In the previous chapter, we focused on gathering information about our target. Various information included the target IP address, open ports, available services, operating system, and so on. One of the biggest assets in the process of information gathering is gaining knowledge about the operating system used by the target server or system. This information can prove to be very helpful in penetrating the target machine as we can quickly look for exploits and vulnerabilities of the operating system in use. Well, the process is not as straightforward as it sounds, but knowledge about the target operating system can ease our task to much extent.

Every flavor of operating system has some or other bug in it. Once it gets reported, the process of developing exploits for it starts. Licensed operating systems such as Windows quickly develop patches for the bug or vulnerability and provide it as an update to its users. Vulnerability disclosure is a big issue these days. Many zero day...