ناو یان ئیمیل:   
ووشه‌ی نهێنی:   

[-]
دواین 15 بابه‌ته‌كان
يارمه تى instagram
نووسه‌ری بابه‌ت:mahmood govan دواترین وه‌لام:mahmood govan ژماره‌ی وه‌لامه‌كان:1 جاری بینراو:80 كات:09-21-2019
به‌قوه‌ترین ڕیپۆرت بۆ ئینسته‌كرام
نووسه‌ری بابه‌ت:Mhamad Net دواترین وه‌لام:HAMA_QALADZEY ژماره‌ی وه‌لامه‌كان:1 جاری بینراو:87 كات:09-21-2019
دروست كردنی داتابه‌یس بۆ كارمه‌ندی كۆمپانیا - خۆت دروستی بكه‌ به
نووسه‌ری بابه‌ت:Abdulrahman Kalari دواترین وه‌لام:HAMA_QALADZEY ژماره‌ی وه‌لامه‌كان:1 جاری بینراو:184 كات:09-21-2019
هه‌ر به‌رنامه‌یه‌کی مۆبایلت دوێت...فه‌رموو
نووسه‌ری بابه‌ت:AnGrY MaN دواترین وه‌لام:Razwan.marzani1 ژماره‌ی وه‌لامه‌كان:808 جاری بینراو:233436 كات:09-19-2019
تکایە چۆن وابکام لۆکەیشنی موبایلەکەم ببێت بە - ئێران
نووسه‌ری بابه‌ت:DARYAN 3D دواترین وه‌لام:ZhiyarZhika ژماره‌ی وه‌لامه‌كان:1 جاری بینراو:123 كات:09-19-2019
ئیمیل و پاسۆردی هه‌رسایتیكت ئه‌ویت داوابكه‌ ؟
نووسه‌ری بابه‌ت:AhmadKifre دواترین وه‌لام:bryar khalid ژماره‌ی وه‌لامه‌كان:86 جاری بینراو:2191 كات:09-18-2019
فب يةكم بو هاك بكةن 100 دولار هةدية
نووسه‌ری بابه‌ت:Kaivon1997 دواترین وه‌لام:Akam King ژماره‌ی وه‌لامه‌كان:4 جاری بینراو:1067 كات:09-17-2019
کێ Bitcion دەفرۆشیت
نووسه‌ری بابه‌ت:aswad_hawlery دواترین وه‌لام:majnun ژماره‌ی وه‌لامه‌كان:2 جاری بینراو:927 كات:09-17-2019
pubg mobile banned
نووسه‌ری بابه‌ت:mahmood govan دواترین وه‌لام:majnun ژماره‌ی وه‌لامه‌كان:4 جاری بینراو:471 كات:09-17-2019
paypal
نووسه‌ری بابه‌ت:Mhamad R2 دواترین وه‌لام:aswad_hawlery ژماره‌ی وه‌لامه‌كان:1 جاری بینراو:187 كات:09-16-2019
هاك كردنی سناپ چات به‌ (bruteforce ) كردن bruteforce Snapchat 2018
نووسه‌ری بابه‌ت:AhmadKifre دواترین وه‌لام:aswad_hawlery ژماره‌ی وه‌لامه‌كان:5 جاری بینراو:585 كات:09-16-2019
پەرەى تەزويرم ئەوێ !
نووسه‌ری بابه‌ت:KanHan Haji دواترین وه‌لام:KanHan Haji ژماره‌ی وه‌لامه‌كان:0 جاری بینراو:18 كات:09-15-2019
هاكی چ یاریه‌كت ده‌وی داوا بكه‌
نووسه‌ری بابه‌ت:ahmad-boy دواترین وه‌لام:Aland.IT ژماره‌ی وه‌لامه‌كان:289 جاری بینراو:118145 كات:09-12-2019
ڕاکەن!! اسانترین ریگا بۆ هاکیی پەبجی موبایل
نووسه‌ری بابه‌ت:kovan a deranay دواترین وه‌لام:kovan a deranay ژماره‌ی وه‌لامه‌كان:0 جاری بینراو:234 كات:09-12-2019
به‌ده‌ست هێنانی UC بۆ PUBG و ئه‌ڵماسی Free Fire[ئه‌ندروید و ئایفون]نوێ
نووسه‌ری بابه‌ت:Araz Ibrahim دواترین وه‌لام:Araz Ibrahim ژماره‌ی وه‌لامه‌كان:11 جاری بینراو:1786 كات:09-11-2019


