Chapter 1. Microsoft Environments

It makes sense to kick off this book with the most prevalent operating system in business. I'm sure the majority of penetration testers will agree that though both Linux and Windows have their benefits, the industry still falls heavily on Microsoft to provide the brunt of servers. Microsoft has provided testers with some of the most reliable vulnerabilities over the years, and I know that I'm always happy to see an MS reference whenever a scan completes.

By the end of the chapter, you should know at least three types of scenarios and have some idea about how to vary them for repeated tests. The chapter will aim to be as interactive as possible and follow-through as much as possible. In detail, we will cover the following topics:

• The creation of basic vulnerable machines
• A selection of suggestions for vulnerabilities to host
• In-depth setup of a vulnerable Adobe ColdFusion installation
• In-depth setup of a misconfigured MSSQL server
• In-depth setup of TFTP
• Flag setup and variations
• Post-exploitation and pivot options
• Exploitation guide for all three scenarios