CEHv8 Module 00

E thical H acking and C o u n te rm e a su re s
W e lc o m e t o C e rtifie d E th ica l H a cke r Class
Exam 3 1 2 -5 0 C e rtifie d E th ica l H acker
T A W c D 0 lU n
w w w .ta k e d o w n c o n .c o m
T A K E D 0 1 U I1
is a h a c k in g c o n fe re n c e th a t w a s co n c e iv e d by o u r m e m b e rs !
EC -C ouncil h a s b e e n flo o d e d w ith re q u e s ts to ta k e o u r w o rld -c la s s c o u rs e s o n th e ro a d !
W e have a n s w e re d th e c a ll a n d c re a te d T a keD ow nC on!
T h is c o n fe re n c e w ill be fo c u s e d on th e le a rn e r a n d w ill fe a tu re
s e v e ra l C e rtific a tio n & C e rtific a te T ra in in g c o u rs e s fo r A d va n ce d P ra c titio n e rs !
TTAKEDC
A K O O U JH
w ill h o s t E C -C ouncil's s o u g h t a fte r H a ckin g , F o ren sics a n d Pen T est c o u rs e s ,
C e rtifie d W ire le s s S e c u rity P ro fe ssio n a l, a n d s e v e ra l h ig h ly te c h n ic a l a n d a d v a n c e d w o rk s h o p s
w h ic h w ill c o v e r c u r re n t a n d im p o rta n t s e c u rity to p ic s s u c h a s a d v a n c e d p e n e tra tio n te s tin g ,
c ry p to g ra p h y , n e tw o rk d e fe n s e , a p p lic a tio n s e c u rity a n d m o b ile fo re n s ic s .
A t T A K C D O llin
th e le a rn in g d o e s n 't s to p w h e n th e tra in in g e n d s l
W e h a ve lin e d up a lis t o f s o u g h t a fte r in d u s try p ra c titio n e rs a n d
s u b je c t m a tte r e x p e rts th a t w ill p re s e n t re le v a n t a n d im p le m e n ta b le to p ic s !
For more information, about TAKEDOllin
please visitit w w w .ta k e d o w n c o n .c o m
&j 11^:•jp_ _
■
*.\
H acker H alted
w w w .h a c k e rh a lte d .c o m
.
1
i
* I i
*‫•־‬
S ince 2 0 0 4 EC-Council ha s ho ste d 2 0 H acker H alted e ve n ts a cro ss fo u r c o n tin e n ts and
in c itie s s u c h as M y rtle B each, M ia m i, D ubai, S ingap ore , H ong Kong, M exico City,
Tokyo, K uala Lum pur, G uangzhou, Taiper a n d Cairo.
H acker H alted N o rth A m erica w ill be held in M ia m i fo r th e 3 rd ye a r in a row an d
ba sed on p a s t h is to ry is su re to b o a st an a m a z in g tu rn o u t o f In fo rm a tio n S e cu rity P rofe ssionals!
H acker H alted is m o re th a n ju s t a c o n fe re n c e eve nt; p ra c titio n e rs tra v e l fro m all over th e w orld
to a tte n d o u r w o rld -c la s s tra in in g , ga in p ra c tic a l k n o w le d g e fro m o u r e x p e rt p re s e n te rs and
g e t a preview o f th e la te s t te c h n o lo g ie s an d In fo rm a tio n S e c u rity to o ls
w h ic h w ill be sh o w ca se d by o u r e x h ib ito rs an d p a rtn e rs .
For more information, about Hacker Halted please visit
E th ica l H ackin g a nd C o u n te rm e a s u re s C o p y rig h t © by EC-COUDCil
A ll Rights R eserved. R e p ro d u c tio n is S tric tly P ro h ib ite d .
E thical H acking and C o u n te rm e a su re s
W e lc o m e t o C e rtifie d E th ica l H a cke r Class
Exam 3 1 2 -5 0 C e rtifie d E th ica l H acker
V A M P IR E
w w w .v a m p ire te c h .c o m
Is yo u r w ebsite vulne rab ly to an attack? Could hackers e xp lo it a small weakness in you r w ebsite and o b tain access
to sensitive com pany info rm atio n?
VampireScan allow s users to test th e ir ow n Cloud and W eb ap plication s against advanced attacks and receive
actionable results all w ith in th e ir ow n Web portal. O ur easy to use on lin e p o rta l w ill sim ply ask you fo r th e URL o f
your w e b application, fro m there, o u r Services d o th e rest.
For a lim ite d tim e, VampireTech is offering its Baseline Scan free o f charge to q u alified custom ers. This en titles you
to one Free H ealth Check fo r one do m a in u tiliz in g o u r Baseline Scan. This Scan w ill test fo r Cross-site S cripting
V ulnerabilities, Non-SSL Passwords, and Password A utoco m plete.
A
r
f c
V
Global CISO Executive Summit
Be on th e fo re fro n t o f a ne w g lo b a l in itia tiv e w here today's w orld-class leaders in in fo rm a tio n security w ill g a th e r to
na vig ate th ro u g h in te rn a tio n a l waters. Join these leaders as th e y fo llo w th e w in d o f change th a t is sw eeping th ro u g h
th e IS c o m m u n ity m o tiv a tin g today's in fo rm a tio n guardians to d e velop a new w ay o f th in k in g to ensure success in
p ro te c tin g th e ir respective organizations.
The goal o f EC-Council's Global CISO Forum is to create an op en p la tfo rm fo r to p in fo rm a tio n security executives to
discuss th e ir successes, failures, obstacles, and challenges. The open conversation w ill lead to th e creation o f
a c tio n a b le item s th a t can be discussed and ap p lie d to th e organiza tion.
For M o re Inform ation A b o u t CISO Executive S u m m it Please Visit: w w w .e cco u n c il.o rg /re so u rce s/ciso -e xe cu tlv e -su m m it.a sp x
E th ica l H ackin g a nd C o u n te rm e a s u re s C o p y rig h t © by EC-COUDCil
A ll Rights R eserved. R e p ro d u c tio n is S tric tly P ro h ib ite d .
E thical H acking and C o u n te rm e a su re s
W e lc o m e t o C e rtifie d E th ica l H a cke r Class
Exam 3 1 2 -5 0 C e rtifie d E th ica l H acker
H o w to D o w n lo a d M y C E H v 8 E - C o u r s e w a r e a n d A d d itio n a l
L a b M a n u a ls ?
P le a s e f o l l o w t h e s t e p s b e l o w to d o w n l o a d y o u r C EH v8 e - c o u r s e w a r e a n d
a d d i t i o n a l la b m a n u a l.
S t e p 1:
Visit: https://academ ia.eccouncil.org. If you have an account already, skip to Step 4.
S t e p 2:
Click Register and fill out the registration form.
S te p 3:
Using the email you provided in step 2, follow the instructions in the auto-generated
email to activate your Academ ia Portal account.
S t e p 4:
Login using your Username and Password.
S t e p 5:
Once successfully logged in, expand the About A cadem ia navigation menu and select
A ccess Code.
S t e p 6:
Enter the access code provided to you to redeem access to the CEH V8 e-Courseware
and Lab Manuals.
Access Code: XXXXXXXXXXXXXXXX
S te p 8:
Once redeemed, expand the C ourses menu and select iLearn - PDF C oursew are - The
resulting page will list your CEH v8 e-Courseware and Lab Manuals.
S u p p o rt:
E-mail support is available from academia(5>eccouncil.org.
S y s te m R e q u ire m e n ts :
Visit https://academ ia.eccouncil.ore/AboutAcadem ia/W hatisiLearn.aspx to view the
system requirements.
E th ica l H ackin g a nd C o u n te rm e a s u re s C o p y rig h t © by EC-C0UIICil
A ll Rights R eserved. R e p ro d u c tio n is S tric tly P ro h ib ite d .
E thical H acking and C o u n te rm e a su re s
W e lc o m e t o C e rtifie d E th ica l H a cke r Class
Exam 3 1 2 -5 0 C e rtifie d E th ica l H acker
D o w n lo a d C la s s C e r t if ic a t e o f A t t e n d a n c e
IC -C o u n c il
T H I S IS T O A C K N O W L E D G E T H A T
H A S SUCCESSFULLY C O M P L E T E D A C O U K S E O N
A T A N E C - C O U N C IL A C C R E D IT E D T R A IN IN G
I n s tru c to r
CENTER
D ate
T R A IN IN G C E N T E R :
h ttp ://w w w .e cco u n cil.o rg
EC‫־‬C011ncil
Please fo llo w the below stated steps to dow nload digital copy (PDF format) of your class
certificate of attendance.
Step 1: W a it until the class is over (the last of the class).
Step 2: Visit http://w w w .eccouncil.org/eval.
Step 3: Com plete the course evaluation form (please com plete all the fields in the form correct e-mail address is required).
Step 4: Evaluation code is required to subm it the form. See the attached code.
Step 5: Submit the form.
Step 6: A w eb link will be sent to you to dow nload your PDF copy of the certificate.
C o u r s e E v a l u a t i o n C o d e : *‫* ״‬CEH‫” ” ”* ” ־‬
E th ica l H ackin g a nd C o u n te rm e a s u re s C o p y rig h t © by EC-COIMCil
A ll Rights R eserved. R e p ro d u c tio n is S tric tly P ro h ib ite d .
E t h i c a l
C
H
a c k i n g
o u n t e r m
a n d
e a s u r e s
Version 8
E thical H acking and C o u n te rm e a su re s
W e lc o m e t o C e rtifie d E th ica l H a cke r Class
Exam 3 1 2 -5 0 C e rtifie d E thical H acker
E C -C o u n c il
Copyright © 2013 by EC-Council. All rights reserved. Except as permitted under the Copyright Act
o f 1976, no part o f this publication may be reproduced or distributed 111 any form or by any means,
or stored 111 a database or retrieval system, without the prior written permission o f the publisher,
with the exception that the program listings may be entered, stored, and executed 111 a computer
system, but they may not be reproduced for publication.
Inform ation has been obtained by EC-Council from sources believed to be reliable. EC-Council
uses reasonable endeavors to ensure that the content is current and accurate, however, because of
the possibility ot human or mechanical error we do not guarantee the accuracy, adequacy, or
completeness ot any information and are not responsible for any errors or omissions or the accuracy
o f the results obtained from use o f such information.
The courseware is a result o f extensive research and contributions from subject matter experts from
the field from all over the world. Due credits for all such contributions and references are given in
the courseware in the research endnotes. We are committed towards protecting intellectual
property. If you are a copyright owner (an exclusive licensee or their agent), and if vou believe
that any part o f the courseware constitutes an infringement o f copyright, or a breach o f an agreed
licence or contract, you may notify us at legal@ eccouncil.org. 111 the event o f a justified complaint,
EC-Council will remove the material 111 question and make necessary rectifications.
The courseware may contain references to other information resources and security solutions, but
such references should not be considered as an endorsement o f or recommendation by EC-Council.
Readers are encouraged
at legal@ eccouncil.org.
to
report
errors,
omissions
and
inaccuracies
to
EC-Council
If vou have any issues, please contact support@ eccouncil.org.
E th ica l H ackin g a nd C o u n te rm e a s u re s C o p y rig h t © by EC-COUDCil
A ll Rights R eserved. R e p ro d u c tio n is S tric tly P ro h ib ite d .
E thical H acking and C o u n te rm e a su re s
W e lc o m e t o C e rtifie d E th ica l H a cke r Class
Exam 3 1 2 -5 0 C e rtifie d E th ica l H acker
F o r e w
o r d
Since you are reading this CEHv8 courseware, you most likely realize the im portance of
inform ation systems security. However, we would like to put forth our motive behind compiling
a resource such as this one and w hat you can gain from this course.
You might find yourself asking w hat sets this course apart from the others out there. The truth
is that no single courseware can address all the issues of inform ation security in a detailed
manner. M oreover, the rate at which exploits, tools, and m ethods are being discovered by the
security c om m un ity makes it difficult for one program to cover all the necessary facets of
inform ation security. This doesn't mean that this course is inadequate in any way as we have
worked to cover all major dom ains in such a m anner that the reader will be able to appreciate
the way security has evolved over tim e as well as gain insight in to the fundam ental workings
relevant to each domain. It is a blend of academ ic and practical w isdom supplem ented with
tools that the reader can readily access in order to obtain a hands-on experience.
The emphasis through out the courseware is on gaining practical know-how, which explains the
stress on free and accessible tools. You will read about some of the most widespread attacks
seen, the popular tools used by attackers, and how attacks have been carried out using
ordinary resources.
You may also w ant to know w hat to expect once you have com pleted the course. This
coursew are is a resource material. Any penetration tester can tell you that there is no one
straight m ethodology or sequence of steps that you can follow w hile auditing a client site.
There is no one tem plate that will meet all your needs. Your testing strategy will vary with the
client, the basic inform ation about the system or situation, and the resources at your disposal.
However, for each stage you choose -
be it enumeration, firewall, penetration of other
dom ains - you will find som ething in this coursew are that you can definitely use.
Finally this is not the end! This courseware is to be considered a constant work-in-progress
because we will be adding value to this courseware over time. You may find some aspects
extrem ely detailed, w hile others may have less detail. W e are constantly asking ourselves if the
content helps explain the core point of the lesson, and w e constant calibrate our material with
that in mind. W e w ould love to hear your view points and suggestions so please send us your
feedback to help in our quest to constantly im prove our courseware.
E th ica l H ackin g a nd C o u n te rm e a s u re s C o p y rig h t © by EC-COIMCil
A ll Rights R eserved. R e p ro d u c tio n is S tric tly P ro h ib ite d .
T h is
p a g e
is
in te n tio n a lly
le ft b la n k .
E thical H acking and C o u n te rm e a su re s
W e lc o m e t o C e rtifie d E th ica l H a cke r Class
T a b le
M odule N u m b e r
Exam 3 1 2 -5 0 C e rtifie d E th ica l H acker
o f C o n te n ts
M odule N a m e
P ag e N o.
00
S tu d en t In tro d u ctio n
I
01
In tro d u ctio n to E th ical H a c k in g
01
02
F o o tp rin tin g an d R eco n n aissan ce
91
03
S can n in g N etw o rk s
262
04
E n u m e ra tio n
434
05
System H a c k in g
517
06
T ro jan s an d B ackdoors
827
07
V iruses an d W orm s
1006
08
Sniffing
1112
09
Social E n g in e e rin g
1292
10
D en ial o f Service
1402
11
Session H ijack in g
1503
12
H a c k in g W ebservers
1600
13
H a c k in g W eb A pplications
1723
14
SQ L In jectio n
1986
15
H a c k in g W ireless N etw o rk s
2134
16
H a c k in g M obile P latform s
2392
17
E v ad in g ID S, Firew alls, an d H o n ey p o ts
2549
18
Buffer O verflow
2691
19
C ryptography
2782
P en etratio n T e stin g
2872
R eferences
2976
»
|
E th ica l H ackin g a nd C o u n te rm e a s u re s C o p y rig h t © by EC-COIMCil
A ll Rights R eserved. R e p ro d u c tio n is S tric tly P ro h ib ite d .
T h is
p a g e
is
in te n tio n a lly
le ft b la n k .
E thical H acking and C o u n te rm e a su re s
W e lc o m e t o C e rtifie d E th ica l H a cke r Class
Exam 3 1 2 -5 0 C e rtifie d E th ica l H acker
W e lc o m e to C e r t if ie d E t h ic a l
H a c k e r C la s s !
S tu d e n t I n tr o d u c tio n
Engineered by Hackers. Presented by Professionals.
CEH
Q
E th ic a l H a c k in g a n d C o u n te r m e a s u r e s
M o d u le 0 0 : W e l c o m e to C e r t i f i e d E th ic a l H a c k e r C la s s
E x a m 3 1 2 -5 0
M o d u le 00 Page I
E th ica l H ackin g a n d C o u n te rm e a s u re s C o p y rig h t © by EC-C0l1nCil
A ll Rights R eserved. R e p ro d u c tio n is S tric tly P ro h ib ite d .