هه‌لبژاردنی پله‌
  • 0 ده‌نه‌گه‌كان - 0 كۆی گشتی
  • 1
  • 2
  • 3
  • 4
  • 5
کتێبێکی زۆر گرینگ بۆ فێربونی Metasploit
#1
[وینه‌: metasploit.gif]


سڵاو به‌ڕێزانی هاک بۆ بۆکورد

ئه‌م جاره‌ کتێبێکم بۆ ئاماده‌ کردوون بۆ فێربونی Metasploit

کتێبه‌که‌ به‌زمانی ئینگلیزییه‌و به ‌pdf ه‌ ، ئه‌گه‌ر تۆزێک ئینگلیزی بزایت زۆر سودی ده‌بێت، چونکه‌ به‌زمانێکی ساده‌و ئاسان نوسراوه‌و به‌ئاسانی لێی تێ ده‌گه‌یت..


وه‌ئه‌گه‌ر ده‌ته‌وێت بزانیت ناوه‌ڕۆکی کتێبه‌که‌ له چی پێکهاتوه‌ ؟

فه‌رموو>>> ئه‌مه‌ ناوه‌ڕۆکه‌که‌یه‌تی



1
THE ABSOLUTE BASICS OF PENETRATION TESTING 1
The Phases of the PTES .............................................................................. 2
Pre-engagement Interactions ....................................................................... 2
Intelligence Gathering ................................................................................​. 2
Threat Modeling ................................................................................​......... 2
Vulnerability Analysis ................................................................................​ 3
Exploitation ................................................................................​................ 3
Post Exploitation ................................................................................​........ 3
Reporting ................................................................................​................... 4
Types of Penetration Tests ......................................................................... 4
Overt Penetration Testing ........................................................................... 5
Covert Penetration Testing ......................................................................... 5
Vulnerability Scanners ............................................................................... 5
Pulling It All Together ................................................................................​ 6

2
METASPLOIT BASICS 7
Terminology ................................................................................​............. 7
Exploit ................................................................................​..................... 8
Payload ................................................................................​.................... 8
Shellcode ................................................................................​.................. 8
Module ................................................................................​..................... 8
Listener ................................................................................​..................... 8
Metasploit Interfaces ................................................................................​. 8
MSFconsole ................................................................................​.............. 9
MSFcli ................................................................................​...................... 9
Armitage ................................................................................​.................. 11
viii Contents in Detail
Metasploit Utilities ................................................................................​....12
MSFpayload ................................................................................​............. 12
MSFencode ................................................................................​.............. .13
Nasm Shell ................................................................................​............... .13
Metasploit Express and Metasploit Pro ..................................................... 14
Wrapping Up ................................................................................​............ 14

3
INTELLIGENCE GATHERING 15
Passive Information Gathering .................................................................. 16
whois Lookups ................................................................................​.......... 16
Netcraft ................................................................................​...................... 17
NSLookup ................................................................................​.................. 18
Active Information Gathering ..................................................................... 18
Port Scanning with Nmap .......................................................................... 18
Working with Databases in Metasploit ....................................................... 20
Port Scanning with Metasploit .................................................................... 25
Targeted Scanning ................................................................................​...... 26
Server Message Block Scanning ................................................................. 26
Hunting for Poorly Configured Microsoft SQL Servers ............................... 27
SSH Server Scanning ................................................................................​.. 28
FTP Scanning ................................................................................​.............. 29
Simple Network Management Protocol Sweeping ....................................... 30
Writing a Custom Scanner ........................................................................... 31
Looking Ahead ................................................................................​............ 33

