Skip to Main Content
Hands-On Penetration Testing on Windows
book

Hands-On Penetration Testing on Windows

by Phil Bramwell
July 2018
Intermediate to advanced content levelIntermediate to advanced
452 pages
11h 51m
English
Packt Publishing
Content preview from Hands-On Penetration Testing on Windows

Metasploit – exploring a Windows kernel exploit module

Now that we have a little background, we're going to watch the attack in action with Metasploit. The exploit module specific to this vulnerability is called exploit/windows/local/ms14_058_track_popup_menu (recall that MS14-058 is the Microsoft Security Bulletin designation for this flaw). Notice that this exploit falls under the local subcategory? The nature of this flaw requires that we are able to execute a program as a privileged user – this is a local attack, as opposed to a remote attack. Sometimes you'll see security publications discuss local exploits with phrases like the risk is limited by the fact that the attacker must be local to the machine. The pen tester in you should be ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Hands-On Web Penetration Testing with Metasploit

Hands-On Web Penetration Testing with Metasploit

Harpreet Singh, Himanshu Sharma
Metasploit Penetration Testing Cookbook - Third Edition

Metasploit Penetration Testing Cookbook - Third Edition

Nipun Jaswal, Daniel Teixeira, Abhinav Singh, Monika Agarwal
Web Penetration Testing with Kali Linux - Third Edition

Web Penetration Testing with Kali Linux - Third Edition

Gilberto Najera-Gutierrez, Juned Ahmed Ansari

Publisher Resources

ISBN: 9781788295666Supplemental Content