Many TV shows and movies often show a hacker using a mobile or other handheld devices to infiltrate a target network. This begs the question: is hacking from a mobile device, such as a phone, possible? The answer to this question is yes. We are surrounded by so much technology and so many smart devices. Imagine using your smart device to test a network or system for vulnerabilities and perhaps exploit it; this would definitely be very cool.
To begin this section, letās a take a walk through the history and evolution of the most popular penetration-testing Linux distribution, Kali Linux. Before the ever-popular Kali Linux, there was its predecessor, known as Backtrack. Backtrack was created by two merger companies, Auditor Security Collection and Whax, back in 2006. The Backtrack operating system was in the form of a live CD and live USB bootable media, which allows a penetration tester, systems administrator, or hacker to use any computer that supported booting from CD/DVD and/or USB drives. Since Backtrack is a Linux-based operating system, live boot simply made any computer into a hackerās machine on the network.
In 2011, Backtrack evolved into its latest version, known as Backtrack 5. At this time, Backtrack included many tools and utilities that helped penetration testers to do their jobs.
Some of the tools within Backtrack 5 include the following:
- Metasploit: A famous exploit development framework created by Rapid7 (www.rapid7.com).
- SAINT: A renowned vulnerability-assessment tool developed by SAINT Corporation (www.saintcorporation.com).
- Maltego: An information-gathering tool created by Paterva (www.paterva.com), which takes advantage of data-mining techniques using various resources on the internet.
In 2013, the Backtrack distribution went through a major change; all support had ended while evolving into the Kali Linux penetration-testing Linux distro we all know today. The creators of Kali Linux, Offensive Security (www.offensive-security.com), completely redesigned Backtrack from the ground up, making it Debian-based. The Kali Linux penetration-testing platform comes with over 600 pre-installed tools that can assist penetration testers, security engineers, or forensics personnel in their duties.
Kali Linux was originally designed to run on computer systems similarly to its predecessor, whether Live Boot (CD/DVD or USB) or installed on the local hard disk drive. In 2014, Offensive Security, the creators of Kali Linux, released Kali NetHunter. This platform was released for Android-based devices, which opened up greater opportunities for penetration testers around the world by removing the restriction of using a desktop or laptop computer to test target systems and networks.
Kali NetHunter allows penetration testers to simply walk around with an Android-based device, such as a smartphone or a tablet. Imagine how awesome it would be to be assigned a security audit on a client's systems, specifically their wireless and internal network, and all you need to carry out the audit is a smartphone.
An example scenario for using NetHunter for penetration testing is auditing wireless security and testing the security for any bring-your-own-device (BYOD) policies within an organizationās network. Being able to conduct penetration testing through a handheld device is important as wireless security configurations have the most security vulnerabilities for a network.
At times, a technician may deploy a wireless router or an access point (AP) on a network while leaving the default configurations, which included default or factory-assigned passwords. During the course of this book, we will take a look at various methodologies for performing a penetration test using Kali NetHunter and how to utilize the arsenal of tools that are available to execute a successful penetration test against a network and system.
![]()
The Kali NetHunter platform has additional resources not available in Kali Linux. These additional resources are powerful tools in the hands of a focused penetration tester.
![]()
The name of this utility says it all: it can change the media access control (MAC) address of a device's network interface card (NIC) to either a randomized value or a specific address defined by the tester. The MAC Changer on Kali NetHunter has an additional capability of changing the deviceās hostname. This can be a very useful feature that can aid a penetration tester in a social-engineering attack:
![]()
A man-in-the-middle (MITM) framework of tools and utilities is used when performing all MITM attacks on a network. A MITM attack is when a hacker sits between the victim and another device, such as the default gateway to the internet. The intention of the attack is to intercept all traffic along the path. Looking at the following diagram, all traffic from the PC that is intended to go to the internet which is supposed to be sent directly to the router (default gateway) is indicated by the top arrow. However, with an attacker on the network, they are able to trick the victim's PC into thinking the attacker's machine is now the router (default gateway) and tricking the router into believing the attacker's machine is the PC:
Itās a penetration testerās powerhouse. Some of its features are key-logging, address resolution protocol (ARP) cache poisoning attacks, spo...
