CEHv10 M0 Introduction.pptx

93 views 63 slides Nov 03, 2022
Slide 1
Slide 1 of 63
Slide 1
1
Slide 2
2
Slide 3
3
Slide 4
4
Slide 5
5
Slide 6
6
Slide 7
7
Slide 8
8
Slide 9
9
Slide 10
10
Slide 11
11
Slide 12
12
Slide 13
13
Slide 14
14
Slide 15
15
Slide 16
16
Slide 17
17
Slide 18
18
Slide 19
19
Slide 20
20
Slide 21
21
Slide 22
22
Slide 23
23
Slide 24
24
Slide 25
25
Slide 26
26
Slide 27
27
Slide 28
28
Slide 29
29
Slide 30
30
Slide 31
31
Slide 32
32
Slide 33
33
Slide 34
34
Slide 35
35
Slide 36
36
Slide 37
37
Slide 38
38
Slide 39
39
Slide 40
40
Slide 41
41
Slide 42
42
Slide 43
43
Slide 44
44
Slide 45
45
Slide 46
46
Slide 47
47
Slide 48
48
Slide 49
49
Slide 50
50
Slide 51
51
Slide 52
52
Slide 53
53
Slide 54
54
Slide 55
55
Slide 56
56
Slide 57
57
Slide 58
58
Slide 59
59
Slide 60
60
Slide 61
61
Slide 62
62
Slide 63
63

About This Presentation

CEH USED FOR

Size: 6.31 MB
Language: en
Added: Nov 03, 2022
Slides: 63 pages

Slide Content

CEH / Certified EC- Council Instructor : Yasser Ramzy Auda

Yasser Ramzy Auda EC Council CEHv6 Certified Ethical Hacker CEI Certified EC-Council Instructor Cisco CCIE # 45694 Certified Internetwork Expert - Routing and Switching CCIE Certified Internetwork Expert – Security (written exam) CCSI # 34215 Cisco Certified System Instructor CCNP R&S , CCNP Security Microsoft MCSE Since NT4.0 to 2012 MCT Microsoft Certified Trainer Others VCP-NV VMware Certified Professional – Network Virtualization IPv6 Forum Certified Engineer (Silver) CompTIA Linux + ITIL CISSP

https://www.eccouncil.org/programs/certified-ethical-hacker-ceh/

CEHv10 Official Outline Module 00 Course Introduction Module 01: Introduction to Ethical Hacking Module 02: Footprinting and Reconnaissance Module 03: Scanning Networks Module 04: Enumeration Module 05: Vulnerability Analysis Module 06: System Hacking Module 07: Malware Threats Module 08: Sniffing Module 09: Social Engineering Module 10: Denial-of-Service Module 11: Session Hijacking Module 12: Evading IDS, Firewalls, and Honeypots Module 13: Hacking Web Servers Module 14: Hacking Web Applications Module 15: SQL Injection Module 16: Hacking Wireless Networks Module 17: Hacking Mobile Platforms Module 18: IoT Hacking Module 19: Cloud Computing Module 20: Cryptography

Our CEH Course Outline Module 00 TCP-IP/OSI/ Virulization / kail Module 01 Introduction to Ethical Hacking Module 02 Footprinting and Reconnaissance Module 03 Scanning Network Module 03 NMAP & Wireshark Module 18 Cryptography Module 06 Malware Threats Module 06 Malware Forensic & Petya Module 04 Enumeration Module 04 OS CLI& Netcat Module 04 Metasploit Module 08 Social Engineering Module 05 System Hacking Module 07 Sniffing Module 09 Denial-of-Service Module 10 Session Hijacking Module 15 Hacking Mobile Platforms Module 16 Evading IDS, Firewalls and Honeypots Module 17 Cloud Computing Module 14 Hacking Wireless Networks Module 11 Hacking Webservers Module 12 Hacking Web Applications Module 13 Introduction to MYSQL Module 13 SQL Injection

