Basic Hacking Techniques PDF

aus;Zl;wifvTm
teaEÅmteEÅig;yg;udk OD;xdyfxm;vsuf uRefawmf\

h oifq&m?
jrifq&m? Mum;q&m rsm;ESiw
fh uG þpmtkyf jzpfajrmufapa&;twGuf
0dkif;0ef;ulnD ay;cJhMuygukefaom rdwfaqGrsm;tm;vH;k ? xkwfa0
jzefcY sDay;ygaom aumif;qkom pmayrS pma&;q&m q&m[efokaomf?
0,f,ltm;ay;zwf&IMuygukefaom enf;ynmcspfolrsm;ESiw
fh uG tjcm;
aus;Zl;wifxu
dk foltm;vH;k wdYktm; aus;Zl;txl;yif wif&SdygaMumif; OD;pGm
azmfjytyfygonfcifAsm/
pma&;ol
Disclaimer
uRefawmf a&;om;aom Basic Hacking Guide (vG,fulavhvm tajccH
Hacking enf;ynm) pmtkyo f nf uRefawmfwdYk EdkifiHwGif rMumrD vdt
k yfcsufwpfck
jzpfvmrnfh Security ydkif;qdik &f mtwGuf taxmuftyHh&&Sad p&ef Penetration
Tester tjzpf 0goemtavsmuf vkyfaqmifvdo k nfh enf;ynm pdwf0ifpm;olrsm;
twGufom &nf&G,fa&;om;xm;jcif;jzpfygonf/
odYkjzpfí þpmtkyyf g taMumif;t&mrsm;ESihf tajccH enf;ynmrsm;onf
Educational Purpose Only omjzpfjyD; rnfonfh Cyber Security Breaches udr k Q
tm;ray;yg/ tu,fí vkyfaqmifyguvnf; þpmtkyfEiS hf roufqidk fygaMumif;
BudKwif today;tyfygonfcifAsm/
pma&;ol
CHAPTER 1: Introduction to Hacking
1. Hacking qdw
k m
Hacking qdw
k m bmvJqdw k mawGeJyY wfoufjyD; uRefawmfwYdk Budrfzefrsm;pGm
odzl;zwfz;l jyD;jzpfaewmrdYk 'Dae&mrSm vd&k if;awGudkcsnf; azmfjyoGm;ygawmhr,f/
Hacking u ]]hack = ckwfxpfonf/ jzwfawmufonf/}} qdw k Jh English Word
wpfcu k ae qif;oufvmwmjzpfjyD; uGefysLwme,fy,frSmawmh ]]gaining
unauthorized access to data in a system or computer }} vdYk zGihfqMdk uygw,f/
'gaMumifh enf;ynme,fy,frmS awmh Hacking qdw k m[m euf0yf
(odYrk [kwf) uGefysLwm (odYkr[kwf) pepf wpfckck\ cGihfjyKcsufay;rxm;aom
tcGiht f a&;udk &,l oH;k pGJjcif;/ wpfenf;tm;jzifh tqdyk g euf0yfjzpfap?
uGefysLwmjzpfap? pepfwpfcck kjzpfap twGif;odkY cGihfjyKcsufr&SdbJ 0ifa&mufjcif; vdYk
qdv
k ydk gw,f/
Cambridge Dictionary t&qd&k ifawmh Hacking qdw k monf
uGefysLwmpepfwpfckcktwGif; odak vSmifxm;aom tcsuftvufrsm;udk
&,l&efjzpfap? xdu k GefysLwmpepfrsm;twGif; Adkif;&yfrsm; jyefYyGm;ap&efjzpfap ponfh
&nf&, G fcsufrsdK;jzifh uGefysLwmudk w&m;r0if toH;k jyKjcif; vdYk zGihfqydk gw,f/
2. Hacker qdw
k m
Hacking udk vkyfaqmifol vdYk tvG,fq;Hk ajymvd&kY ygw,f/
pepftrsdK;rsdK;twGif;udk xGif;azmuf0ifa&mufol? tjcm;olawG&UJ uGefysLwmpepfawG
xJu ta&;ygwJh information (data) awGudk w&m;r0if &,l^zsufqD;ol?
qufoG,fa&;pepftrsdK;rsdK;udk Mum;jzwfem;axmifol (tcsuftvuf Mum;jzwf&,l
ol) ponfjzifh Hacker udk t"dyÜg,fzGifhqdkMuygw,f/
3. Hacker trsdK;tpm;rsm;
vkyfaqmifykHeJY cH,lcsufawGay:rlwnfjyD; Hacker awGudk trsdK;tpm;
cGJjcm;Muygw,f/ t"dutkyfpk oH;k pkuawmh Black Hat Hacker, White Hat Hacker
eJY Grey Hat Hacker wdYk jzpfMuygw,f/
Black Hat Hacker awGrSmawmh aumif;rGefus,fjyefYwJh uGefysLwmqdi k f&m
todynmawG &SdaeMujyD; olwdYk&JU todynmA[kokwawGudk Internet Security udk
ausmfjzwfcsdK;azmuf (Breach or Bypass) wJah e&mrSm toH;k jyKMuygw,f/ Black
Hat Hacker awGudk Cracker (or) Dark-site-hacker awGvYdv k nf;
ac:qdMk uygao;w,f/ uGefysLwmeJY euf0yfawGxJudk csdK;azmuf0ifa&mufol?
uGefysLwmAdik ;f &yfawGudk zefwD; ysHUyGm;apolawG[m Black Hat Hacker awG
jzpfMuygw,f/ olwYd[ k m olwdYk&JU vkyfaqmifrIaMumifh wpfbufrSm jzpfoGm;r,fh
qH;k &IH;epfemrIawGudk xnfah wG;avh r&Syd gbl;/ rdrw d Ydt
k usdK;pD;yGm;udo k m Munfw h Jh
vkyf&yfawGrsdK; vkyfaqmifavh&SMd uygw,f/ 'gaMumifh Black hat hacker awG[m
pdwfxm;raumif; vkyf&yfraumif;wJh vlqd;k awGvdkY rSwf,lEidk yf gw,f/
Black Hat, White hat qdw k mawGu ]]The bad guys usually wore black
hats and the good guys wore white ones.}} qdw k Jh taemufwidk f; a&S; qd&k dk;pum;
wpfcu k ae qif;oufvmwm jzpfygw,f/ oabmu vlaumif;rsm;onf OD;xkyfjzL
aqmif;MujyD; vlq;dk rsm;u OD;xkyfteuf aqmif;Muonf aygh/
White Hat Hacker awGuvnf; Black Hat Hacker awGvy dk J
uGefysLwmpepfawG&JU tm;enf;csuf ,dak ygufawGudk &SmazGygw,f/ Black Hat
Hacker awGeJY rwlwmuawmh White Hat Hacker awGu &SmawGv Y mwJh
tm;enf;csufawGay: tcGihfaumif;,ljyD; wdu k fcu
dk fwmrsdK; rvkyb f J
tJonftm;enf;csufawGudk b,fvdjk yefvnfjyKjyifjyD; aumif;rGefatmifzefwD;rvJ
qdw k mudk BuHpnfvkyfaqmifygw,f/ olwdYk&JU prf;oyfvkyfaqmifrIaMumifh rnfou lY rdk Q
xdcu dk fepfemaprIr&Sdapatmif BuHpnfvkyfaqmif&jcif;rdkY White Hat Hacker awG&JU
vkyfaqmif&rIawGu vufawGrY Sm ydkcufcJygw,f/ jyD;awmh White Hat Hacker
awG[m pepfwpfckudk prf;oyfppfaq;zdkY vdt k yfwt Jh cg xdpk epf&JU ydkif&SifxH
cGihfawmif;jyD;rS xdpk epfudk xdcdu
k fapjcif;r&Sbd J Security t& tm;enf;csufawGudk
&SmazG&ygw,f/ tm;enf;csufawG &SmazGawG&Y Syd guvnf; ydkif&Six f H today;jcif; eJY
umuG,fEidk frnfh enf;vrf; &SmazGjcif;awGudk vkyfaqmifMuygw,f/
av;pm;twk,lzG,f pdwfxm;eJY vkyf&yfrsm;udk vkyfaqmifMuolawGaygh/
Grey Hat Hacker uawmh white rus Black rus Hacker awG
jzpfygw,f/ Black hat awGvdk pepfawGudv k nf; rzsufqD;Muovdk White Hat
awGvdk ydkif&SifxHcGiafh wmif;wmrsdK;vnf; rvkyw f wfMuygbl;/ White Hat awGvdk
cGihfrawmif;&ifawmifrS Black Hat awGvdk pepfawGudk xdcu dk fysufpD;aprIr&Sdatmif
vkyfaqmif&ifawmh Grey Hat vnf; rqdk;wJt h xJrSm yg0ifvmEdkifygw,f/ 'gayr,fh
Grey Hat Hacker tawmfrsm;rsm;uawmh rdrw d dYk&JU prf;oyfrIaMumifh wpfbuf
System awG ysufpD;oGm;vnf; *&kpdkufavhr&SdMuygbl;/ 'gaMumifh pmzwfolu
White hat tjzpf r&yfwnfEdi k &f ifawmif rdrpd rf;oyfrItwGuf wpfzufpepfawG
ysufpD;roGm;apzdkY *&kpkdufvkyfaqmifr,fqd&k ifawmh vlq;dk pm&if;xJrSm yg0ifrSm
r[kwfawmhbl;aygh/
'gawGuawmh Hacker awG&JU cH,lcsufeJY tjyKtrlawGay: rlwnfjyD;
cGJjcm;jcif;om jzpfygw,f/ em;vnfwwfuRrf;rI Skill t& cGJjcm;wmawGvnf;
&Sdygao;w,f/ 'DrmS awmh tJonftaMumif; xnfo h Gif;rajymawmhygbl;/
wu,fvYdrk sm; urÇmay:rSm Hacker awGom &Sdraebl;qdk&if ,aeY
uRefawmfwYdk toH;k jyKaewJh pepfawG[m ckvdk cdkifrmvHjk cHKvmr,frxifygbl;/ Black
Hat hacker awGu tm;enf;csufawG &SmazGwdu k fcdkufw,f/ White Hat Hacker
awGu tm;enf;csufawGudk &SmazGumuG,fw,f/ 'Dawmh pepfrsdK;pHktwGuf
aumif;usdK;jyKwJh White Hat Hacker awG[m vdt k yfcsufwpf&yf
jzpfvmygawmhw,f/
,aeYacwfudk jyefMunfhr,fqdk&if uRefawmfwYdEk dkifiHrSm tifwmeuf
toH;k jyKrIawG rsm;jym;vmw,f/ uGefysLwm toH;k jyKrIawGeJY uGef,uftoH;k csrIawG?
Website zefwD;toH;k jyKrIawG pwmawG[m vufzuf&nfqidk fupvdkY
ukrÜPDawGtxd wd;k wuftoH;k jyKrIawGudk jrifawGUvm&jyDjzpfygw,f/ tifwmeuf
toH;k jyKrIawG ydkrrdk sm;jym;vmwmeJt Y rQ tifwmeufqidk f&m qdu k fbmvHjk cHKa&;awG
ta&;ygvmovdk bPfvkyfief;awG? EdkifiHwumeJY ywfoufqufqHwJh aiGay;aiG,l
udpöawGuadk wmifrS zke;f av;wpfvH;k ay:uae vkyfaqmifEkid faewJah cwfrSm
qduk fbm&mZ0wfrIawGvnf; ydkrdrk sm;jym;vmaewmaMumifh Cyber Security &JU
tcef;u@[m tvGefta&;ygvmygw,f/
Hacking udk pdwfr0ifpm;vsifawmifrS rdrw d Yd&k JU vHjk cHKa&;twGuf
Knowledge awG &SdzdYk vdt k yfvmygawmhw,f/ Hacking udk raumif;wJhtvkyfvdkY
w&m;ao owfrSwf,lqxm;wwfMuwJh tcsdKUaomolawGudk uRefawmfwYdk
ywf0ef;usifrSm jrifawGzY ;l Muygvdrfrh ,f/ uRefawmfaqG;aEG;cJhovdyk gyJ/
aumif;wJb h ufrSm toH;k csr,fh hacker awG uRefawmfwYdEk idk if HrSm ta&;ay:
vdtk yfvdkYaeygjyD/ rMumrD umvawGtwGif;rSm rjzpfraevdt k yfcsufwpf&yf
jzpfvmygawmhr,f/
Hacking ay: tjrifrMunfolrsm;udk ajymjyvdkwmwpfcu k Hacking qdw k m
vufeufwpfckygyJ/ aoewfwpfvuf &Sdw,fqdkygpdY/k tJonfaoewfu
vlq;dk vufxJrSm &Sdae&if vlaumif;awGtwGuf pdk;&drpf dwfypl &mjzpfaeayr,fh
tJonfaoewfuyJ &JawGvufxJrSm&Sad e&ifawmh vlaumif;awG pdwfylp&m
rvdkawmhygbl;/ aoewfonf vludk aoapEdik af yr,fh xdak oewfudk
udik fpx
GJ m;olay:rSm rlwnfjyD; oufa&mufrI uGmjcm;oGm;ygw,f/
'Doabmw&m;twdik ;f ygyJ/ Hacking onf aoewfwpfvuf qdMk uygpdkY/
'g[m raumif;wJhtajctaewpfckr[kwfygbl;/ umuG,fa&;bufrmS
toH;k jyKwt Jh cg xdak oewfuyJ tm;vH;k twGuf aumif;usdK;awGudk zefwD;ay;Edik pf Grf;
w,fr[kwfvm;/
CHAPTER 2: Ethical Hacking (or)
Penetration Testing
1.Penetration Testing qdw
k m
Ethical Hacking , Penetration Testing eJY White Hat Hacking wdY[ k m
ac:a0:oH;k pGJrIjcif; uGjJ ym;ayr,fh qdv k d&k if;u wlnDMuygw,f/ Hacking udk
vkyfaqmifwaJh e&mrSm Ethic qdw k Jh ud,k fusifhw&m; pHEeI f;wpfck aygif;pyfvu kd f
wJt h cg Ethical Hacking qdw k m jzpfay:vmygw,f/
Corporation awmfawmfrsm;rsm;[m olwYd&k JU umuG,fa&;twGuf
Security Professional awGudk iSm;&rf;toHk;jyKMuw,f/ umuG,fa&;rSm
tiftm;aumif;apzdt kY wGuf Security control awGuv dk nf; xyfrH 0,f,l toH;k jyK
Muavh&Sdygw,f/ 'gayr,fh Skilled hacker awGudk umuG,fEidk fzYdt k wGuf olwYd&k JU
vkyfaqmifcsufawG[m pdwfauseyfp&m&Sdr&Sdqdkwmudk b,folu cdkifrmpGm
qH;k jzwfay;Edkirf vJ/ 'Dae&mrSm Penetration Testing &JU tcef;u@u
ta&;ygwJah e&muae yg0ifvmygawmhw,f/
Penetration Testing (Pen-testing) qdw k m umuG,fa&; r[mAsL[mudk
a&;qGv J kyfaqmifol Security Officer (or) Security Control awGuae usef&pfchJwJh
vHjk cHKa&;qdik f&m tm;enf;csuf (Security Weakness) udk &SmazGEidk af pzdYt k wGuf
System ay:rSm Attack jyKvkyfMunfjh cif; jzpfygw,f/
xdo k Ydk Security Assessment jyKvkyfjyD; vkjH cHKa&;t& tm;enf;csufawGudk
&SmazG&mrSm Nessus Vulnerable Scanner udk toH;k jyKEidk yf gw,f/ Pro eJY Manager
qdjk yD; version ESprf sdK;&Sdonfhtjyif &uf 60 pm tcrJh toH;k jyKEidk cf Gihf&SdrmS jzpfjyD;
WannaCry, NotPetya eJY tjcm; Ransomware Cyber Attack awGuae
umuG,fwm;qD;Edkifygw,f/ 'ghjyif &SmazGawG&Y Sv d maom tm;enf;csufawGuv dk nf;
jyKjyifjyifqifvYdk vG,fulapzdYk taxmuftyHhay;ygw,f/
Nessus udk prf;oyf&,loH;k pGJvdy k gu Browser's address bar wGif
bit.ly/nessus-aio [k &dkufxnfhjcif;tm;jzifh Download &,l&efae&modkY
a&muf&rSd nfjzpfjyD; ESpo f uf&mAm;&Sif;tvdu k f a'gif;,lEidk yf gw,f/
Nessus Vulnerable Scanner wGif Vulnerable rsm;tm; azmfjyyHk
2. Penetration Testing Types

