Windows Services πͺ
Type of windows vulnerabilities:
β Information disclosure: Vulnerability that allows an attacker to access confidential data.
β Buffer overflows: Caused by a programming error, allows attackers to write data to a buffer and overrun the allocated buffer, consequently writing data to allocated memory addresses.
β Remote code execution (RCE): Vulnerability that allows an attacker to remotely execute code on the target system.
β Privilege escalation: Vulnerability that allows an attacker to elevate their privileges after initial compromise.
β Denial of Service (DOS): Vulnerability that allows an attacker to consume a system/hostβs resources (CPU, RAM, Network etc) consequently preventing the system from functioning normally.
Frequently Exploited Windows Services:
| Protocol/Service | Ports | Purpose |
|---|---|---|
| Microsoft IIS (Internet Information Services) | 80/443 | Porprietary web server software developed by Microsoft that runs on Windows. |
| WebDAV (Web Distributed Authoring & Versioning) | 80/433 | HTTP extension that allows clients to update, delete, move and copy files on a web server. WebDAV is used to enable a web server to act as a file server. |
| SMB/CIFS (Server Message Block) | 445 | Network file sharing protocol that is used to facilitate the sharing of files and peripherals between computer on a local network(LAN). |
| RDP (Remote Desktop Protocol) | 3389 | Proprietary GUI remote access protocol developed by Microsoft and is used to remotly authenticate and interact with a Windows system. |
| WinRM (Windows Remote Management Protocol) | 5986/443 | Windows remote management protocol that can be used to facilitate remote access with Windows systems. |