Windows Exploits and Forensics: SMB & PsExec


Overview/Description
Expected Duration
Lesson Objectives
Course Number
Expertise Level


Overview/Description

When carrying out security operations in a Windows environment, you need to know what kind of attacks, exploits, and vulnerabilities to look out for. This course covers two of the most common services used to attack a Windows-based network - SMB and PsExec - along with some popular attack methodologies.

You'll start by examining SMB permissions and default settings. You'll then explore tools to enumerate SMB shares and data. Next, you'll investigate how to identify SMB vulnerabilities and recognize SMB attacks. You'll then conduct different SMB exploits, including brute force and denial of service attacks.

You'll move on to outline how PsExec works and use it to execute remote commands. Finally, you'll practice exploiting PsExec using various tools, including the EternalBlue exploit.



Expected Duration (hours)
1.1

Lesson Objectives

Windows Exploits and Forensics: SMB & PsExec

  • discover the key concepts covered in this course
  • outline how SMB works and how permissions are set
  • list various tools and techniques used to enumerate SMB
  • enumerate SMB information from an active machine
  • outline how to identify potential vulnerabilities in SMB
  • outline various methods of attacking SMB
  • conduct a brute force attack against an SMB service
  • conduct a denial of service attack on the SMB service
  • exploit a system to gain a reverse shell on a Windows machine
  • define what PsExec is and describe how it works
  • use PsExec to execute commands on a remote machine
  • use Mimikatz to "pass the hash" and steal logon credentials
  • describe the background of the EternalBlue exploit and outline how it works on Windows systems
  • conduct an attack on a system using EternalBlue
  • summarize the key concepts covered in this course

    • Course Number:
    it_cywexfdj_03_enus

    Expertise Level
    Intermediate