Book Image

Windows and Linux Penetration Testing from Scratch - Second Edition

By : Phil Bramwell
Book Image

Windows and Linux Penetration Testing from Scratch - Second Edition

By: Phil Bramwell

Overview of this book

Let’s be honest—security testing can get repetitive. If you’re ready to break out of the routine and embrace the art of penetration testing, this book will help you to distinguish yourself to your clients. This pen testing book is your guide to learning advanced techniques to attack Windows and Linux environments from the indispensable platform, Kali Linux. You'll work through core network hacking concepts and advanced exploitation techniques that leverage both technical and human factors to maximize success. You’ll also explore how to leverage public resources to learn more about your target, discover potential targets, analyze them, and gain a foothold using a variety of exploitation techniques while dodging defenses like antivirus and firewalls. The book focuses on leveraging target resources, such as PowerShell, to execute powerful and difficult-to-detect attacks. Along the way, you’ll enjoy reading about how these methods work so that you walk away with the necessary knowledge to explain your findings to clients from all backgrounds. Wrapping up with post-exploitation strategies, you’ll be able to go deeper and keep your access. By the end of this book, you'll be well-versed in identifying vulnerabilities within your clients’ environments and providing the necessary insight for proper remediation.
Table of Contents (23 chapters)
1
Part 1: Recon and Exploitation
9
Part 2: Vulnerability Fundamentals
17
Part 3: Post-Exploitation

Busting the padding oracle with PadBuster

Secure cryptosystems shouldn’t reveal any plaintext-relevant information about encrypted messages. Oracle attacks are powerful demonstrations of how you don’t need much seemingly meaningless information to end up with a full decrypted message. Our CryptOMG web app provides a challenge that can be defeated by exploiting a padding oracle: a system that gives us information about the validity of padding in a decryption process without revealing the key or message. Let’s start some conversations with our oracle and see what these responses look like.

Interrogating the padding oracle

Let’s load up the CryptOMG main page and select the first challenge (like last time, we’re out to get /etc/passwd). On the test page, there’s nothing of interest in the actual content of the page, so let’s examine the URL: http://127.0.0.1/ctf/challenge1/index.php?cipher=3&encoding=2&c=81c14e504d73a84cc...