وبلاگ بلیان

Geçiş çağı : dünya sisteminin yörüngesi (1945-2025)

معرفی کتاب «Geçiş çağı : dünya sisteminin yörüngesi (1945-2025)» نوشتهٔ Alexis Ahmed و Immanuel Wallerstein; Terence K. Hopkins، منتشرشده توسط نشر Avesta Yayınları در سال 1999. این کتاب در فرمت pdf، زبان tr ارائه شده است.

Learn how to escalate your privileges on Windows and Linux systems This book is a comprehensive guide on the privilege escalation process for Windows and Linux systems and is designed to be practical and hands-on by providing the reader with real world exercises and scenarios in the form of vulnerable environments and virtual machines. Key Features Learn how to perform local enumeration on Windows & Linux systems. Understand the key differences between elevating privileges on Windows and Linux systems. Learn how to identify privilege escalation vectors on Windows & Linux systems. Learn how to elevate your privileges on Windows and Linux systems by leveraging various tools and techniques. Privilege escalation is a vital element of the attack life cycle and is a major determinant in the overall success of a penetration test. The importance of privilege escalation in the penetration testing process cannot be overstated or overlooked. Developing your privilege escalation skills will mark you out as a good penetration tester. The ability to enumerate information from a target system and utilize this information to identify potential misconfigurations and vulnerabilities that can be exploited to elevate privileges is an essential skill set for any penetration tester. The book uses virtual environments that you can download to test and run tools and techniques. Each chapter will feature an exploitation challenge in the form of pre-built virtual machines (VMs). As you progress, you will learn how to enumerate and exploit vulnerabilities on Linux or Windows systems in order to elevate your privileges. By the end of this book, you will have gained the skills you need to be able to perform local enumeration in order to identify privilege escalation vectors on Windows and Linux systems and how to exploit them in order to elevate your privileges. What you will learn Understand the privilege escalation process and how it differs from Windows to Linux Learn how to set up a virtual penetration testing lab Gain an initial foothold on the system Perform local enumeration on target systems Exploit kernel vulnerabilities on Windows and Linux systems Perform privilege escalation through password looting and finding stored credentials Get to grips with performing impersonation attacks Exploit Windows services such as the secondary logon handle service to escalate Windows privileges Escalate Linux privileges by exploiting scheduled tasks and SUID binaries Who this book is for? This Windows and Linux privilege escalation book is for intermediate-level cybersecurity students and pentesters who are interested in learning how to perform various privilege escalation techniques on Windows and Linux systems, which includes exploiting bugs, design flaws, and more. An intermediate-level understanding of Windows and Linux systems along with fundamental cybersecurity knowledge is expected. Table of Contents Introduction to Privilege Escalation Setting Up Our Lab Gaining Access (Exploitation) Performing Local Enumeration Windows Kernel Exploits Impersonation Attacks Windows Password Mining Exploiting Services Privilege Escalation through the Windows Registry Linux Kernel Exploits Linux Password Mining Scheduled Tasks Exploiting SUID Binaries Cover Title Page Copyright and Credits Dedication Contributors Table of Contents Preface Section 1: Gaining Access and Local Enumeration Chapter 1: Introduction to Privilege Escalation What is privilege escalation? How permissions and privileges are assigned Horizontal privilege escalation Vertical privilege escalation Understanding the differences between privilege escalation on Windows and Linux Windows security Linux security Exploring the types of privilege escalation attack Kernel exploits Exploiting SUID binaries Exploiting vulnerable services and permissions Insecure credentials Exploiting SUDO Summary Chapter 2: Setting Up Our Lab Technical requirements Designing our lab Virtualization Hypervisors Lab structure Building our lab Installing and configuring VirtualBox Configuring a virtual network Setting up our target virtual machines Setting up Kali Linux Putting it all together Summary Chapter 3: Gaining Access (Exploitation) Technical requirements Setting up Metasploit The Metasploit structure Setting up the Metasploit framework Information gathering and footprinting Network mapping with Nmap Vulnerability assessment Gaining access Exploiting Metasploitable3 Exploiting Metasploitable2 Summary Chapter 4: Performing Local Enumeration Technical requirements Understanding the enumeration process Windows enumeration System enumeration User and group enumeration Network enumeration Password enumeration Firewall and antivirus enumeration Automated enumeration tools Linux enumeration System enumeration User and group enumeration Network enumeration Automated enumeration tools Summary Section 2: Windows Privilege Escalation Chapter 5: Windows Kernel Exploits Technical requirements Understanding kernel exploits What is a kernel? Windows NT The Windows kernel exploitation process Kernel exploitation with Metasploit