This week I didn't get as far as I wanted to but I still made progress. I worked again with the executable file that I created last week and now I am trying to create the same file except with a .pdf format. The reason for doing this is so that I can hopefully email the executable file and it will not be detected by antivirus. Then I can open it on the remote computer and and gain access that way.
This week I also used Tenable's vulnerability scanner, Nessus, and I scanned my test network. The scanner worked just fine running off of Kali the only problem was that it didn't return any vulnerabilities that I could find an exploit for. After Nessus scanned my Windows Server 2012 it returned the vulnerability MS15-034 and listed it as critical. After a bit of researched I learned that this vulnerability is common for Windows Servers running the default IIS page. I had previously installed the web role on my server and left all the defaults without any security updates. So the scanner proved to be true. I'm still looking at ways to exploit that.
