Example Hack
Now that you have a good understanding of how Microsoft networks are structured, we’ll take a detailed look at how an attacker might exploit this structure to increase his control over the network. We will demonstrate how a hacker can use an exploit to break into a Windows 2008 Server, create a local user account on that server, and add that account to the Administrators group on that server. In this way, even if the administrator patches the vulnerability that the hacker used to compromise the box, the hacker will still have an account with administrator privileges on the server to gain access to the server at a later date.
The first problem that the hacker must address is how to initially compromise the system. In the real world, ...
Get Mastering Windows Network Forensics and Investigation, 2nd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.