Windows versions, releases and patch levels are a rather complex matter. This post brings structure in how Windows versioning and patching works and how to identify which vulnerabilities a Windows installation is vulnerable to.
How to spy on users on remote computers making only use of Windows' built-in functionality? This post will explain the steps to (ab)use Windows' Remote Desktop feature to view a remote user's desktop using native Windows functionality without them noticing it.
How to obtain the credentials from a remote machine or Domain Controller making only use of Windows' built-in functionality? This post will go through the steps of using WMI and SMB in PowerShell from an attacker Windows machine to get hold of the remote files storing the credentials and subsequently extracting them.
PREV 2 of 2 NEXT
- Living Off the Foreign Land - Part 1/3: Setup Linux VM for SOCKS routing
- Living Off the Foreign Land - Part 2/3: Configuring the Offensive Windows VM
- Living Off the Foreign Land - Part 3/3: Using Windows as Offensive Platform
- Digging for Secrets on Corporate Shares
- Dealing with large BloodHound datasets