E thical H acking and C o u n te rm e a su re s
W e lc o m e t o C e rtifie d E th ic a l H a c k e r Class
Exam 3 1 2 -5 0 C e rtifie d E thical H acker
Copyright © by IG-Gouncil. All Rights Reserved. Reproduction is Strictly Prohibited.
CEH
C o u rs e M a te r ia ls
/
^
‫־‬i ‫׳‬
‫־‬V
‫ע־‬
‫עין‬
&
CEH
BOOK
1
Identity
Card
Student
Courseware
Lab M a n u a l/
W orkbook
Compact
Disc
Course
Evaluation
‫ץ־‬
V
Reference
Materials
Copyright O by EG-Gouncil. All Rights Reserved. Reproduction Is Strictly Prohibited.
M o d u le 00 Page II
E th ica l H ackin g a nd C o u n te rm e a s u re s C o p y rig h t © by EC-C0lMCil
A ll Rights R eserved. R e p ro d u c tio n is S tric tly P ro h ib ite d .
E thical H acking and C o u n te rm e a su re s
W e lc o m e t o C e rtifie d E th ica l H a cke r Class
C E H v
Exam 3 1 2 -5 0 C e rtifie d E th ica l H acker
8
In t r o d u c t io n t o E th ic a l
1 1 1
H a c k in g
F o o tp r in tin g a n d
2
R e c o n n a is s a n c e
T r o ja n s a n d B a c k d o o rs
[ 6 1
V iru s e s a n d W o r m s
[ 7
[ 8
[ 3
]
S c a n n in g N e tw o r k s
S n iffin g
[ 4
]
E n u m e r a tio n
S o c ia l E n g in e e rin g
S y s te m H a c k in g
D e n ia l-o f- S e rv ic e
5
‫י‬
CEH
C o u rs e O u tlin e
]
]
9
1 0 ]
Copyright © by EG-Gouncil. All Rights Reserved. Reproduction is Strictly Prohibited.
C E H v
r
‫ד‬
8
r
1
r
L________________________________________________ J
L
S e s s io n H ija c k in g
1 1
^
‫יי‬
r
‫די‬
1 7
‫י־‬
r
A
L.
A
r
r
SQL In je c tio n
r
r
C r y p to g r a p h y
j
L
‫ר‬
B u ffe r O v e r flo w s
'
A
L
‫יי‬
1 8
‫י‬
1 9
J
‫די‬
H a c k in g W ire le s s N e tw o r k s
1
r
H o n e y p o ts
H a c k in g W e b A p p lic a tio n s
‫ו‬
‫ד‬
___J
J L.
1 .
1 6
E v a d in g IDS, F ir e w a lls a n d
r
1 3
L.
‫י־‬
u
r
H a c k in g W e b s e rv e rs
L___
‫ יי‬r
H a c k in g M o b ile P la tfo r m s
‫ יי‬r
1 2
CEH
C o u rs e O u tlin e
P e n e tr a tio n T e s tin g
2 0
5
Copyright O by EG-Gouncil. All Rights Reserved. Reproduction Is Strictly Prohibited.
M o d u le 00 Page I
E th ica l H ackin g a nd C o u n te rm e a s u re s C o p y rig h t © by EC-C0UIICil
A ll Rights R eserved. R e p ro d u c tio n is S tric tly P ro h ib ite d .
E thical H acking and C o u n te rm e a su re s
W e lc o m e t o C e rtifie d E th ica l H a cke r Class
Exam 3 1 2 -5 0 C e rtifie d E thical H acker
EC‫־‬Council Certification Program I CEH
T h e r e a r e s e v e ra l le v e ls o f c e r t if ic a t io n tr a c k s u n d e r t h e E C -C o u n c il A c c r e d it a t i o n b o d y :
C e rtifie d S ecure C o m p u te r
EC‫־‬C o u n cil D isa ste r R ecove ry
U ser(C SC U )
P ro fe ssio n a l (EDRP)
C e rtifie d e-B usiness
EC-Council C e rtifie d S e c u rity
P ro fe s s io n a l
A n a ly s t (ECSA)
— L
EC-Council C e rtifie d
EC-Council C e rtifie d Secure
S e c u rity S pe c ia lis t (ECSS)
P ro g ra m m e r (ECSP)
EC-Council N e tw o r k S e c u rity
C e rtifie d Secure A p p lic a tio n
A d m in is tr a to r (ENSA)
D e v e lo p e r (CSAD)
C e rtifie d E thical
You are
here
'
H acker(C E H )
Licensed P e n e tra tio n Tester
(LPT)
C o m p u te r H acking Forensic
M a s te r o f S e c u rity Science
In v e s tig a to r (CHFI)
(MSS)
Copyright © by IG-GOUIICil. All Rights Reserved. Reproduction is Strictly Prohibited.
C e rtifie d E th ic al H a c k e r T ra c k
C EH
UrtifM Etbitji IU(h«
CEH C e r t if ic a t io n T ra c k
Com plete th e fo llo w in g steps:
A tte n d th e Ethical H acking and
s, ‫״ ־‬
C ou n term e asu res Course
V'
Attend
Training
Pass th e CEH Exam
Exam Code: 312-50-ANSI (IBT),
312-50v8 (VUE), o r 350CEHv8
(APTC)
Prepare for
312-50 Exam
v
Take
Exam
Fail
‫אי‬
Pass
EH
Cortifiad
Ethiol
Certification
Achieved
H i.U .
Copyright O by tG-Gouncil. All Rights Reserved. Reproduction is Strictly Prohibited.