Penetration Testing vkyfaqmifjcif;onf real attack awGvdk wky
vkyfaqmifjcif;jzpfjyD; t"dutm;jzifh atmufyg &nf&G,fcsufrsdK;awG
xm;&Sdvkyfaqmifygw,f/
1/ wdu k fcu dk fvmEdik af jc&Sw
d Jh wdu
k fcdu
k frIawGeJY atmifjrifEkdiaf jcudk qH;k jzwf&ef
2/ wdu k fcdkufcH&Edkiw f Jh tEÅ&m,frBuD;wJh ,dpk drfah ygufawGeJY tEÅ&m,fBuD;wJh ,dak yguf
awGudk cGJjcm;owfrSwf&ef
3/ tvdt k avsmufvkyfaqmifwJh tool awGeJY rawG&Y dSEidk w f Jh ,dpk drafh ygufawGudk &SmazG
cGJjcm;&ef
4/ wdu k fcu dk frIwpfck jzpfyGm;ygu vkyfief;twGif; rnfrQ xdcu dk fEidk frnfudk qH;k jzwf&ef
5/ umuG,fa&;pepfeJY Security Control awG&JU pGr;f aqmif&nfudk ppfaq;Edkif&ef
6/ vHjk cHKa&;qdik &f m enf;ynmvkyfief;awGrSm &if;ESD;jrSKyfESHvdkol aygrsm;vmapzkdY
oufaocH (ulnDaMumfjimay;rnfv h kyfief;&Sif)udk &SmazG&ef
txufyg &nf&, G fcsufrsm;jzifh Penetration Testing ukd Internally
omru Externally yg vkyfaqmifavh&dSMuygw,f/ vkyfaqmifrIay:rlwnfjyD;
Black-box pentesting, White-box pentesting eJY Grey-box pentesting qdjk yD;
uGjJ ym;rI&dSygw,f/ 'Dae&mrSmawmh wpfcpk t D aMumif; tao;pdwf raqG;aEG;
awmhygbl;/
Penetration udk vkyfaqmif&mrSm atmufyg tqifh 6qife h YJ
vkyfaqmifavh &SdMuygw,f/ ( Penetration Tester awG vkyfaqmifavh&w Sd Jh tqifh
6qifah ygh/) bmawGvJqdkawmh
1. Information Gathering
2. Footprinting
3. DNS Enumeration
4. System Fingerprinting
5. Services probing
6. Exploit research wdYk jzpfMuygw,f/
External eJY Internal testing qdjk yD; ESprf sdK;&SdaMumif; aqG;aEG;cJhjyD;jyDaemf/
Internal Testing qdwk mu twGif;vltaeeJY wdu k fcdu
k frIudk prf;oyfvkyfaqmif&wm
jzpfygw,f/ External pentesting eJY vkyfaqmif&yHkcsif; wlnDayr,fh uGmjcm;wmu
Attack udk twGif;vltaeeJY jyKvkyf&jcif;rdkY Internal network xJrSm
b,fae&muae pwifr,fqdw k m ydkjyD; odwJt h jyif authorized access vnf;
&&Sdxm;wmrdYk tcsdKUaomtydkif;awGrSm ydkjyD; oufomaprSmjzpfygw,f/
External Attack vkyfaqmif&wJh Attacker uawmh ydkjyD;
cufcyJ ifyef;rSmjzpf ygw,f/ bmvdYkvJqdak wmh Internal Pen-tester u 'Deuf0yfxJrSm
b,ft&mu ta&;BuD;w,fqdw k m b,fae&mrSmwnf&dSw,fqdkwmawGudk
odjyD;om;jzpfayr,fh External Attacker uawmh bmwpfckudkrQ rod&ao;bJ
pwifvkyfaqmif&rSm rdkv Y dYkygyJ/
External Attacker awGtaeeJY vkyfaqmif&wJh erlemtqifhuav;awGu-
1. Internal Network Scanning
2. Port Scanning
3. System Fingerprinting
4. Service Probing
5. Exploit Research
6. Manual Vulnerability Testing and Verification
7. Manual Configuration Weakness Testing and Verification
8. Firewall and ACL Testing
9. Administrator Privileges Escalation Testing
10. Password Strength Testing
11. Database Security Controls Testing
12.Internal Network Scan for Know Trojans pwmawG jzpfygw,f/
Tool awGudk toH;k jyKjyD;vnf; Penetration Testing udk automate
jyKvkyfEidk yf gao;w,f/ manual jyKvkyfwmavmuf wdusaumif;rGefjcif;r&Sad yr,fh
tcsdefeJY resource awGudk oufomapygw,f/ network ay: oufa&mufr,fh
Impact udk avsmhusapEdkio f vdk pepfudk xdcdu k fysuf,Gif;apEdkifr,fh (human
mistake) rsdK;udv k nf; avsmhenf;apygvdrfhr,f/
Manual Testing &JU tm;omcsufuawmh uRrf;usifykdiE f kdifwJh Security
Professional awGu vkyfaqmifjcif; jzpfvdYkygyJ/ tJvdk vkyfaqmifr,fq& dk ifawmh
Planning, attack design eJY scheduling awG owfr
f Swfxm;zdkY vdt
k yfygvdrrfh ,f/
2. Vulnerability Assessment
'Dtydkif;udak wmh Nexpose vdk tool udk toH;k jyK vkyfaqmifEidk fygw,f/
tm;vH;k od&jSd yD;jzpfwJh Metasploit udk zefwD;cJhonfh Rapid 7 uyJ Develop
jyKvkyfxm;wJh Nexpose [m Vulnerability assessment jyKvkyf&mrSm
tvGeftaxmuftuljyKygw,f/ oifhtaeeJY Nexpose udk prf;oyftoHk;jyKvydk gu
Google rSm nexpose download vdYk &dkuf&Smvdu k f&if tay:qH;k awGU&r,fh link uae
azmifjznfjh yD; a'gif;,lEdik yf gw,f/ tcrJh prf;oyfoHk;pGcJ iG fhumvuawmh &uf 30
jzpfjyD; a&&Snfo;Hk vdyk gu 0,f,lxm;&rSmjzpfygw,f/
Nexpost u uRsefawmfwdYk&JU Network xJrSm &SdaewJh Device awG&JU
System ydkif;qdi k &f m tm;enf;csufawGudk tcsdefwadk v;twGif;rSm &SmazG
azmfjyay;Edkiyf gw,f/ install jyKvkyfjyD; prf;oyfMunfyh gu vG,fulpGm odEdkifwmrdkY
uRsefawmfhtaeeJu Y awmh razmfjyvdak wmhyg/ Vulnerability Assessment udk
manual taejzifhvnf; vkyfaqmifEkdifygao;w,f/ prf;oyf&mS azG&r,fh
enf;vrf;awGuadk wmh od&Sdxm;&rSmjzpfygw,f/
3. Area of Pentest
vlom;awG&JU qH;k jzwf vkyfaqmifcsuf (human behavior) rygbJawmh
penetration testing udk jyD;qH;k atmifjrifatmif vkyfaqmifEi dk rf nfr[kwfyg/
sensitive information awG &&Sdzdkt Y wGuf taumif;qH;k enf;vrf;uawmh ,HMk unf&
avmufaom olu exploit jyKvkyfjcif;rsdK;yJ jzpfygw,f/ tJvdk
k wGuf attacker awGu target system xJrSm &SdaewJh 0efxrf;awG
vkyfaqmifEkid fzYdt
udk toH;k csEdkifzYdk BudK;pm;wwfMuygw,f/
tJvdk vkyfaqmifEkdifzdYktwGufvnf; Social Engineering udk
toH;k jyKavh&ySd gw,f/ wdu k fcdkifrIwpfck &mEIe;f jynfh atmifjrifoGm;jyD qd&k ifawmh
attacker u olt Y wGuf user account wpfck topfxyfziG w fh mrsdK;? root (admin)
password awGudk ajymif;vJypfwmrsdK;? data awGudk ul;,lwmrsdK;? malware awGudk
xnfo h Gif;wmrsdK;? data awGeJY system udk zsufqD;ypfwmrsdK; ponfjzifh
olvkyfcsif&mudk vkyfEidk fciG hf &oGm;aprSmjzpfygw,f/
Pen-tester awGu tvm;wl enf;ynmawGudk toH;k jyKjyD; Vulnerability
(tm;enf;csuf) awGudk &SmazG&ovdk tm;enf;csufawGaMumifh xdcdkufvmEdkir f ,fh
jzpfEkdifajcawGuv dk nf; BudKwif rSe;f qxm;&ygw,f/ Sensitive information (data)
awGuv dk nf; xm;&SdoH;k pGJwJh ae&m rSef rrSef? vkyfydik fciG hf &olawG&UJ todynmydik f;
tajctae pwmawGudk xnfo h Gif; pOf;pm;&ygw,f/tm;enf;csufawGudk &SmazG
awGU&Sdygu xdt k m;enf;csufawGudk z,fvdYk &u z,f? umuG,fvYdk &ygu umuG,fjyD;
umuG,fwm;qD;vdYk r&wJh tm;enf;csufrsdK; jzpfyguvnf; xdt k m;enf;csufrS
wdu
k fcudk fvmvsif xdcdkufrI r&Sdatmif (enf;atmif) vkyfaqmif&r,fh
enf;vrf;awGuydk g &SmazG &rSmjzpfygw,f/
d Ydk wm0ef,l vkyfaqmifay;aewJh company (or) organization awGrSm
rdrw
vuf&Sd vkyfudkifaeol 0efxrf;rsm; (txl;ojzifh uGefysLwmrsm;ESifh xdawGYae&olrsm;)
udk oufqidk &f m todynmay;jcif;rsdK;awG vkyfaqmif&rSmvnf; jzpfygw,f/
ck uRsefawmfwdYk aqG;aEG;cJhwmav;awGu Penetration Testing eJY
oufqidk o f rQ Concept awG tm;vHk; r[kwfyg/ oabmobm0udk em;vnf&Hkom
tusOf;csKyf aqG;aEG;jcif;jzpfwmrdYk 'Dae&mrSmyJ acwÅcP &yfem;&atmifyg/
CHAPTER 5: Linux Fundamental
1. Introduction to Linux
Linux qdw k mudk roH;k zl;&ifawmif Linux qdw k pJh um;vH;k udkawmh
uRsefawmfwYdk Mum;odz;l Muygw,f/ Operation System wpfckv;Hk udk &nf&, G fjyD;
uRefawmfwYdk ac:avh&SdwJh Linux qdw k m wu,fawmh BIOS/UEFI eJY Boot Loader
uae pwifwJh Operation System Kernel wpfckjzpfygw,f/
Linux udk 1991 ckEp S frmS Finish student wpfa,mufjzpfwJh Linus
Torvalds u pwifcw Jh mjzpfjyD; olU&JU &nf&G,fcsufuawmh Free OS kernel wpfcu k dk
zefwD;ay;vdkwJh &nf&, G fcsufeJY pwifchJwmjzpfygw,f/ Linux ay:aygufvmyHkudk
tusOf;csKyf aqG;aEG;cJhwmjzpfygw,f/ ordkif;aMumif;udk razmfvdkawmhygbl;/
a&;xm;wJh pmayawGvnf; trsm;BuD;&Sv d dYk jzpfygw,f/
GNU taMumif;av; qufvdu k f&atmif/ GNU qdw k mu Unix udk
qdvk wdk m r[kwfygbl;/ trSwfrSm;Edkifwmav;awG&SdvdkY xnfah jymjcif;yg/ GNU u
Unix r[kwfayr,fh Unix-like Operating system wpfrsdK;jzpfjyD; 1984 ckEp S rf Sm
launch Jh mjzpfygw,f/ Free Software wpfrsdK;jzpfjyD; Kernel
vkyfcw
yg0ifjcif;r&Sdygbl;/ tMurf;zsif;ajym&&if GNU qdw k mu Application awG?
Library awGeJY developer tool awG pwmawGudk aygif;pkxm;wJh software
collection wpfrsdK;om jzpfygw,f/ OS wpfc[ k m resource awGqDudk allocate
jyKvkyfzYdek JY hardware awGudk ajymjyEdkifzdYktwGuf tjcm; program wpfck
vdtk yfygw,f/ tJonf program uawmh kernel ygyJ/
Kernel rygcJhwJh GNU [m Linux udk ol& Y JU Kernel tjzpf
toH;k jyKxm;ygw,f/ 'gaMumifh GNU/Linux vdYk ac:qdMk uwm jzpfygw,f/ uJ
uRefawmfwYdrk Sm Linux qdw k Jh Kernel eJY GNU qdw k Jh Operating System &SdaejyD
qdMk uygpd/kY uRsefawmfwdYku ck tvG,fqH;k ac:aeMuwm Linux qdak yr,fh wu,fu
GNU/Linux jzpfjyD; toH;k jyKol oef;aygif;rsm;pGm &SdaejyDjzpfygw,f/ GNU rSmvnf;
the Hurd vdYk ac:wJh ud, k fydik f Kernel wpfc&k dSjyD; ,aeYcsdefxdtoH;k jyKrI
rwGiu f s,fao;yg/ yGJOD;xGufyif rawGzY ;l ao;yg/ quf&atmifaemf/
'DpmtkyfxJrSmawmh Linux Distro awG trsm;BuD;xJurS Kali Linux udk
t"duxm;jyD; toH;k jyKaqG;aEG;oGm;rSmjzpfw,fqdw k mav; xyfrHajymMum;yg&ap/
Kali Linux udk install jyKvkyfvdkygu vma&muf aqG;aEG;Edkifwt Jh aMumif; a&SUrSm
azmfjycJhjyD;jyDaemf/ rdrw d dYktaeeJY avhvmvkyfaqmifMunfch sifyguvnf; rdrw d Ydk
toH;k jyKr,fh Browser &JU address bar rSm bit.ly/kali-aio vkYd &dkufxnfhvdkuf&eHk YJ
Kali Linux udk &,lykH? Install jyKvkyfenf;trsdK;rsdK;ESifh tjcm;aom
odrSwfz,G f&mrsm;udk avhvmEdkifygao;w,f/
Kali Linux udk Install jy;D jyDvdYkyJ oabmxm;&atmif/ Linux eJY
ywfoufwJh tajccH odoifhodxdu k fwmav;awGudk 'Dae&mrSm qufvuf
aqG;aEG;oGm;rSmjzpfygw,f/
2. Unifying File System
'Dwpfcgawmh Linux File System taMumif; tenf;i,f aqG;aEG;ygr,f/

File System onf Kernel &JU ta&;ygwJh wpfpw d fwpfa'o vdYk qd&k ygr,f/
Unix-like Operating System awGrSm zdkifoda k vSmifrIawGudk Single Hierarchy rSmyJ
pkpnf;csdwfqufxm;ygw,f/ Hierarchy qdw k muawmh ta&;ygrItvdkuf
pkpnf;pkzJYGxm;wJh tpktaygif; (odYkr[kwf) ta&;ygrItvdu k f pDpOfxm;wJh tpDtpOf
vdYk qdEk idk yf gw,f/
Hierarchical tree &JU starting point uda k wmh root vdYk ac:jyD;
oauFwtaeeJY ]rsOf;apmif;} ]] ^ }} udk toH;k jyKygw,f/ "root" directory xJrSm
sub-directories (directory cGJ) rsm;pGm yg0ifygw,f/ Oyrm root qdw k Jh directory
xJu home qdw k Jh directory udk oauFweJY azmfjy&if /root/home ujzpfygw,f/
directory qdw k pJh um;vH;k eJY pdr;f ae&ifawmh windows rSm ac:avh&SdwJh Folder vdYkyJ
tvG,fq;Hk rSwfxm;Edkifygw,f/ (directory vdYk ajym&if folder aygh)
'gqdk /home/new/abc.txt vdYk ajym&if root(system) xJ home qdw k Jh
directory (folder) xJrSm&SdwJh new qdw k Jh directory xJu abc emrnfeJY txt
zdkifwpfckvYdk em;vnfavmufjyDxifygw,f/ Disk awGay:rSm &SdaewJh storage
location eJY Naming System ESpc f Mk um;rSm translate vkyfay;wmuawmh Kernel yg/
Disk awGay:rSm a'wmawGudk oda k vSmifzdYktwGuf toH;k jyKEidk wf Jh Format
awG rsm;pGm &SdMuygw,f/ Linux twGuf t"duuswmawGuawmh ext2, ext3 &
ext4 wdYk jzpfMuygw,f/ 'ghjyif Windows wifxm;wJhbufuae Linux &JU ext4
wdYkvdk file system awGxJudk 0ifa&mufzwfEidk zf kdY rvG,fayr,fh Linux
toH;k jyKxm;wJb h ufuae Windows &JU NTFS, FAT & FAT32, etc... pwJh file
system awGudk zwf&o I d&SEd dik wf muvnf; Linux oH;k olawGtwGuf
tm;omcsufwpf&yf jzpfaeygao;w,f/ vG,fvG,fajym&&if Linux bufu
zdkifawGudk windows bufuae odEdik fzdYk rvG,fayr,fh Linux bufrSmawmh
rnfonfh File System udrk qdk odEdik w f ,fvdYk qdvk dw
k mygyJ/
3. The Command Line
uRefawmfwdYk toH;k jyKawmhr,fh Linux System rSm ta&;ygqH;k vdYk

qdv k Ydk&r,fh Command Line udk toH;k jyKvdyk gu Kali Linux wifjyD;wJth wdik ;f
xm;&Sd&if vuf0Jbuf (b,f) rSm axmifvdkuftaeeJY Menu bar wef;uav;
&Sdaewmudk awGY&ygr,f/ Windows rSmqd&k ifawmh 'gudk Task Bar vdYk ac:ygw,f/
Linux rSmawmh olu Y dk Dash to Dock vdYk ac:qdyk gw,f/ tJonfuaevnf;
oGm;a&muf zGihfMunfEh kdifygw,f/
icon uawmh txufyg yHktwdkif; jzpfygw,f/ vkyfaqmifp&m

tawmfrsm;rsm;udk GUI taeeJY vkyfaqmifvdkY &aeayr,fh Terminal udk
k yfvSygao;w,f/ Linux toH;k jyKrI
toH;k jyKjcif;udk uRrf;usifykdiEf kdifzdYkvnf; vdt
uRrf;usifvmwJt h cg Terminal &JU ta&;ygrIawGudk ydkrdk em;vnfvmygvdrhfr,f/
Terminal udk zGihfMunfw h Jth cg txufyg yHktwdkif; jrifawG&Y ygr,f/
txufyg yHkrSm Munfrh ,fqd&k ifawmh root@kali vdYk awGY&rSmjzpfygw,f/ olU&JU
yHkpHu account@host-name jzpfwmrdkY a&SUrSmawG&Y wJh root onf vuf&Sd
0ifa&mufaewJh Acc udk azmfjyygw,f/ @ aemufu kali uawmh Kali Linux udk
wifwJhtcgwkef;u host name ae&mrSm xnfch hJwJt h wdik f; ay:jcif;jzpfjyD; setting
uae jyefvnf ajymif;vJtoH;k jyKvdkYvnf; &ygw,f/ aemufrSm ygwJh # oauFw
uawmh vuf&Sd toH;k jyKaewJh terminal onf root terminal jzpfvYdk jzpfygw,f/
root account ur[kwfbJ tjcm; user account uae 0ifa&muf toH;k jyK&ifawmh #
ae&mrSm $ oauFw udo k m jrifawG&Y rSmjzpfygw,f/
uRefawmfwdYk taeeJY Terminal vnf; odjyD/ root Vs other account awG
&JU terminal oauFw rwlnDwmvnf; odjyD? pmtkyx f JrSm (root@kali) vdYk awG&Y if
'gawGu &dkufxnfhp&mrvdb k l; &SdjyD;om;qdw k mvnf; em;vnfjyDq&dk ifawmh 'Dwpfcg
Terminal Commands awGtaMumif; tenf;i,f qufvuf
aqG;aEG;&atmifcifAs/
Terminal command awGxJrS toH;k rsm;wJh a,bk,s command awGudk
azmfjy aqG;aEG;oGm;ygr,f/
cd command udk directory awGxJudk 0ifa&mufzYdk oH;k ygw,f/ linux
roHk;zl;olawGtwGuf tvG,fqH;k em;vnfatmif ajym&&if folder awGxJudk
kY wGuf toH;k jyKygw,f/ Oyrm- cd Downloads vdYk
0ifa&mufEidk zf dt
&dkufxnfhvdkuf&if Downloads qdw k Jh directory (folder) xJudk 0ifa&mufwm
jzpfygw,f/ wpfck owdxm;zdku Y Linux rSm Windows vdk pmvH;k tBuD;tao;
tqifajyovdk &dkufvdYk r&ygbl;/ Upper (or) Lower (pmvH;k tBuD;tao;)
rSeuf efatmif &dkuf&ygw,f/
cd udk prf;oyfMunfE h dik zf dYktwGuf terminal udzk Giv fh u
dk f&atmif/ jyD;&if
vuf&Sd a&muf&dSaewJh Directory xJrSm bmawG&SdvJqdkwmudk odEidk fzYdk ls (LS
tao;csnf;) &dkufxnfjh yD; enter vdu k fyg/
txufyg yHkuawmh uRsefawmfh&JU root accc, Home directory xJrSm

