Book Image

Kali Linux 2018: Windows Penetration Testing - Second Edition

By : Wolf Halton, Bo Weaver
Book Image

Kali Linux 2018: Windows Penetration Testing - Second Edition

By: Wolf Halton, Bo Weaver

Overview of this book

Microsoft Windows is one of the two most common OSes, and managing its security has spawned the discipline of IT security. Kali Linux is the premier platform for testing and maintaining Windows security. Kali is built on the Debian distribution of Linux and shares the legendary stability of that OS. This lets you focus on using the network penetration, password cracking, and forensics tools, and not the OS. This book has the most advanced tools and techniques to reproduce the methods used by sophisticated hackers to make you an expert in Kali Linux penetration testing. You will start by learning about the various desktop environments that now come with Kali. The book covers network sniffers and analysis tools to uncover the Windows protocols in use on the network. You will see several tools designed to improve your average in password acquisition, from hash cracking, online attacks, offline attacks, and rainbow tables to social engineering. It also demonstrates several use cases for Kali Linux tools like Social Engineering Toolkit, and Metasploit, to exploit Windows vulnerabilities. Finally, you will learn how to gain full system-level access to your compromised system and then maintain that access. By the end of this book, you will be able to quickly pen test your system and network using easy-to-follow instructions and support images.
Table of Contents (12 chapters)

Windows Escalate UAC Protection Bypass (ScriptHost Vulnerability)

This module attempts to bypass the UAC on Windows, using the VB scripting language, by exploiting the cscript/wscript.exe executable:

    msf > info exploit/windows/local/bypassuac_vbs 
    
    Name: Windows Escalate UAC Protection Bypass (ScriptHost Vulnerability)
    Module: exploit/windows/local/bypassuac_vbs
    Platform: Windows
    Privileged: No
    License: Metasploit Framework License (BSD)
    Rank: Excellent
    Disclosed: 2015-08-22
    
    Provided by:
    Vozzie
    Ben Campbell <[email protected]>
    
    Available targets:
    Id Name
    -- ----
    0 Automatic
    
    Basic options:
    Name  Current Setting Required Description
    ----  --------------- -------- -----------
    SESSION     yes  The session to run this module on.
    
    Payload information:
    
    Description...