M o d u le 00 Page IV
E th ica l H ackin g a nd C o u n te rm e a s u re s C o p y rig h t © by EC-C0UIICil
A ll Rights R eserved. R e p ro d u c tio n is S tric tly P ro h ib ite d .
E thical H acking and C o u n te rm e a su re s
W e lc o m e t o C e rtifie d E th ica l H a cke r Class
Exam 3 1 2 -5 0 C e rtifie d E thical H acker
CEH
C E H v 8 E x a m In fo r m a tio n
‫״‬X
E xam T itle : C e rtifie d E th ic a l H a ck e r v8 (ANSI)
^
E xam C od e: 3 12 -5 0-A N S I (IBT), 3 1 2 -5 0 v 8 (V U E ), o r 3 5 0 C E H v 8 (APTC)
N u m b e r o f Q u e s tio n s : 125
D u ra tio n : 4 h o u rs
7
A v a ila b ility : P ro m e t ric P r im e / P ro m e t ric A P T C / V U E
P a ssin g Score: 70%
T h e in s tru c to r w ill te ll y o u a b o u t th e e x a m s c h e d u le / e x a m v o u c h e r
d e ta ils fo r y o u r tra in in g
T h is is a d iffic u lt e x a m a n d re q u ire s e x te n s iv e k n o w le d g e o f
CEH C o re M o d u le s
J
Copyright © by IG-Gouncil. All Rights Reserved. Reproduction is Strictly Prohibited.
S tu d e n t F a c ilitie s
CEH
Copyright O by EG-Gouncil. All Rights Reserved. Reproduction Is Strictly Prohibited.
M o d u le 00 Page V
E th ica l H ackin g a nd C o u n te rm e a s u re s C o p y rig h t © by EC-C0UIICil
A ll Rights R eserved. R e p ro d u c tio n is S tric tly P ro h ib ite d .
E thical H acking and C o u n te rm e a su re s
W e lc o m e t o C e rtifie d E th ica l H a cke r Class
Exam 3 1 2 -5 0 C e rtifie d E thical H acker
L a b S e s s io n s
Lab S essions a re d e s ig n e d to
r e in fo r c e th e c la s s ro o m sessio n s
T h e ses s io n s a re in te n d e d to
g iv e a h a n d s o n e x p e r ie n c e o n ly
a n d d o e s n o t g u a ra n te e
p ro fic ie n c y
T h e re a re to n s o f la b s in th e la b
m a n u a l. P lease p r a c tic e th e s e
la b s b a c k a t h o m e .
Copyright © by IG-Gouncil. All Rights Reserved. Reproduction is Strictly Prohibited.
W h a t D oes C E H T each You?
D e fe n se , C is co S e cu rity , F ire w a lls ,
IDS, Logs, N e tw o rk , A n tiv iru s ,
H a rd w a re , T ro u b le s h o o tin g ,
A v a ila b ility , S e r v e r/ C lie n t S e cu rity ,
c re a tin g p o lic ie s , n e tw o r k
M a n a g e m e n t e tc .....
CEH
D e n ia l o f Service, Trojans, W o rm s , V iru s,
S o cia l E n g in eerin g , Pa ssw o rd cra ckin g,
S ession H ija ckin g , System fa ilu re , Spam ,
P h ish in g , Id e n tity th e ft, W a rd riv in g ,
w a rc h a lk in g , b lu e ja ck in g Lock pick in g ,
B u ffe r O v e rflo w , System hackin g ,
S n iffin g , SQL In je ctio n ....
Ethical Hacking
Bad G uy
This is W hat CEH Teaches You!
Copyright O by EG-Gouncil. All Rights Reserved. Reproduction Is Strictly Prohibited.
M o d u le 00 Page VI
E th ica l H ackin g a nd C o u n te rm e a s u re s C o p y rig h t © by EC-C0UIICil
A ll Rights R eserved. R e p ro d u c tio n is S tric tly P ro h ib ite d .
E thical H acking and C o u n te rm e a su re s
W e lc o m e t o C e rtifie d E th ica l H a cke r Class
W h a t C E H
*
Exam 3 1 2 -5 0 C e rtifie d E th ica l H acker
is N O T ?
CEH class is NOT a
N etw o rk Security training
program
CEH class is NOT a
Security Analysis training
program
> Please attend ECCouncil's ENSA class
for that
> Please attend ECCouncil's ECSA class
for that
CEH
CEH class is NOT a
Security Testing training
program
> Please attend ECCouncil's LPT class
for that
CEH class is 100 %
NETW ORK OFFENSIVE
T ra in in g P ro g ra m
•Copyright © by IC-Coiincil. All RightsKeserved.:Reproduction is Strictly Prohibited.
CEH
UrtifWJ Etkwjl IUcW*
The C EH P ro g ra m Teaches you 100%
N etw o rk O ffensive T ra in in g and not
D efensive
Copyright O by EG-Gouncil. All Rights Reserved. Reproduction Is Strictly Prohibited.
M o d u le 00 Page VII
E th ica l H ackin g a nd C o u n te rm e a s u re s C o p y rig h t © by EC-C0UIICil
A ll Rights R eserved. R e p ro d u c tio n is S tric tly P ro h ib ite d .
E thical H acking and C o u n te rm e a su re s
W e lc o m e t o C e rtifie d E th ica l H a cke r Class
C E H
Exam 3 1 2 -5 0 C e rtifie d E th ica l H acker
C la s s S p e e d
CEH
™
C*rt‫׳‬fW< Itkitjl lUckM
T h e CEH class is e x tr e m e ly fa s t p a c e d
T h e class " s p e e d " c an b e c o m p a re d t o th e c lim a x s c e n e fr o m th e m o v ie
M is s io n Im p o s s ib le (B u lle t tr a in s e q u e n c e )
T h e re a re to n s o f h a c k in g to o ls a n d h a c k in g te c h n o lo g ie s c o v e re d in th e
c u r r ic u lu m
T h e in s tr u c to r W IL L N O T b e a b le to d e m o n s tra te A LL th e to o ls in th is class
H e w ill s h o w c a s e o n ly s e le c te d to o ls
T h e s tu d e n ts a re re q u ire d to p ra c tic e w i t h t h e to o ls n o t d e m o n s tra te d in th e
class o n t h e ir o w n
Copyright © by EG-Gouncil. All Rights Reserved. Reproduction is Strictly Prohibited.
CEH
L iv e H a c k in g W e b s ite
J
P lease ta r g e t y o u r e x e rc is e s f o r "L iv e H a c k in g " t o w w w .c e rtifie d h a c k e r.c o m
J
T h is w e b s ite is m e a n t f o r th e s tu d e n ts to t r y th e to o ls o n liv e ta r g e t
J
P lease re fra in fr o m u s in g th e e x p lo its o n a n y o t h e r d o m a in s o n th e In te r n e t
n
C e rtifie d H a c k e r
CEH C la s s ro o m
A tta c k Lab
W e b s ite
Copyright O by EG-Gouncil. All Rights Reserved. Reproduction Is Strictly Prohibited.
M o d u le 00 Page VIII
E th ica l H ackin g a nd C o u n te rm e a s u re s C o p y rig h t © by EC-C0UIICil
A ll Rights R eserved. R e p ro d u c tio n is S tric tly P ro h ib ite d .
E thical H acking and C o u n te rm e a su re s
W e lc o m e t o C e rtifie d E th ic a l H a c k e r Class
Exam 3 1 2 -5 0 C e rtifie d E thical H acker
N D A D o cu m en t
P le a s e re a d th e
CEH
S ign th is
c o n te n ts o f th e
d o cu m e n t and
p r o v id e d EC-
h a n d i t o v e r to
C o u n c il's CEH
t h e in s t r u c t o r
NDA d o cu m e n t
W e w i l l N O T s ta r t
P le a s e a p p ro a c h
t h e class u n le s s
t h e in s t r u c t o r if
y o u s ig n th is
y o u a re n o t
docum ent
p r e s e n te d w i t h
th is d o c u m e n t
Copyright © by EG-Gouncil. All Rights Reserved. Reproduction is Strictly Prohibited.
A d v a n c e d L a b E n v ir o n m e n t
W in d o w s 8
W in d o w s S e rv e r
2 00 8 (64 Bit)
W in d o w s 7
CEH
B a ck Tra ck S
V irtu a l P la tfo rm
u
I n s t r u c t o r M a c h in e
S t u d e n t M a c h in e s
I n s tr u c to r a n d S t u d e n t M a c h in e O p e r a t in g S y s te m : W in d o w s S e r v e r 2 0 1 2 ( F u lly P a tc h e d )
Copyright O by EG-Gouncil. All Rights Reserved. Reproduction Is Strictly Prohibited.
M o d u le 00 Page IX
E th ica l H ackin g a nd C o u n te rm e a s u re s C o p y rig h t © by EC-C0lMCil
A ll Rights R eserved. R e p ro d u c tio n is S tric tly P ro h ib ite d .
E thical H acking and C o u n te rm e a su re s
W e lc o m e t o C e rtifie d E th ica l H a cke r Class
Exam 3 1 2 -5 0 C e rtifie d E th ica l H acker
S tu d e n t C o m p u te r C h e c k lis t
CEH
W in d o w s 8 a s V M
W in d o w s 7 as V M
M
l
B a c k T ra c k 5 R3 as V M
Copyright © by EG-Gouncil. All Rights Reserved. Reproduction is Strictly Prohibited.
S tu d e n t C o m p u te r C h e c k lis t
CEH
tortifM Etkkjl bito
W rite down IP addresses of the
host and all the Virtual
Machines
Check if you can launch
command shell by right clicking
on a folder
Check if you can ping between
the VM and the hosts
Check if you can access Internet
and browse the web using IE,
Chrome, Safari and Firefox
Make sure you can access
RealHome and Powergym
websites at
http://localhost/realhom e and
http://localhost/pow ergym
Check fo r snapshots o f Virtual
Machines
Check if you can access
http://www.certifiedhacker.com
Make sure that you can access
D:\CEH-T00ls directory in W in d o w s
S e rv e r 2 0 1 2 and Z:\CEH-T00ls from
all the VM's; Z: is mapped N e tw o rk
1
For Wireless Hacking module
you w ill need AirPcap adapter
D rive c o n ta in in g CEH to o ls
Copyright O by EG-Gouncil. All Rights Reserved. Reproduction Is Strictly Prohibited.
M o d u le 00 Page X
E th ica l H ackin g a nd C o u n te rm e a s u re s C o p y rig h t © by EC-C0lMCil
A ll Rights R eserved. R e p ro d u c tio n is S tric tly P ro h ib ite d .
E thical H acking and C o u n te rm e a su re s
W e lc o m e t o C e rtifie d E th ica l H a cke r Class
Exam 3 1 2 -5 0 C e rtifie d E th ica l H acker
P ing B etw een V irtu a l M a c h in e s
and Host
CEH
(•*M M
tlfcxjl Mm M*
Administrator: C:\W11xlows\systefr132yc1rxl.exe
w ith 32 bytee o f data:
: b ytoo -3 2 cimo<ln& TTL=128
4: b y te s -3 2 c in e <11*3 TTL-128
: b y te 3 3 2 ‫ ־‬tim eC lns TTL-128
: b y te s -32 tine < 11 u TTL-128
=151 * I
■
G :M J3 e r3 s n d 1 » in i3 tr« to r> p in g 1
£1;‫ד‬1 1
Reply fr o n t
Reply fro w i
Reply from 1
1
w ith 32 byte s o f d a ta :
: b y te s -3 2 t . M - l m
: bytes —32 t in e < ln s
: b yt« fv 3 2 ‫ ־‬t i f w d n s
: b y te s -32 tifw C in s
3
<■
IT L-128
IT L-128
IT L -1 2 *
IT L-128
Plus u t a t l s t i c v f u r
Pac)<otc: Sont 4 ‫ ־‬. R«<
Approxim ate round c r i p t i l
Min inum ‫ ־‬One. flax imui
C :\W in dow s\system 32\cm d.exe
C iM la e r * s n d n in is tr A to r > _
j'-"• —
1 11
■ \AH in > p in g 1
1
: bu t 32• ‫ י‬t in e -1 fi* TTL-12R
le u ly f r a r t
I
: b y t u - 3 2 tin » < 1 fix 11I.-12N
le p ly fra*> I : byt» « -3 2 t >.«e<1..x TTL-12N
tv p ly f m m 1 : b y t•6 •3 2 t i w < in v 11L-12H
1
111
, H c ta tlv tic w f o r i
P a ckotc: Sont - 4 . Rocolvod 4 ‫־‬. Loot 0> 0 ‫ ־‬X 1000).
ip p ro x ln a to round t r i p tin o a in n i lli- o o c o n d o :
tlln in u n ‫ ־‬One. tfa xinu n - in o . flvoraqo ■ Ono
:1N4U«rs\Hd1»in>_
Copyright © by IG-Gouncil. All Rights Reserved. Reproduction is Strictly Prohibited.
CEH-Tools Directory in Windows
Server 2012 (D:\CEH-Tools)
V_J I
*
|
)'
($ ) (
1
1
Home
Ethical >U(hM
N<‫״‬w V o lu m e ( t> )
DrMTOMI
Share
CEH
(•rtifwd
V
View
* Comput«r ► N«wVolum*(0:)
V
C
1 1 Sairch N«wVolum*(D:)
P
O
| |
)V Fivcrittc
■
D«*ktap
4■
Download)
,‫ [ ע‬Recent place *
SRECYCIE.BIN
3
CEH-Todv
Sy»le»r Volume
Information
Documents
J'' Music
m ! Pictures
9
Videos
Computer
i i . Local Disk (G)
1
j New Volume (D:)
£*
II
*
*■I Network
?item s
Copyright O by EG-Gouncil. All Rights Reserved. Reproduction Is Strictly Prohibited.
M o d u le 00 Page XI
E th ica l H ackin g a nd C o u n te rm e a s u re s C o p y rig h t © by EC-C0UIICil
A ll Rights R eserved. R e p ro d u c tio n is S tric tly P ro h ib ite d .
E thical H acking and C o u n te rm e a su re s
W e lc o m e t o C e rtifie d E th ica l H a cke r Class
Exam 3 1 2 -5 0 C e rtifie d E thical H acker
Copyright © by IG-Gouncil. All Rights Reserved. Reproduction is Strictly Prohibited.
M a p p e d N e tw o rk D riv e (Z:) in
W indow s Server 2008 V M
CEH
-Jnl*J
o o
F!c
- vn |sedl(J
* * Computer
1
£d t
View
orgarize ▼
to
Jo®1® d*P
jjj views
Favonte bn<s
‫ ־׳י‬y f Properties
‫<! ט‬,fste^pr0pe‫» ׳‬
Mamt
H ard D isk D riv es ( 1 )
t)es
urrstai or :range a prog'a*
1*1‫* ״י!־‬
*jt viap nerA-ork drive
|.|T 0 U I 5 H «
I . I f t m Sm m
Docurrentt
Pictures
&.ocal Disk (Cl)
:muo
D evice* w ltli R e m o v a b le S to ra g e (2)
ecendy Changed^ 15 1
f l
Searches
hjj ‫״‬loppy Dis< Orr‫׳״‬e (*:)
^
DVD Drive (D!)
Rcppy Dak Drive
CD Drive
ublc^
N etw o rk L ocation (1)
J
±J
Copyright O by EG-Gouncil. All Rights Reserved. Reproduction Is Strictly Prohibited.
M o d u le 00 Page XII
E th ica l H ackin g a n d C o u n te rm e a s u re s C o p y rig h t © by EC-C0UnCil
A ll Rights R eserved. R e p ro d u c tio n is S tric tly P ro h ib ite d .
