It is September 2020 and good old windows2012 is still there to be downloaded from Microsoft. It is true! Nice code and still running well.
I put on my curious nature and checked out some code samples. For security on windows systems, how does it work? It’s pretty complicated for sure. Check out some of the security methods Microsoft uses to protect the system. One place to look is “hacker challenge sites”. These sites have code samples and challenges on how to exploit computer security weaknesses. Of course, there are sites related to computer security, specifically. One that I found was on http://www.root-me.org. If you think you know your stuff with server code, check it out. I was surprised to read up on ‘token stealing’ on Windows. Token stealing allows one to run scripts with root (system privilege). I didn’t know it was so well documented, how these exploits work. Root-me has challenges organized pretty well, but they are not grouped into “easy” or “difficult” ratings that are easy to sort out. They do have ratings and such, but just not easy to find the ones that may suit your skill level. ? For root-me.org, look at how they organize the challenges:
##—–start of list
App – Script
Exploit environment weaknesses, configuration mistakes and vulnerability patterns in shell scripting and system (…)
App – System
These challenges will help you understand applicative vulnerabilities.
Reverse binaries and crack executables.
Break encryption algorithms
Train digital investigation skills by analyzing memory dumps, log files, network captures…
Networks challenges where you have to deal with captured traffic, network services, packet analysis, (…)
Automate tasks and build shellcodes.
Whereas cryptography concern the art of secret, steganography is the art of hidding: the object of steganography is to (…)
Web – Client
At first you will be faced with problems that will require little to no knowledge of web scripting language. Pretty soon (…)
Web – Server
Discover the mechanisms, protocols and technologies used on the Internet and learn to abuse it!
##—–end of list
Check out the challenges and get yourself some self-esteem. You get no certification. You get no appreciation. You just get pride and confidence that you can tackle these things. Just do it!
Copyright 2020 Rod Deluhery
And finish up with a link to the MS downloads, to get server 2012: