-->
Selamat Datang di Blog Tino CS, Kritik dan Saran Anda Sangat Diperlukan

Wednesday, November 27, 2013

Tutorial Backtrack : Attacking Side With Backtrack

Lama saya ngk posting lagi. Langsung aja dehh.... :)

Sudah pada kenal kan dengan sistem operasi berbasis Linux ? lw blum silakan baca postingan saya tentang Linux. Pada postingan kali ini, saya akan berbagi sesuatu yang baru saya dapatkan tentang sistem operasi Backtrack. Lw blum tw tentang Backtrack, silakan baca pada postingan saya sebelumnya.

Dunia hacking pada saat ini paling sering melalui sistem operasi Linux (secara khusus backtrack), karena backtrack memiliki banyak aplikasi yang disediakan untuk keperluan hacking.

Bagi agan2 yang ingin mempelajari sistem operasi backtrack, berikut ini saya kasih Buku Tutorial Backtrack. Buku ini terdiri dari 341 halaman yang berisi tentang :

BAB I – INTRODUCTION OF BACKTRACK
1. MENGENAL BACKTRACK DAN SEJARAHNYA …...........................
1.1. Sejarah Backtrack …....................................................................
1.2. Versi-versi yang telah dirilis …....................................................
2. SUB-SUB TOOLS BACKTRACK ….......................................................
2.1. Information Gathering …............................................................
2.2. Vulnerability Assesment ….........................................................
2.3. Exploitation Tools …...................................................................
2.4. Privilage Escalation ….................................................................
2.5. Maintaining Access …..................................................................
2.6. Reverse Engineering …...............................................................
2.7. RFID Tools ….............................................................................
2.8. Stress Testing …..........................................................................
2.9. Forensics ….................................................................................
2.10. Reporting Tools …....................................................................
2.11. Services …................................................................................
2.12. Miscellaneous ….......................................................................
3. PEMBUATAN FILE ISO DAN INSTALASI BACKTRACK …................
3.1 Download iso file backtrack …....................................................
3.2 Membuat iso backtrack …............................................................
3.3 Instalasi backtrack step by step …................................................
4. DEVICE DAN HARDWARE TROUBLE SHOUTING ….........................
5. PERL,PYTHON DAN BASH ….................................................................
6. PENGGUNAAN USB MODEM …............................................................
6.1. wvdial ….......................................................................................
6.2. Gnome-ppp & Kppp ….................................................................
6.3. PPP
7. MANAJEMEN LOG …................................................................................
7.1 Melihat log terakhir dari aktivitas user ...........................................
7.2 Akses log beberapa service ( /var/log ) ….....................................
8. MULTIMEDIA & MISC …...........................................................................
9. UPDATE & UPGRADE …...........................................................................
BAB II – LEARN NETWORKING ON BACKTRACK
1. LOCAL AREA NETWORK …..................................................................
1.1 Basic Command …........................................................................
2. WIRELESS CONFIGURATION & COMMAND LINE ….......................
2.1. SSID scanning suport …...............................................................
2.2. Mode Management …...................................................................
2.3. Daftar perintah lainnya ….............................................................
3. PPPOE ….....................................................................................................
4. NETCAT THE SWISS ARMY KNIFE …...................................................
4.1. Menggunakan Netcat …...............................................................
4.2. Remote shell access …................................................................
BAB III – KNOWING SERVICE ON BACKTRACK
1. SSHD DAEMON SERVICE ….................................................................
1.1. Pengoperasian ssh service …......................................................
5. PERL,PYTHON DAN BASH ….................................................................
6. PENGGUNAAN USB MODEM …............................................................
6.1. wvdial ….......................................................................................
6.2. Gnome-ppp & Kppp ….................................................................
6.3. PPP
7. MANAJEMEN LOG …................................................................................
7.1 Melihat log terakhir dari aktivitas user ...........................................
7.2 Akses log beberapa service ( /var/log ) ….....................................
8. MULTIMEDIA & MISC …...........................................................................
9. UPDATE & UPGRADE …...........................................................................
BAB II – LEARN NETWORKING ON BACKTRACK
1. LOCAL AREA NETWORK …..................................................................
1.1 Basic Command …........................................................................
2. WIRELESS CONFIGURATION & COMMAND LINE ….......................
2.1. SSID scanning suport …...............................................................
2.2. Mode Management …...................................................................
2.3. Daftar perintah lainnya ….............................................................
3. PPPOE ….....................................................................................................
4. NETCAT THE SWISS ARMY KNIFE …...................................................
4.1. Menggunakan Netcat …...............................................................
4.2. Remote shell access …................................................................
BAB III – KNOWING SERVICE ON BACKTRACK
1. SSHD DAEMON SERVICE ….................................................................
1.1. Pengoperasian ssh service …......................................................
4.1. Pengenalan Arping ….....................................................................
4.2. Perintah Arping ….........................................................................
5. WHATWEB …...............................................................................................
5.1. Pengenalan WhatWeb …................................................................
5.2. Perintah WhatWeb ….....................................................................
6. DNSENUM …..............................................................................................
