Windows Exploitation Overview
Windows Exploitation Overview
Navigation
Sections in This Note
Some Types of Windows Vulnerabilities
- Information disclosure: Allows an attacker to access confidential data.
- Buffer overflows: Caused by a programming error; allows an attacker to write data to a buffer and overrun the allocated buffer, consequently writing data to unintended memory addresses.
- Remote code execution: Allows an attacker to remotely execute code on the target system.
- Privilege escalation: Allows an attacker to elevate their privileges after initial compromise.
WebDAV Exploitation
Exploiting Windows Vulnerabilities: Microsoft IIS
IIS is proprietary extensible web server software developed by Microsoft for use with the Windows NT family. It can host websites/apps and provides administrators with a robust GUI for management. IIS can host both static and dynamic web pages developed in ASP.NET and PHP, configured to run on port 80/443. Supported executable file extensions:
.asp.aspx.config.php
Related
Migrated from Unsorted Notes — Server & Service
Server & Service
A server is a machine designed to compute, store, and manage data, devices, and systems over a network.
Migrated from Unsorted Notes — Protocol/Service Table
Protocol/Service Table
| Protocol/Service | Ports | Purpose |
|---|---|---|
| Apache Web Server | TCP 80/443 | Apache License 2.0. Apache accounts for over 80% of web servers globally |
| SSH (Secure Shell) | TCP 22 | A cryptographic remote access protocol used to remotely access and control systems over an unsecured network. Developed as a secure successor to Telnet |
| FTP (File Transfer Protocol) | TCP 21 | Used to facilitate file sharing between a server and client(s) and vice versa |
| SAMBA | TCP 445 | The Linux implementation of SMB, allowing Windows systems to access Linux shares and devices |