Finally, we’ve come to the exploitation chapter. We can now use the knowledge acquired so far to gain access to the target machine. Exploitation can be both server side and client side. Server side exploitation consists in having a direct contact with the server, and it does not involve any user interaction. Client side exploitation, on the other hand, is where you directly engage with the target in order to exploit it.
Server side exploitation will be the focus of this chapter. We’ll see client side exploitation in the next chapter. The main goal of this chapter is to familiarize the audience with the methodologies that can be used to hack into a target. The following topics will be covered: