Packt+ | Advance your knowledge in tech

You're reading from Hands-On Penetration Testing on Windows Unleash Kali Linux, PowerShell, and Windows debugging tools for security testing and analysis

Product type Paperback

Published in Jul 2018

Publisher Packt

ISBN-13 9781788295666

Length 452 pages

Edition 1st Edition

Languages

PowerShell

Tools

Kali Linux

Concepts

Penetration Testing

Author (1):

Phil Bramwell

View More author details

Table of Contents (19) Chapters

1. Bypassing Network Access Control FREE CHAPTER

2. Sniffing and Spoofing

3. Windows Passwords on the Network

4. Advanced Network Attacks

5. Cryptography and the Penetration Tester

6. Advanced Exploitation with Metasploit

7. Stack and Heap Memory Management

8. Windows Kernel Security

9. Weaponizing Python

10. Windows Shellcoding

11. Bypassing Protections with ROP

12. Fuzzing Techniques

13. Going Beyond the Foothold

14. Taking PowerShell to the Next Level

15. Escalating Privileges

16. Maintaining Access

17. Tips and Tricks

18. Assessment

19. Other Books You May Enjoy

Leave a review - let other readers know what you think

Binary injection with BetterCAP proxy modules

In Chapter 2, Sniffing and Spoofing, we explored custom filters in Ettercap to manipulate traffic on the fly. The possibilities are exciting: redirecting traffic to capture credentials; manipulating POST messages; even the possibility of delivering executables. BetterCAP, however, can do this with its powerful built-in proxy, and we can finely control this functionality with Ruby modules. In this exercise, we're going to prepare a malicious executable for a Windows target and call it setup.exe. We'll then set up a man-in-the-middle proxy attack that will intercept an HTTP request for an installer and invisibly replace the downloaded binary with ours. We'll be covering these concepts and tools in more detail later on in the book, so consider this an introduction to the power of custom modules in advanced man-in-the-middle attacks.