We are not limited to attacking web applications and network services - we can attack hosts and systems. This is especailly the case once we have gained an initial foothold and we are attacking other devices on the compromised networks. These attacks often exploit misconfigurations and / or vulnerabilities in operating systems. They are useful for when we find machines on internal networks which are not running network services apart from default ones such as smb.
The following overview details what will be covered.
- Exploiting Windows Vulnerabilities
- An Overview of Vulnerabilities in Windows
- Exploiting IIS WebDAV
- Exploiting SMB
- Eternalblue
- Exploiting RDP
- Exploiting WinRM
- Windows Privilege Escalation
- Windows Kernel Exploits
- Bypassing UAC
- Access Token Impersonation
- Windows Credential Dumping
- Windows Password Hashes
- Passwords in Configuration Files (Unattended Installation)
- Dumping Hashes with Mimikatz
- Pass-the-Hash Attacks
- Cracking Windows Password Hashes
- Exploiting Linux Vulnerabilities
- An Overview of Vulnerabilities in Linux
- Exploiting Bash (Shellshock)
- Exploiting FTP
- Exploiting SSH
- Exploiting SAMBA
- Linux Privilege Escalation
- Linux Kernel Exploits
- Exploiting Misconfigured Cronjobs
- Exploiting SUID Binaries
- Linux Credential Dumping
- Dumping Linux Password Hashes
- Linux Password Hunting
- Cracking Linux Password Hashes