Overview

Introduction

Welcome to the Exploiting Desktop Systems Vulnerabilities Practice Lab. In this module, you will be provided with the instructions and devices needed to develop your hands-on skills.

Learning Outcomes

In this module, you will complete the following exercises:

  • Exercise 1 - Exploiting Desktop Systems Vulnerabilities

After completing this lab, you will be able to:

  • Switch Off the Windows Firewall on PLABWIN810
  • Connect to a Windows Host and Launch the Exploit
  • Open the Meterpreter Shell
  • Extract and Crack the Password Hashes
  • Work with the Windows Commands
  • Enable a User Account
  • Handle Services
  • List the Existing User Accounts
  • Download a File from Windows System

Exam Objectives

The following exam objectives are covered in this lab:

  • PT0-001: 3.5 Given a scenario, exploit local host vulnerabilities
  • PT0-001: 4.2 Compare and contrast various use cases of tools

Lab Duration

It will take approximately 1 hour to complete this lab.

Exercise 1- Exploiting the Desktop Systems Vulnerabilities

Just like the network, hosts systems, which could be servers or desktops running a specific operating system, are bound to have vulnerabilities. An operating system like Windows contains millions of lines of codes, and there have been several vulnerabilities that have been discovered. Linux, even though open-source, has lesser vulnerabilities than Windows.

Several security researchers and attackers discover new vulnerabilities. Whereas security researchers inform the companies owning the operating system, the attackers may take advantage of these vulnerabilities and exploit them. There are hundreds of exploits available in the Metasploit Framework, and they can be used to exploit these vulnerabilities.

In this exercise, you will learn about exploiting the desktop system vulnerabilities.

Learning Outcomes

After completing this exercise, you will be able to:

  • Switch Off the Windows Firewall on PLABWIN810
  • Connect to a Windows Host and Launch the Exploit
  • Open the Meterpreter Shell
  • Extract and Crack the Password Hashes
  • Work with the Windows Commands
  • Enable a User Account
  • Handle Services
  • List the Existing User Accounts
  • Download a File from Windows System

Comprehensive Learning

See the full benefits of our immersive learning experience with interactive courses and guided career paths.