CEHv10 M1 Introduction to Ethical Hacking CEHv10 M2 Footprinting CEHv10 M3 Scanning Network CEHv10 M4 Enumeration CEHv10 M20 Cryptography CEHv10 M7 Malware Threats CEHv10 M9 Social Engineering CEHv10 M6 System Hacking CEHv10 M10 Denial-of-Service CEHv10 M7 Sniffing CEHv10 M11session Hijacking CEHv10 M12 Hacking Webservers CEHv10 M13 Hacking Web Applications CEHv10 M14 SQL Injection CEHv10 M16 Evading IDS, Firewalls and Honeypots CEHv10 M14 Wireless CEHv10 M17 Cloud CEHv10 M15 Hacking Mobile Platforms nmap Wireshark Metasploit NetCat OS Cli Introduction To Cisco IOS TCP-IP/OSI/ Virtualization / kail Introduction to MYSQL

https://ilabs.eccouncil.org/store/

Win 8.1 vm Win Server 2012 R2 VM AD DS/DNS Kali 2.0 VM Vmnet8 Switch Metasploitable VM Cisco R&S GNS3/EVE Cloud Internet Host Machine XMAPP DVWA v1.8 Fire Fox sqlitestudio Android VM bare metal VM used for: Turnkey Linux word press Kali 1 bee-boxv1.6 Pen Testing & Ethical Hacking Training Lab

Kali 2.0 VM Vmnet8 Switch Metasploitable VM Cisco R&S GNS3/EVE/VIRL Cloud Internet External Targets www.cbtme.com www.certifiedhacker.com www.eccouncil.org hackthissite.org Yasser Ramzy Auda

Windows server 2012 VM IP address 192.168. 3 .12/24 DG 192.168. 3 .2/24 DNS: 127.0.0.1 & 8.8.8.8 Username Full name Password administrator p@ssw0rd Jack Jack Reacher  wolf Pierce Pierce Brosnan apple Jennifer Jennifer Joanna Aniston cat Username Full name Password simon Simon Templar cisco Jack Jack Daniel's great Computer name Domain name DC1 IJWT.local Windows 8 VM IP address192.168. 3 .8/24 DG 192.168. 3 .2/24 DNS: 192.168. 3 .12 & 8.8.8.8 Computer name Domain name DC1 IJWT.local

Kali 2 VM Dynamically getting IP address from vmnet8 DHCP from subnet 192.168. 3 .0/24 starting with .128 Metasploitable VM Dynamically getting IP address from vmnet8 DHCP from subnet 192.168. 3 .0/24 starting with .128 Android VM Dynamically getting IP address from vmnet8 DHCP from subnet 192.168. 3 .0/24 starting with .128 Username Full name Password root toor yasser Yasser Auda moon Username Full name Password msfadmin msfadmin Computer name kali Computer name metasploitable

Windows server 2012 VM Pre-Configuration Firewall disabled Automatic update disabled Internet Explorer Enhanced Security disabled Telnet client , Telnet server , TFTP client , SNMP service installed Domain Default GPO tuned to accept passwords as the following: Minimum password length: set to 3 characters Password must meet complexity requirements: Disabled Windows 8 VM Pre-Configuration Firewall disabled Automatic update disabled VMware Tools installed Windows Defender disabled VMware Tools installed

Win 8.1 vm Win Server 2012 R2 VM AD DS/DNS Kali 2.0 VM Vmnet8 Switch Metasploitable VM Cisco R&S GNS3/EVE Cloud Internet Host Machine XMAPP DVWA v1.8 Fire Fox sqlitestudio Android VM bare metal VM used for: Turnkey Linux word press Kali 1 bee-boxv1.6 CEH/CHFI/CND Training Lab CHFI VM AlienVault ® OSSIM CND VM

Time to answer some questions & build the basics

Are you Familiar with Virtualization ? Virtualization commonly used & consider one of the main components in : Cloud Data Centers

Virtualization Virtual Machines

A hypervisor or virtual machine monitor ( VMM ) is a piece of computer software, firmware or hardware that creates and runs virtual machines . emulate resources so VM OS believe he had physical Hardware Type 1 bare-metal hypervisor communicate VM OS to host HW host has no OS Ex: VMware ESXI , Hyper-v standalone Type 2 hypervisor host has OS and stand as layer between hypervisor and real hardware Ex: VMware workstation ,Hyper-v in win8,10,2012,2016

Are you Familiar with Linux OS ?

Linux platforms Servers Desktops Embedded (non-computer) devices Popular distros Ubuntu Red Hat Enterprise Fedora SUSE Debian Slackware …many others Distro = Linux Distribution www.distrowatch.com to download any distro I386,x86,i686,x86-32-64 For our Intel machine choose i386

Debian Based on: Independent Origin: Global Architecture: armel, hppa, ia64, i386, mips, mipsel, powerpc, s390, sparc64, x86_64 Desktop: AfterStep, Blackbox, Fluxbox, GNOME, IceWM, KDE, LXDE, Openbox, WMaker, Xfce Category: Desktop, Live Medium, Server

You can use Gparted GUI application to manage hard disks File systems Windows: NTFS, FAT32 Removable media: FAT/VFAT, FAT32 Linux: Ext2 (older rarely used) Ext3 (journaling FS, common used , log changes before writing them to FS) Ext4 (new FS , where volume up to 1 Exabyte and files up to 1 Terabyte ) JFS IBM not common used Reiser (or ReiserFS) openSUSE XFS RedHat Partitions you will need at least two partitions: Root (Store OS,App,Data ) Swap (work like pagefile.sys on windows )

KDE Xfce

Linux File system hierarchy standard

Some folders come with the system like : / root directory , all other directories branch from it . /bin system commands & binaries like cp,ls,mount / sbin similar to /bin but contain programs run by admin like fdisk / boot files related to boot loader like GRUB/LILO ( ntldr , bootmgr in winxp & 7) / dev partition ,devices files like printers (all hw devices act as files on linux , these files are there ) / etc computer configuration / home users files and profiles except root (administrator) profile / root root files and profiles (administrator) profile /lib programming libraries /lib/modules have kernel modules drives / mnt temp mounting points used some time to mount removable media on it / tmp temp folder / var system logs , print spool , mail files / usr come with subdirectories with users names /media like / mnt but come with /media/ floopy /media/ cdrom / proc its virtual filesystem created dynamically to provide access to certin types of hw info example : cat / proc / cpuinfo , all other info about hardware resources.

Generally, the system for labeling drives starts with: hda hdb hdc etc. The letters " hd " stand for  h ard  d rive, and the following letter is the order with which they are mounted. With newer hard drives (SATA), Linux designates them with: sda sdb sdc etc. The "s" is a legacy from SCSI drives. Partitions within those drives are then designated with numbers after the letters such as sda1, sda2, sda3, etc.

Bash Shell Managing & Navigation directories Creating: mkdir Renaming: mv Deleting: rmdir yasser@debian :~$ pwd /home/ yasser yasser@debian :~$ ls Desktop Documents Downloads Music Pictures Public Templates Videos yasser@debian :~$ cd Desktop yasser@debian :~/Desktop$ mkdir folder1 yasser@debian :~/Desktop$ mv folder1 sales yasser@debian :~/Desktop$ yasser@debian :~/Desktop$ rmdir sales yasser@debian :~/Desktop$ rmdir –p hi/ml/de yasser@debian :~/Desktop$ rmdir --help

r is 4 w is 2 x is 1 Above file ,group and everyone else permission number is 755

Difference Between Sudo and Su in Linux

Are you Familiar with Kali 2.0 [aka Backtrack] ?

https://www.kali.org/ https://kali.training/ https://tools.kali.org/tools-listing https://www.offensive-security.com/ https://fossbytes.com/10-best-operating-systems-for-ethical-hacking-and-penetration-testing-2016/

Are you Familiar with Metasploitable ?

Metasploitable is an intentionally vulnerable Linux virtual machine. This VM can be used to conduct security training, test security tools, and practice common penetration testing techniques. https://sourceforge.net/projects/metasploitable/ Boot-to-Root Virtual Machines Creating a virtual machine hacking challenge , is just means creating Windows or Linux VM with many Vulnerabilities then challenge you to exploit it to hack that system. Such as Metasploitable , pWnOS , Badstore & De-ICE We call this VM "Boot2Root virtual machine" Boot-to-Root Virtual Machines https://www.vulnhub.com/ https://www.turnkeylinux.org/wordpress https://sourceforge.net/projects/bwapp/files/bee-box/

Are you Familiar with OSI Model & TCP-IP ?

What is protocol ? A network protocol is a standard set of rules that determines how systems will communicate across networks.

What is segment? What is packet ? What is frame ? what is Protocol Data Unit PDUs? What is encapsulation ? What is de encapsulation ? What is TCP-IP? What is TCP/UDP header? What is IP header? What is Ethernet header? What is checksum? What is CRC? 7 6 5 4 3 2 1 Open Systems Interconnection Reference Model

The session layer establishes, manages, and terminates sessions between two communicating hosts. The session layer also synchronizes dialog between the presentation layers of the two hosts and manages their data exchange. For example, web servers have many users, so there are many communication processes open at a given time. Therefore, it is important to keep track of which user communicates on which path.