6.1. Pengenalan DNSEnum ….............................................................
6.2. Perintah DNSEnum …..................................................................
7. PROXYCHAIN …........................................................................................
7.1. Pengenalan Proxychain …............................................................
7.2. Konfigurasi proxychains …..........................................................
7.3. Metode proses proxychains …......................................................
7.4. Perintah dan penggunaan …........................................................
BAB V - MITM ATTACK
1. MITM ATTACK …......................................................................................
1.1. Proses terjadinya serangan MITM …............................................
1.2. ARP Poisoning ….........................................................................
1.3. Konsep Serangan …......................................................................
2. MITM WITH ETTERCAP …......................................................................
2.1. Metode serangan ARP poisoning dan Sniffing attack …...............
2.1.1. Metode serangan ettecap …........................................................
2.1.1.1. Metode serangan secara menyeluruh …..................................
2.1.1.2. Metode serangan terhadap satu spesifik IP ….........................
2.2. Spoffing Plugin ….........................................................................
3. PHISSING ATTACK ( FAKE LOGIN ) …...................................................
3.1. Pengertian Phissing …..................................................................
3.2. Metode-Metode Serangan Phissing …..........................................
3.3. Membuat Halaman login palsu ( fakelogin ) …............................
4. SESSION HIJACKING …...........................................................................
4.1. Pengertian session hijacking …....................................................
4.2. Implementasi session hijacking …................................................
BAB VI – GET ACCESS & PASSWORD
1. SOCIAL ENGINEERING ….......................................................................
1.1. Pengertian Social Engineering …..................................................
1.2. Penerapan Social Engineering …...................................................
1.2.1. Pengumpulan informasi ( information gathering ) ….................
1.2.2. Google hacking …......................................................................
1.2.3. Metagoofil …..............................................................................
1.2.3.1. Directory metagoofil …...........................................................
1.2.3.2. Memulai ( esekusi ) metagoofil …...........................................
1.2.3.3. Query string metagoofil ….......................................................
1.2.4.Honeyd …....................................................................................
1.2.5. S.E.T …......................................................................................
2. OFFLINE PASSWORD ATTACK …..........................................................
2.1 Cupp.py...........................................................................................
2.1.1. Membuat password list dengan Cupp.py …................................
2.1.2. lokasi cupp.py ….........................................................................
2.1.3. Penggunaan cupp.py …..............................................................
2.2. John The Ripper …........................................................................
2.2.1. Pengertian Jhon The Ripper …...................................................
2.2.2. Pengoperasian Jhon The Ripper ….............................................
2.3. Cowpatty …...................................................................................
2.3.1..Pengertian Cowpatty …..............................................................
2.3.2. Penggunaan Cowpatty …............................................................
3. ONLINE PASSWORD ATTACK …............................................................
3.1 Hydra ….........................................................................................
3.1.1. Pengertian Hydra …...................................................................
3.1.2. Penggunaan Hydra ….................................................................
3.2. Medusa …......................................................................................
3.2.1. Pengertian Medusa ….................................................................
3.2.2. Penggunaan Hydra ….................................................................
BAB VII – WIFIFU
1. AIRCRACK-NG …......................................................................................
1.1. Pengertian Aircrack …..................................................................
1.2. Airmon-NG …..............................................................................
1.2.1. Penggunaan airmon-ng …..........................................................
1.3. Iwconfig Command …..................................................................
2. AIRODUMP-NG ….....................................................................................
3. AIREPLAY-NG ….......................................................................................
3.1. Penggunaan aireplay-ng …...........................................................
3.2. Injection Testing ….......................................................................
3.3. Deauthentication ….......................................................................
3.3.1. fakeauth delay ............................................................................
4. MACHANGGER ….....................................................................................
4.1. Pengertian Macchangger …..........................................................
4.2. Penerapan Mac Address Pada Backtrack ….................................
4.3. Perintah – perintah dasar pada console …....................................
5. LAB TASK …..............................................................................................
5.1. WEP Penetration ….......................................................................
5.1.1. Proses Shared Key Authentication …........................................
5.1.2. Pentest WEP dengan client ….....................................................
5.1.3. Pentest WEP tanpa client …........................................................
5.2. WPA/WPA2 Penetration …............................................................
5.2.1. WPA Handshake..…....................................................................
5.2.2. Implementasi Aircrack-ng ….....................................................
5.2.3. Implementasi Cowpatty ….........................................................
BAB VIII – STRESS TESTING
1. STRESS TESTING …...................................................................................
1.1. DoS Attack ….................................................................................
1.2. DDoS Attack …...............................................................................
