book

Kali Linux Penetration Testing Bible

by Gus Khawaja

June 2021

Intermediate to advanced

512 pages

11h 12m

English

Wiley

Read now

Unlock full access

What Does This Book Cover?Companion Download FilesHow to Contact the PublisherHow to Contact the Author
Kali Linux File SystemManaging Users and Groups in KaliFiles and Folders Management in Kali LinuxRemote Connections in KaliKali Linux System ManagementNetworking in Kali LinuxSummary
Basic Bash ScriptingPrinting to the Screen in BashVariablesScript ParametersUser InputFunctionsConditions and LoopsSummary
Basics of NetworkingNetwork ScanningDNS EnumerationSummary
Passive Footprinting and ReconnaissanceSummary
Spear Phishing AttacksPayloads and ListenersSocial Engineering with the USB Rubber DuckySummary
Transfer ProtocolsE‐mail ProtocolsDatabase ProtocolsCI/CD ProtocolsWeb Protocols 80/443Graphical Remoting ProtocolsFile Sharing ProtocolsSummary
Vulnerabilities AssessmentServices ExploitationSummary

Web Application VulnerabilitiesSummary
Web Enumeration and ExploitationSecure Software Development LifecycleSummary
Introduction to Kernel Exploits and Missing ConfigurationsKernel ExploitsSUID ExploitationOverriding the Passwd Users FileCRON Jobs Privilege EscalationsudoersExploiting Running ServicesAutomated ScriptsSummary
Windows System EnumerationFile TransfersWindows System ExploitationSummary
Dumping Windows HashesPivoting with Port RedirectionSummary
Basics of CryptographyCracking Secrets with HashcatSummary
Overview of Reports in Penetration TestingScoring SeveritiesReport PresentationSummary
CPU RegistersAssembly InstructionsData TypesMemory SegmentsAddressing ModesReverse Engineering ExampleSummary
Basics of Stack OverflowStack Overflow ExploitationSummary
Basics of PythonRunning Python ScriptsDebugging Python ScriptsPracticing PythonPython Basic SyntaxesVariablesMore Techniques in PythonSummary
Penetration Test RobotSummary
Downloading and Running a VM of Kali LinuxKali Xfce DesktopSummary
Docker TechnologySummary

Content preview from Kali Linux Penetration Testing Bible

CHAPTER 11Windows Privilege Escalation

As you know, the Microsoft Windows operating system is popular among individual users and companies for their employees. There is a lot to cover about privilege escalation on the Windows OS, and as usual, all the concepts are explained through examples. By the end of this chapter, you should be able to start escalating your privileges with ease.

This chapter covers the following topics:

How to enumerate the Windows operating system
How to transfer files into Windows while in a limited shell
Windows kernel exploits
Exploiting Windows services
Windows GUI exploitation
Privilege escalation automation tools

Windows System Enumeration

Before starting to exploit the Windows operating system, we will need to enumerate the host. In this section, you will see all the basic enumeration commands to get the job done.

System Information

To exploit the system for privilege escalation, you will need to understand the operating system details. The systeminfo command will give you plenty of information regarding the target Windows OS:

C:\Users\Gus>systeminfo
 
Host Name:                        WINDOWS10LAB
OS Name:                          Microsoft Windows 10 Enterprise LTSC
OS Version:                       10.0.17763 N/A Build 17763
OS Manufacturer:                  Microsoft Corporation
OS Configuration:                 Member Workstation
OS Build Type:                    Multiprocessor Free
Registered Owner:                 Windows User
Registered Organization:
Product ID:                       00424-90483-55456-AA805
Original Install Date:            6/1/2020, 9:40:20 AM
System Boot Time: 9/8/2020, 5:30:37 ...