&SdaewJh zdkifawG directory awGyg/ directory awGudk tjyma&mifeYJ azmfjyygw,f/
tjcm;aom zdkifawGudv k nf; ta&mifcJGjcm; azmfjyxm;wm jrifawGY&rSmyg/
tjyma&mifeYJ azmfjyxm;wJh directory awGudk Munfrh ,fq&dk if vuf&Sd Home
directory xJrSm yg0ifwJh directory awGudk od&SEd kdifygw,f/ (folder xJrSm&SdwJh folder
awGaygh)
ck Desktop qdw
k Jh directory xJudk 0ifMunf&h atmif/
txufygtwdik ;f 0ifMunfhvdkufwJt h cg bash: cd: desktop: No such file

or directory qdjk yD; jyvmwmudk awG& Y ygvdrfrh ,f/ taMumif;uawmh uRefawmf
&dkufxnfhvdkufwJh cd desktop rSm d u pmvHk; tao; jzpfaevdYyk g/ tay:yHkrSm
jyefMunfh&if Desktop rSm D udk tBuD;pmvH;k eJY a&;xm;wmudk awGjY rif&ygr,f/
pmvHk;tBuD;eJY jyefajymif;a&;Munfh&atmif/
ckq&dk ifawmh uRefawmfwdYk Desktop udk 0ifa&mufEdkifjyDjzpfygw,f/

Desktop ay:rSm zdkifawG&Sy d gu MunfEh kdifzdYktwGuf file list azmfwJh ls comand
av;udk toH;k jyKjyD; MunfhEdik fygw,f/
uRefawmfh&UJ Desktop ay:rSmawmh folder wpfco k m &SdvYdk wpfco k m

jyay;wmyg/ bmrS r&Sd&ifawmh bmudrk sS jyay;rSmr[kwfyg/
Desktop ay:rSm &Sdaewkef; New Folder wnfaqmufyu Hk dk qufvuf
avhvm&atmif/ folder ukd directory vdYk ac:w,fqw dk m ajymjyjyD;jyDaemf/ 'Dawmh
folder topf jyKvkyfr,fqda k wmh make folder (make directory) aygh/
tJonftwGuf command u mkdir yg/ mkdir directory-name aygh/ Oyrm-
vuf&Sd dir xJrSm test qdw
k Jeh mrnfeJY dir wpfck zefwD;vdw Jh cg mkdir test qdjk yD;
k t
&dkufxnfh&rSmyg/
txufygtwdik ;f &dkufxnfhjyD;ygu ls eJY list jyefazmfMunf&h if test qdw

k Jh
directory wpfck xyfwd;k aewmudk jrif&ygr,f/
txufyg yHkrSm test qdw
k Jh dir wpfck xyfw;dk vmwmudk awG&Y rSmyg/ cd udk
dk f&atmif/ cd test eJY 0ifa&mufvu
oH;k jyD; xyf0ifvu Jh cg test folder xJudk
dk fwt
0ifa&mufjyD; jzpfwm awG&Y ygr,f/
'Dcgawmh space jcm;wJh emrnfeJY folder wpfcu k dk zefwD;Munf&h atmif/

test two qdw
k eJh mrnfeJY folder wpfcu
k dk wnfaqmufMunfMh updkY/
txufyg yHkt& Desktop ay:u test directory xJrSm test two qdw
k Jh
emrnfeJY folder wpfck wnfaqmufwmjzpfygw,f/ 'gayr,fh ckcsdefrSm Desktop
ay:rSm&SdwJh test folder udk zGihfMunfrh ,fqd&k ifawmh
uRefawmfwdYk awGY&rSmu test eJY two qdw k Jh folder ESpcf k jzpfaewmyg/

vdck sifwmu test two qdw k Jh folder wpfcw k nf;// &vmwmu ESpcf k/
bmaMumifv h Jqadk wmh name rSm ygaewJh space aMumifhygyJ/ command line rSm
space jcm;vduk fwmeJY oD;jcm;wpfcktjzpf owfrSwfygw,f/ 'gaMumifh command
line awGrSm toH;k jyK&r,fh linux file awGrSm space rjcm;bJ emrnfay;xm;jcif;yg/
uRefawmfu mkdir test-three qdjk yD; txufyg yHktwdki;f aemufwpfck
zefwD;Munfyh gw,f/
txufyg yHktwdkif; test-three folder wpfcyk J xyfw;dk vmwmudk

awGY&ygr,f/ vdck sifwmu space jcm;wJeh mrnfeYJ folder / 'gqdk b,fvvdk kyfrvJ/
linux command rSm space ygcsifwJth cg "...." (rsufawmiftzGihftydwf) Mum;rSm
xnfo h ;Hk &ygw,f/
txufygyHku twdik f; mkdir "test four" qdjk yD; space ygwJh

folder(directory) name udk rsufawmiftzGift h ydwfMum;rSm xnfoh Gif;vdu
k fwt Jh cg
uRefawmfwYdk vdck sifwJh space jcm;xm;wJh folder name eJY folder wpfcu k dk &&Sjd yD
jzpfygw,f/
'gqdk&if cd eJY 0ifa&mufwJt

h cgrSmvnf; " " xnfzh dkY vdw
k ,fqw
dk m
oabmaygufr,fxifygw,f/
ckq&dk ifawmh uRefawmfwdYk test four qdw
k Jh directory xJrSm &SdaeygjyD/
'Dcgawmh back jyefxGufyHu
k av;udk aqG;aEG;ygr,f/
txufyg yHktwdik f; cd aemufrSm 2 dot (..) xnfo

h Gif;jyD; enter r,fq&dk if
folder wpfqifh aemufjyefxGufygw,f/ tm;vH;k jyefxGufcsif&ifawmh cd yJ
&dkufxnfhjyD; enter &rSmjzpfygw,f/
'Dcgawmh terminal topfwpfckziG hfjyD; dir wpfckcsif;pDudk

jyef0ifMunf&h atmifyg/
txufyg yHkonf terminal zGihfjyD;uwnf;u dir wpfcck sif;pDudk Munf&h I

0ifa&mufyHk jzpfygw,f/ dir awGudo k m od&if yHkygtwdkif; command
taMumif;a&rsm;rsm;eJY wpfqifhpD 0ifaep&mrvdb
k J wdu k f&u
dk f
0ifa&mufEidk yf gao;w,f/
txufyg yHkwGifMunfv
h sif cd command udo
k ;Hk jyD; wpfqifhpD
0ifa&mufjcif; ESihf cd command jzifh wdu k f&du
k f0ifa&mufjcif; wdY&k JU uGmjcm;rIudk
awGYjrifEkdifygw,f/
'Dcgawmh pm&du h ydkif;udk quf&atmifyg/ terminal awG
k fwJt
&Iyrf ae&atmif cke zGifhxm;wmawGudk ydwfvdkufjyD; topfjyefziG hv f udk f&atmif/
jyD;&if Desktop ay:u test qdw k Jh folder xJ 0ifxm;vdkufyg/ 'Dae&mrSm
enf;enf;av; ajymvdkwmu uRefawmfwdYk oH;k r,fh Kali Linux rSm Pop-up (GUI)
taeeJY toH;k jyKEidk w f Jh pm&duk fEdik fwJh app awG&o Sd vdk command line rSm
oH;k &wmawGvnf; &Sdygw,f/ command line uae vkyfaqmif&wmudak wmh ydkjyD;
avhvmxm;zdkY vdt k yfygw,f/ bmaMumifhvJqdak wmh uRefawfmwdYu k Hacking
avhvmaewmrdYyk gyJ/
pm&du
k fEdkiwf Jh program awG &Sdw,fvdYk ajymcJjh yD;jyDaemf/ leafpad, gedit,
vim pwmawGudk oH;k avh&SdMuygw,f/ leafpad eJY gedit uawmh
toGiftjyifuvG&J if oabmw&m;csif; wlygw,f/ cke command line xJrSm
prf;oyfMunfv h udk f&atmifaemf/ test.txt qdw f pfckudk leafpad (or) gedit
k Jzh dik w
wpfcck ek JY zefwD;vdu k fyg/
leafpad test.txt vdYk&kdufvdu h cg leafpad eJY zdkifwpfck yGihfvmrSmjzpfjyD;

k fwJt
tJonfxJrSm rdrw d Ydk tvd&k Sd&m pmudk &dkufEdik fygw,f/ jyD;&if save jyD; ydwf vdu
k fyg/
ckae ls eJY jyefazmfMunfrh ,fqd&k ifawmh uRefawmfwYdk zefwD;xm;wJh test.txt
qdwk zJh idk af v;udk awG&Y ygvdrhfr,f/
Desktop ay:u test folder xJrSm zGihfMunf&h ifvnf;

txufygyHktwdik f; test.txt qdwk mudk awGY&ygr,f/ gedit vnf; leafpad
vdyk gyJ/ leafpad ae&mrSm gedit eJY ajymif;prf;Munfah ygh/
'Dcgawmh command line uaeyJ pm&du k fjyD; zdkifzefwD;&atmif/
txufyg yHkrSmMunfh&if echo udk toH;k jyKjyD; pm&du

k fcwJh mudk awGY&ygr,f/
h ydwf Mum;rSm xm;jyD; oH;k &rSmjzpfovdk >
rdrd a&;vd&k mpmudk rsufawmiftzGift
oauFw&JU aemufrSm rdrd vdt k yfwJh zdkifemrnfudk xnfo h Gif;&rSmjzpfygw,f/
'gqdk&ifawmh ls eJY jyefazmfMunf&h if test2.txt qdw k Jh zdkifaemufwpfck
xyfwdk;aewmudk jrif&rSmyg/
folder rSm oGm;zGihfMunf&h ifvnf; txufygtwdik ;f jrif&rSmyg/ test2.txt

udk zGihfMunfhygu cke uRefawfmwdYk &dkufcJw h Jh This is my testing. qdw k mudk
awGY&ygvdrrfh ,f/ command line udk jyefoGm;&atmif/
txufyg yHkrSmMunf&h if cat command udk toH;k jyKjyD;awmh &dkufcw Jh Jh

Y dk toH;k jyKyHkuawmh cat file-name
pmawGudk jyefazmfMunfhEkdifwm awGY&ygr,f/ olu
yHkpH jzpfygw,f/
ckqdk terminal uae txt zdkif zefwD;jyD; pm&du k fwm/ pmudk

jyefxkwfMunfw h m pwmawG aqG;aEG;jyD;jyDjzpfygw,f/ 'Dcgawmh cke test2.txt
zdkifxJudk aemufxyf pmaMumif;wpfck xyfwd;k Munfh&atmif/
cke command line xJrSmyJ echo "I am learning Ethical Hacking." >
test2.txt
vdYk &dkufxnfv k fwmyg/ oabmu test2.txt zdkifudk txJu
h du
pmom;ae&mrSm I am learning Ethical hacking vdYk jyifr,faygh/
txufygyHkrmS Munf&h if ol&Y JU rlvpmom; This is my testing. ae&mrSm I

am learning Ethical hacking. qdwk mu tpm;xd;k 0ifa&mufvmwmudk awGY&rSmyg/
pmawGudk jyifwmr[kwfbJ xyfjznfh&Hyk Jqdk&ifawmh > ae&mrSm >> ESpcf x
k yf oH;k &rSm
jzpfygw,f/
txufyg yHkrSmMunf&h if rlvpmaMumif;xJrSm Ethical Hacker

qdw
k pJh mom;udk xyfjznfhr,f vdYk qdv k dyk gw,f/ >> udk toH;k jyKxm;wJt
h wGuf
xyfjznfhr,fqw dk mudk od&SEd kdifygw,f/
txufyg yHkrSmMunf&h if cat eJY jyefazmfMunfhvu dk fwtJh cg pmaMumif;awG

xyfwdk;vmwmudk awGYjrif&rSmyg/ 'Davmufqdk em;vnfjyDvYdk ,lqygw,f/ ck
zdkif&Smwmav; qufaqG;aEG;&atmif/ zGihfxm;wJh terminal udk ydwfjyD;topf jyefzGifh
vdu k fyg/ jyD;&if find command udk toH;k jyKjyD; &SmazGenf; prf;Munf&h atmif/ olu Y dk
toH;k jyKyHuk awmh find &Smvdo
k nfhae&m -name &Smrnfzh kdit f rnf jzpfygw,f/ ydkjyD;
em;vnfatmif ajymjy&&if Oyrm- uRefawmfwYdu k Desktop ay:rSm cke
prf;oyfzefwD;xm;wJh folder xJrSm test2.txt qdw
k zJh dkifav;udk
&SmMunfrh ,fqdkygawmh/ &SmwJh command u find, &SmcsifwaJh e&mu Desktop,
zdkifemrnf jzpfaMumif; -name,&SmvdkwJh zdkifemrnfu test2.txt qdak wmh &SmwJt h cg
oH;k &r,fh command u find Desktop -name test2.txt aygh/
&SmMunfv
h u h cgrSmawmh txufyg yHktwdik f;yJ Desktop ay:u test
dk fwJt
k Jh folder xJrSm test2.txt qdw
qdw k Jzh dik f &SdaMumif; jyvmygawmhw,f/ 'gu
k aeeJY test2.txt zdkifonf Desktop ay:rSm &Sdw,fvYdk odxm;vdYk &SmvdYk
uRefawmfwYdt
&wm/ tu,fí b,fae&mrSmrSef; rodbl;qdyk gpdYk/ 'gqdk&ifawmh
uRefawmfwYdt k aeeJY system wpfcv
k H;k xJrSm &Sm&ygawmhr,f/ system &JY oauFwu
/ jzpfygw,f/ root system "/" yg/ 'gaMumifh &SmazGwt Jh cg &SmcsifwaJh e&m udk ^ yJ
xm;vdu k f&rSmyg/
txufygyHkudk Munfrh ,fqd&k if uRefawmfwYdt k aeeJY test2.txt zdkifudk

system wpfcv k ;Hk rSm &Smvduk fw,f/ /root/Desktop/test/test2.txt vdYk jywJt h wGuf
Desktop ay:u test qdw k Jh directory xJrSm&Sw
d ,fqw
dk mudk odEdkifjyD jzpfygw,f/
'Dae&mrSm xyfrHjznfhpGuf ajymvdw k mu Linux system onf Case Sensitive
jzpfw,fvdkY qdck w Jh ,faemf/ pmvHk; tBuD;tao; vG&J ifvnf; &Smwm
awGYrmS r[kwfygbl;/ tJonfawmh uRefawmfwdYk &Smr,fh zdkifu T tBuD;vm;?
tao;vm; *&kpkduf a&;&ygr,f/ tBuD;vm; tao;vm; rod&ifawmh
zdkifemrnfae&mrSm [Tt]est2.txt qdjk yD; tppmvH;k tBuD;jzpfjzpf tao;jzpfjzpf
jyygvdkY qdv
k u
dk fjcif; jzpfygw,f/
zdkifemrnfrSm test ygwmawmhodw,f/ tm;vH;k vnf; aocsmrodbl;

qd&k ifawmh 'Dv&dk mS MunfEh kdifygw,f/
oluawmh zdkifemrnfrSm test ygorSs zdkifwidk ;f udk xkwfjyrSmjzpfvYdk zdkifawG

trsm;BuD; &SmawGyY gvdrfrh ,f/ 'Davmufqdk &SmazGwJth ydkif;vnf; &avmufjyDvYdk ,lq
ygw,f/ 'Dcgawmh tjcm; toH;k rsm;wmav;awGudk acgif;pOf tao;av;awG
xyfcJjG yD; aqG;aEG;oGm;&atmif/ ydk rSwfrdatmifaygh/
APT Package Handling Utility

APT Package Handling Utility uda k wmh apt-get vdYk tvG,fq;Hk
odMuygw,f/ package awGudk install vkyf&mrSma&m remove vkyf&mrSma&m?
upgrade jyKvkyf&mrSma&m odyfvG,fuljyD; aumif;rGefwJh tool wpfcv k Ydk qd&k ygr,f/
k ;Hk r,fh Kali Linux rSm uRefawmfwYdk oH;k aewJh Android ay:u
uRefawmfwYdo
PlayStore vdr k sdK;aygh? application awGudk &,lEkdifr,fh source wpfck &Sdygw,f/
tJonf source eJY uRefawmfwdYk&JU uGefysLwmeJY csdwfqufjyD;jyDq&dk ifawmh apt-get
uae software package awGudk tvG,fwul oGif;,l &&SdEdkifjyDjzpfygw,f/ apt-get
uae software awGudk oGif;,ljcif;rSm tm;omcsufawG &Sdygw,f/ bmawGvJq& dk if
package wpfck install jyKvkyfzdYk&mtwGuf vdt
k yfwJh dependency awG (em;vnf
vG,fatmif ajym&&if aemufxyf qufpyfaewJh vdt k yfcsufawG qdyk gawmh/) udyk g
xnfo h Gif;ay;ygw,f/ 'gaMumifh wpfcck sif;pD vdu k f&Smjznh&f wmrsdK; vkyfp&m
rvdkawmhbl;aygh/
ydk&Sif;atmif Oyrmay;&&if Pen-tester awG? Hacker aw rvGwfwrf;
toH;k jyKavh&w Sd Jh Metasploit vdk program [m RUBY vdYkac:wJh Programming
Language ay:rSDwnfaeygw,f/ RUBY udk install jyKvkyfxm;jcif;r&Sb d J
Metasploit udk run vdYk r&Edi k fygbl;/ 'gaMumifh RUBY onf Metasploit &JU
dependency jzpfygw,f/ (Metasploit u uRefawmfwYdk toH;k jyKr,fh Kali Linux rSm
yg0ifjyD;om;jzpfwmrdYk RUBY yg yg0ifjyD;om;jzpfw,fqdkwmawmh ajymp&m
rvdkawmhbl;ayghaemf)/ 'Dawmh jyefjcHKajym&&if apt-get uae app awGudk install
vkyfr,fq&dk if olwYd&k JU dependency awGudyk g wpfygwnf; automatic install
vkyfay;oGm;ygw,f/ Oyrm- apt-get install virtualbox qdyk gawmh/ virtualbox eJY
wGzJ uf oH;k &r,fh app awGudyk g xnfo h Gif;ay;xm;ygw,f/
tJonfvdk vkyfaqmifEkdifzdYktwGufawmh /etc/apt/ xJu sources.list
zdkifudk leafpad (or) gedit eJY zGihfjyD; sources.list xnfo h Gif;Edkiyf gw,f/ sources.list
u rdrw d Ydk install xm;wJh Kali Linux Version ay: rlwnfjyD; uGmjcm;Edkiw f mrdkY
'Dae&mrSm razmfjyawmhygbl;/ www.khitminnyo.com rSm azmfjyay;xm;ygw,f/
apt-get install (package) u package wdi k f;twGuf &Edik fwmawmh r[kwfygbl;/
rdrw d Ydk xnfo h Gif;xm;wJh source rSm &EdkifwJh package awGuo dk m &&SdEidk frSmjzpfjyD;
tjcm;aom package awGudak wmh oufqidk &f m source awGuae
a'gif;,l&&SdEidk yf gw,f/ Kali Linux onf Debian Based jzpfwmrdYk olt Y wGuf
package awGonf debian package (dpkg) jzpfygw,f/ Ubuntu onfvnf;
Debian Based jzpfwmrdkY Ubuntu eJY Kali rSm Debian package (dpkg) awGudk
wlnDpGmm toH;k jyKEdik fygw,f/ dpkg awG&JU file extension uawmh .deb jzpfygw,f/
Oyrm- example.deb aygh/
deb zdkifawGudk install zdkt Y wGufawmh dpkg -i udk toH;k jyKygw,f/
Debian Package awGudk install vkyfr,fvdYk qdv k maygh/ Terminal uae .deb zdkif
k dw
xm;&SdwJh ae&mudk 0ifa&mufvdu k fyg/ jyD;&if dpkg udo k ;Hk jyD; install EdkifygjyD/ Oyrm
Download qGx J m;wJh example.deb udk install r,f qdyk gawmh/ Downloads
directory xJudk cd command eJY 0ifa&mufjyD; dpkg -i pkg-name.deb eJY install
Edkifygw,f/
ckwpfcgawmh apt-get command udt k oH;k jyKjyD; package awGudk install
vkyfMunf&h atmif/ toH;k jyK&r,fh command u apt-get install pkg-name
jzpfygw,f/ 'gqd&k if Photoshop vdk "mwfykHjyifwJh free software wpfckudk install
vkyfMunf&h atmif/ ol&Y JU pkg-name u gimp jzpfwmaMumifh gimp udk install &r,fh
command onf apt-get install gimp jzpfygw,f/ xdYt k wlygyJ/ Virtual Box udk
install vdy
k gu apt-get install virtualbox vdYk &dkufxnfh&rSmjzpfygw,f/
Update
apt-get onf app & dependency awGudk install ay;Edki& H mru install
f ko
xm;wJh package awGtwGuf update &&SdEdkifrI tajctaeudyk g azmfjyay;Edkifovdk
update vnf; jyKvkyfay;Edi k yf gao;w,f/ sources list xnfo h Gif;jyD;onfhtcg jzpfap?
source wpfcc k k ajymif;vJonft h cgjzpfap? jznfo
h Gif;vdu k fwJh source topfudk
uRefawmfwYd&k JU pepfeJY csdwfqufEdkifzdkYtwGuf apt-get update command udk
toH;k jyK&ygw,f/ xdYktwlygyJ/ uRefawmfwdYk&JU pepfxJrSm&SdwJh package awGtwGuf
upgrade &&SdEdkir I wGufvnf; apt-get update eJY ppfaq;Edkifygao;w,f/
f t
(rSwfcsuf/ / apt-get tpm; apt udyk J toH;k jyKEdkifygw,f/Oyrm apt update,
apt install gimp, ...)
Upgrade
rnfonfh pepfrQ tNrJwrf; jyD;jynfph Hrk aeyg/ t"du Operating System
udk wd;k wufatmif jyKvkyfwm? oH;k &ydrk kv
d G,fulatmif zefwD;wm?
wd;k wufaumif;rGeaf tmifvkyfwm? patch management awG? new feature awG
xnfo h Gif;wm? bugs awGudk rSeaf umifatmif jyKjyifwm pwmawGtwGuf tpOftjrJ
development state rSm &Sdaeygw,f/
uRefawmfwdYk&JU Kali Linux rSm xnfo h Gif;toH;k jyKxm;wJh package
awGtwGuf new version awG&&SdwJt h cg upgrade jyKvkyfEidk rf ,fh command
udvk nf; apt-get (or) apt eJY toH;k jyK&ygw,f/ upgrade jyKvkyfp&m&Sad ewJt h cg
(qdv k wdk mu application wpfck Am;&Sif;topf xGufwt Jh cg) apt-get update (or)
apt update vkyfMunf& h if 'Dvdk ay:ygr,f/
txufyg yHkxJutwdik ;f twdtusawmh ay:rSmr[kwfyg/ rdrw d Ydk pwif
toH;k jyKwt Jh csdeef YJ package awG uGmjcm;Edkiyf gw,f/ ck yHkrSmMunf&h if 399 packages
can be upgraded. Run 'apt list --upgradable' to see them. qdjk yD; awGY&ygvdrr fh ,f/
upgrade jyKvkyfEi f Jh package aygif; 399 ck &Sdw,fqw
dk w dk t
Jh aMumif;
azmfjyxm;ovdk apt list --upgradable udk toH;k jyKjyD; upgrade jyKvkyfEdkifr,fh list udk
MunfEh kdiw
f t Jh aMumif; azmfjyay;xm;wmyg/
txufygyHu k awmh upgradable awGudk azmfMunfw h t

Jh cg jrif&r,fyh kHjzpfjyD;
tenf;i,fuo dk m ,lxnfhxm;ygw,f/ yHkrSmMunf&h if a&SUqH;k rSm package name udk
azmfjyxm;wmudk awGjY rif&rSmyg/ rdrw d dYk uGefysLwmrSm vku
d fvkyfMunfrh ,fq&dk ifawmh
tpdr;f a&mifeJY azmfjyxm;ygvdrfrh ,f/ 'gu package name jzpfjyD; ^ aemufuawmh
Y wGuf tenf;i,f azmfjycsuf jzpfygw,f/ b,f version uae b,f version
olt
xd jrSirfh ,fqwdk mudyk g azmfjyay;xm;wmudk awGEY dkifygw,f/
txufyg yHkrSm Munfrh ,fqd&k if yersinia, zsh, zsh-common qdw k Jh
package awG upgrade &edkifr,fx h JrmS ygaewmudk awGY&rSmyg/ rdrw d Ydk vdt
k yfwJh
package udo k m a&G;cs,f upgrade vdyk gu apt install udk toH;k jyKEidk yf gw,f/ Oyrm
- zsh udk upgrade jyKvkyfvdkygu apt install zsh aygh/
apt-get install (or) apt install command udk toH;k jyKwt Jh cg tcsdKUaom
package awGrSm install vkyf rvkyf twnfjyK&ygw,f/ tcsdKUtwGufawmh
rvdktyfygbl;/ Do you want to continue? [Y/n] qdjk yD; ar;avh&ySd gw,f/ y udk
tBuD;jzpfap tao;jzpfap &dkufxnfhjyD; enter Edkifygw,f/ Y/n rSm Y udk
tBuD;pmvH;k eJY azmfjyxm;wmu default u Y vdYk qdv dk myg/ N udk tBuD;eJY
k w
azmfjyxm;&ifawmh Default u N vdYk od&ygr,f/ ckykHt&awmh install vkyfrmS rdkY Y
udk ajz&ygr,f/ xdo k Ydk Y/n ar;aomtqifhudk ausmfvydk gu toH;k jyKr,fh command
&JU aemufrSm -y vdYk xnfah y;vdu k f&Hyk gyJ/ Oyrm gimp udk Y/n rajz&bJ install
vdyk gu apt install gimp -y (odYkr[kwf) apt-get install gimp -y qdjk yD; command
&dkuf&rSm jzpfygw,f/ install progress 100% jynfjh yD; command line
aemufwpfaMumif; ay:ygu install jyD;qH;k jyDjzpfygw,f/
a&SUrSm aqG;aEG;cJhwJh upgrade &&SdEdkifwJh package awGtm;vHk;udk upgrade

vkyfvdkygu txufyg yHkxJutwdik f; apt upgrade -y udk toH;k jyKEidk yf gw,f/ -y
uawmh Y/n ar;&if y ajzr,fqdw k m BudKwifajymjcif;jzpfaMumif; xyf&Sif;jyp&m
rvdkawmhbl;xifygw,faemf/
Distribution Upgrade
'Dtydkif;uawmh apt upgrade wdYkvdk rMumcP &&SdEidk fwmawmh
r[kwfygbl;/ Kernel Version jrifhoGm;wmrsdK;? 'grSr[kwf system version topf
xyf&wmrsdK; (Oyrm- Android Version 5 uae 6, 7 xd jriS Efh kdifwmrsdK;) awGtwGuf
rSom vkyfaqmiftoH;k jyKEdkifrSmjzpfygw,f/ Oyrm - uRefawmfwYdu k Kali Linux
2016.2 udk Install jyKvkyfxm;w,f/ ck ('Dpma&;aewJc h sdefrmS ) Kali Linux Version
u 2017.1 xd a&muf&So d Gm;ygjyD/ 'Dawmh uRefawmfwYdt k aeeJY topfjyefwif
&rSmvm;/ rvdkygbl;/ tJonf tajctaetwGuf uRefawmfwYdk toH;k jyKEdik fr,fh
command av;wpfck &Sdygw,f/ tJ'guawmh apt dist-upgrade (or) apt-get
dist-upgrade yJ jzpfygw,f/
ajymzdkY arhoGm;w,fAsm/ apt command (apt update, apt upgrade, apt
install, apt dist upgrade) awGudk toH;k jyKr,fq& dk if tifwmeufawmh
vdt
k yfygw,f/ tifwmeufvdik f; csdwfqufxm;rSom vkyfaqmifvYdk &ygr,fAs/
Removing Packages
install taMumif; odjyDqdkawmh uninstall udk qufaqG;aEG;ygr,f/ install
& remove yJ uGmjyD; vkyfaqmif&wmawmh wlnDygw,f/ Oyrm - gimp udk
jyefjzKwfcsif&if apt remove gimp (or) apt-get remove gimp qdjk yD;
toH;k jyKEdik fygw,f/ yHkeJaY wmh vkyfrjyawmhbl;aemf/
Auto-removing
uRefawmfwdYk&JU Operating System xJu package (application) awGudk
upgrade jyKvkyfvdkufwJt h cg xdk package awG&JU old version awG[m rvdktyfbJ
usef&aSd eygawmhw,f/ 'gawGudk z,f&Sm;ay;zdYk vdt k yfygw,f/ upgrade (or)
dist-upgrade jyKvkyfjyD;wdi h ,f qdyk gawmh/ ay;&r,fh command u
k f; vkyfoifw
awmh apt autoremove jzpfygw,f/ autoremove udk cGJra&;ygbl;/
Purge
purge udak wmh linux user tcsdKUu rodMuovdk tcsdKUu
a&SmifMuygw,f/ remove eJY purge rwlnDygbl;/ bmuGmvJqadk wmh apt remove
pkg u package wpfckudkom uninstall vdu k fwmjzpfjyD; configuration file awGudk
zsufroGm;ygbl;/ aemufwpfBudrf vdt k yfwJhtcg jyefvnftoH;k jyKapEdkifzdkY
pufxJrSmyJ xm;xm;cJhygw,f/ purge uawmh configuration file awGuydk g tm;vHk;
zsufvu dk fygw,f/ 'gqdk bmvdYk purge udk oH;k aeao;vJ vdYk ar;p&m
&Sdaumif;&Sdygr,f/
Y dk app wpfckudk vH;k 0 reinstall jyefvnfjyKvkyfvdkwJhtcg oH;k ygw,f/
olu
configuration file xJrSm rSm;,Gif;oGm;wm? jyifrdvu dk fjyD; arhoGm;vdYk program
tvkyfrvkyaf wmhwm pwJhtajctaersdK;twGufvnf; apt purge pkg-name udk
toH;k jyKygw,f/ Oyrm gimp udk tm;vH;k ukefpifatmif jzKwfjyD; jyefxnfhoHk;csif&if
apt purge gimp eJYjzKwfjyD; apt install gimp eJY jyefoGif;aygh/
Clean
uRefawmfwdYkawG apt install pkg eJY install jyKvkyfwjJh zpfpOfrSm package
awGudk oufqidk &f m sources uae download &,lygw,f/ jyD;wJt h cg unpackage
vkyfjyD; install w,faygh/ install jyD;oGm;wJhtcg rvdktyfawmhwJh package awG[m
uRefawmfwYd&k JU system xJrSm usefae&pfcJyh gw,f/ tJovdek YJ rsm;jym;vmwJh
tcgrSmawmh HDD space awG avsmhenf;ukefygawmhw,f/ 'gaMumifh olwYdu k dk
clean vkyfay;zdYk vdt k yfjyD; tJonftwGuf apt clean (or) apt-get clean udk
toH;k jyKEdik fygw,f/
Auto clean
clean eJY vkyfaqmifykHcsif; wlwJh autoclean udak wmh apt upgrade eJY apt
dist-upgrade awG vkyfjyD;wJhtcsdea f wGrSm oH;k ygw,f/ app wpfck version opf
upgrade jyD;wJt
h cg version ta[mif;udk &Si;f ay;w,fvYdk rSwfxm;Edkifygw,f/ olu
Y dk
k awmh apt autoclean (or) apt-get autoclean jzpfygw,f/
toH;k jyKyHu
Combining to the Commands

command awGudk aygif;pyfvdw h cg && oauFwudk (ESpfckxyf) Mum;cH
k Jt
oH;k ygw,f/ Oyrm apt update && apt upgrade && apt dist-upgrade aygh/
aemufwpfckxyfajym&&if apt autoremove && apt autoclean aygh/ wpfqufwnf;
oH;k EdkifwJh command awGudk aygif;pyf toH;k jyKwmyg/
Removing Debian Packages

Debian package (.deb) awGudk install wJt h cg dpkg -i pkg.deb eJY
install aMumif; aqG;aEG;cJhjyD;jyDaemf/ remove vkyfr,fq&dk if -i (install) ae&mrSm -r
(remove) eJY -p (purge) udk toH;k jyKEdkifygw,f/
dpkg -i example.deb
dpkg -r example.deb
dpkg -p example.deb
Tarballs
uRefawmfwdYk odMuwJh zip, rar wdYkvdk file archives vkyfwJh program
wpfcyk g/ Tape Archives udk twdak umufjyKjyD; TAR vdYk ac:qdyk gw,f/ zdkifawG
h wGuf zip wdYk rar wdYkvydk J tarball format udv
trsm;BuD;udk pkpnf;EdkifwJt k nf;
toH;k jyKMuygw,f/ Linux package awGrSm t"du toH;k jyKMuygw,f/
txufyg yHkxJutwdik f; Desktop ay:u a qdw k Jh directory wpfcx

k JrSm
1.txt eJY 2.txt qdwk Jh zdkif ESpzf dkifudk zefwD;vdkufygw,f/ (aqG;aEG;jyD;om;awGrdkY
&Si;f rjyawmhbl;aemf)
toH;k jyK&r,fh command u tar -cf name.tar.gz file1 file2 file3 qdw k Jh
yHkpHrsdK; jzpfygw,f/ tar -cf u tar zdkifwpfck zefwD;r,fvYdk qdv
k ydk gw,f/ name.tar.gz
rSm emrnfu rdrEd Spo f uf&m ay;vdYk&ayr,fh no space jzpf&ygr,f/ .tar.gz eJY
qH;k &ygr,f/ file1,2,3,.. awGuvnf; rdrw d dYk xnfo h Gif;vdw
k Jh zdkifawG jzpf&ygr,f/
vuf&Sd directory xJrSm &Sdae&ygr,f/ ckaerSm ls eJY list vkyfMunfrh ,fq&dk ifawmh
uRefawmfwdYk zefwD;vdkufwJh test.tar.gz qdwk Jh zdkifwpfck xyfwdk;vmwmudk

awGY&rSmyg/ 'guawmh wpfzdik pf D xnfo h Gif;enf; jzpfjyD; folder (directory)
wpfcvk ;Hk udk tar xJ xnfvh dw h cg tar -cf name.tar.gz * udk oH;k Edkifygw,f/ * u
k Jt
vuf&Sda&mufaewJh directory wpfckvHk;udk tar zdkifxJ xnfo h Gif;r,fvYdk qdv
k ydk gw,f/
ckq&dk ifawmh uRefawmf zefwD;xm;wJh tar file ESpcf k awGY&jyDjzpfygw,f/

tar file xJ ygwJh zdkifpm&if;udk list xkwfMunfc
h sif&ifawmh tar -tf udk oH;k ygw,f/
cke zefwD;vdkufwJh test.tar.gz xJu zdkifawGudk list jyefazmfMunfw

h myg/
vuf&Sd terminal rSmyJ rm udk oH;k jyD; 1.txt eJY 2.txt qdw
k Jh zdkifawGudk
zsufvu dk fygw,f/ ls eJYMunfw h cg rawGaY wmhygbl;/ cke tar awGudk
h Jt
jyefjznf&atmif/
yHkrSmMunfyh g/ test.tar.gz udk jznfzdYktwGu G f tar -xf udk toH;k jyK

jyxm;ygw,f/ ls azmfMunfhwJt h cg tar xJ xnfx h m;wJh zdkifESpcf k jyefawG&Y ygjyD/ file
list yg Munf& h if; jyefazmfcsif&ifawmh tar -xvf udk toH;k jyKEdkifygw,f/
uRefawmf erlem oH;k jyoGm;wJh x,v,c,f wpfvHk;csif;pDudk odcsif&ifawmh
terminal rSm tar --help vdYk &dkufxnfhjyD; &SmEdi
k yf gw,f/
tjcm;aom command awGudyk g help options ac:Munfv h Ydk &ygw,f/

file size udy
k g avSsmhcsvdyk gu tar -cf tpm; tar -czf udk toH;k jyKEidk yf gw,f/ 'D
CHAPTER av;u Linux taMumif; rdwfqufwmeJY Linux New user
awGtwGuf odoifhwJh general linux command av;awGudk azmfjyaqG;aEG;
ay;cJw
h m jzpfygw,f/
Linux File System

uJ 'D Chapter uav;udk Linux File System taMumif;av;eJY
ed*kH;csKyf&atmif/ zwf&vG,fwmrdYk &Si;f rjyawmhbl;aemf/
/bin/: basic programs
/boot/: Kali Linux kernel and other files required for its early boot process
/dev/: device files
/etc/: configuration files
/home/: user's personal files
/lib/: basic libraries
/media/*: mount points for removable devices (CD-ROM, USB keys, and so
on)
/mnt/: temporary mount point
/opt/: extra applications provided by third parties
/root/: administrator's (root's) personal files
/run/: volatile runtime data that does not persist across reboots (not yet
included in the FHS)
/sbin/: system programs
/srv/: data used by servers hosted on this system
/tmp/: temporary files (this directory is often emptied at boot)
/usr/: applications (this directory is further subdivided into bin, sbin, lib
according to the same logic as in the root directory) Furthermore, /usr/share/
contains architecture-independent data. The /usr/local/directory is meant to be
used by the administrator for installing applications manually without
overwriting files handled by the packaging system (dpkg).
/var/: variable data handled by daemons. This includes log files, queues,
spools, and caches.
/proc/ and /sys/ are specific to the Linux kernel (and not part of the FHS).
They are used by the kernel for exporting data to user space.
('D file system awGudak wmh Kali &JU Official Page uae ul;xm;ygw,f/)
CHAPTER 6: General Knowledge for Hacking
1. Basic Networking Concepts
'D title t& taMumif;t&mu odyfBuD;oGm;w,fvYdk xifaumif;

xifygr,f/ uRefawmfwdYk ck avhvmrSmu Hacking yg/ Networking udk avhvmrSm
r[kwfbl;vdYv k nf; awG;rdaumif; awG;rdygvdrhfr,f/ Hacking rSm networking &JU
oabmw&m;awGudk xnfo h Gif;toHk;jyK&w,f qdw k m odjyD;om;vnf; jzpfaumif;
jzpfEkdifygw,f/ Networking eJY ywfoufjyD; avhvmzl;olawGtwGufawmh 'D title
rSm aqG;aEG;r,fh taMumif;t&mawGudk odjyD;aumif; odjyD; jzpfygvdrrfh ,f/ odYkaomf
rodao;olawGtwGuf 'Dtydkif;udk xnfo h Gif;vku d f&jcif; jzpfygw,f/ Networking
eJY ywfoufjyD; oD;oefY a&;om;azmfjyjcif; r[kwfvYdk Networking concepts
tm;vH;k awmh yg0ifrmS r[kwfygbl;/ rodrjzpf od&r,fh oabmw&m;
tusOf;csKyfawGuo dk m aqG;aEG;ay;oGm;rSmjzpfygw,f/
Networking qdw k m uGefysLwmawGeJY tjcm;aom acwfrD electronic
device awGMum; wpfckeJw Y pfck qufoG,fMuwJh enf;vrf; jzpfygw,f/ Networking
[m &Iyaf xG;wJh topic wpfcv k dYk qdEk dik yf gw,f/ 'Dae&mrSmawmh wwfEdkio f avmuf
wdw k edk JY vd&k if;udk em;vnfvG,fatmif aqG;aEG;ay;oGm;ygr,f/
apmapmu ajymcJhovdyk gyJ/ Networking qdw k mu uGefysLwmawG
tcsif;csif;Mum;? uGefysLwmawGeJY tjcm;aom modern electronic device
awGMum;rSm qufoG,fwJh enf;vrf; jzpfygw,f/ tJonf device awGMum;rSm
vrf;aMumif;awG tjzpf jrifa,mifMunfhr,fqd&k ifawmh Networking udk
uGefysLwmawGMum;u electronic road awGvdYk jrifMunfhEkdifygw,f/ tJonf
vrf;aMumif;awG[m CAT 5 or 6 cable awG? fiber optic cable awG vdrk sdK; physical
vnf; jzpfEidk fygw,f/ Wireless vdk non-physical vnf; jzpfaeEdik yf gw,f/
tvG,fulq;Hk ajym&&ifawmh wired networking eJY wireless networking aygh/
Wired & Wireless networking awGrSm tajccHtm;jzifh wlnDwJh
component awG &SdMuygw,f/ csdwfqufqufoG,f EdkifzYdktwGuf uGefysLwm ESpv f ;Hk
odYkr[kwf ESpv f ;Hk xuf ydkwJh device awG vkt d yfygw,f/ xdYktwl xdo k Ydk csdwfquf
qufoG,fr,fh device awG taeeJYuvnf; rSeu f efwJh csdwfqufrIeJY rSeuf efwJh
configuration jzpfzkdYvdktyfygw,f/
ydkjyD; em;vnfvG,fatmif uRefawmfhq&mwpfa,muf &Si;f jyzl;wJh
yHkpHav;eJY jyefvnf &Si;f jyyg&ap/ txufyg network (small network)
uav;wpfckrSmaygh/ Adam eJY Bill qdw k Jo
h l ESpaf ,muf&JU uGefysLwmcsif;
csdwfqufMur,f qdyk gpdYk/
yHkav;rSm azmfjyxm;ovdyk gyJ/ Adam u ol&Y JU uGefysLwmudk router uae

xkwfay;xm;wJh wireless connection eJY csdwfqufxm;jyD; Bill uawmh
ol&Y JUuGefysLwmudk router uae BudK;eJY csdwfqufxm;ygw,f/ csdwfqufyHkcsif;
rwlnDayr,fh olwYdu k same network rSm &SdaeMuygw,f/ tao;pdwfutpawmh
ajymrjyawmhbl;aemf/ tao;pdwfavhvmvdyk gu Networking eJY ywfoufwJh
oifwef;awG? jrefrmvdk pmtkyaf wG &Sdygw,f/
ck Fig: 5.1 t& router &JU IP address u 192.168.1.1 jzpfygw,f/ 'gudk
private address vdYk ac:qdjk yD; olu
Y dk tifwmeufrSm toH;k jyKvYdk r&ygbl;/ yHkrSm
qufMunfh&if Adam &JU IP address u 192.168.1.11 jzpfjyD; Bill &JU uGefysLwmu
192.168.1.10 vkkYd awGY&ygr,f/ 'gawGu private IP address awGyg/ olwYdu k dk
tifwmeufrSm toH;k jyKEdkifapzdkt Y wGufawmh router u Network Address
Translation (NAT) udk vkyfaqmifay;&ygw,f/ qdv dk mu Adam eJY Bill wdY&k JU IP
k w
address awGudk tifwmeufrSm toH;k jyKEdkifr,fh address awGtjzpf jyefvnf
ajymif;ay;&ygw,f/ router uae NAT jyKvkyfjcif;r&SdbJ user u xdk private IP
address udk tifwmeufrSm toH;k jyKzdYk BudK;pm;Munfw Jh cg Internet Router eJY
h t
tjcm;aom device awGuae connection udk jiif;qefrSmjzpfvYdk communication
jzpfoGm;ygvdrhfr,f/
Internal Network eJY External Network udk router u oD;jcm;pD
cGJxm;ygw,f/ router u private network udk internet csdwfqufvYdk &Edkifapr,fh
public network tjzpf vrf;aMumif;ajymif;ay;ygw,f/ 'gaMumifh Adam eJY Bill
wdYk&UJ IP Address u router &JU Internal Interface IP Address awGom
jzpfygw,f/ xdk address awGudak wmh Default Gateway vdYk ac:qdjk yD; users (Adam
& Bill) awG&JU uGefysLwmESpv f H;k twGuf network card awGudk configuration
vkyfwJhtcgrSm toH;k jyK&ygw,f/
Default Gateway udk jrifomatmif azmfjy&&ifawmh vrf;wpfvrf;om
&SdwJh jrKd Ui,fav; tjzpf jrifa,mifMunfhEdik fygw,f/ jrdKUxJuae jyefxGufcGmvdw k Jh
vlwpfa,muftzdkY vrf; udk od&Szd kdY vdt k yfovdk network computer
awGtaeeJYvnf; local network &JU tjyifbufudk xGufcGmEdik rf ,fh vrf;aMumif;udk
k yfygw,f/ tJ'guawmh default gateway ygyJ/
od&zSd kYd vdt
uGefysLwmawG[m wpfvHk;eJw Y pfvH;k qufoG,fwt Jh cg udef;*Pef;awGudk
toH;k jyKjyD; pum;ajymMuygw,f/ 'gudv k nf; pmzwfolwdt kY aeeJY od&SdjyD;
jzpfygvdrrfh ,f/ function awG rSeu f efpGm communicate vkyfEidk fapzdkYtwGuf
network [m a,bk,stm;jzifh name server or Domain Name Server (DNS) udk
toH;k cs&ygw,f/ pufawGu udef;*Pef;awGuydk J od&o Sd vdk uRefawmfwYdk
vlom;awGtwGufuvnf; udef;*Pef;awGudck snf; rSwfxm;zdkY tqifrajyygbl;/
'gaMumifh human readable format jzpfwJh www.google.com wdYk
www.facebook.com wdYk ponfjzifh ajymif;vJ&wmjzpfygw,f/ tJonf DNS
udo k m roHk;bl;qdyk gu vlawG[m website wdik f;&JU IP address awGudk
rSwfxm;&rSmjzpfjyD; rSwfrdEdkiaf cs tvGefenf;oGm;ygr,f/ 'gaMumifh Network card
wpfcu k dk manual configuration jyKvkyfvdkygu DNS or Name Server &JU
identification vdt k yfygw,f/
network xJrSm &SdaewJh device awG&JU IP, Subnet Mask, Gateway, DNS
pwmawGudk DHCP u tvdt k avsmuf cGJjcm;owfrSwfay;ygw,f/ Linux rSm IP
address udk MunfE h kdifr,fh command uawmh ifconfig yg/ Windows cmd
command uawmh ipconfig jzpfygw,f/
ifconfig udk vufawGY rpwifcif BudKwif ajymjyxm;p&mav;awG
&Sdygw,f/ uRefawmfwdYk toH;k jyKaeMuwJh connection yHkpHawGaygh/ uRefawmfwYd&k JU
uGefysLwmrSm tifwmeuf &atmif b,fvdk oH;k vJ vdYk ar;&if t"dutm;jzifh tajz
tkyfpk ESppf k xGufvmygr,f/ bmawGvJqdkawmh 1/ uRefawmfu zke;f uae wifi
vTijfh yD; uGefysLwmeJY csdwfoH;k ygw,f/ (odYkr[kwf) tjcm; wifi uGef,ufwpfcck keJY
csdwfqufjyD; oH;k ygw,f/ 2/ uRefawmfuawmh cable eJY toH;k jyKw,f/ (odYrk [kwf)
uRefawmfuawmh uRefawmfzh ke;f eJY uGefysLwmudk USB BudK;wyfjyD; USB tethering
vkyf oH;k ygw,f/ txufyg tajzESprf sdK;om t"du &ygvdrhfr,f/ tvG,fq;Hk
ajym&&if BudK;rJh wifi pepfeJY BudK;wyfoH;k &wJh cable pepfqjdk yD; cGJEidk fygw,f/
uRefawmfwYdk toH;k jyKr,fh Kali Linux rSm BudK;rJh wifi interface udk wlan0 (w lan
zero) vdYk ac:qdjk yD; cable BudK;eJY csdwfqufoH;k EdkifwJh network interface uka
d wmh
eth0 vdYk ac:qdok ;Hk EIef;ygw,f/ uJ terminal rSm ifconfig vdYk &dkufMunf&h atmif/
ifconfig (enter) aygh/
txufyg yHkrSm Munf&h if eth0, wlan0 eJY lo qdjk yD; awGyY gvdrfhr,f/ lo
qdwk muawmh Local Loopback udk ac:qdw k mjzpfjyD; uRefawmfwYdk uGefysLwmu
oluY , dk fol communicate vkyfEdik zf dkt
Y wGuf toH;k jyKwJh Virtual Network Interface
wpfco k m jzpfygw,f/ local machine ay:rSm running vkyfaewJh server awGudk
csdwfqufEdkifzdkY olu
Y dk t"du toH;k jyKygw,f/
&Iyo
f Gm;ovm;rodbl;As/ enf;enf;awmh ydkjyD; &Si;f jyzdkYvdkjyDxifw,f/
'Dvydk g/ uRefawmfwYdk uGefysLwmudk tifwmeuf csdwfqufo;Hk aewJh yHkpH ESpcf k &Sdw,f/
wlan0 & eth0 udk &Si;f jyjyD;jyDaemf/ tJonf wlan0 wdYk eth0 wdYk qdw k mu network
interface awGyg/
(wlan0) wireless network interface card (eth0) network interface card

txufyg yHk ESpyf kHrSm wlan0 eJY eth0 wdYk connect to internet
jyKvkyfEidk af pzdkY toH;k jyKxm;wJh network interface card awGudk azmfjyay;
xm;ygw,f/ qdv dk muawmh olwdYkawG[m hardware awG ud,
k w k fpD&dSrS
tvkyfvkyfEidk fw,fqw dk myg/ Oyrm wifi card ryg&if wifi toH;k jyKvYdk r&Edkifygbl;/
eth0 uawmh uGefysLwmwdi k f;rSm yg0ifygw,f/ (,aeYacwf Laptop & Notebook
awGrSmawmh wifi card yg yg0ifMuygw,f/)
lo taMumif; qufygr,f/ wlan0 wdYk? eth0 wdYk[m csdwfqufxm;wJh
uGef,uf jywfawmufoGm;wJhtcg toH;k jyKvdYk r&Edik fawmhygbl;/ 'gayr,fh lo
uawmh local rSm run aewJh server awGudk ac:oH;k EdkifaeqJ jzpfygw,f/ lo twGuf
oD;oefY hardware rvdktyfygbl;/ lo uvnf; tjcm; hardware awGudk
ud, k fpm;jyKrSm r[kwfygbl;/ IP address taMumif; jyefquf&atmifyg/
tJonfawmh uRefawmfwdYktaeeJY rjzpfrae odrSwfxm;oifhwmu wlan0
eJY eth0 rSm uRefawmfwdYk bmudk toH;k jyKaevJqdw k myg/
uRefawmfwdYk ck toH;k jyKr,fh Kali Linux rSmawmh ifconfig

azmfMunfhvudk fwmeJY etho, lo, wlan0 qdw k mawGudk awGjY rif&rSmjzpfygw,f/
uRefawmfwYduk eth0 udk oH;k ae&if eth0 rSm IP address awG&Y ygr,f/ ckykHxJrSmawmh
uRefawmfu wifi udk toH;k jyKxm;wmrdYk wlan0 rSm awGjY rif&rSmjzpfygw,f/
tm;vH;k udk rMunfch sifbl;/ uRefawmfwYdk toH;k jyKaewJh interface
wpfckwnf;udo k aeeJY ifconfig wlan0 (or)
k m Munfch sifw,fqd&k ifawmh uRefawmfwYdt
ifconfig eth0 qdjk yD; MunfE h kdifygw,f/ wpfcpk MD unfvh nf; twlwlyJ rdkY
azmfrjyawmhbl;aemf/ jyefquf&&if uRefawmftoH;k jyKaewJh wlan0 rSm 'kwd,
pmaMumif;rSmMunfw Jh cg inet 192.168.10.150 netmask 255.255.255.0
h t
broadcast 192.168.10.2555 qdjk yD; awG& Y rSmjzpfygw,f/ a&SUqHk;u inet
192.168.10.150 qdw k mu uRefawmf&h JU vuf&Sd IP address aygh/ pm&IolwdkY&JU IP
address uawmh 192.168.--.-- jzpfEkdifygw,f/ VMWare (or) Virtualbox
rSmqd&k ifawmh tm;vHk;uGcJ sifvnf; uGjJ ym;aeEdkifygw,f/ ud, k fh address udk
ud,k fo;Hk &rSmaygh/ :)
2.Hacking Lab
'DtaMumif;eJY ywfoufjyD;awmh tao;pdwfazmfjy&if pmrsufESmawG
rsm;jyD; usefwJh t&mawGtwGuf pmrsufESm rusefrSmpdk;wmaMumifh
jyKvkyfenf;awGudk azmfrjyawmhbl;aemf/ www.khitminnyo.com rSm Hacking Lab
zefwD;jcif;enf;vrf;awGudk Munf&h EI dik yf gw,f/ hacking Lab qdw k muawmh
uRefawmfwYdt k aeeJY Hacking avhvm&if; uRefawmfwYd&k JU prf;oyfraI wGudk
prf;oyfvkyfaqmifwt Jh cg rnfolYudkrQ rxdckdufapbJ vkyfaqmifEkid fapzdkYtwGuf
uRefawmfwYdpk ufxJrSmwif wnfaqmufxm;wJh Virtual Laboratory udk
qdvk ykd gw,f/
t"dutm;jzifhawmh hacking lab tjzpf VirtualBox (or) VMWare udk
toH;k jyKMuygw,f/ tJonfrSm t"du wifavh&Sw d mawGuawmh uRefawmfwYd&k JU
Host OS ay: rlwnf uGmjcm;Edkiy f gw,f/ uRefawmfwYdu k Windows udk Host tjzpf
oH;k xm;w,fq&dk ifawmh VM awGtjzpf Kali Linux, Windows (prf;oyf&ef) ,
Metasploitable, DVWA pwmawG jzpfygw,f/ uRefawmfwYdu k Host tjzpf Kali
udk toH;k jyKxm;w,fqd&k ifawmh VM rSm Windows, Metasploitable, DVWA
pwmawGudk Hacking Lab taeeJY xnfo h Gif;xm;Edik yf gw,f/
rdrwd Ydk puf\ RAM ESihf HDD memory t& bmawG b,fvdk wifjyD;
toH;k jyKoifhvJqw dk mudk uRefawmfwdYk&JU Facebook Group uaejzpfap? viber uae
jzpfap aqG;aEG;Edkifygw,fcifAsm/
CHAPTER 7: Penetrating Testing Life-cycle
Steps performed by Hackers
Hacker awG[m wpfOD;eJw

