Ethical Hacking and Penetration Testing Guide


◾  Ethical Hacking and Penetration Testing Guide Exploiting Targets



Yüklə 22,44 Mb.
Pdf görüntüsü
səhifə168/235
tarix07.08.2023
ölçüsü22,44 Mb.
#138846
1   ...   164   165   166   167   168   169   170   171   ...   235
Ethical Hacking and Penetration Testing Guide ( PDFDrive )

270
◾ 
Ethical Hacking and Penetration Testing Guide
Exploiting Targets
We will not try to compromise other targets, which we discussed in detail in the “Remote 
Exploitation” chapter (Chapter 7). One great thing we can do is that we can use the hail mary tool 
to launch autopwn to compromise the other targets. However, it’s not recommended in real-world 
penetration tests for obvious reasons.
Once you have compromised other hosts on the network, you would again employ the postex-
ploitation process. You might have understood by now that postexploitation is a cyclic process. We 
will try to penetrate the network as much as we can and look for sensitive data.
Conclusion
The postexploitation process starts after we compromise the target; our first step would be to 
acquire situation awareness, and we learned some useful commands from both Windows and 
Linux to gain situation awareness. Our next immediate goal would be to migrate to a stable 
process so that our connection does not get lost. Once we have migrated to a stable process, our 
next goal would be to make our connection persistent so that even after the victim reboots the 
computer we will have access to it. We saw how this can be done by installing a backdoor on the 
target computer and using meterpreter scripts to make it persistent. We also looked at harvest-
ing data once we had complete control of the target. Next we learned how to identify further 
targets and route the traffic from our compromised target in case the target is not directly 
reachable to us.


271
Chapter 10
Windows Exploit 
Development Basics
This chapter will walk you through the process of developing a simple stack-based overflow exploit 
on Windows; though there is a lot to exploit development this should be a great place to get 
started. The key behind the exploit development process is to replace the programs instructions 
with our instructions. This could be accomplished by making the program crash or making it 
behave in an unexpected manner and therefore overwriting the memory segments with our own 
piece of code which otherwise is known as Shellcode.
There are many types/classes of memory corruption such as buffer overflows and use-after-free. 
In this chapter we will focus on stack-based overflows, which are part of buffer overflows.
Prerequisites

Windows XP Machine Service Pack 2

Immunity Debugger

Active Perl for running Perl scripts

mona.py

Fuzzer—Create one or use the ones built into BackTrack

A vulnerable application
For the sake of simplicity we will use Windows XP SP2 to demonstrate our exploit. There are many 
other security measures implemented in and bypasses developed for later versions of Windows
however, we won’t talk about them in this chapter.

Yüklə 22,44 Mb.

Dostları ilə paylaş:
1   ...   164   165   166   167   168   169   170   171   ...   235




Verilənlər bazası müəlliflik hüququ ilə müdafiə olunur ©azkurs.org 2025
rəhbərliyinə müraciət

gir | qeydiyyatdan keç
    Ana səhifə


yükləyin