Manual kernel exploitation Local enumeration Transferring files Enumerating kernel exploits Compiling Windows exploits Running the kernel exploit Summary Chapter 6: Impersonation Attacks Technical requirements Understanding Windows access tokens Windows access tokens Token security levels Abusing tokens Enumerating privileges Token impersonation attacks Potato attacks overview Escalating privileges via a Potato attack Manual escalation Summary Chapter 7: Windows Password Mining Technical requirements What is password mining? Searching for passwords in files Searching for passwords in Windows configuration files Searching for application passwords Dumping Windows hashes SAM database LM and NTLM hashing Cracking Windows hashes Cracking Windows hashes with John the Ripper Authentication Summary Chapter 8: Exploiting Services Technical requirements Exploiting services and misconfigurations Exploiting unquoted service paths Exploiting secondary logon Exploiting weak service permissions DLL hijacking Setting up our environment The DLL exploitation process Summary Chapter 9: Privilege Escalation through the Windows Registry Technical requirements Understanding the Windows Registry What is the Windows Registry? How the Windows Registry stores data Exploiting Autorun programs Exploiting the Always Install Elevated feature Exploiting weak registry permissions Summary Section 3: Linux Privilege Escalation Chapter 10: Linux Kernel Exploits Technical requirements Understanding the Linux kernel Understanding the Linux kernel exploitation process Setting up our environment Kernel exploitation with Metasploit Manual kernel exploitation Local enumeration tools Transferring files Enumerating system information Enumerating kernel exploits Running the kernel exploit Summary Chapter 11: Linux Password Mining Technical requirements What is password mining? Setting up our environment Extracting passwords from memory Searching for passwords in configuration files Searching for passwords Transferring files Searching for passwords in history files Summary Chapter 12: Scheduled Tasks Technical requirements Introduction to cron jobs The crontab file Escalation via cron paths Enumeration with linPEAS Transferring files Finding cron jobs with linPEAS Escalating privileges via cron paths Escalation via cron wildcards Escalation via cron file overwrites Summary Chapter 13: Exploiting SUID Binaries Technical requirements Introduction to filesystem permissions on Linux Changing permissions Understanding SUID permissions Searching for SUID binaries Searching for SUID binaries manually Searching for SUID binaries with linPEAS Identifying vulnerable SUID binaries Escalation via shared object injection Summary About Packt Other Books You May Enjoy Index Escalate your privileges on Windows and Linux platforms with step-by-step instructions and deepen your theoretical foundationsKey FeaturesDiscover a range of techniques to escalate privileges on Windows and Linux systemsUnderstand the key differences between Windows and Linux privilege escalationExplore unique exploitation challenges in each chapter provided in the form of pre-built VMsBook DescriptionPrivilege Escalation Techniques is a detailed guide to privilege escalation techniques and tools for both Windows and Linux systems. This is a one-of-a-kind resource that will deepen your understanding of both platforms and provide detailed, easy-to-follow instructions for your first foray into privilege escalation.The book uses virtual environments that you can download to test and run tools and techniques. After a refresher on gaining access and surveying systems, each chapter will feature an exploitation challenge in the form of pre-built virtual machines (VMs). As you progress, you will learn how to enumerate and exploit a target Linux or Windows system. You'll then get a demonstration on how you can escalate your privileges to the highest level.By the end of this book, you will have gained all the knowledge and skills you need to be able to perform local kernel exploits, escalate privileges through vulnerabilities in services, maintain persistence, and enumerate information from the target such as passwords and password hashes.What you will learnUnderstand the privilege escalation process and set up a pentesting labGain an initial foothold on the systemPerform local enumeration on target systemsExploit kernel vulnerabilities on Windows and Linux systemsPerform privilege escalation through password looting and finding stored credentialsGet to grips with performing impersonation attacksExploit Windows services such as the secondary logon handle service to escalate Windows privilegesEscalate Linux privileges by exploiting scheduled tasks and SUID binariesWho this book is forIf you're a pentester or a cybersecurity student interested in learning how to perform various privilege escalation techniques on Windows and Linux systems – including exploiting bugs and design flaws – then this book is for you. You'll need a solid grasp on how Windows and Linux systems work along with fundamental cybersecurity knowledge before you get started. Enumerate and exploit Linux or Windows systems and escalate your privileges to the highest level Key Features Discover a range of techniques to escalate privileges on Windows and Linux systems Understand the key differences between Windows and Linux privilege escalation