Windows eval

Posted by

0

It is September 2020 and good old windows2012 is still there to be downloaded from Microsoft. It is true! Nice code and still running well.

I put on my curious nature and checked out some code samples. For security on windows systems, how does it work? It’s pretty complicated for sure. Check out some of the security methods Microsoft uses to protect the system. One place to look is “hacker challenge sites”. These sites have code samples and challenges on how to exploit computer security weaknesses. Of course, there are sites related to computer security, specifically. One that I found was on http://www.root-me.org. If you think you know your stuff with server code, check it out. I was surprised to read up on ‘token stealing’ on Windows.  Token stealing allows one to run scripts with root (system privilege).  I didn’t know it was so well documented,  how these exploits work.  Root-me has challenges organized pretty well, but they are not grouped into “easy” or “difficult” ratings that are easy to sort out. They do have ratings and such, but just not easy to find the ones that may suit your skill level. ?    For root-me.org,  look at how they organize the challenges:

##—–start of list  

App – Script

Exploit environment weaknesses, configuration mistakes and vulnerability patterns in shell scripting and system (…)

App – System

These challenges will help you understand applicative vulnerabilities.

Cracking

Reverse binaries and crack executables.

Cryptanalysis

Break encryption algorithms

Forensic

Train digital investigation skills by analyzing memory dumps, log files, network captures…

Network

Networks challenges where you have to deal with captured traffic, network services, packet analysis, (…)

Programming

Automate tasks and build shellcodes.

Realist

Realistic challenges.

Steganography

Whereas cryptography concern the art of secret, steganography is the art of hidding: the object of steganography is to (…)

Web – Client

At first you will be faced with problems that will require little to no knowledge of web scripting language. Pretty soon (…)

Web – Server

Discover the mechanisms, protocols and technologies used on the Internet and learn to abuse it!

##—–end of list  

Check out the challenges and get yourself some self-esteem. You get no certification. You get no appreciation. You just get pride and confidence that you can tackle these things. Just do it!

Copyright 2020 Rod Deluhery

And finish up with a link to the MS downloads, to get server 2012:

https://www.microsoft.com/en-us/evalcenter/evaluate-windows-server-2019#preinstall_26484

Leave a comment