Exploits for Windows

Windows exploits are typically targeted toward listening services of the operating system. Here is a list that targets the SMB service that runs on port 445 of Windows:

  • Eternalblue – MS17-010
  • MS08-67
  • MS03-026

The following are some tools often used by pen testers:

  •  PsExec:

 PsExec is a tool included in the Sysinternals toolkit; it is used for remote management and is a popular tool among pen testers, system admins, and hackers. The PsExec binary is usually copied to the $admin share on the machine, then it uses remote management to create a service on the remote machine. Keep in mind that PsExec requires admin privileges on the remote machine:

  1. Download Sysinternals
  2. Open the PowerShell prompt
  3. Type cd <Sysinternals ...

Get Kali Linux 2018: Assuring Security by Penetration Testing - Fourth Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.