Book Image

Python for Offensive PenTest

By : Hussam Khrais
Book Image

Python for Offensive PenTest

By: Hussam Khrais

Overview of this book

Python is an easy-to-learn and cross-platform programming language that has unlimited third-party libraries. Plenty of open source hacking tools are written in Python, which can be easily integrated within your script. This book is packed with step-by-step instructions and working examples to make you a skilled penetration tester. It is divided into clear bite-sized chunks, so you can learn at your own pace and focus on the areas of most interest to you. This book will teach you how to code a reverse shell and build an anonymous shell. You will also learn how to hack passwords and perform a privilege escalation on Windows with practical examples. You will set up your own virtual hacking environment in VirtualBox, which will help you run multiple operating systems for your testing environment. By the end of this book, you will have learned how to code your own scripts and mastered ethical hacking from scratch.
Table of Contents (13 chapters)
Title Page
Copyright and Credits
Packt Upsell

Privilege escalation – weak service file

During a penetration testing phase, you may encounter a standard user where you don't have full privilege to access or modify a filesystem due to the user access control (UAC) and, each time you try to elevate your privilege, you will be prompted to the window that asks you to enter the administrator password. In this section, we will discuss one of the types of doing a privilege escalation attack, where you technically jump from a standard user to an administrator or system privilege. These types of attacks, which we will discuss, are called privilege escalation via service file permission weakness. The system will be vulnerable if the location of a service executable file is modifiable by the standard user. Then, it can be overwritten by another malicious executable. We may use this capability to gain system privilege(s) by booting our own executable in place of the service executable. Once the service is started after restarting the system, the...