Hacking_and_Penetration_Testing_with_Low_Power_Devices
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Starter set of tools<br />
89<br />
#get John<br />
wget http://downloads.skullsecurity.org/passwords/john.txt.bz2<br />
bzip2 -d john.txt.bz2<br />
#get RockYou<br />
wget http://downloads.skullsecurity.org/passwords/rockyou.\<br />
txt.bz2<br />
bzip2 -d rockyou.txt.bz2<br />
#get 500 worst<br />
wget http://downloads.skullsecurity.org/passwords/500-worst\<br />
-passwords.txt.bz2<br />
bzip2 -d 500-worst-passwords.txt.bz2<br />
#get Hotmail<br />
wget http://downloads.skullsecurity.org/passwords/hotmail.\<br />
txt.bz2<br />
bzip2 -d hotmail.txt.bz2<br />
SCANNERS<br />
Before you can compromise a system, you need to know what is there. This is where<br />
scanners come in. Scanners that find services are commonly known as port scanners.<br />
Nmap is a very popular <strong>and</strong> powerful scanner <strong>with</strong> scripting capabilities. Nmap is<br />
easily installed <strong>with</strong> the comm<strong>and</strong> sudo apt-get install nmap. This will install<br />
the Nmap tool <strong>and</strong> a collection of scripts (default script location is /usr/share/<br />
nmap/scripts). You may also wish to install the Nmap Python library by executing<br />
the comm<strong>and</strong> sudo apt-get install python-nmap.<br />
Once a service has been discovered, the next logical question to ask is whether or<br />
not that service is vulnerable. A number of vulnerable scanners that report potential<br />
problems are available. Of these, Nessus is perhaps the most well known. Unfortunately,<br />
Nessus is not available for the ARM platform. The tool that it is based on,<br />
OpenVAS, is available, however.<br />
OpenVAS consists of a server that does the scanning (which relies on plug-ins)<br />
<strong>and</strong> a client that is used to request <strong>and</strong> read the scan results. All of this is easily<br />
installed by executing apt-get install openvas-client openvas-plugins-base<br />
openvas-plugins-dfsg openvas-server or just including these packages in our<br />
Christmas list. The OpenVAS plug-ins can be kept current using the openvas-nvtsync<br />
utility on a regular basis.<br />
There are a number of specialized vulnerability scanners. Some of these will be<br />
discussed in more detail later in this book. Nikto is a popular Web vulnerability scanner<br />
written in Perl (Practical Extraction <strong>and</strong> Reporting Language). Perl was written<br />
by Larry Wall way back in 1987 <strong>and</strong> is still used by some system administrators<br />
today. PHP <strong>and</strong> Python are both variants of Perl. A good list of Web vulnerability<br />
scanners can be found at the Open Web Application Security Project (OWASP) website<br />
https://www.owasp.org/index.php/Category:Vulnerability_Scanning_Tools.