
that suit your needs.

iz
or
H
ht

2 Click GENERATE RANDOM PASSWORD.
ig

Lesson 2
Br

Introduction to Ethical Hacking and Kali Linux

55
 2
Introduction to Ethical Hacking
and Kali Linux

on
iz
or
H
What is Ethical Hacking?
Ethical hacking, also known as penetration testing, involves using
the same tools, techniques, and processes that malicious hackers
use, but with one crucial difference: ethical hackers have explicit
ht

permission to test the systems. The goal is to identify security
vulnerabilities from the perspective of a potential attacker and
address them before they can be exploited by malicious actors.
ig

Areas of Ethical Hacking:
Penetration Testing: A simulated cyber attack on your
Br

computer system designed to identify exploitable security
vulnerabilities.
Vulnerability Assessment: A systematic review of security
weaknesses within an information system.

56
 The Importance of Information Security:
In today’s digital world, information
security is more crucial than ever.
With the rise in cyber attacks,
companies must be proactive in

on
safeguarding their systems and
data. Ethical hackers are essential
in this effort, as they identify and
address security vulnerabilities

iz
before they can be exploited by
malicious actors. One of the most
important tools for this purpose is

or
the Kali Linux operating system.

What is Kali Linux?
H
Kali Linux is a Debian-based Linux distribution specifically
designed for digital forensics and penetration testing. It includes
a comprehensive collection of powerful tools for hacking,
security research, computer forensics, and reverse engineering.
Kali Linux is developed and maintained by Offensive Security, a
ht

leading provider of information security training.

Why Kali Linux?
ig

Comprehensive Toolkit: Kali Linux includes an extensive suite
of tools covering all phases of a cybersecurity attack.
Br

Community Support: It is supported by a large and active
community of ethical hackers and information security
professionals.
Customization: Kali Linux allows users to customize the
operating system to suit their specific needs.

57
 Main tools in Kali Linux:
Nmap: Network scanning tool.
Metasploit: Exploitation framework.

on
Wireshark: Network protocol analyzer.
Aircrack-ng: A Wi-Fi security assessment package.

Linux File System Structure:
The Linux file system follows a hierarchical structure, beginning at

iz
the root directory (/) and branching out into subdirectories. Key
components of this structure include:
/bin: Contains essential programs used by all users.
or
/etc: Stores system configuration files.
/home: Contains personal directories for individual users.
/usr: Provides a secondary structure for user data and is
H
typically read-only. It houses most of the tools and applications
used by users.

Basic Commands in Kali Linux:
ht

File Management Commands:
ls: Lists files and directories within the current directory.
cd: Use cd followed by a specified path to navigate to that
ig

directory. Simply typing cd takes you to the user’s home
directory. Use cd.. to move up one directory level.
cp: Copies files or directories from one location to another.
mkdir: Creates a new directory.
Br

pwd: Displays the path of the current directory.

58
 Basic commands for system administration:
sudo: executes a command with administrator privileges. It is
essential for tasks that require administrative permissions.
apt-get: used to install, update, and remove packages. For
example, sudo apt-get update updates the list of available

on
packages.
man: Displays the man pages for the commands. For example,
man ls shows the directory for the ls command.

iz
Basic Network Commands:
Network commands are essential for ethical hackers to understand
network configurations and diagnose connectivity issues:

or
ifconfig: Displays and configures network interfaces.

Note:
H
The ip command has become the
standard for network configuration
and management in many Linux
distributions, including Kali Linux,
ht

and is gradually replacing ifconfig.
ig

ping: Sends ICMP echo requests to a specific host to verify
connectivity and measure response time.
traceroute: Maps the path of data packets from the source to
the destination.
Br

59
 The Importance of Network Commands in Ethical Hacking:
ifconfig/ip: Understanding your network interfaces and IP
addresses is crucial for network scanning and identifying an
attack.
ping: Verifies the reachability of a host on an IP network and

on
measures the round-trip time of sent packets.
traceroute: Determines the path taken by packets to reach a
target, helping to understand the network layout.

iz
Activity 1: Using Terminal Commands
1 Navigate the File System: Use ls, cd, pwd, and mkdir to explore

2
or
and manage your file system.
File Management: Create a new directory, copy a file into this
directory, then list the contents of the directory to verify the file
H
has been copied.
3 Network Basics: Use ifconfig to view your network configuration,
use ping to check connectivity to google.com, and use
traceroute to trace the path of packets to google.com.
ht
ig
Br