Explore unique exploitation challenges in each chapter provided in the form of pre-built VMs Book Description Privilege escalation is a crucial step in the exploitation life cycle of a penetration tester. It helps penetration testers to set up persistence and facilitates lateral movement. This book is one of a kind, covering a range of privilege escalation techniques and tools for both Windows and Linux systems. The book uses virtual environments that you can download to test and run tools and techniques. Each chapter will feature an exploitation challenge in the form of pre-built virtual machines (VMs). As you progress, you will learn how to enumerate and exploit a target Linux or Windows system. This privilege escalation book then demonstrates how you can escalate your privileges to the highest level. By the end of this book, you will have gained the skills you need to be able to perform local kernel exploits, escalate privileges through vulnerabilities in services, maintain persistence, and enumerate information from the target such as passwords and password hashes. What you will learn Understand the privilege escalation process and set up a pentesting lab Gain an initial foothold on the system Perform local enumeration on target systems Exploit kernel vulnerabilities on Windows and Linux systems Perform privilege escalation through password looting and finding stored credentials Get to grips with performing impersonation attacks Exploit Windows services such as the secondary logon handle service to escalate Windows privileges Escalate Linux privileges by exploiting scheduled tasks and SUID binaries Who this book is for This Windows and Linux privilege escalation book is for intermediate-level cybersecurity students and pentesters who are interested in learning how to perform various privilege escalation techniques on Windows and Linux systems, which includes exploiting bugs, design flaws, and more. An intermediate-level understanding of Windows and Linux systems along with fundamental cybersecurity knowledge is expected **Learn how to escalate your privileges on Windows and Linux systems****Key Features*** Learn how to perform local enumeration on Windows & Linux systems. * Understand the key differences between elevating privileges on Windows and Linux systems. * Learn how to identify privilege escalation vectors on Windows & Linux systems. * Learn how to elevate your privileges on Windows and Linux systems by leveraging various tools and techniques. **What you will learn*** Understand the privilege escalation process and how it differs from Windows to Linux * Learn how to set up a virtual penetration testing lab * Gain an initial foothold on the system * Perform local enumeration on target systems * Exploit kernel vulnerabilities on Windows and Linux systems * Perform privilege escalation through password looting and finding stored credentials * Get to grips with performing impersonation attacks * Exploit Windows services such as the secondary logon handle service to escalate Windows privileges * Escalate Linux privileges by exploiting scheduled tasks and SUID binaries This Windows and Linux privilege escalation book is for intermediate-level cybersecurity students and pentesters who are interested in learning how to perform various privilege escalation techniques on Windows and Linux systems, which includes exploiting bugs, design flaws, and more. An intermediate-level understanding of Windows and Linux systems along with fundamental cybersecurity knowledge is expected. 1. Introduction to Privilege Escalation 2. Setting Up Our Lab 3. Gaining Access (Exploitation) 4. Performing Local Enumeration 5. Windows Kernel Exploits 6. Impersonation Attacks 7. Windows Password Mining 8. Exploiting Services 9. Privilege Escalation through the Windows Registry 10. Linux Kernel Exploits 11. Linux Password Mining 12. Scheduled Tasks 13. Exploiting SUID Binaries Privilege Escalation Techniques is a detailed guide to privilege escalation techniques and tools for both Windows and Linux systems. This is a one-of-a-kind resource that will deepen your understanding of both platforms and provide detailed, easy-to-follow instructions for your first foray into privilege escalation. The book uses virtual environments that you can download to test and run tools and techniques. After a refresher on gaining access and surveying systems, each chapter will feature an exploitation challenge in the form of pre-built virtual machines (VMs). As you progress, you will learn how to enumerate and exploit a target Linux or Windows system. You'll then get a demonstration on how you can escalate your privileges to the highest level. By the end of this book, you will have gained all the knowledge and skills you need to be able to perform local kernel exploits, escalate privileges through vulnerabilities in services, maintain persistence, and enumerate information from the target such as passwords and password hashes Privilege escalation is a crucial step in the exploitation life cycle of a penetration tester, because it helps penetration testers set up persistence and facilitates lateral movement. This book is a one-of-a-kind resource that covers both the theoretical foundations and a range of privilege escalation techniques and tools for both Windows and Linux systems.
دانلود کتاب Geçiş çağı : dünya sisteminin yörüngesi (1945-2025)