ADVANCED WINDOWS EXPLOITATION – READ HAKIN9′S TUTORIALS AND GET PROFESSIONAL IT SECURITY SKILLS!

Please login or Register to access downloadables
Download
  • Version
  • Download 396
  • File Size 10.07 MB
  • File Count 1
  • Create Date October 8, 2013
  • Last Updated April 19, 2022

ADVANCED WINDOWS EXPLOITATION – READ HAKIN9′S TUTORIALS AND GET PROFESSIONAL IT SECURITY SKILLS!

Dear Readers,
We are happy to introduce our new issue of Hakin9 on Demand. We are still in exploitation area, but this time we explore Advanced Windows Exploitation.
Windows is the most known operation system in the world. First version of Windows was developed in 1985 by Microsoft Corporation, and until today new version appear. Unfortunatelly still it is not free from different types of vulnerabilities. Everyday millions of users are at risk of hacker’s attack. With this very new issue you will learn about threats in Windows, and also how to protect your system. With our
step-by-step tutorials written by experts you will become an expert of advanced windows exploitation.
This time you will find sections as: Windows Password Cracking, Owning Operation System by Cross Site Scrypting, Advanced Windows Exploitation, and also Extra with an article Man In The Document
Object Model

Enjoy your time with Hakin9!


Windows Password Cracking

Windows Exploits (Router Advertisement Flood)
By Bamidele Ajayi, OCP, MCTS, MCITP EA, CISA, CISM
Exploits are attacks that take advantage of vulnerabilities in systems’ weakness or design where the vendors issue a fix or patch in response. However, in our article the reverse is the case which has led to DoS of windows boxes supporting IPv6 through the use of Router advertisement flood.
Win 2k12 – Old and New in Dumping Password Hash
By Gugliemo Scaiola, MCT, MCSA, MCSE, Security +, Lead Auditor ISO 27001, ITIL, eCPPT, CEI, CHFI, CEH, ECSA
The history of password hash came from a long time ago, in this long time few improvement was applied to this technology. Not only Microsoft use the password hash, but considering the market share of windows you can understand mastering hashdump in windows environment can be a very valuable trick in your pentest skill.
How to Crack WEP Keys on a Windows Platform
By Manish Sharma, CEH, CHFI, ECSA, LPT V
Hence we conclude that WEP key is not secured. If we create a 256 bit key that can also cracked but that is time consuming we have to capture a higher number of packets and data.

Owning Operation System by Cross Site Scrypting

Why XSS is Critical for my Web -application? Demonstration of the Impact Magnitude of XSS Vulnerability using The Browser Exploitation Framework (BeEF)
By Ashutosh Bahunga, Scientist at Indian Computer Emergency Response Team (CERT-In)
Today almost for every organization web-applications are the integral part of information infrastructure to allow information exchange with customers. Web-application is the low-hanging fruits for the attacker and custom developed insecure code brings new set of vulnerabilities which cannot be prevented solely by traditional security devices and approaches like firewall and IDS/IPS. Web-applications have been continuously targeted by attackers for various interests. Cross Site Scripting Attack (XSS), SQL injection, File Inclusion, malicious File upload are few attacks to name in web-application domain.

Owning OS by XSS Vulnerability
By Chintan Gujar, Freelance Penetration Tester 
In this demonstration, I am going to show you that from even a very common XSS attach, how a we can gain access to whole system. For these I am using 2 Operating system one is Kali Linux and another is XP machine which will work as a client. For exploitation I will be using Metasploit Framework (console). For particular this exploitation there is one exploit named “ms10_046_shortcut_icon_dlllloader”. Basically it is able to start the local server. That server will be serving the exploits to the victim. Once victim opens that URL, he will be hacked.

Advanced Windows Exploitation

How ToAnalyze a PDF Exploit
By Jaromir Horejsi, A Computer Virus Researcher and Analyst
Every year, millions of computers become victims of computer malware. In many cases, computers get infected by downloading and installing suspicious applications, opening and executing email or, for example, sharing data using infected USB drives.
Cybercriminals can, however, uses stealthier and less obvious ways to compromise victims’ computers. In many cases, just opening a PDF file may lead your computer to infection. A large number of malware exploits vulnerabilities in Adobe reader or Java, which lead to shellcode execution to obtain the next stage malware.

Advanced Stack Based Buffer Overflow in File Sharing FTP Application Serve-U
By Niranjaan Reddy, CEH, CHFI, CEI, MCSE, EDRP, ECSA-LPT, ISO-27001 
This article illustrates about buffer overflow exploit on windows 2008 R2 server machine in vulnerable Serv-U File sharing application, attack simulation using social engineering toolkit file format exception, SMB corruption using Metasploit Microsoft SRV2.SYS. SMB Negotiate ProcessID Function Table Dereference attack ,attack by using Metasploit backdoors .

Extra

Man In The Document Object Model
By Cailan Sacks, CPT, Manager at Deloitte Security, Privacy, & Resilience
In today’s fast moving world of inter-connected, always on, always available, never-miss-a-beat, fear of missing out (FOMO) end user, people tend to want more.
More scale, more functionality, more extensibility, more mobility. I have never met a service provider who wasn’t all too excited to take advantage of this as an opportunity of one-upping their competitors. Branch banking, automatic teller machines, telephone banking, internet banking, cell phone banking, and now smart phone banking. Even a service as basic as the mattress you once hid your money under is as competitive a business as any; but are these services pursuing innovation and mobility at the expense of security?

Attached Files

File
Hakin9_EN_on_demand_05_2013.pdf
(26 views)
April 19, 2022
Subscribe
Notify of
guest

This site uses Akismet to reduce spam. Learn how your comment data is processed.

1 Comment
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023