60
 Activity 2:
Complete the following tasks using terminal commands in Kali
Linux. Document your steps and results for each task:
1 Create a Workspace: Create a directory named EthicalHacking
in your home folder.

on
2 File Operations: Within the EthicalHacking directory, create a
text file named test.txt, and then make a copy of this file named
test_backup.txt.
3 Network Exploration:

iz
Use ifconfig or ip addr show to list all network interfaces and
their IP addresses.
Use ping to check the connection to 8.8.8.8 (Google’s DNS
server).
or
Use traceroute to openai.com to observe the path that packets
take across the network.
H
4 Submit a report that includes the outputs of the commands
and any observations made during the exercise. Discuss the
challenges faced and the methods used to overcome them.
ht

Remember:
Mastering the command line interface and basic network
commands is essential for any aspiring ethical hacker. These
ig

skills are crucial not only for performing security assessments
but also for laying the groundwork for more advanced
techniques in penetration testing and cybersecurity research.
Br

Therefore, you need to continue practicing these commands
to enhance your efficiency and prepare for more complex
tasks in your ethical hacking journey.

61
 3
Reconnaissance and Information Gathering

on
iz
or
Reconnaissance, also known as bootstrapping, is the initial stage
H
in the ethical hacking process. It involves gathering as much
information as possible about the target before launching any
attack. This stage can be divided into two main categories: passive
reconnaissance and active reconnaissance.
ht

Passive Reconnaissance: This means gathering information
without directly contacting the target. Examples include
ig

looking at public records or checking social media.
Active Reconnaissance: This involves interacting directly with
the target by checking things like open ports, services, or
potential weaknesses.
Br

The information collected during this phase can include details like
the target’s domain names, IP addresses, and how their network
is set up. Knowing about the target’s environment is important for
planning a successful penetration test.

62
 Information Monastery Tools and Techniques:
WHOIS:
Is a tool that helps you find out
information about a website’s domain

on
name. It gives you details like who
owns the domain, how to contact
them, who registered it, and the
network addresses involved. You can
use this tool to learn more about a

iz
website and understand how it’s set
up.
Nmap (Network Mapper)
or
Is a cool tool used to explore and check
computer networks. It helps you find
out which devices are connected to
H
a network and what services they’re
running and provides a map of those
devices. Nmap can do different types
of checks, like finding open ports,
ht

running tests without being detected,
and figuring out which versions of
software are being used.
ig

Netcat
Sometimes called the Swiss Army
Knife of networking, is a flexible tool
Br

that lets you read and send data over
network connections using the TCP/
IP protocol. It’s great for connecting
directly to a remote computer to
find out more about open ports and
services running on that computer.

63
 Activity 1: Basic Penetration Testing with Nmap.
Overview:
In this activity, you’ll use Nmap to perform a basic scan of a target
system. You’ll learn how to check for things like open ports and

on
running services on the target.
The steps:
1 Determine the target: Find out the IP address or domain name
of the system you want to check. This is the system you’ll be
scanning.

iz
2 Run a Basic Nmap Scan: Use Nmap to scan the target system.
You can start with this command

or
nmap -sV

This command will check for open ports and try to find out
which services are running on those ports.
H
3 Analyze the Results: Look at the scan results to see which ports
are open and what services are running on them.
ht

Ethical Considerations and Legal Limits:
When doing any kind of hacking or security testing, it’s super
important to stay within the rules:
ig

Get Permission: Always get clear permission from the owner
of the system you’re testing.
Define the Scope: Make sure to determine and understand
exactly what parts of the system you are allowed to test to
Br

avoid going beyond what was agreed upon.
Respect Privacy: Don’t look at or touch any personal or
sensitive information.

64
 Activity 2: Using Nmap in a Controlled Laboratory.
Use Nmap to check out a lab setup given by your teacher. Follow
these steps:
1 Set Up Your Environment: Make sure Nmap is installed and
ready to use on your computer.

on
2 Scan the Target: Use Nmap to scan the lab environment. You
can use the command:
nmap -sV -A
This will give you a detailed scan, including information about

iz
the operating system, service versions, script checks, and path
tracking.
3 Document Your Results: Write down the open ports, the services

or
running on those ports, and any operating systems you find.
Note any interesting details or potential issues you see.
H
4 Create a report explaining how you
conducted the scan, the commands
you used, and the results you found. In
your report, discuss how the information
you collected can be useful for the next
ht

steps in the ethical hacking process.

