Book Image

Advanced Penetration Testing

By : Wil Allsopp
Book Image

Advanced Penetration Testing

By: Wil Allsopp

Overview of this book

Today's threats are organized, professionally-run, and very much for-profit. Advanced Penetration Testing?goes beyond Kali Linux and Metasploit and to provide you advanced pen testing for high security networks. This book integrates social engineering, programming, and vulnerability exploits into a multidisciplinary approach for targeting and compromising high security environments. From discovering and creating attack vectors, and moving unseen through a target enterprise, to establishing command and exfiltrating data—even from organizations without a direct Internet connection—this guide contains the crucial techniques that provide a more accurate picture of your system's defense. Custom coding examples use VBA, Windows Scripting Host, C, Java, JavaScript, Flash, and more, with coverage of standard library applications and the use of scanning tools to bypass common defensive measures. By the end of this book, you’ll be in a position to detect threats and defend your high security network.
Table of Contents (13 chapters)
Free Chapter
1
Cover
2
Title Page
13
End User License Agreement

Operating Systems

DPRK sells an “official” North Korean operating system called Red Star (at version 3.0 at time of writing). Red Star comes in two flavors—desktop and server—and are both based on Fedora Linux with Korea localizations. They are both designed to be highly restrictive from the ground up (albeit in slightly different ways, but we'll get to that). I will make both versions available via torrents from my website should you want to play with them.

Red Star Desktop 3.0

First of all, let's examine Red Star Desktop, including its eccentricities and how to exploit it. Figure 9.1 shows what the OS looks like when booted; it's running here in VMWare.

Screenshot for Red Star Desktop.

Figure 9.1: Red Star Desktop.

Readers may be forgiven for noting its resemblance to Apple's OS X, which to be fair, has actually been quite nicely achieved. I, for one, find my Korean to be a little rusty, so our first order of business will be to get the thing in English so as to...