Y pfO;D rwlnDMuygbl;/ olwYdrk Sm rwlnDwJh
motives awG? techniques awGeJY abilities awG &SdMuygw,f/ tJovdyk gyJ/
vkyfaqmifwJh vkyfaqmifyHak wGvnf; uGmjcm;rI &SdwwfMuygao;w,f/
a,bk,stm;jzifh Hacker awG vkyfavh&Sw d Jh tqifhawGudk 1.Reconnaissance,
2.Scanning, 3.Access and escalation, 4.Ex-filtration, 5.Sustainability,
6.Assault & 7.Obfuscation qdjk yD; 7qifh cGJjcm;avh&SMd uygw,f/ 'DpmtkyfxJrSmawmh
Penetrating Testing (Ethical Hacking) udk tajccHjyD; t"du vkyfaqmifcsuf
tqifh 5qifh tjzpfom tusOf;csHKU azmfjyay;oGm;ygr,f/
Phase 1. Reconnaissance
trIwpfck jzpfw,f qdMk uygpdYk/ xdt k rIrmS rouFmzG,f tkyfpk (group)
wpfcu k dk awGw Y ,fqdkMuygpdYk/ uRefawmfwdYku Oya'bufawmfom;awG taeeJY
awG;Munfh&atmif/ yxrqHk; bmvkyfrvJ/ xdk tkyfpkudk wdu k f&dkuf oGm;zrf;rvm;/
'Dae&mrSm uRefawmfwdYkpOf;pm;&rSmu bmtcsuftvufrS &Sdrxm;bJeYJ oGm;zrf;&if
ud,k &fh SL;ud,
k fywfjyD; ud,
k fb
h uf jrSm;OD;jyefvnfvmrSmjzpfovdk ta&;BuD;aom
uGif;qufawGyg jywfoGm;rSmjzpfygw,f/
'Dawmh uRefawmfwdYk bmvkyfMurvJ/ xdk rouFmzG,ftkyfpkudk apmifhMunfh
&ygr,f/ olwYdt k aMumif; &atmif t&if pHkprf;&ygr,f/ olwYdu k bmawGvkyfaqmif
MuvJ/ bmawGudk toH;k jyKaeMuvJ/ olwdYkrSm bmvufeufawG &SdrvJ/ olwYdak wG&JU
aemufuG,frSm bmawG&Sdao;vJ/ ponfjzifh uRefawmfwYdk target xm;wJh tkyfpkeJY
ywfoufqufEG,forQ tcsuftvuftm;vHk;udk &SmazGpkaqmif;&rSm jzpfygw,f/
xdYktwlygyJ/ Penetrating Testing (Hacking) wpfcck k vkyfaqmifr,f
qdyk gu uRefawmfwYdk Target xm;wJh company (or) organization eJY ywfouf
qufEG,fwJh information wdik f;udk pkaqmif;xm;zdkY vdt k yfygr,f/ xdo k Ydk information
pkaqmif;wJhtcg tifwmeufuae &SmazGpkaqmif;Edkifwm&Sdovdk jyifyrSm &SmazG
pkaqmif;&wmawGvnf; &SdEdik fygw,f/ tJonfawmh uRefawmfwYdt k aeeJY yxrqHk;
vkyfaqmif&r,ft h qifhu Reconnaissance (or) Information Gathering (or)
Footprinting jzpfygw,f/
tao;pdwfudk oufqdik &f mtcef;awGrmS xyfrH aqG;aEG;oGm;ygr,f/
Phase 2. Scanning
&efoelY ,fajreJY uyfvsuf&SdwJh awmifylpmav;ay:rSm a&muf&aSd ewJh

ppfom;wpfa,mufudk jrifa,mifMunfyh g/ Only one aemf/ olv Y ufxJrSm vrf;nTef
ajryHknTef;wpfck ygvmovdk olq Y DrSm rSeaf jymif;wpfvufvnf; ygvmygw,f/
&efolawG tvG,fwul jrifroGm;zdkt Y wGuf xlxyfodyfonf;wJh jcKH ykwfawGMum;rSm
yke;f uG,f&if; olwY yfqDudk owif;jyefydYkaeygw,f/
&efolpcef;u ajryHn k Tef;xJutwdik f; wlnDaMumif; (odYrk [kwf)
ajryHknTef;xJu b,fae&mrSm jzpfaMumif;? &efolt Y iftm;onf cefYrSe;f ajctm;jzifh
b,favmuf&aSd Mumif;? taqmuftOD; b,fESck jrifawG&Y aMumif;? &efolY
uif;pcef;awG b,fESck&Sjd yD; b,fae&mawGudk t"du apmifhMunfhvsuf&SdaMumif;?
ponfjzifh owif;jyefydYkygw,f/
'DjzpfpOfuav;rSmMunf&h if azmfjyyg ppfom;rSm mission wpfck
&Sdaewmudk odEidk fjyD; olt Y aeeJY BudKwifowif;&&Sdxm;wJh tcsuftvufeJY
ajrjyifowif; (vufawGY tajctae) eJY uGm[rI &Sdr&Sd pwmawGudk od&aSd tmifvkyf
zdkY wm0efwpfck &Sdaewm awGY&ygr,f/ olw Y m0efu wdu k fcu dk fzkdY r[kwfao;ygbl;/
tvm;wlygyJ/ Penetrating Testing jyKvkyfawmhr,fqdkyguvnf;
yxrtqifh (Phase 1) rSm &&SdcJhwJh owif;tcsuftvufawGtay: tajccHjyD;
Target network & information system awGudk Scan jyKvkyfygw,f/ 'gu Phase 2
aygh/ 'Dtqifrh mS awmh Scanning jyKvkyfEdik w f Jh tool awGudk toH;k jyKjyD; Target's
Network & system infrastructure udk ydkjyD; od&SE d kdifzYdk BudK;pm;&ygr,f/ 'grSom
aemufwpfqifhrSm b,fvdk exploit vkyf&r,fqdw k mudk qH;k jzwfEdkirf mS jzpfygw,f/
tao;pdwfudak wmh oufqdik &f mtcef;awGrSm qufvuf
azmfjyay;oGm;ygr,f/
Phase 3. Exploitation
wu,fh ppfom;awGtwGufawmh 'DtqifhrSm wdu k fcu

dk faewmvnf;
jzpfaumif; jzpfaeEdkiyf gw,f/ 'gayr,fh Ethical Hacking rSmawmh tenf;i,f yHkpH
ajymif;vdkuf&atmif/ 'Dtqifrh mS awmh apmapmu ajymcJw h Jh ppfom;av;[m
rSdefysysva&mif eJY tHYkaewJh wdrfwdkufawGudk tumtuG,f,ljyD; &efoplY cef;
pnf;&d;k tem;udk csOf;uyfvmygw,f/ olBudKwifavhvmcJhwJh uif;apmifah wG&JU
taetxm;ay: rlwnfjyD; tm;enf;wJh bufuae auGyY wfvmcJyh g/
ronf;ruGv J a&mif tjyif xlxyfaewJh wdrfawGuyg olu Y dk
ulnDay;aewmaMumifh pnf;&d;k udk ausmfjyD; 0ifEkdicf hJovdk b,folrS
rvmEdik bf l;xifjyD; Edk;Mum;rIr&SdwJh tapmifhawGaMumifh yifrtaqmuftOD;&JU
aemufbufwHcg;aygufudk zGihfjyD; 0ifa&mufEdik cf Jhygw,f/ taqmuftOD;xJu
ta&;ygwJh tcsuftvufawG yg0ifwJh zdkifudk &,lchJjyD; vmvrf;twdik ;f b,folrS
rodatmif jyefxGufvmEdkifcJhygw,f/ qdMk uygpdk/Y
txufyg jzpfpOf[m Hacking &JU Phase 3 jzpfygw,f/ 'D Phase &JU
&nf&, G fcsufu target system xJudk 0ifa&mufjyD; tcsuftvufawG &,lvsuf
b,folrS rodatmif jyefxGufvmEdkizf kdY jzpfygw,f/ 'Dvkd vkyfaqmifEidk fzYdt
k wGuf
Target system &JU Vulnerability (tm;enf;csuf)awGt& exploit awGudk rSeu f efpGm
toH;k jyKEdik fzYdk vdt
k yfygw,f/
Phase 4. Maintaining Access
apmapmu ajymcJhwJh &efolpY cef;xJ azmuf0ifedkifcw Jh Jh ppfom;av;&JU

tawGt Y BuHKeJY a&;qGx J m;wJh yHkawGt& uRrf;usifwJh tif*sDe, D mawG[m yifr
taqmuftOD &JU tcsuftcsmtusqH;k tcef; atmufwnfw h nfhxd
ajratmufuae OrifvIPd facgif; wl;Edkiyf gw,f/ &nf&, G fcsufuawmh
aemufwpfBudrf ydkrvdk G,fuljrefqefpGm xyfrH0ifa&mufEkid fzYdk jzpfygw,f/
tvm;wlygyJ/ Hacking &JU Phase 4 uvnf; target system xJudk
aemufwpfBudrf jyefvnf0ifa&muf&mrSm ydkrdk vG,fulapzdYt k wGuf Backdoor &
rootkit awGudk csefxm;EdkifcJhzkdY vdt k yfygw,f/ 'grSom aemufwpfBudrf
xyfr0H ifa&mufvydk gu ydkrdv k G,fuljrefqefrmS jzpfygw,f/ 'g[m Maintaining
Access ygyJ/
Phase 5. Reporting
'Dtqifu h adk wmh Ethical Hacker (Penetrating Tester) awGuom

vkyfaqmifavh&ySd gw,f/ Target system eJY ywfoufjyD; tay:rSm azmfjycJhwJh Phase
av;ckudk atmifjrifcJhjyD;wJah emuf Target system &JU wm0ef&o
Sd lawGxH qufoG,fjyD;
Report ay;&ygw,f/ System &JU tm;enf;csufawG? 0ifa&mufcy Jh kaH wGeJY
b,ftqifhxd vkyfaqmifEdik rf ,fqdkwm? wu,fwrf;wdu k fcH&&if bmawG
b,favmufxd qH;k &IH;oGm;Edkifr,fqdw k mawGudk Target company (or) Organization
u od&aSd wG;rdEidk fapzdkY jzpfygw,f/
'guawmh Steps performed by Hackers udk tusOf;csKyf
azmfjycJhjcif;omjzpfygw,f/ 'DaqG;aEG;rIav;udk 'Dae&mrSm &yfem;vdu k f&atmif/
aemufxyf CHAPTER wpfcrk mS first step udk aqG;aEG;oGm;ygr,f/
CHAPTER 8: Reconnaissance
Introduction
ppfyJGwpfck rpwifrD &efoleJY ywfoufwJh owif;tcsuftvuf

rSeof rQudk &EdkiforQ &atmif pkpnf;&ovdyk gyJ/ Penetrating Tester
wpfa,muftaeeJv Y nf; Pen-testing wpfck rpwifrD Target system eJY
ywfouforQ information tm;vH;k udk pkpnf;&ygw,f/ Information
tawmfrsm;rsm;udk Google rSm &Edkifovdk Social Media awGjzpfwJh Facebook,
twitter, ... pwmawGuaevnf; &&SdEdkifygao;w,f/
tcsuftvuf pkaqmif;jcif; (Information Gathering) udk Footprinting
vdYkac:qdjk yD; xdok dk tcsuftvufpak qmif;wJh the whole process udak wmh
Reconnaissance vdYk ac:qdw k m jzpfygw,f/ 'gaMumifh tMurf;zsif;ajym&&if 'Do;Hk ck
u twlwlygyJ/
'gaMumifh Reconnaissance qdw k m Target eJY ywfoufwJh information
rSeof rQudk &EdkiforQ &atmif pkwJh Hacker awG&JU yxrqH;k ajcvSrf; jzpfygw,f/
Target vdYk qd& k mrSm target onf network (or) system wpfckck jzpfaeEdkifygw,f/
'Dtqifrh mS &&Sdvmr,fh information awGu target's network infrastructure eJY
security udk map a&;qG& J mrSm rsm;pGm taxmuftul&rSmjzpfygw,f/ 'D
information awGuaewpfqifh uRefawmfwdYk&JU target system udk 0ifa&mufEi dk rf ,fh
enf;vrf;awGudk zefwD;Edkifapygvdrfrh ,f/
aumif;jyD/ 'gqdk uRefawmfwdYk b,ftcsuftvufawGudk pkaqmif;&rvJ/
Sensitive information awGu bmawGvJ/ Sensitive information qdw k mu
uRefawmfwYdk Tayget &JU network type, network devices & systems, employee
information (name, phone, email, etc...), physical & electronic security
systems, company (or) organization structure, departments, charts, IP space &
network topology tygt0if organizational infrastructure awG? organizational
partners, physical location awG pwmawG jzpfMuygw,f/
aumif;jyD/ tJonftcsuftvufawGu b,fu&rvJ/ tJonftcsuf
tvufawGudk b,fuae &rvJqdak wmh google eJY duck duck go wdYkvdk internet
search engine awGuaevnf; &&SdEdi k fovdk company &JU website awG?
tvkyfac:pmawG uaevnf; od&S&d ,lEdik fygw,f/ company employee
awGxHuaevnf; &&SdEdkifao;ovdk company uae tvkyfxGufoGm;wm
rMumao;wJh olawG? tvkyfxJrSm (rdrdatmufuvlu rdrx d uf &mxl;wd;k oGm;vdYk)
rausreyf jzpfaewJh 0efxrf;rsdK;qDuaevnf; &&SdEdkifygao;w,f/ xdo k Ydk jyify
vlawGqDuae &,lEkdifzdYktwGufawmh Social Engineering udk toH;k jyKMuygw,f/
Reconnaissance taMumif;udk tjynft
h pHkazmfjyr,fq&dk ifawmh
pmtkywf pftkyfeD;yg; &Snfvsm;oGm;Edkifygw,f/ 'gaMumifh 'DavmufeyJY J
&yfvu
dk fyg&ap/
Start with the Targets Own Website
yxrqHk;taeeJY uRefawmfwdYk target &JU own website udk

oGm;Munfh&atmif/ website awmfawmfrsm;rsm;rSm organizational chart awG
leader profile awGudk *kPf,lpGm azmfjyxm;avh&Sy d gw,f/ 'gawG[mvnf; ta&;yg
jyD; 'DtcsufawGay: tajccHvQuf social media profile awGudk &SmazGEidk o f vdk
social engineering udk toH;k jyKp&m vrf;zGihfEdi k frSmvnf; jzpfygw,f/
Oyrm ajym&&if tcsdKUaom Facebook User awGonf ckcsdefxd
passwords ae&mrSm phone number awGudk xm;aeMuqJjzpfygw,f/ tJovdy k gyJ/
login jyKvkyf&wJh profile tcsdKUrSmvnf; zke;f eHygwfudk rSwfrdvG,fatmif password
jyKvkyfxm;MuwmawG &Sdwwfygao;w,f/ uRefawmf tjyifrSm &if;ES;D wJh facebook
fir tenf;i,fudk prf;oyfMunfc h Jzh ;l ygw,f/ id udk profile link uae ,ljyD;
passwords ae&mrSm olzY kef;eHygwfawGxJu vdu
k fjznfMh unfhvdkufawmh
zke;f eHygwfwpfv;Hk rSm 0ifvdYk&aewmudk oGm;awGrY yd gw,f/
'gaMumifh uRefawmfwkYdtaeeJY rdrw d dYkvkyfief;twGuf Login awG
xm;&wJt h cgawGrsdK;rSm zke;f eHygwfawGudk password rxm;rdzkdY ta&;BuD;ygw,f/
rdrw d Ydk organization xJu device (computers) awGudk toH;k jyK&olawGuv dk nf;
xdek nf;wl od&aSd tmif rSmxm;zdYk vdt k yfygw,f/
tcsdKUaom website awGrSmawmh tvkyfac:pmawG &SdwwfMuygw,f/ xdk
tvkyfac:pmawGrSm vdt k yfaom t&nftcsif;rsm; (odYrk [kwf) vkyfaqmif&rnfh
tvkyfrsm;udk Munf&h jI cif;tm;jzifhvnf; xdk organization rSm toH;k jyKaewJh
technology awGudk od&SE d kdifygw,f/ Oyrm - systems administrator tvkyftwGuf
azmfjycsufrSm that are familiar with Active Directory and Windows server 2012
qdw k Jh azmfj ycsufrsdK;[m xdk organization rSm tenf;qH;k awmh Windows server
2012 awmh toH;k jyKaew,fqdw k mudk od&SdEkdifygw,f/ tJonf tcsuftvufay:
rlwnfjyD; hacker u jzpfEdik facs&SdwJh vulnerability awGudk pOf;pm;&ygw,f/
vulnerability ay: rlwnfjyD; wdu k fcdkufEdik rf ,fh exploit awGuv dk nf;
pOf;pm;Edkifygw,f/
aemufjyD; uRefawmfwdYk EdkifiHrSm vuf&Sd toH;k jyKaewJh uGefysLwmawG&JU
windows ydkif;udk avhvmMunf& h atmif/ uRefawmfwYdak wGu Microsoft Windows
udk license version tjzpf 0,f,ltoH;k jyKol tvGefenf;ygw,f/ crack version
awGuo dk m toH;k jyKrI rsm;jym;jcif;? patch management ydkif; tm;enf;jcif; pwmawG
uvnf; vulnerable jzpfapwJt h xJrSm xdyfqH;k u &SdaeMuygw,f/
Website Mirroring
uRefawmfwdYk&JU Target website udk evaluate vkyfz&kYd mtwGuf website

