Udemy
    •  
    •  
    •  
    •  
    •  
    •  
    •  
    •  
Turn what you know into an opportunity and reach millions around the world.
Learn More
Your cart is empty.
Keep shopping
Windows Privilege Escalation Penetration Testing - Part II
Rating: 4.6 out of 5(6 ratings)
73 students

Windows Privilege Escalation Penetration Testing - Part II

Enumeration and Exploitation of Windows Vulnerabilities and Misconfigurations to Access an Administrator Shell.
Last updated 9/2024
English

What you'll learn

  • Way to get our service and products (Tools & Gift related to the course: FREE software & hardware) at our Facebook .com/JRDcademy page to excel in this course.
  • Multiple methods for escalating privileges on a Windows system; Enumeration and Exploitation
  • How to level up your ethical hacking, penetration testing and cybersecurity skills to boost your career
  • Most used tools which can help identify potential privilege escalation vulnerabilities on a Windows system.

Course content

1 section23 lectures3h 45m total length
  • Introduction3:38

    Explore labs for network enumeration and exploitation with Metasploit, including offline access. Learn web vulnerabilities like SQL injection and XSS, crack protected files, and secure systems with firewalls.

  • Virtualbox (Installation & Configuration)9:46

    Install and configure virtual labs with VirtualBox, set up Kali Linux as a guest, and apply the extension and guest additions for improved performance and screen size.

  • Kali Linux (Installation & Configuration)11:29

    Install Kali Linux with the graphical installer, set language, host name, and partitions, and configure a VirtualBox setup for penetration testing, with emphasis on the 2018 version.

  • Escalation via Stored Passwords18:29

    Explore practical Windows privilege escalation through enumeration, discovering default credentials and password-based ssh access, enabling remote login, and using a payload to obtain a shell.

  • Escalation Path - Windows Subsystem for Linux_foothold17:19

    Explore Windows privilege escalation with a Windows Subsystem for Linux foothold, using Nmap enumeration, web login testing, SQL injection attempts, Burp Suite payloads, and post-exploitation techniques like Netcat and SMB.

  • Escalation Path - Windows Subsystem for Linux Escalation via WSL10:51

    Explore a Windows privilege escalation path via Windows subsystem for Linux (WSL), enumerate with whoami and history, and use psexec or SMB exec to gain system access.

  • Token Impersonation Overview10:39

    Explore token impersonation in Windows privilege escalation, detailing primary and impersonation access tokens and how attackers impersonate users for elevated access. See how Metasploit, PSExec, and SMB enable it.

  • Impersonation and Potato Attacks - foothold13:08

    Explore foothold techniques through impersonation and Windows privilege escalation, from discovering vulnerable Jenkins scripts and directory traversal to using Metasploit for a reverse shell and elevated access.

  • Impersonation and Potatoes attack - Escalation via Potato Attack4:09

    Demonstrates impersonation to escalate privileges on a Windows machine by abusing tokens, showing whoami as system administrator, and achieving admin access.

  • Impersonation and Potato Attacks - Alternate Data Streams5:36

    Explore alternate data streams on NTFS, including the unnamed data stream, and learn to reveal hidden data using streams, more, and less commands.

  • Escalation Path System GetSystem Overview6:50

    Explore how GetSystem elevates to the system user through named pipe impersonation, token duplication, and memory-based reflective dll injection into a running service, demonstrated with Metasploit.

  • Escalation Path Registry8:20

    Shows how to transfer a file from Windows to Kali, compile and run a registry-based backdoor that adds a user to the local administrators group for privilege escalation.

  • Escalation path via Executable Files8:34

    Demonstrate how a modifiable service executable and file permissions enable privilege escalation by replacing or manipulating executables, downloading a malicious file, and adding an administrator account.

  • Escalation via Startup Applications5:46

    Students examine escalation via startup applications in Windows, illustrating how a payload can yield a reverse shell and be executed through metasploit and msfconsole.

  • Overview and Escalation via DLL Hijacking15:02

    Discover how dynamic link library hijacking enables privilege escalation through replacement, search order hijacking, sideloading, and proxy loading in Windows environments.

  • Escalation via Binary Paths8:29

    Learn how to escalate via binary paths by enumerating services, checking paths, and altering a service's bin path to add administrators, then restore the original configuration.

  • Escalation via Unquoted Service Paths8:31

    Expose unquoted service path vulnerabilities by showing how spaces in program files paths allow placing a malicious file to hijack a service and gain system access.

  • Escalation service permission path - Escalation via Unquoted Service Path Met9:40

    Explore privilege escalation on Windows by exploiting an unquoted service path, using PowerShell bypass and Metasploit payloads to control a remote target.

  • Escalation service permission path - Manual Challenge Walkthrough11:14

    Embark on a manual challenge walkthrough to escalate Windows service permissions, using remote command execution, PowerShell, netcat, and careful enumeration to obtain a system shell.

  • Escalation path CVE2019 foothold11:23

    Uncover a CVE-2019 foothold path by an nmap scan revealing open ports such as 3389, exploring web directories with a dirbuster-like tool, then log in with discovered credentials via xfreerdp.

  • Lab Practice #17:23

    Escalate privileges from a user to the system on a Windows machine by inspecting files, running as administrator, and validating with a command prompt.

  • Lab Practice #217:35

    Perform lab practice #2 to conduct an nmap scan, upload a jsp shell, and escalate privileges on a Windows host using ms17-059 via manual file transfer and an http server.

  • Bonus Lecture - Getting our tools1:48

    Explore how to access discounted course coupons and join the Jyoti Academy Facebook community for resources and support before enrolling.

Requirements

  • VirtualBox 8 GB RAM for setting up the Labs (more is better, less may cause performance issues)
  • Windows or Ubuntu or MacOS host (although other OS's should work)
  • Basic knowledge of virtual machines
  • A familiarity with hacking tools such as Kali Linux and metasploit
  • At the end, we require you to please, have DISCIPLINE. Do not try to attack what you don't own and/or what you are not allowed to. (cause you can line up in a place where you don't ever want to be --> Jail). Hack then Secure!

Description

This course teaches the concept of "Windows Privilege Escalation", from a basic perspective such as how permissions work, to in-depth coverage and demonstrations of actual privilege escalation techniques.

This course is aimed for beginners, intermediate to advanced users who are hungry to know how to discover and exploit novel escalation paths on patched fully patched Windows machines. Everything in this course is carefully explained [step-by-step].

Course has been designed in a way so that any novice, (from Zero level) to the advanced level of people in cyber security field can easily understand and can be well-benefited.

In this course, we supply to you not only videos for the practice, but also we provide a Lab along with some other files which are exclusively self-explanatory (a step-by-step process) so that we make it easier to learn according to the obligations that you might face while you want to continue with your practice.

This is a 100% hands-on course as you will be using the same strategies and techniques in an offensive security team and advanced adversaries use to escalate privileges on Windows endpoints after they have gained initial access and established a foothold.

We use MetaSploit framework as well as Manual Exploitation to perform the privilege escalation. Everything is carefully explained and deconstructed so you can understand why and how it works.

Who this course is for:

  • Penetration Testers
  • Cyber Security Analysts
  • Cyber Security Students who want to become an advanced PenTester
  • Students interested in how attackers escalate privileges on modern Windows endpoints
  • Anyone who starves into learning hacking and security.