Day 17/100 of?#cybertechdave100daysofcyberchallenge - System and Host Based attacks on Windows
Now that the various assessment fundamentals have been covered, the learning path continues with the exploitation of vulnerabilities. We will start with system and host based attacks.?
What does this mean?
Simply Attacks that are targeted towards a specific system or host running a specific operating system - e.g. Windows or Linux.
In this context I can recommend these courses from TCM Security , instructed by Heath Adams :
These have given me a lot of pleasure and a good insight into the topics. I look forward to how INE can complement these topics.
So we started with Windows specific vulnerabilities. Up front, a little bit about the history of Windows vulnerabilities:
All Windows OS’s share a likeness given the development model and philosophy
So what are common types of vulnerabilities exist in Windows (not exhaustive):
领英推荐
On windows various native services and protocols can be configured to run on a host
- having a good understanding of these services are vital in terms of how they work and what are their potential vulnerabilities
The following services and their potential vulnerabilities will be covered over the next few days:
IIS (Internet Information Service):
WebDAV (Web Distributed Authoring & Versioning):
SMB (Server Message Block):
RDP (Remote Desktop Protocol):
WinRM (Windows Remote Management Protocol):
It should be mentioned that all services have their default ports on which they run. However, these can also be configured individually. Therefore, it is vital to be able to detect them in the recon phase on other ports as well.?
So that‘s it for today.?
Thanks for the support Dimitriy Volosnik! Have you taken our Movement, Pivoting and Persistence course? It's a great follow up to the Windows/Linux Privilege course! Thank you again for your continued support, we appreciate you <3!