wpfcv k ;Hk udk offline toH;k jyKEdik fzdYktwGuf copy ,lxm;Edik yf gao;w,f/ full site
cloning vdYkvnf; ac:ygw,f/ xdYktwGuf uRefawmfwYdk toH;k jyKr,fh Kali Linux rSm
build in yg0ifjyD;jzpfwJh wget command udk toH;k jyKEdkifygw,f/ rSwfxm;&rSmu
xdo
k Ydk toH;k jyKwJt h cgrSm PHP script awGeJY zefwD;xm;wJh tcsdKUaom web page
server side programming awGuda k wmh copy ul;EdkifrmS r[kwfygbl;qdw
k myg/
OyrmtaeeJY http://www.bible-history.com/ udk clone &dkufjyygr,f/
txufygyHkrmS Munfyh g/ uRefawmf toH;k jyKjyoGm;wJh command av;u

wget -m -p -E -k -K -np -v http://www.bible-history.com/ jzpfygw,f/
txufyg command udk avhvmMunfrh ,fq&dk ifawmh wget qdw k Jh main

command &JU aemufrSm options rsm;pGm uyfygaewmudk awGY&rSmyg/ wpfckcsif;pD&UJ
zGihfqcdk sufuadk wmh manual & help awGrSm Munf&h EI idk yf gw,f/ tJtaMumif;
aemufrS qufajymyghr,f/ ckawmh wget eJY clone &dkufwt Jh aMumif;udyk J
quf&atmif/
uRefawmfwdYk oH;k vdu k fwJh wget eJY website udk offline tjzpf
a'gif;,lwJhtcg uRefawmfwdYk &,lr,fh site &JU tBuD;tao;eJY a'wm wnf&SdrI
pwmawGay: rlwnfjyD; tcsdef eJY tifwmeuf a'wm toH;k jyK&rI
uGmjcm;ygvdrfhr,f/ uRefawmf erlem azmfjycJhwJh bible-hsitory.com qd&k if Data MB
awG odyfrsm;vGef;wmaMumifh tcsded f em&DawGeJYcsDjyD; MumEdkifygw,f/
vdik f;raumif;bl;qd&k ifawmh tJonfxuf ydkjyD; MumjrifhEidk yf gw,f/
jyD;qH;k oGm;wJhtcgrSmawmh command line aemufwpfaMumif;
ay:vmrSmjzpfjyD zdkifxJrSm zGihfMunf&h if atmufygtwdik ;f awGYjrif&ygvdrrfh ,f/
Command Manual and help

onfcgawmh website mirroring rSm azmfjyaqG;aEG;cJw
h meJY qufpyfjyD;
qufvufaqG;aEG;oGm;ygr,f/ wu,fqdk Linux Basic tcef;rSmuwnf;u azmfjy
oifhwmayr,fh ydkjyD; rSwfrdem;vnfatmif ckae&mxd o,fvmcJh&wm jzpfygw,f/
apmapmu uRefawmfwdYk oH;k cJhwJh wget eJY ywfoufjyD; aemufrSm wGq
J ufygvmwJh
options awGudk avhvmvky d gu Terminal rSm manual taeeJY azmfMunfEh dkifygw,f/
toH;k jyK&r,fh command u man command jzpfygw,f/ Oyrm - wget &JU manual
udk odvydk gu man wget vdYk &dkufxnfh&kHygyJ/
tJonftcg wget twGuf user manual ay:vmrSmjzpfjyD; txufrSm

oH;k cJhwJh
qdw -m
k m bmvJ/ -p qdw k m bmvJ ponfjzifh od&ESd kdifrSmjzpfygw,f/
manual xJu jyefxGufcsif&ifawmh q udk ESdyfvdu
k f&HkygyJ/ tjcm; tool (command)
awGtwGufvnf; xdYktwlygyJ/
aemufxyf option wpfcku help options yg/ tawmfrsm;rsm; oH;k MuwJh
optionsyg/ olt Y oH;k u -h jzpfjyD; tcsdKUaom tool awGrSmawmh -h r[kwfygbl;/
'gaMumifh help options udk ac:oH;k csif&if toH;k rsm;qH;k u --help yg/ Oyrm wget
twGufqdk wget --help aygh/
xdo
k Ydk help option uka
d c:jyD;vnf; avhvmrSwfom;Edkifygao;w,f/
xdk help option rSmawmh wget aemufu command options awGudk

jrifawGEY kdifygw,f/ -v qdw k m version udk qdv k m/ -o uawmh output file
k dw
ponfjzifah ygh/ 'Davmufqdk tay:rSm uRefawmf oH;k cJhwJh command options awGudk
&SmawGEY kdifjyDvYdk ,lqygw,f/ aemufxyf taMumif;t&mav;wpfck ajymif;
aqG;aEG;&atmif/
Google Search
'Dcgawmh uRefawmfwdYk trsm;pk toH;k rjyKjzpfMuwJh google search
taMumif;av; aqG;aEG;ygr,f/ Google Search rsm; igwdkY oH;k aeusyguGmvdYk
ajymcsifwo
Jh lvnf; &Sdaumif; &Sdygvdrfrh ,f/ uJ Munf&h atmifaemf/
uRefawmfwdYkawG[m taMumif;t&mwpfcu Jh cg internet
k dk &SmazGcsifwt
search engine awGudk toH;k jyKMuygw,f/ Search engine toH;k jyKrIyi dk f;[m
uRefawmfwYdek JY rpdr;f Muygbl;/ Oyrm - uRefawmfwYdk Facebook oH;k Muygw,f/
Account wpfcc k k (odYkr[kwf) taMumif;t&mwpfckckudk tjref&SmazGcsifwt Jh cg
uRefawmfwYdk zke;f xJu Facebook Application xdyfrSm&SdwJh vufuidk rf SefbDvl;0dkif;
uav;udk ESdyfjyD; Search vkyf &SmazGMuygw,f/ Oyrm - MPT, MRTV 4, Telenor
Myanmar, ... ponfjzifa h ygh/ tJonftcg tqdyk g Search terms awGeJY
oufqidk &f m Page, account, post, movie, ... pwmawG ay:vmygawmhw,f/
'g[mvnf; Search Engine toH;k jyKjcif;ygyJ/
'gaMumifh Search toH;k jyKjcif;[m uRefawmfwYdk tm;vH;k eJY rpdr;f Muygbl;/
xdYktwlyJ Facebook rSmwifomru tifwmeufrSm &Sd&o Sd rSsxJu &SmazGcsif&ifawmh
Google, Yahoo, Bing pwJh Search Engine awGudk toH;k jyKMuavh&y Sd gw,f/
Google uawmh toH;k trsm;qH;k Search Engine wpfrsdK;ygyJ/ uRefawmfwYdv k nf;
Google search udk oH;k zl;Muygw,f/ ck azmfjyr,fh Searching uda k wmh
vltenf;i,fu omvsif toH;k jyKMuwmyg/ bmawGuGmvJ Munf&h atmif/
yxrqHk;taeeJY uRefawmfwdYk&JU browser rSm 'Dvdyfpmav; &dkufxnfh
&ygr,f/ www.google.com/advanced_search yg/ txufygtwdki;f
&dkufxnfhvdkufr,fqdk&ifawmh ckvdrk sdK; ay:vmygr,f/
yHkt& jrifuGif;u ao;aeygw,f/ 'gaMumifh aocsmjrifEidk fzYdt k wGufawmh
d Ydk uGefysLwm&JU Browser (Firefox or Chrome) uae 0ifa&mufMunfyh g/
rdrw
'Dae&mrSmawmh wpfydkif;csif;pDudk acgif;pOfwpfcpk t
D aeeJY azmfjyay;oGm;ygr,f/
yxrqHk; box u All These Words yg/ 'D field udk rdr&d SmazGvw dk Jh t"du
pum;vH;k awGtwGuf toH;k jyKygw,f/ Oyrm - rdru d Ethical Hacking vdYk
a&;vduk fr,f qdyk gpdY/k Ethical Hacking vdYk tpOfvdkufjzpfap? ethical wpfae&m
hacking wpfae&mjzpfap web page &JU rnfonft h pdwftydki;f rSmrqdk awGw Y mudk
azmfjyay;rSmjzpfygw,f/ wpfenf;ajym&&if 'g[m uRefawmfwYdk yHkrSef &Smaeus
twdik f;ygyJ/
'kwd, field uawmh exact word or phrase vdYk qdw k t

Jh wdik f;
uRefawmfwYdk &dkufxnfhr,fh pum;vH;k twdki;f twdtus yg0ifwmudkom &Smr,f
qdw
k Jh oabmyg/ qdv k dw
k mu tJonfae&mrSm uRefawmfwYdu k Ethical hacking vdYk
xnfv h udk f&if Ethical hacking vdYk tpOfvdu Y J result
k f pum;vH;k udk rawGb
xkwfjyrSmr[kwfygbl;/ yHkrSef search rSm olu
Y dk oH;k csif&if
rsufawmiftzGit fh ydwfMum; xnfo h H;k &ygw,f/ Oyrm "ethical hacking" aygh/
wwd, field uawmh any of these words vdYk qdw k hJtwGuf uRefawmfwYdk
&SmazGr,fh pum;vHk; twGv J du
k fr[kwfbJ wpfvHk;pD yg0ifae&ifvnf;
jyay;rSmjzpfygw,f/ uRefawmfwdYku tJonfae&mrSm Ethical Hacking vdYk &Sm&if
Ethical odYr
k [kwf Hacking wpfcck k ygwmeJY xkwfjyrSmjzpfygw,f/ yHkrSef Search rSm
oluY dk toH;k jyKcsif&ifawmh OR eJY qufjyD; oH;k Edkifygw,f/ (ethical OR hacking)
'D field uawmh none of these words ud, k f razmfjyapcsifwJh pum;vH;k

wpfenf;tm;jzifh rygapcsifwJh pum;vH;k udk xnfzh kdY jzpfygw,f/ yHkrSef search rSm
Y dk toH;k jyKcsif&if minus sign udk xnfo
olu h H;k Edkifygw,f/ Oyrm - John udk
rygapcsifbl;&if -John aygh/
'Dtydkif;udak wmh unit ygwJh udef;awGudv

k nf; toH;k jyKEdkifygw,f/ Oyrm
20$ to 50$ qdw k mrsdK;? 20miles to 50 miles qdw
k mrsdK;awGaygh/ yHkrSef search box
rSmvnf; toH;k jyKEdkifygw,f/ Oyrm 20$ 50$ yHkpHeJY xnfoh Gif;Edkifygw,f/
'Dtydkif;awGudak wmh &Si;f jyp&mvdrk ,frxifawmhyg/ last updated

qdwk mu ud, k f&Smr,fh taMumif;t&monf b,fcsdefu
aemufqHk;wifcw Jh mvJqdkwm a&G;cs,fzkydY g/ Oyrm ajym&&if enf;vrf;wpfck
&SmMunfw h ,f qdyk gpdY/k xGufvmwJh result awGu 2000 avmufu wifxm;wmawG
jzpfcsifjzpfr,f/ 2010 avmufrSm wifxm;wmawGvnf; jzpfEidk fygw,f/
ud,k fodcsifwmu update udk qd&k if teD;pyfqH;k udk a&G;&r,faygh/
txufygyHktwdik f;ygyJ/ 24em&DtwGif;? wpfywftwGif;? wpfvtwGi;f ?

wpfEpS t
f wGif; wifcw
Jh mudk &SmazGr,fqdjk yD; a&G;cs,fEidk yf gw,f/
&SmazGwt Jh cg result awG odyfrsm;aerSmpdk;&if site or domain uae

uefYowfEidk yf gao;w,f/ Oyrm wikipedia.org ponfjzifhaygh/ yHkrSef search
jyKvkyfwJh ae&mrSm 'D function udk toH;k jyKvdyk gu site: qdw
k mudk
a&G;cs,fEkdifygao;w,f/ Oyrm - site:wikipedia.org ponfjzifah ygh/
aemufwpfcku terms appearing yg/ tJonfrSm a&G;cs,fp&mawG xJu

yxrwpfcku "anywhere in the page" yg/ yHkrSef&SmazGovdyk J &SmazGwt Jh aMumif;
t&m b,fae&mrSmygyg result vmay:jyrSm jzpfygw,f/ aemufwpfck "in the title
of the page" uawmh uRefawmfwdYk &SmazGr,fh taMumif;t&monf title ae&mrSm
&SdaewmawGuydk J xkwfjyyg vdYk qdv k mjzpfygw,f/ yHkrSef search rSm
k dw
&SmazGtoH;k jyKvdkygu intitle: udk toH;k jyK&SmazGEidk yf gw,f/ Oyrm -
intitle:hacking , intitle:"ethical hacking" /
aemufxyf "in the text of the page" qdw k muawmh uRefawmfwYdk
&SmazGvw dk Jh tcsuftvufonf acgif;pOfrSmxuf pmudk,frmS ygwmrsdK;udk
&SmazGwmudk qdv k ydk gw,f/ yHkrSef &SmazGwJah e&mrSm oluY dk xnfoh ;Hk csif&ifawmh intext:
udk toH;k jyKEdkifygw,f/ Oyrm - intext:hacking aygh/
aemufwpfcku "in the URL of the page" jzpfygw,f/ URL xJrSm
&SmazGwmjzpfjyD; inurl: udk toH;k jyKEdik fygw,f/ Oyrm url rSm mm yg0ifwmudk
&SmazGcsif&ifawmh inurl:mm udk toH;k jyK &SmazGEkdiyf gw,f/ aemufqHk;wpfckjzpfwJh in
links to the page uda k wmh odyfroH;k Muygbl;/ inlink:example.com eJY
&SmazGEidk yf gw,f/
Safe Search rSmawmh options ESpc f k &SdjyD; show most relevant results u
yHkrSeftwdik f;jzpfjyD; filter explicit uawmh sexually explicit video awGeJY image
awGudk search result rSm a&mufrvmatmif filter vkyfay;ygw,f/
aemufxyf option wpfckjzpfwJh File Type uawmh &Si;f rjyawmhbl;aemf/
ud,k f&SmazGvw
dk Jh zdkiftrsdK;tpm;tvdu k f a&G;p&mawG ay;xm;ygw,f/ yHkrSef search
rSm file type udk xnf&h Smcsifw,fqdk&ifawmh (Oyrm - pdf udk &Smr,fqydk gu)
filetype:pdf qdjk yD; xnf&h SmEdkifygw,f/
aemufqHk; function jzpfwJh usage rights uvnf; toH;k enf;ygw,f/

default twdik ;f om &SmMuavh&SdvdkY tJ'Dtydkif; xnfrh ajymawmhbl;aemf/
Google Hacking & Google Hacking Database

'Dacgif;pOfav;udak wmh tm;vH;k odMu &if;ESD;Muvdrrfh ,fvYdk ,lqygw,f/
Johnny Long u pwifwDxGifcJjh yD; Google operators & terms awGudk Google
Search engine eJY aygif;pyfjyD; tvGefwefzdk;&Sw
d Jh tcsuftvufawGudk tifwmeuf
rS wpfqifh &&SdEdkifapzdYk zefwD;xm;wJh enf;ynmwpfck jzpfygw,f/ People &
organizations awG&JUtaMumif; information awGudk &,lEi dk af pzdkY Google database
udk query vkyfEidk fzt
kdY wGuf targeted expression awGudk twdtus toH;k jyKEdkifrI
ay: focus xm;wJh enf;ynmvdYk tBurf;zsif; ajymEdkifygw,f/
Google hacking eJY ywfoufjyD; enf;ynmpmtkyfaygif; rsm;pGm xGuf&Sd
xm;ovdk johnny Long ud, k fwdik fa&;wJh Google Hacking for Penetration Testers
k Jh pmtkyfu tausmfMum;qH;k jzpfygw,f/ www.khitminnyo.com rSm ebook
qdw
uae oGm;a&muf zwf&IEdik fygw,f/
Google Hacking Database (GHDB) rSm Google Hacking search
query string rsm;pGmudk compile vkyfay;xm;jyD; rlv database uawmh
www.hackersforcharity.org/ghdb rSm jzpfygw,f/ Kali &JU rdcif Offensive
Security rSmvnf;yJ GHDB udk azmfjyxm;wm &SdjyD;
www.offensive-security.com/community-projects/google-hacking-database/
rSm Munfh&IEidk fygw,f/ Offensive Security uae pkpnf;xde;f odrf;xm;ay;wJh
www.exploit-db.com/google-hacking-database rSmawmh Google hacks
category 14 cktjzpf jyefvnf cGJjcm; odrf;qnf;xm;ygw,f/
xdk category 14 ckxJrSm Files Containing Passwords qdw k Jh

