CISC 7050 Lecture Notes - Lecture 7: Email Forwarding, Privilege Escalation, Dns Zone Transfer
Document Summary
Post exploitation: post exploitation: process of learning the system & enumerating system after already exploiting it, review all apps, system settings, configs, etc. Id data on system which could be useful: steps/procedures after gaining access will depend based on objective/target, some exploits may leave you with access to server, but not admin/root access, leading to privilege escalation. Installation of backdoor & services to connect back to system: clean up process covers requirements for cleaning up systems once pen test has been completed so that not detected. Post exploitation tools: many post-exploitation tools rely on meterpreter shell, meterpreter: payload that can be selected w/ many exploits, meterpreter shell provides consistent cross-platform post-exploitation interface & acts as in-memory stager for loading additional exploit code remotely. Pivoting: pivoting aka lateral movement & is using one foot hole to further compromise a network, command portfwd commonly used as pivoting technique, allowing direct access to machines otherwise inaccessible from attacking system.