CHAPTER 9Moving Laterally

The MITRE ATT&CK stages to date have largely been focused on gaining an initial foothold on a target system and collecting the information available from it. In this chapter, we start looking at how to expand this foothold and move laterally through the target network to achieve our overall goals.

Lateral Movement is one of the smallest tactics of the MITRE ATT&CK framework. As shown in Figure 9.1, it has nine techniques and a total of 18 subtechniques.

Snapshot of MITRE ATT&CK: Lateral Movement — Figure 9.1: MITRE ATT&CK: Lateral Movement

In this chapter, we will focus on the Remote Services and Use Alternate Authentication Material techniques. More specifically, we'll look at how we can use Python to take advantage of network file shares on Windows and to steal web session cookies from browsers.

The code sample archive for this chapter can be found at https://www.wiley.com/go/pythonforcybersecurity and contains the following sample code files:

RemoteServices.py
DetectSMB.py
WebSessionCookieHijack.py
CreateFakeCookie.py
DetectDecoyCookies.py

Remote Services

Several different remote services exist to provide users and administrators with remote access to their systems. Some of these services are designed to remotely control a computer, such as RDP and SSH. Others are designed to provide access to certain features or files.

Windows network shares are designed to provide remote access to ...

Get Python for Cybersecurity now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Python for Cybersecurity by Howard E. Poston III

CHAPTER 9Moving Laterally

Remote Services

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly