Packt+ | Advance your knowledge in tech

You're reading from Hands-On Penetration Testing on Windows Unleash Kali Linux, PowerShell, and Windows debugging tools for security testing and analysis

Product type Paperback

Published in Jul 2018

Publisher Packt

ISBN-13 9781788295666

Length 452 pages

Edition 1st Edition

Languages

PowerShell

Tools

Kali Linux

Concepts

Penetration Testing

Author (1):

Phil Bramwell

View More author details

Table of Contents (25) Chapters

Title Page

Dedication

Packt Upsell

Contributors

Preface

1. Bypassing Network Access Control FREE CHAPTER

2. Sniffing and Spoofing

3. Windows Passwords on the Network

4. Advanced Network Attacks

5. Cryptography and the Penetration Tester

6. Advanced Exploitation with Metasploit

7. Stack and Heap Memory Management

8. Windows Kernel Security

9. Weaponizing Python

10. Windows Shellcoding

11. Bypassing Protections with ROP

12. Fuzzing Techniques

13. Going Beyond the Foothold

14. Taking PowerShell to the Next Level

15. Escalating Privileges

16. Maintaining Access

17. Tips and Tricks

1. Assessment

2. Other Books You May Enjoy

Leave a review - let other readers know what you think

Index

Social engineering attacks with Metasploit payloads

Let's wrap up this chapter by bringing together two topics: backdoor injection into a legitimate executable and using Metasploit as the payload generator and handler. We're going to use Shellter and nested meterpreter payloads to create a malicious AutoRun USB drive. Although AutoRun isn't often enabled by default, you may find it enabled in certain corporate environments. Even if AutoRun doesn't execute automatically, we're going to work with an executable that may encourage the user to execute it by creating the impression that there's deleted data on the drive that can be recovered.

Creating a Trojan with Shellter

Let's take a look at the following steps for creating a Trojan with Shellter:

The first, and most tedious, step is finding a suitable executable. This is tricky because Shellter has certain limitations: the executables have to be 32-bit; they can't be packed executables; and they need to play nice with our payloads. We won't...