Pentesting: Exploitation of Systems, Services & Applications.

/ Work in Progress /.

Introduction to Manual Exploitation & Searching for pre-made Exploits.

Exploitation is gaining access to system, application or data, using a weakness, vulnerability, or configuration error.

Exploitation process can be divided into the three phases:
- Initial foothold
- Privilege escalation
- Lateral movement

In this article we'll focus on the first phase, on gaining the initial foothold. We'll try to use a vulnerability to succesfully gain unauthorized access to application, data or systems. We'll start with manual exploitation, based on pre-made, publicly available exploits.

Exploit is a program, script, command or malicious file that can be used to take advantage of a vulnerability.

There are publicly available exploit databases, that contain pre-made, ready to use exploits. Using such exploits doesn't require any very advanced skills, what's required is:
- adjusting exploit to take advantage of our target
- familiarizing oneself with instructions and code
- executing exploit

Because using such exploits is so easy, even not very educated people, so called: 'Script Kiddies' can analyze our server for vulnerabilities and then use exploit script found in the internet to steal access of our server.

One of better known exploit databases is exploit-db, property of OffSec, creators of the Kali Linux.

Many of the exploits in DB are not verified, and caution should be used when executing these. We should analyze exploit's code and how it works (including knowing the 'internals of vulnerability'), before using it. We should execute exploits in virtual machine, but even that does not protect us fully from having our system compromised.

In Kali Linux, there's also a command line tool called: 'searchsploit'
- searchsploit -u: command updates the searchsploit's exploit database
- searchsplit target: command searches for exploits related with our target
- searchsploit -m exploit-identifier: downloads the exploit to our system

Beside exploit-db and searchsploit, there are exploits available on GitHub. We can also use google to search for exploits.



Exploitation in practice.

/ TO BE DONE /



No comments:

Post a Comment

Subscribe to: Posts (Atom)