Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Hands-On Penetration Testing on Windows

You're reading from   Hands-On Penetration Testing on Windows Unleash Kali Linux, PowerShell, and Windows debugging tools for security testing and analysis

Arrow left icon
Product type Paperback
Published in Jul 2018
Publisher Packt
ISBN-13 9781788295666
Length 452 pages
Edition 1st Edition
Languages
Arrow right icon
Author (1):
Arrow left icon
Phil Bramwell Phil Bramwell
Author Profile Icon Phil Bramwell
Phil Bramwell
Arrow right icon
View More author details
Toc

Table of Contents (19) Chapters Close

1. Bypassing Network Access Control FREE CHAPTER 2. Sniffing and Spoofing 3. Windows Passwords on the Network 4. Advanced Network Attacks 5. Cryptography and the Penetration Tester 6. Advanced Exploitation with Metasploit 7. Stack and Heap Memory Management 8. Windows Kernel Security 9. Weaponizing Python 10. Windows Shellcoding 11. Bypassing Protections with ROP 12. Fuzzing Techniques 13. Going Beyond the Foothold 14. Taking PowerShell to the Next Level 15. Escalating Privileges 16. Maintaining Access 17. Tips and Tricks 18. Assessment 19. Other Books You May Enjoy

Bypassing Network Access Control

The network is the first thing we think about when we imagine computers getting hacked. It's the pen tester's playground. It's both the first step and the final frontier of compromising a computer. It's also what makes the compromise of a single computer effectively the compromise of an entire building full of computers. It's fitting, then, that we begin our journey with a discussion about compromising the network and using its own power and weaknesses to inform the pen test.

The first step is getting on the network in the first place, and there are human, architectural, and protocol factors that make the mere presence of an attacker on the network potentially devastating. For this reason, defenders often deploy network access control (NAC) systems. The intent of these systems is to detect and/or prevent an intrusion on the network by identifying and authenticating devices on the network. In this chapter, we will review some of the methods employed by NACs and demonstrate practical methods of bypassing these controls.

The following topics will be covered in this chapter:

  • Bypassing NACs with physical access to clone an authorized device
  • Captive portal methods and their weaknesses
  • Policy checks for new devices
  • Masquerading the stack of an authorized device
Next Section arrow right
You have been reading a chapter from
Hands-On Penetration Testing on Windows
Published in: Jul 2018
Publisher: Packt
ISBN-13: 9781788295666
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at €18.99/month. Cancel anytime