4
VULNERABILITY SCANNING 35
The Basic Vulnerability Scan ......................................................................... 36
Scanning with NeXpose ................................................................................​. 37
Configuration ................................................................................​................. 37
Importing Your Report into the Metasploit Framework .................................. 42
Running NeXpose Within MSFconsole .......................................................... 43
Scanning with Nessus ................................................................................​..... 44
Nessus Configuration ................................................................................​ .....44
Creating a Nessus Scan Policy ........................................................................ 45
Running a Nessus Scan ................................................................................​... 47
Nessus Reports ................................................................................​................ 47
Importing Results into the Metasploit Framework ............................................48
Scanning with Nessus from Within Metasploit ................................................ 49
Specialty Vulnerability Scanners ...................................................................... 51
Validating SMB Logins ................................................................................​.... 51
Scanning for Open VNC Authentication ........................................................... 52
Scanning for Open X11 Servers ........................................................................ 54
Using Scan Results for Autopwning .................................................................. 56


5
THE JOY OF EXPLOITATION 57
Basic Exploitation ................................................................................​......58
msf> show exploits ................................................................................​....58
msf> show auxiliary ................................................................................​..58
Contents in Detail ix
msf> show options ................................................................................​.... 58
msf> show payloads ................................................................................​.. 60
msf> show targets ................................................................................​..... .62
info ................................................................................​............................. 63
set and unset ................................................................................​............... 63
setg and unsetg ................................................................................​............ 64
save ................................................................................​.............................. 64
Exploiting Your First Machine ..................................................................... 64
Exploiting an Ubuntu Machine ..................................................................... 68
All-Ports Payloads: Brute Forcing Ports ........................................................ 71
Resource Files ................................................................................​................72
Wrapping Up ................................................................................​..................73

6
METERPRETER 75
Compromising a Windows XP Virtual Machine ................................. 76
Scanning for Ports with Nmap ................................................................76
Attacking MS SQL ................................................................................​ 76
Brute Forcing MS SQL Server ................................................................78
The xp_cmdshell ................................................................................​... 79
Basic Meterpreter Commands ............................................................. 80
Capturing Keystrokes .......................................................................81
Dumping Usernames and Passwords .................................................. 82
Extracting the Password Hashes .......................................................... 82
Dumping the Password Hash ............................................................... 83
Pass the Hash ................................................................................​........84
Privilege Escalation ................................................................................​.85
Token Impersonation ..............................................................................87​
Using ps ................................................................................​................. 87
Pivoting onto Other Systems ..................................................................89
Using Meterpreter Scripts .......................................................................92
Migrating a Process .............................................................................. 92
Killing Antivirus Software ...................................................................... 93
Obtaining System Password Hashes ........................................................93
Viewing All Traffic on a Target Machine ............................................ 93
Scraping a System ................................................................................​..93
Using Persistence ................................................................................​...94
Leveraging Post Exploitation Modules ...................................................95
Upgrading Your Command Shell to Meterpreter ....................................95
Manipulating Windows APIs with the Railgun Add-On ........................97
Wrapping Up ................................................................................​..........97

7
AVOIDING DETECTION 99
Creating Stand-Alone Binaries with MSFpayload ................................... 100
Evading Antivirus Detection .................................................................. 101
Encoding with MSFencode ................................................................. 102
Multi-encoding ................................................................................​.... 103
Custom Executable Templates ................................................................ 105
Launching a Payload Stealthily................................................................. 106
x Contents in Detail
Packers ................................................................................​............. 107
A Final Note on Antivirus Software Evasion ........................................... 108

8
EXPLOITATION USING CLIENT-SIDE ATTACKS 109
Browser-Based Exploits ................................................................................​ 110
How Browser-Based Exploits Work ............................................................ 111
Looking at NOPs ................................................................................​..... 112
Using Immunity Debugger to Decipher NOP Shellcode .................................. 112
Exploring the Internet Explorer Aurora Exploit ......................................... 116
File Format Exploits ............................................................................. 119
Sending the Payload ............................................................................... 120
Wrapping Up ................................................................................​..121

