You're reading from Windows and Linux Penetration Testing from Scratch Harness the power of pen testing with Kali Linux for unbeatable hard-hitting results

Product type Paperback

Published in Aug 2022

Publisher Packt

ISBN-13 9781801815123

Length 510 pages

Edition 2nd Edition

Languages

Scratch

Tools

Kali Linux

Concepts

Penetration Testing

Author (1):

Phil Bramwell

View More author details

Table of Contents (23) Chapters

Preface

1. Part 1: Recon and Exploitation

2. Chapter 1: Open Source Intelligence FREE CHAPTER

3. Chapter 2: Bypassing Network Access Control

4. Chapter 3: Sniffing and Spoofing

5. Chapter 4: Windows Passwords on the Network

6. Chapter 5: Assessing Network Security

7. Chapter 6: Cryptography and the Penetration Tester

8. Chapter 7: Advanced Exploitation with Metasploit

9. Part 2: Vulnerability Fundamentals

10. Chapter 8: Python Fundamentals

11. Chapter 9: PowerShell Fundamentals

12. Chapter 10: Shellcoding - The Stack

13. Chapter 11: Shellcoding – Bypassing Protections

14. Chapter 12: Shellcoding – Evading Antivirus

15. Chapter 13: Windows Kernel Security

16. Chapter 14: Fuzzing Techniques

17. Part 3: Post-Exploitation

18. Chapter 15: Going Beyond the Foothold

19. Chapter 16: Escalating Privileges

20. Chapter 17: Maintaining Access

21. Answers

22. Other Books You May Enjoy

Smuggling data – dodging firewalls with HTTPTunnel

Now, curl up with another cup of hot cocoa as Grandpa Phil tells you an RDP fairytale. We’re going to build a hypothetical situation in which we are lucky enough to have a foothold on a Linux server that’s behind a firewall. The firewall allows HTTP ports 80, 443, and 1433. You communicated with the server over its web service and discovered it is running a vulnerable Apache server. We compromised it with a PHP payload and got a shell through the firewall. Here’s your extra credit assignment – look at the following screenshot of the payload being delivered and figure out the nature of the vulnerability:

Figure 5.25 – Exploit extra credit – how we compromised our target

It’s an oldie but a goldie vulnerability. Despite its age, it’s not unusual to see it on internal networks in large organizations. But I digress – back to our compromised Linux...