Remember:
ig

Reconnaissance is the very first step in ethical hacking,
and it’s super important because it sets up everything
that comes next. By finding out more about the target
Br

system, ethical hackers can plan their tests better and
have a better chance of success. Always remember,
ethical hacking should be done carefully, respecting
people’s privacy and following the law.

65
 4
Evaluating and Exploiting
Vulnerabilities

on
iz
or
Vulnerability Assessment is a fundamental process in information
security. It involves examining a system to find security weaknesses,
then evaluating and classifying these weaknesses based on their
H
severity. This process is a preventive measure designed to protect
the system from potential attacks by identifying vulnerabilities
before they can be exploited.

The Importance of Assessing Security Vulnerabilities:
ht

Prevention: Helps detect security weaknesses early on.
Protection: Strengthens the system against potential attacks.
Compliance: Ensures the system meets security standards
ig

and regulations.

Tools for Examining Security Vulnerabilities:
Br

OpenVAS (Open Vulnerability Assessment System)
Is a tool that helps find security problems in computer systems.
It’s free to use and open-source, which means anyone can
use and check it out. OpenVAS can scan systems to find
thousands of known security issues.

66
 Nessus
Is a popular tool for finding
security problems in computer
systems. Although it has a paid
version, its powerful features

on
make it a must-have tool.
Nessus can find vulnerabilities
and configuration mistakes and
provides detailed advice on

iz
how to fix them.

Basic Exploitation Concepts and Tools
or
Basic exploitation is the process of using a known security
weakness to gain unauthorized access to a system or network.
Tools like the Metasploit Framework are often used to create
H
and apply these exploits.

The Metasploit Framework is a powerful tool used to create and
run exploit code on a remote target machine. It also has features
ht

for testing network security, such as scanning for and exploiting
security weaknesses.

Modules: These are pieces of code that are designed to exploit
ig

different security weaknesses.

Payloads: These are codes that run on the target system
Br

once a vulnerability is successfully exploited. One example is
Meterpreter. Meterpreter is an advanced Metasploit payload
that provides an interactive shell, allowing you to explore the
target system and run commands on it.

67
 Activity 1: Examine Vulnerabilities and Exploits:
Overview:
In this exercise, you will perform a vulnerability scan using tools
like OpenVAS or Nessus, identify any security weaknesses found

on
in the scan, and exploit a known vulnerability using Metasploit.

The Steps:
1 Conduct a Vulnerability Scan: Use OpenVAS or Nessus to
scan a controlled lab system. Set up the scan to find potential

iz
security weaknesses.
2 Analyze the Scan Results: Look at the results of the scan to

3
or
find any major security vulnerabilities.

Exploit a Known Vulnerability: Use Metasploit to exploit one
of the identified vulnerabilities. Choose the right exploit and
H
adjust it with the target details.
4 Gain Access to the Target System: After successfully exploiting
the vulnerability, access the system. If using Meterpreter,
explore the available commands to interact with the system.
ht
ig
Br

68
 Ethical Considerations and Reporting Security
Vulnerabilities:
Ethical hackers must follow ethical and legal guidelines when
finding security weaknesses. These guidelines include:

on
Permission: Always get clear permission before checking or
exploiting a system.
Confidentiality: Keep any information you find private and
secure.
Reporting: Report any security issues to the right person or

iz
company in a responsible way, giving enough details so they
can understand and fix the problem.

Activity 2: or
Perform vulnerability scanning on a controlled system provided
by your teacher or in a laboratory environment.
H
Follow these steps:
1 Preparation and conducting the examination: Use OpenVAS
or Nessus to perform the examination. Document the setup
process and any configurations made for the scan.
ht

2 Analyze and report the results: Analyze the scan results to identify
critical security vulnerabilities. Prepare a report explaining the
discovered security vulnerabilities, their potential impact, and
ig

recommended actions for correction.
3 Provide your report, including an
overview of the scanning process,
Br

the results, and any steps taken
to exploit or investigate the
vulnerabilities further.

69
 Remember:
Vulnerability assessment and basic exploitation are key

on
skills in ethical hacking. In this lesson, you learned how to
find, evaluate, and use security weaknesses in a system.
It’s important to follow ethical guidelines, making sure all
activities are done responsibly and with proper permission.

iz
or
H
ht
ig
Br

70