Windows: How It's Hacked, How to Protect It

Protect your Windows OS and prevent hackers from stealing or destroying your data. This course will teach you the weaknesses of the Windows OS, the different ways it can be hacked, and how to secure yourself against these attacks.
Course info
Rating
(183)
Level
Intermediate
Updated
Apr 5, 2016
Duration
1h 40m
Table of contents
Description
Course info
Rating
(183)
Level
Intermediate
Updated
Apr 5, 2016
Duration
1h 40m
Description

If you want to protect your Windows OS from getting hacked, you need to have an understanding of how hacking occurs and the tools to prevent it. In this course, Windows: How It's Hacked, How to Protect It, one of the world's foremost experts in the Windows OS will show you the principles behind different attacks against the modern Windows OS, from Windows XP to Windows 10, including computers with encrypted and non-encrypted disks. First, you will learn the how weaknesses of the Windows OS can be used to break into the system. You'll then go through a full path of hacks, starting with getting access to local computer, breaking into a company network, and elevating yourself to Domain Admin. Finally, you'll discover how to use built-in Windows privileges to bypass all ACL checks, steal another user's identity, and replace any protected file in a system. By the end of this course, you'll be able to secure your Windows OS and protect it from malicious attacks.

About the author
About the author

Sami Laiho is one of the worlds top experts in the Windows OS. Sami specializes in OS internals, troubleshooting, management, and security.

More from the author
More courses by Sami Laiho
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
Hi everyone, my name is Sami Laiho. Welcome to my course, Windows: How It's Hacked, How to Protect It. I am a Senior Technical Fellow at my own company called Adminize. In 2015, major antimalware labs found 250, 000 to 300, 000 new malware samples per day. The world is changing and reactive security is dead. Everyone needs to move to proactive security and make sure their operating systems are secured from ground up with correct configurations. This course takes you through a horror show on how easy the Windows OS is to hack and then teaches you how to proactively secure it. Some of the major topics that we will cover include why hard disk encryption is nowadays mandatory, why removal of admin rights is mandatory, and how to prevent pass-the-hash attacks. By the end of this course, you'll know what are the biggest threats to your security and how you can easily increase the level of protection in your own environment. Before beginning the course, you should be familiar with the basics of Windows operating systems.

Bypassing Company Group Policies
This module is called Bypassing Company Group Policies. There's a strong belief among many IT pros that administrators could be controlled by Group Policies. This is totally not the case. So in this module we're going to go through examples on why you cannot control your administrators with Group Policies. First of all, Group Policy in itself is probably the most misleading name in the history of Microsoft Windows. Group Policy has to do with computers and users. The only thing you cannot manage with it are groups. Group of policy settings would be a better name, as it is a group of different policy settings gathered in a single object. Group Policies work as a vessel that deliver settings to your computer. This will be coming down from Active Directory or set in the local policy. Most Group Policy settings deliver registry settings, but there are other settings as well. First demonstration we're going to show how to find out what these registry values for the Group Policies actually are and how to bypass those.

Elevating Your Rights to Domain Admin
This module is called Elevating your Rights to Domain Admin. In this module, we assume that you have already taken over a local box and gained administrative access to that. We will now use this as a springboard to gain access to the rest of the network. Gaining access to a company network is usually easiest by combining some social engineering and some technical features of Windows. What we will try to do is we will try to contact our company Help Desk and ask those Help Desk personnel to connect to our computer. We will then use a scheduled task, which will be triggered by this connecting Help Desk user. But we're relying on this is actually the fact that most of the Help Desk users and lazy and they will use the highest privileges that they have. They should be using the lowest privileges that are required to administer my workstation, but they usually just seem to be lazy. So, in this first demonstration, I'm actually going to show you how to inject the bait, which will be a scheduled task, and I will then trigger the Help Desk personnel to connect to my computer and trigger that scheduled task that will actually add myself as a domain admin in the network.