1.3. SYN flooding attack …...................................................................
1.4. TCP connection flood ….................................................................
1.5. UDP flood …...................................................................................
1.6. IcMP flooding attack …........…......................................................
2. LAB TASK …................................................................................................
2.1. SYN flood testing ….......................................................................
2.2. TCP Connection flood testing …....................................................
2.3. UDP flood testing ….......................................................................
2.3.1. UDP.PL …....................................................................................
2.4. ICMP flood testing ….....................................................................
3. TOOLS LAINNYA …....................................................................................
3.1 Letdown …......................................................................................
BAB IX – WEB ATTACK PENETRATION
1. WEB ATTACK WITH BACKTRACK
1.1. Jenis-jenis vulnerability ….............................................................
1.1.1. SQLinjection …..........................................................................
1.1.2. XSS …........................................................................................
1.1.3. LFI …........................................................................................
1.1.4. RFI …........................................................................................
2. LAB TASK …..............................................................................................
2.1. Implementasi SQL Injection ….....................................................
2.1.2. SQL Injection Login Form …....................................................
2.1.3. SQL injection URL ( SQLmap ) …............................................
2.2. Implementasi XSSTesting bug ….................................................
2.2.1. Beef web framework ….............................................................
2.2.2. Xsser …......................................................................................
3. WEB SCANNER …......................................................................................
3.1. Nikto ….........................................................................................
3.2. Nessus ….......................................................................................
3.3. Joomscan …..................................................................................
4. EXPLOIT DATABASE …...........................................................................
4.1. db-exploit ….................................................................................
BAB X – METASPLOIT
1. PENGENALAN ….......................................................................................
1.1. Sejarah dan tokoh dibalik layar …................................................
1.2. Daftar seri dan versi metasploit …................................................
1.3. Metasploit pada backtrack linux …...............................................
1.4. File sistem dan library …...............................................................
1.5. msfupdate ….................................................................................
2. METASPLOIT FUNDAMENTAL …..........................................................
2.1. Msfcli …........................................................................................
2.1.1. Msfcli help command …............................................................
2.1.2. Memeriksa kebutuhan informasi …...........................................
2.1.3. Kompetibel payload …...............................................................
2.1.3. Contoh serangan dan penggunaan …..........................................
2.2. Msfconsole …................................................................................
2.2.1. Msfconsole cmd command …....................................................
2.2.2. Perintah manajemen exploit …...................................................
2.3. Payload …......................................................................................
2.3.1. Tipe payload …...........................................................................
2.3.2. Membuat payload …...................................................................
3. INFORMATION GATHERING …..............................................................
3.1. Db_connect …...............................................................................
3.2. Db_nmap …...................................................................................
4 . MAINTAINING ACCESS …......................................................................
4.1. reverse_tcp …..............................................................................
4.2. shell_bind_tcp ….........................................................................
4.3. Meterpreter Keylogger …............................................................
4.4. Menambah user pada sistem windows ….....................................
5. METERPRETER …....................................................................................
5.1. Mengenal dan memilih session ….................................................
5.2. Melihat proses berjalan ….............................................................
5.3. Melihat isi direktori …...................................................................
5.4. Migrate ke proses tertentu …........................................................
5.5. Download dan upload ke direktori mesin target …......................
5.6. Melihat informasi network target …..............................................
5.7. Melihat user id ( getuid ) …...........................................................
5.8. Mengesekusi program/file tertentu …............................................
5.9. Membuka shell …...........................................................................
5.10. .Hashdump …...............................................................................
5.11. Privilage escalation …..................................................................
5.12. Menghapus log ….........................................................................
5.13. Screencapture …...........................................................................
5.14. VNC remote desktop …................................................................
6. METASPLOIT BROWSER AUTOPWN …................................................
6.1. Contoh serangan ….......................................................................

Buku ini sangat saya rekomendasikan karena disertai gambar-gambar yang mempermudah kita dalam mempelajarinya. walaupun sampai saat postingan ini saya buat, buku tersebut belum selesai saya baca. hehe

Jadi bagi yang tertarik untuk mempelajarinya silakan download disini.

Semoga postingan saya ini bermanfaat.
Salam,
Tino CS
Labels: , ,
Posted by

1 comment:

Subscribe to: Post Comments (Atom)