Ethical Hacking 101: Perform Your Own Privilege Elevation and Lateral Movements with Metasploit

Webinar Registration

If you are like me, every time you watch a hacking scene in a Hollywood film, you roll your eyes, shake your head, and think, “Oh, come on, if only it were that easy!”

That may have been a true statement when we first watched Angelina Jolie in the 1995 film “Hackers,” but with today’s technology, prepackaged toolkits have made hacking just that quick and easy. From installable MSI packages to entire VM images, nowadays, within minutes, you can turn your system (yes, even your Windows PC) into a powerful white hat system. So, the question is, when/if someone does penetrate your environment, what color hat do you want them to be wearing: white or black?

In this webinar, I am joined again by one of my most popular guests – the very talented Joe Carson, who you might remember from sessions like “Hacking a Power Station.” Together we are going to show you how to wear your white hat so that you can discover and remediate any possible vulnerabilities and exploits in your environment before a black hat intruder does.

First, I’m going to discuss some of the principles of exploits that Joe will be showing you like:

  • Privilege escalation – using privilege escalation, an intruder accesses the network as a standard user and, through the use of tools and exploits, elevates access for the compromised account to admin or root.
  • Reverse shells – in this scenario, a host machine is compromised and then this host machine is used to initiate a shell connection to the outside world. Since many firewalls are not monitoring outgoing packets, this type of exploit is very successful.

Then Joe Carson, from our sponsor Thycotic, will deep dive into some of today’s readily available hacking tools like:

  • NetCat (NCAT or NC) – in a reverse shell exploit, ncat is a simple one-line command that opens up a listener on the compromised machine
  • Metasploit – used by white hats for pen-testing, Metasploit is an all-in-one tool for black hats to scan your network and determine how to access it and what payloads to attack with
  • Meterpreter – this Metasploit payload gives an unauthorized user control of the screen and the ability to upload and download files from the endpoint
  • Armitage – Not a cmd line guru, no problem. Armitage adds a GUI to Metasploit

Joe will demonstrate how to:

  1. Discover an accessible endpoint by port scanning a system
  2. Configure and gain a foothold via the intrusion
  3. Use privilege escalation and lateral moves to elevate rights to root/admin

By the end of this webinar, your red team will be ready to test your defenses.

Register now for this real training for free event!

First Name:   
Last Name:   
Work Email:  
Phone:  
Job Title:  
Organization:  
Country:    
City:  
State:  
Zip/Postal Code:  
Industry:  
Company Size:
 

Your information will be shared with the sponsor.

By clicking "Submit", you're agreeing to our Privacy Policy and consenting to be contacted by us.

 

 

Additional Resources