Category wpfck yg0ifjyD; search strings aygif; 160 ausmf yg&Sy
d gw,f/ xdxk JurS
example taeeJY Cisco passwords awGudk &SmazG&mrSm toH;k jyKEdi k fwJh search
string wpfckudk erlem azmfjyay;ygr,f/
rdrw
d Ydb
k mom Google Search rSm vufawGY &SmazGMunfEh kdifygw,f/
enable password | secret "current configuration" -intext:the udk oH;k jyD;
&SmazGwt Jh cg Search result aygif; 6aomif;cGJ cefY xGufvmwm awGY&rSmjzpfjyD;
tcsdKuzdkiaf wGrSmawmh Password ygrvmwmrsdK;awmh tenf;i,f &SdEidk fygw,f/
oluY dk site: vdk tjcm;aom operator awGeJYvnf; aygif;pyf toH;k jyKEdkifygw,f/
Social Media
'Dacgif;pOfav; awGv Y du
k fwmeJw
Y if uRefawmfwYdk tm&HkrSm bmudk
jrifa,mifrdygovJ/ Facebook udk jrifa,mifrdol trsm;qH;k jzpfMur,fvdkY ,HMk unfrd
ygw,f/ Social Media awG[m ,aeYacwfrSm vlawG&JU aeYpOfb0rSm
wpfpw d fwpfykdif;u yg0ifaeygw,f/ uRefawmfwdYk EdkifiHrSmawmh Facebook &
Instagram oH;k ol trsm;qHk;jzpfjyD; Twitter eJY Linked In oH;k ol tawmf
enf;ygao;w,f/ Fb vdk social media profile uae tcsdKUaom tcsut f vufawG
&,lEkid fovdk rdrwd Ydk Target &JU 0goemudk cefYrSef;yHak zmfEdkifygw,f/
LinkedIn uawmh uRefawmfwdYkqDrSm oH;k ol enf;ao;ayr,fh
Organizational chart awG? email awGtjyif tjcm; Sensitive Information (e.g.
JD) awGuy dk g &&SdEdkifwJh Social media wpfck jzpfygw,f/ txufyg Social Media
awG &Sdaejcif;uvnf; hacker awGtwGuf Social Engineering udk toH;k jyKzdYk
tcGiht
f vrf;awG ydkrv dk mapygw,f/
DNS and DNS Attacks

DNS qdw k m Domain Name System/Service wdYu k dk &nfnTef;w,fqw
dk m
awmh tm;vHk;eD;yg; odMujyD;jzpfygw,f/ Google udk google.com vdYk rSwf&wmu
173.194.46.19 vdYk rSwf&wmxuf ydkrdv k G,fuljyD; rSwfrdEidk fwmaMumifh
uRefawmfwYdak wGu DNS udk toH;k jyKMuw,fqdw k mudvk nf; tm;vHk; od&jSd yD;
jzpfygw,f/ uRefawmfwdYk vlom;awGu name awGuo dk m rSwfrdvG,fayr,fh
uGefysLwmawG (tjcm;pufawG) uawmh udef;awGuydk J rSwfrdMuygw,f/ 'Dawmh
vlom;awG em;vnfwJh google.com/facebook.com pwmawGudk pufu
em;vnfwJh 192.168.0.1 pwJh IP address awG jzpfatmif ajymif;vJ jyefqdkay;wJh
pepfudk DNS vdYk rSwfom;Edkifygw,f/ tJvdk bmomjyefqadk y;wJw
h m0efudk Name
server u ,lygw,f/
name server rSm tvGef toH;k 0ifwJh tcsuftvufawG &Sdaeygw,f/
Oyrm ajym&&if name server rSm mail server, MX record, domain pwJh
information awG yg0ifygw,f/ Kali Linux &JU nslookup av;taMumif;
qufvuf aqG;aEG;&atmi/ Terminal udk zGihfvduk fyg/
Terminal rSm nslookup udk enter vdu k fygu ">" oauFwav;
ay:vmygr,f/ Greater than oauFw jzpfayr,fh olu Y dk carrot vdYk ac:ygw,f/ 'D
carrot av;rSm rdrw
d kYd pHkprf;od&Sv k Jh domain av;awGudk xnfo
d dw h Gif;Edkiyf gw,f/
carrot (>) av;xJuae Terminal qD jyefxGufvdkygu exit vdYk &dkufjyD;
xGufEdkifygw,f/
nslookup xJ jyef0ifMunf&h atmif/ Terminal rSm nslookup vdYk &dkufjyD;

enter vdu
k fyg/
jyD;&if target web page &JU IP address udk od&aSd pEdkifzdkYtwGuf target
web page &JU domain udk &dkufxnfhyg/ uRefawmfu www.google.com udk erlem
jyygr,f/
authoritative eJY non-authoritative qdjk yD; ESpr f sdK; azmfjywmudk

awGY&ygr,f/ Non-authoritative answer onf server's cache awG&JU information
awGudk nTefjyEdkifwmjzpfvdYk odyfaumif;wJh information source vdYk qdEk idk yf gw,f/
jyefrxGufao;bJ aemufxyf xyfquf&SmMunf&h atmifAs/
>set type=MX
>google.com
Google.com twGuf Mail server awGudk awGYjrif&jyDaemf/
set type=ns owfrSwfay;jyD; Google.com udk jyef&kdufvu

dk fwt
Jh cg
google &JU name server (ns) awGudk awGYjrifvm&jyD jzpfygw,f/
Zone Transfer
nslookup vdk Program rsdK;udk toHk;jyKjyD; information tawmfrsm;rsm;udk
f vdk Zone transfer ukd oH;k jyD;vnf; information tawmfrsm;rsm;udk
pkaqmif;&&SdEidk o
pkaqmif;Edkifygao;w,f/ toH;k jyKwJh command yHkpHuawmh dig @[name server]
[domain] axfr jzpfygw,f/
[name server] ae&mrSm nslookup eJY &SmcJw

h Jh result u name server udk
h Gif;Edkiyf gw,f/ [domain] uvnf; odjyD;om; jzpfwmrdYk tay: yHkav;rSm
xnfo
Munf&h if erlemjyxm;wmudk awGYjrifEkdifygw,f/
Information Gathering Tools in Kali Linux
Information Gathering eJY ywfoufjyD; Kali Linux rSm build-in tools

awG rsm;pGm &SdMuygw,f/ DNS Analysis, IDS/IPS Identification, Live Host
Identification, Network & Port Scanner, OSINT Analysis, Route Analysis,
SMB Analysis, SMTP Analysis, SNMP Analysis eJY SSL Analysis qdjk yD;
cGJjcm;xm;wJh tool group q,fck&Syd gw,f/ Group wpfcck sif;pDtvdu
k f tool awG
xyf&dw S maMumifh 01-Information Gathering qdw
k Jh xJrSm tool aygif; rsm;pGmudk
jrifawG&Y rSmyg/ aemufydik ;f rSm oufqdik &f m u@tvdkuf tvsOf;oifhovdk
azmfjyay;oGm;ygr,f/
Seven Steps of Information Gathering

Reconnaissance qdw
k m Information Gathering vkyfwJh
vkyfief;pOftm;vH;k aygif;udk qdv
k dw
k ,fvdYk a&SUrSmaqG;aEG;cJjh yD;jyDaemf/ Information
Gathering vkyfaqmif&mrSm Active vnf; jzpfEkdifovdk Passive vnf;
jzpfEkdifygw,f/ Hacker wpfa,mufu Active a&m Passive a&myg ESprf sdK;vH;k
toH;k jyKjyD;vnf; information awGudk gather vkyfEidk zf Ydk BudK;pm;Edkifygao;w,f/
Public Website vdk ae&mawGuae &SmazGjcif;tygt0if Information gathering
udk t"dutm;jzifh Steps 7ckeYJ cGJjcm;Edkifygw,f/
Active footprinting, Passive footprinting & Enumeration qdw k Jh

tqifh oH;k ckudk jyefcMGJ unfhwJhtcg txufygtwdik ;f Seven steps of information
gathering udk &&Sdygw,f/ 'D7qifh rSea f yr,fh 'Dtwdki;f tpOfvu dk fyJ
vkyf&r,fvYdak wmh vH;k 0 rqdkvdkyg/ wpfqifch sif;pDtaMumif; tao;pdwf
aqmif;yg;rsm;udk www.khitminnyo.com wGif qufvuf
a&;om;ay;oGm;ygrnf/ ,ckpmtkyw f Gif xdtk qifhrsm;udk azmfjyaeygu
pmrsufESmrsm;pGm ukefoGm;rSmjzpfvdYk wpfcpk D &Si;f rjyawmhyg/
uRefawmfwdYk apmapmu aqG;aEG;cJhwJhtwdik f;ygyJ/ Attacker wpfa,muf
u information awGudk pkaqmif;wJt h cg Active & Passive footprinting ESprf sdK;vH;k
toH;k jyKEdik fygw,f/ aumif;jyD 'gqdk b,fuprvJ/ taumif;qH;k pwifrIuawmh
target company &JU website udk 0ifa&muf Munf& h jI cif;ygyJ/ Target organization
taMumif; em;vnfvmr,f/ target organization &JU Key People awG? contact
details (name, mail, phone, etc...)? target company &JU potential customers awG?
business area eJY olwdYk toH;k jyKwJh enf;ynm pwmawGudk od&E Sd kdifygw,f/ Public
wifxm;wJh web uae &,lwmjzpfvdYk w&m;0if information &,ljcif;jzpfygw,f/
xdok Ydk target udk wdu k f xdawGjY cif;r&Sdao;bJ information
k f&du
&,ljcif;rsdK;udk Passive Footprinting vdYk tMurf;zsif; rSwf,lEidk yf gw,f/ tJonfrmS
odvmr,fh contact phone udk qufjyD; jzpfap? mail uaejzpfap? Social Media
awGuaejzpfap information awG ydk&zdkt Y wGuf BudK;pm;jcif;uawmh Active
footprinting xJrSm yg0ifygw,f/
WHOIS
uRefawmfwdYktaeeJY website wpfck&UJ information awGudk pkaqmif;wJh
ae&mrSm tulnDay;Edkifr,fh aemufxyf tool av;wpfck &Sdygao;w,f/ WHOIS
yg/ Kali Linux &JU Terminal uae vG,fulpGm toH;k jyKEdkifygw,f/
www.bible-history.com udk erlemtaeeJY &Smjyyghr,f/ &SmwJt h cg www. udk
rxnfoh Gif;&yg/
erlem &Smjyxm;ovdyk gyJ/ rdrw d dYk&JU Target domain udk

xnfo h Gif;&SmazGwtJh cg tvGef wefzkd;&SdwJh tcsuftvufawGudk
&&SdvmrSmjzpfygw,f/ txufyg yHkrSmvnf; jrifawG&Y Edik o
f vdk yHkrSm
rygwJt h ydkif;awGuv dk nf; jrifawG&Y ygvdrfrh ,f/
txufyg result udk tjcm; device (e.g. phone) awGuae
&Smcsifygvsifawmh Browser rSm sg.godaddy.com/whois vdYk &dkufxnfjh yD;
oGm;a&muf&SmazGEdkiyf gw,f/
ay:vmwJh search box rSm target domain udk xnfo

h Gif;&Smvdu
k f&if
&ygjyD/
jyefquf&atmif/ Kali terminal rSm target domain eJYywfufjyD; cke
&SmwJah e&mrSmyJ host target yHkpHeJY toH;k jyKEdik fygao;w,f/ cke bible-history.com
udyk J qufjyD;erlem jyyghr,f/
vuf&Sd target twGuf mail udk b,fu handle vkyfay;aevJqw dk m
jrifEkdifygw,f/ target &JU name server awGudk odcsif&ifawmh host -t ns
target-domain yHkpHeJY &SmazG&rSm jzpfygw,f/ Oyrm-
txufygtwdik ;f &SmazGwJt h cg target &JU name server udk &&SdrSmjzpfjyD;

host -l target-domain ns yHkpHeJY Target IP &atmif qufvuf pHkprf;Edkifygw,f/
h m;wJh ns udk jyay;xm;

txufygyHkrmS Munfyh g/ ydk&Sif;atmif ,lxnfx
ygw,f/ IP &vmygjyD/ &vmwJh IP udk Detail information &atmif qufvuf
pHkprf;Edik zf kdY whois IP udk toH;k jyKEdkifygw,f/
wu,fwrf; Reconnaissance, Footprinting, Information Gathering

awGudk tjynft h pHk &Si;f vif;azmfjyzdkq
Y d&k if pmrsufESm 200 cefYeD;yg &SdoGm;Edkifygw,f/
'DpmtkyfxJrSmawmh 'Dae&mrSmyJ tawmfvHak vmufaejyDvYdk ,lqwmaMumifh cP
k f&atmifAsm/ a&SU Chapter av;rSm pmzwfolawGeJY jyefqMHk uwmaygh/ :)
ydkif;vdu

Basic Hacking Techniques PDF

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Basic Hacking Techniques PDF

Uploaded by

Copyright:

Available Formats

aus;Zl;wifvTm

teaEÅmteEÅig;yg;udk OD;xdyfxm;vsuf uRefawmf\

2. Penetration Testing Types

2. Unifying File System

'Dwpfcgawmh Linux File System taMumif; tenf;i,f aqG;aEG;ygr,f/

uRefawmfwdYk toH;k jyKawmhr,fh Linux System rSm ta&;ygqH;k vdYk

icon uawmh txufyg yHktwdkif; jzpfygw,f/ vkyfaqmifp&m

txufyg yHkuawmh uRsefawmfh&JU root accc, Home directory xJrSm

txufygtwdik ;f 0ifMunfhvdkufwJt h cg bash: cd: desktop: No such file

ckq&dk ifawmh uRefawmfwdYk Desktop udk 0ifa&mufEdkifjyDjzpfygw,f/

uRefawmfh&UJ Desktop ay:rSmawmh folder wpfco k m &SdvYdk wpfco k m

txufygtwdik ;f &dkufxnfhjyD;ygu ls eJY list jyefazmfMunf&h if test qdw

'Dcgawmh space jcm;wJh emrnfeJY folder wpfcu k dk zefwD;Munf&h atmif/

uRefawmfwdYk awGY&rSmu test eJY two qdw k Jh folder ESpcf k jzpfaewmyg/

txufyg yHktwdkif; test-three folder wpfcyk J xyfw;dk vmwmudk

txufygyHku twdik f; mkdir "test four" qdjk yD; space ygwJh

'gqdk&if cd eJY 0ifa&mufwJt

txufyg yHktwdik f; cd aemufrSm 2 dot (..) xnfo

'Dcgawmh terminal topfwpfckziG hfjyD; dir wpfckcsif;pDudk

txufyg yHkonf terminal zGihfjyD;uwnf;u dir wpfcck sif;pDudk Munf&h I

leafpad test.txt vdYk&kdufvdu h cg leafpad eJY zdkifwpfck yGihfvmrSmjzpfjyD;

Desktop ay:u test folder xJrSm zGihfMunf&h ifvnf;

txufyg yHkrSmMunfh&if echo udk toH;k jyKjyD; pm&du

folder rSm oGm;zGihfMunf&h ifvnf; txufygtwdik ;f jrif&rSmyg/ test2.txt

txufyg yHkrSmMunf&h if cat command udk toH;k jyKjyD;awmh &dkufcw Jh Jh

ckqdk terminal uae txt zdkif zefwD;jyD; pm&du k fwm/ pmudk

txufygyHkrmS Munf&h if ol&Y JU rlvpmom; This is my testing. ae&mrSm I

txufyg yHkrSmMunf&h if rlvpmaMumif;xJrSm Ethical Hacker

txufyg yHkrSmMunf&h if cat eJY jyefazmfMunfhvu dk fwtJh cg pmaMumif;awG

txufygyHkudk Munfrh ,fqd&k if uRefawmfwYdt k aeeJY test2.txt zdkifudk

zdkifemrnfrSm test ygwmawmhodw,f/ tm;vH;k vnf; aocsmrodbl;

oluawmh zdkifemrnfrSm test ygorSs zdkifwidk ;f udk xkwfjyrSmjzpfvYdk zdkifawG

APT Package Handling Utility

txufygyHu k awmh upgradable awGudk azmfMunfw h t

a&SUrSm aqG;aEG;cJhwJh upgrade &&SdEdkifwJh package awGtm;vHk;udk upgrade

Combining to the Commands

Removing Debian Packages

txufyg yHkxJutwdik f; Desktop ay:u a qdw k Jh directory wpfcx

uRefawmfwdYk zefwD;vdkufwJh test.tar.gz qdwk Jh zdkifwpfck xyfwdk;vmwmudk

ckq&dk ifawmh uRefawmf zefwD;xm;wJh tar file ESpcf k awGY&jyDjzpfygw,f/

cke zefwD;vdkufwJh test.tar.gz xJu zdkifawGudk list jyefazmfMunfw

yHkrSmMunfyh g/ test.tar.gz udk jznfzdYktwGu G f tar -xf udk toH;k jyK

tjcm;aom command awGudyk g help options ac:Munfv h Ydk &ygw,f/

Linux File System

1. Basic Networking Concepts

'D title t& taMumif;t&mu odyfBuD;oGm;w,fvYdk xifaumif;

yHkav;rSm azmfjyxm;ovdyk gyJ/ Adam u ol&Y JU uGefysLwmudk router uae

(wlan0) wireless network interface card (eth0) network interface card

uRefawmfwdYk ck toH;k jyKr,fh Kali Linux rSmawmh ifconfig

Steps performed by Hackers

Hacker awG[m wpfOD;eJw

&efoelY ,fajreJY uyfvsuf&SdwJh awmifylpmav;ay:rSm a&muf&aSd ewJh

wu,fh ppfom;awGtwGufawmh 'DtqifhrSm wdu k fcu

Phase 4. Maintaining Access

apmapmu ajymcJhwJh &efolpY cef;xJ azmuf0ifedkifcw Jh Jh ppfom;av;&JU

'Dtqifu h adk wmh Ethical Hacker (Penetrating Tester) awGuom

ppfyJGwpfck rpwifrD &efoleJY ywfoufwJh owif;tcsuftvuf

Start with the Targets Own Website

yxrqHk;taeeJY uRefawmfwdYk target &JU own website udk

uRefawmfwdYk&JU Target website udk evaluate vkyfz&kYd mtwGuf website

txufygyHkrmS Munfyh g/ uRefawmf toH;k jyKjyoGm;wJh command av;u

txufyg command udk avhvmMunfrh ,fq&dk ifawmh wget qdw k Jh main