Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Python for Offensive PenTest
  • Toc
  • feedback
Python for Offensive PenTest

Python for Offensive PenTest

By : Khrais
3.4 (7)
close
Python for Offensive PenTest

Python for Offensive PenTest

3.4 (7)
By: Khrais

Overview of this book

Python is an easy-to-learn and cross-platform programming language that has unlimited third-party libraries. Plenty of open source hacking tools are written in Python, which can be easily integrated within your script. This book is packed with step-by-step instructions and working examples to make you a skilled penetration tester. It is divided into clear bite-sized chunks, so you can learn at your own pace and focus on the areas of most interest to you. This book will teach you how to code a reverse shell and build an anonymous shell. You will also learn how to hack passwords and perform a privilege escalation on Windows with practical examples. You will set up your own virtual hacking environment in VirtualBox, which will help you run multiple operating systems for your testing environment. By the end of this book, you will have learned how to code your own scripts and mastered ethical hacking from scratch.
Table of Contents (8 chapters)
close
close
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Get in touch
Free Chapter
1
Warming up – Your First Antivirus-Free Persistence Shell
Warming up – Your First Antivirus-Free Persistence Shell
Preparing the attacker machine
Preparing the target machine
TCP reverse shell
HTTP reverse shell
Persistence
Tuning the connection attempts
Tips for preventing a shell breakdown
Countermeasures
Summary
2
Advanced Scriptable Shell
Advanced Scriptable Shell
Dynamic DNS
Interacting with Twitter
Replicating Metasploit's screen capturing
Replicating Metasploit searching for content
Integrating low-level port scanner
Summary
3
Password Hacking
Password Hacking
Antivirus free keylogger
Hijacking KeePass password manager
Man in the browser
Firefox API hooking with Immunity Debugger
Python in Firefox proof of concept (PoC)
Python in Firefox EXE
Dumping saved passwords out of Google Chrome
Submitting the recovered password over HTTP session
Password phishing – DNS poisoning
Facebook password phishing
Countermeasures
Summary
4
Catch Me If You Can!
Catch Me If You Can!
Bypassing host-based firewalls
Bypassing reputation filtering in next generation firewalls
Bypassing botnet filtering
Summary
5
Miscellaneous Fun in Windows
chevron up
Miscellaneous Fun in Windows
Privilege escalation – weak service file
Privilege escalation – preparing vulnerable software
Privilege escalation – backdooring legitimate windows service
Privilege escalation – creating a new admin account and covering the tracks
Summary
6
Abuse of Cryptography by Malware
Abuse of Cryptography by Malware
Introduction to encryption algorithms
Protecting your tunnel with AES – stream mode
Protecting your tunnel with RSA
Hybrid encryption key
Summary
7
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think

Privilege escalation – weak service file

During a penetration testing phase, you may encounter a standard user where you don't have full privilege to access or modify a filesystem due to the user access control (UAC) and, each time you try to elevate your privilege, you will be prompted to the window that asks you to enter the administrator password. In this section, we will discuss one of the types of doing a privilege escalation attack, where you technically jump from a standard user to an administrator or system privilege. These types of attacks, which we will discuss, are called privilege escalation via service file permission weakness. The system will be vulnerable if the location of a service executable file is modifiable by the standard user. Then, it can be overwritten by another malicious executable. We may use this capability to gain system privilege(s) by booting our own executable in place of the service executable. Once the service is started after restarting the system, the...

End of Section 5
Next Section
bookmark search playlist download
font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete