Post-Exploitation
Lecture
Homework
CPAU is an administration tool that allows a lower privileged user to run a higher rights process. The CPAU tool performs this action by embedding higher privileged credentials and specifying the process to run inside of a job file. This ill-designed application is widely deployed by corporations and could possibly be encountered by a penetration tester after gaining access to a corporate desktop. Reverse engineer the isis-cmd.job file and extract the credentials with elevated privileges.
Required Reading
- Symantec Stuxnet Dossier (required)
Discussion
Share Article 