During a penetration testing phase, you may encounter a standard user where you don't have full privilege to access or modify a filesystem due to the user access control (UAC) and, each time you try to elevate your privilege, you will be prompted to the window that asks you to enter the administrator password. In this section, we will discuss one of the types of doing a privilege escalation attack, where you technically jump from a standard user to an administrator or system privilege. These types of attacks, which we will discuss, are called privilege escalation via service file permission weakness. The system will be vulnerable if the location of a service executable file is modifiable by the standard user. Then, it can be overwritten by another malicious executable. We may use this capability to gain system privilege(s) by booting our own executable in place of the service executable. Once the service is started after restarting the system, the...
Python for Offensive PenTest
By :
Python for Offensive PenTest
By:
Overview of this book
Python is an easy-to-learn and cross-platform programming language that has unlimited third-party libraries. Plenty of open source hacking tools are written in Python, which can be easily integrated within your script.
This book is packed with step-by-step instructions and working examples to make you a skilled penetration tester. It is divided into clear bite-sized chunks, so you can learn at your own pace and focus on the areas of most interest to you. This book will teach you how to code a reverse shell and build an anonymous shell. You will also learn how to hack passwords and perform a privilege escalation on Windows with practical examples. You will set up your own virtual hacking environment in VirtualBox, which will help you run multiple operating systems for your testing environment.
By the end of this book, you will have learned how to code your own scripts and mastered ethical hacking from scratch.
Related Content you might be interested in
Current Title:
Python for Offensive PenTest
Table of Contents (13 chapters)
Title Page
Copyright and Credits
Packt Upsell
Contributors
Preface
Free Chapter
Warming up – Your First Antivirus-Free Persistence Shell
Advanced Scriptable Shell
Password Hacking
Catch Me If You Can!
Miscellaneous Fun in Windows
Abuse of Cryptography by Malware
Other Books You May Enjoy
Index
Customer Reviews