9
METASPLOIT AUXILIARY MODULES 123
Auxiliary Modules in Use ......................................................... 126
Anatomy of an Auxiliary Module ..................................................128
Going Forward ............................................................................... 133

10
THE SOCIAL-ENGINEER TOOLKIT 135
Configuring the Social-Engineer Toolkit ........................................... 136
Spear-Phishing Attack Vector ........................................................... 137
Web Attack Vectors ........................................................................ 142
Java Applet ................................................................................​..... 142
Client-Side Web Exploits .................................................................... 146
Username and Password Harvesting ................................................ 148
Tabnabbing ................................................................................​... 150
Man-Left-in-the-Middle ................................................................. 150
Web Jacking ................................................................................​..... 151
Putting It All Together with a Multipronged Attack ............................ 153
Infectious Media Generator ........................................................................ 157
Teensy USB HID Attack Vector ............................................................ 157
Additional SET Features ................................................................... 160
Looking Ahead ............................................................................... 161

11
FAST-TRACK 163
Microsoft SQL Injection ...................................................................... 164
SQL Injector—Query String Attack .......................................... 165
SQL Injector—POST Parameter Attack ........................................ 166
Manual Injection ................................................................................​ 167
MSSQL Bruter ................................................................................​.. 168
SQLPwnage ................................................................................​..... 172
Binary-to-Hex Generator .................................................................... 174
Mass Client-Side Attack ...................................................................... 175
A Few Words About Automation ...................................................... 176
Contents in Detail xi

12
KARMETASPLOIT 177
Configuration ................................................................................​.... 178
Launching the Attack ......................................................................... 179
Credential Harvesting ................................................................... 181
Getting a Shell ................................................................................​.... 182
Wrapping Up ................................................................................​...... 184

13
BUILDING YOUR OWN MODULE 185
Getting Command Execution on Microsoft SQL .................................. 186
Exploring an Existing Metasploit Module .............................................. 187
Creating a New Module ........................................................................ 189
PowerShell ................................................................................​............. 189
Running the Shell Exploit .......................................................................... 190
Creating powershell_upload_exec ............................................................. 192
Conversion from Hex to Binary ................................................................. 192
Counters ................................................................................​................ 194
Running the Exploit ................................................................................​.. 195
The Power of Code Reuse ......................................................................... 196

14
CREATING YOUR OWN EXPLOITS 197
The Art of Fuzzing ................................................................................​... 198
Controlling the Structured Exception Handler .............................................. 201
Hopping Around SEH Restrictions .......................................................... 204
Getting a Return Address ................................................................... 206
Bad Characters and Remote Code Execution ........................................ 210
Wrapping Up .............................................................................. 213

15
PORTING EXPLOITS TO THE METASPLOIT FRAMEWORK 215
Assembly Language Basics ............................................................... 216
EIP and ESP Registers ............................................................... 216
The JMP Instruction Set ................................................................... 216
NOPs and NOP Slides ................................................................ 216
Porting a Buffer Overflow ................................................................. 216
Stripping the Existing Exploit ....................................................... 218
Configuring the Exploit Definition ................................................. 219
Testing Our Base Exploit ............................................................ 220
Implementing Features of the Framework .................................... 221
Adding Randomization ................................................................. 222
Removing the NOP Slide ............................................................... 223
Removing the Dummy Shellcode ..................................................... 223
Our Completed Module ............................................................... 224
SEH Overwrite Exploit ....................................................................... 226
Wrapping Up ................................................................................​ 233
xii Contents in Detail

16
METERPRETER SCRIPTING 235
Meterpreter Scripting Basics ............................................................... 235
Meterpreter API .............................................................................. 241
Printing Output ................................................................................​. 241
Base API Calls ................................................................................​........ 242
Meterpreter Mixins ................................................................................​.. 242
Rules for Writing Meterpreter Scripts ..................................................... 244
Creating Your Own Meterpreter Script ................................................... 244
Wrapping Up ................................................................................​........... 250

17
SIMULATED PENETRATION TEST 251
Pre-engagement Interactions ..................................................................... 252
Intelligence Gathering .............................................................................. 252
Threat Modeling ................................................................................​........ 253
Exploitation ................................................................................​.......... 255
Customizing MSFconsole ......................................................................... 255
Post Exploitation ................................................................................​... 257
Scanning the Metasploitable System ...................................................... 258
Identifying Vulnerable Services .............................................................. 259
Attacking Apache Tomcat ........................................................................ 260
Attacking Obscure Services .................................................................... 262
Covering Your Tracks .............................................................................. 264
Wrapping Up ................................................................................​..... 266

A
CONFIGURING YOUR TARGET MACHINES 267
Installing and Setting Up the System .................................................. 267
Booting Up the Linux Virtual Machines ............................................. 268
Setting Up a Vulnerable Windows XP Installation ................................... 269
Configuring Your Web Server on Windows XP ................................ 269
Building a SQL Server ..................................................................... 269
Creating a Vulnerable Web Application ............................................. 272
Updating Back|Track ..................................................................... 273

B
CHEAT SHEET 275
MSFconsole Commands .......................................................... 275
Meterpreter Commands ............................................................... 277
MSFpayload Commands ............................................................. 280
MSFencode Commands ............................................................... 280
MSFcli Commands ................................................................................​.. 281
MSF, Ninja, Fu ................................................................................​.... 281
MSFvenom ................................................................................​............ 281
Meterpreter Post Exploitation Commands ........................................... 282



بۆ سه‌یرکرنی کتێبه‌که‌ به‌ online کلیک >>> لێره‌ <<< بکه‌

بۆ داگرتنی کتێبه‌که‌ش >>>ئێره‌<<< کلیک بکه‌

دواین 10 بابه‌ته‌كان
وه‌ڵام
#2
ده‌ست خۆش
دواین 10 بابه‌ته‌كان

مه‌كته‌ب وازناهێنێت !
وه‌ڵام
#3
ده ســــــــــت خوش
دواین 10 بابه‌ته‌كان

                 

                       ئەگــــەرناچارم بــــکەیت بـــــەهـــــەڵە

                       بەتوندترین شیێوە وەڵامت ئه ده مــه وه

وه‌ڵام
#4
زۆرسوپاس کاک دارا، به‌هیوای سودبینین....

(08-12-2012, 07:29 PM)hemnrez نوسراوه:  ده ســــــــــت خوش

زۆر سوپاس برام

وه‌ڵام
#5
ده‌ست خۆش به‌سوده‌

دواین 10 بابه‌ته‌كان
وه‌ڵام
#6
زۆر سوپاس برام Hero BacK|TracK

وه‌ڵام
#7
دەستخۆش برام کتێبێکی بەسوودە .
دواین 10 بابه‌ته‌كان

www.h4kurd.com
وه‌ڵام
#8
سوپاس هاوڕێیانHeart به‌هیوای سودبینین

وه‌ڵام
#9
ده‌ست خۆش برام
دواین 10 بابه‌ته‌كان

تكایه‌ په‌یام مه‌نێرن براده‌رینه‌ من ماوه‌یه‌كی زۆره‌ وازم هێناوه‌ له‌ هاك و له‌ هه‌موو یانه‌یه‌ك ببورن له‌گه‌ڵ رێز و خۆشه‌ویستیم بۆ یه‌كه‌ به‌ یه‌كه‌تان
وه‌ڵام
#10
ده‌ست خوش
دواین 10 بابه‌ته‌كان

شارەکەم مەصیف ♥
وه‌ڵام


برۆ بۆ :


ئه‌ندامه‌كانی ئه‌م بابه‌ته‌یان کردۆته‌وه‌: 1 مێوان