Your web browser is an application that operates at the application layer. After you enter an address in the address bar, the browser passes data (an HTTP “GET” request) to the application layer. When the application layer passes the data to the transport layer, the transport layer may split the data into segments (if the amount of data is deemed large enough). The transport layer adds a TCP header to the segment, encapsulating it in TCP. If there are multiple segments, TCP sequences them so the data stream can be reassembled when it reaches its destination. The segment is then passed to the Internet layer, where it receives an IP header to encapsulate it as an IP packet. The IP header contains source and destination IP addresses, which will enable the data to be properly routed to the destination. The Internet layer may also break a large packet into smaller fragments, then the fragments are reassembled at the Internet layer at the destination system. When the IP packet reaches the link layer, it is encapsulated in an Ethernet frame, which contains the hardware, or MAC, addresses of the source and destination computers. The frame is then transmitted in the form of bits onto the physical network. At the destination, the process is reversed. As information in each header is read, the header is stripped and the remaining data is sent up to the next layer.

IP header

Version: A 4-bit field that identifies the IP version being used. Version is 4 referred to as IPv4. IP Header length: A 4-bit field containing the length of the IP header. The minimum length of an IP header is 20 bytes. Type of service: The 8-bit ToS field traditionally uses 3 bits for IP Precedence. The newer redefinition of the ToS field uses a 6-bit DSCP field and a 2-bit ECN field to identify the level of service a packet receives in the network. Total length: Specifies the length of the IP packet that includes the IP header and the user data. The length field is 2 bytes, so the maximum size of an IP packet is 65,535 bytes. Identifier, flags, and fragment offset: As an IP packet moves through the Internet, it might need to cross a route that cannot handle the size of the packet. The packet will be divided, or fragmented, into smaller packets and reassembled later. These fields are used to fragment and reassemble packets. Time to live: It is possible for an IP packet to roam aimlessly around the Internet. If there is a routing problem or a routing loop, then you don't want packets to be forwarded forever. A routing loop is when a packet is continually routed through the same routers over and over. The TTL field is initially set to a number and decremented by every router that is passed through. When TTL reaches 0, the packet is discarded. Protocol: In the layered protocol model, the layer that determines which application the data is from or which application the data is for is indicated using the Protocol field. This field does not identify the application, but identifies a protocol that sits above the IP layer that is used for application identification. For example, protocol number 1 = ICMP , 6 = TCP, 17 = UDP.

Ports Numbers http://media.packetlife.net/media/library/23/common_ports.pdf https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers C:\Windows\System32\drivers\etc\services

16-bit integers, ranging from 0 to 65535 IP address + port number = socket A socket address is the combination of an IP address and a port number

http://www.iana.org/assignments/ethernet-numbers/ethernet-numbers.xhtml

Are you Familiar with Microsoft AD ,GPO ?

So , Lets Begin
Tags
Categories
General
Download
Download Slideshow Get the original presentation file
Quick Actions
Statistics
  • Views 93
  • Slides 63
  • Age 1124 days
Related Slideshows
Pray For The Peace Of Jerusalem and You Will Prosper 22
Pray For The Peace Of Jerusalem and You Will Prosper
RodolfoMoralesMarcuc
30 views
Don_t_Waste_Your_Life_God.....powerpoint 26
Don_t_Waste_Your_Life_God.....powerpoint
chalobrido8
32 views
VILLASUR_FACTORS_TO_CONSIDER_IN_PLATING_SALAD_10-13.pdf 31
VILLASUR_FACTORS_TO_CONSIDER_IN_PLATING_SALAD_10-13.pdf
JaiJai148317
30 views
Fertility awareness methods for women in the society 14
Fertility awareness methods for women in the society
Isaiah47
29 views
Chapter 5 Arithmetic Functions Computer Organisation and Architecture 35
Chapter 5 Arithmetic Functions Computer Organisation and Architecture
RitikSharma297999
26 views
syakira bhasa inggris (1) (1).pptx....... 5
syakira bhasa inggris (1) (1).pptx.......
ourcommunity56
28 views
View More in This Category