In this chapter, we highlighted a method in which you can move through a sample environment. Specifically, how to exploit a relative box, escalate privileges, and extract additional credentials. From that position, we identified other viable hosts we could laterally move into and the users who were currently logged into them. We generated custom payloads with the Veil Framework to bypass HIPS, and executed a PtH attack. This allowed us to extract other credentials from memory with the tool Mimikatz. We then automated the identification of viable secondary targets and the users logged into them with Python and MSFRPC. Much of this may seem very surprising, either in complexity or lack thereof, depending on what you were expecting. Keep in mind, it will all depend on your environment and how much work it will take to actually crack it. This chapter provided a lot of details related to exploit network and system based resources, the next chapter highlights a different angle, web assessments...
Learning Penetration Testing with Python
By :
Learning Penetration Testing with Python
By:
Overview of this book
Table of Contents (19 chapters)
Learning Penetration Testing with Python
Credits
Disclaimer
About the Author
Acknowlegements
About the Reviewers
www.PacktPub.com
Preface
Free Chapter
Understanding the Penetration Testing Methodology
The Basics of Python Scripting
Identifying Targets with Nmap, Scapy, and Python
Executing Credential Attacks with Python
Exploiting Services with Python
Assessing Web Applications with Python
Cracking the Perimeter with Python
Exploit Development with Python, Metasploit, and Immunity
Automating Reports and Tasks with Python
Adding Permanency to Python Tools
Index
Customer Reviews