E thical H acking and C o u n te rm e a su re s
W e lc o m e t o C e rtifie d E th ica l H a cke r Class
Exam 3 1 2 -5 0 C e rtifie d E th ica l H acker
M a p p e d N e tw o rk D riv e (Z:) in
W indow s 7 V M
CEH
tlfcxjl Mm M*
G Z IC lL lI^
,
v |: ® . ► Computet ►
Organize▼
Properties
System properties
Uninstall or charge a program
|
p 1
SeorcA Ccrr.outer
Map net A/ork drive
»
[j|p ▼
(Jjj
O
- Hard D isk D riv es (1 )
‫־‬A ‫ ׳‬Favorites
E
▼1
Desktop
Local Disk (C:]
m Downloads
^
f t i / *
Recent Places
'
6.37 G3*'reeo*'158 G3
Devices wiTh Removable Storage (2)
Libraries
1
Documents
^
Music
B
Pictures
Q
Videos
Floppy Disk Drive (A:)
'
DVD Drive (DO
Network Location (1)
CEH-Tools <\\
* j f
: ■ Computer
(Z:)
jB tree of 269 OB
*'p Network
r£ H -T n n lc (\\1 07 .1fift1 M l 11 J) (7•)
Network Drive
I
Tntalc■*••
Space free: 365 GB
Fie system: NTFS
Copyright © by IG-Gouncil. All Rights Reserved. Reproduction is Strictly Prohibited.
L a u n c h in g C o m m a n d S h e ll
CEH
(•rtifwd
New Volume [D.)
.
Ethical >U(hM
‫־‬:°■
.
*I
]
'M
'3
9
lnrlud*<nMx*ry
*Jdlsmlw•.
AddM'CEHTootuar'
C»mpn*»•nj «mtJ_
CompmstoCERToofc-rjr‫* ־‬
C'tttt
A dm inistrator: C:\W ind 0 w s\system 32\cm d.exe
0t<««
copyright © by EG-Gouncil. All Rights AeServfeifc;Reproduction is Strictly Probfbited.
M o d u le 00 Page XIII
E th ica l H ackin g a n d C o u n te rm e a s u re s C o p y rig h t © by EC-C0UnCll
A ll Rights R eserved. R e p ro d u c tio n is S tric tly P ro h ib ite d .
Ethical Hacking and Countermeasures
Welcome to Certified Ethical Hacker Class
Exam 312-50 Certified Ethical Hacker
S n a p s h o ts o f V i r t u a l M a c h in e s
CEH
tlfcxjl Mm M*
I
H y p er-V M a n a g e r
File
Action
View
I —
Help
* * I 8 1! 0 1
j j Hyper-V Manager
^3 WIN-ROPCM8VKVOQ
V i r tu a l M a c h i n e s
WIN-ROPCM8VKVOQ
CPU Usage
Assigned Memory
Up*
New
=j B32k Track 6
Import Virtual Machine...
§ Windows 3
j
Windows 2002 Server
1024 MB
settings..
024 ‫ ז‬M3
Turn Off..
Hyper-V Settings...
5
5 Virtual SAitch Manager...
^
Shut Down..
S n a p s h o ts
Save
₪ g j, Wrdo*3 7-(4/16/
H Now
Pause
Virtual SAN Manager...
Edit Disk...
Inspect Disk,..
(•) Stop Service
Reset
^
| Snapshot
Remove Server
Q Refresh
Revert..
View
Q
H«p
Rename..
Windows 7
Enable Replication ..
□
Sumrray
M oray
Help
Ch^lrrrtt 10‫י‬
Connect...
fr l
Sfttingc..
hedrtbedt: D K fS b /tu k
(•) Turn Off...
Nfcsvwxtjng [ Rcpkdton
0
Shut Down...
Q
Save
||
Paute
Reset
Copyright © by IG-Gouncil. All Rights Reserved. Reproduction is Strictly Prohibited.
A ir P c a p
CEH
(•rtifwd
Ethical >U(hM
Copyright O by EG-Gouncil. All Rights Reserved. Reproduction Is Strictly Prohibited.
Module 00 Page XIV
Ethical Hacking and Countermeasures Copyright © by EC-C0UnCll
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures
Welcome to Certified Ethical Hacker Class
Exam 312-50 Certified Ethical Hacker
P o w e r g y m a n d R e a lH o m e
. . . .
w
C
v
W eb
s i• t?e s
t‫־‬
c[
E H
toMlfOS ;• ./rq>nV
-> n 1 • kMMltnc kMh
1
Real Home!
*
\KK‫־‬rrs
■I TING
s tlJ LING
!‫ ״‬tin
K I.N IIM '
Supp*rt 1 FAQ*
liASINO
Sitenap t
:•Irip
CUX‫־‬IAC1 US
LOGIN
Powergym : h ttp ://lo c a lh o s t/p o w e rg y m
RealHome: h ttp ://lo c a lh o s t/re a lh o m e
Copyright © by IG-Gouncil. All Rights Reserved. Reproduction is Strictly Prohibited.
L iv e H a c k W e b s ite
http://www.certifiedhacker. com
CEH Labs
CEH Labs
CEH Labs
CEH Labs
JuGGY
CEH
B0V
‫״‬u n it e
J
N i fc t i
Copyright O by EG-Gouncil. All Rights Reserved. Reproduction Is Strictly Prohibited.
Module 00 Page XV
Ethical Hacking and Countermeasures Copyright © by EC-C0UIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures
Welcome to Certified Ethical Hacker Class
Exam 312-50 Certified Ethical Hacker
CEH
L e t ’s S t a r t H a c k i n g
Copyright © by IG-Gouncil. All Rights Reserved. Reproduction is Strictly Prohibited.
Module 00 Page XVI
Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil
All Rights Reserved. Reproduction is Strictly Prohibited.