Chapter 8. Exploitation
After all that preparatory work we finally get to the fun stuff: exploitation. In the exploitation phase of the pentest, we run exploits against the vulnerabilities we have discovered to gain access to target systems. Some vulnerabilities, such as the use of default passwords, are so easy to exploit, it hardly feels like exploitation at all. Others are much more complicated.
In this chapter weâll look at exploiting the vulnerabilities we identified in Chapter 6 to gain a foothold in target machines. Weâll return to our friend MS08-067 from Chapter 4, now that we have more background about the vulnerability. Weâll also exploit an issue in the SLMail POP3 server with a Metasploit module. In addition, weâll piggyback ...
Get Penetration Testing now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.