zoukankan      html  css  js  c++  java
  • Penetration Test

    Post-exploitation Techniques

    POST-EXPLOITATION TECHNIQUES
    • What to do once you're in
      • Make it easier next time
    • Lateral movement
      • RPC/DCOM (Remote Procedure Call / Distributed Component Object Model)
        • PsExec - Utility that supports executing processes on other systems(i.e. telnet)
        • WMI (Windows Management Instrumentation) - Managing devices and applications from remote computers
        • Scheduled tasks
    LATERAL MOVEMENT
    • PS remoting/WinRM
      • Powershell remoting / Windows Remote Management
    • SMB (Server Message Block)
      • Protocol for exposing shares to remote computers(Linux, etc. too)
    • RDP (Remote Desktop Protocol)
      • Ability to access a desktop from a remote computer
    • Apple Remote Desktop
      • Apple's RDP
    • VNC (Virtual Network Computing)
    • X-server forwarding
      • X-windows access to Linux desktop
    • Telnet
      • Unsecure remote access(everything in cleartext)
    • SSH (Secure Shell)
      • More secure remote access to shell
    • RSH/Rlogin (Remote Shell / Remote login)
      • Legacy secure remote access

    CASE 1 - Telnet login

    Keep in mind, Telnet is totally in the clear, so if there was somebody else out there sniffing through this traffic, they would be able to see what I'm about to type.

    telnet 10.0.0.21
    

    image-20201103203214809

    CASE 2 - SSH Login

    Logged in in a more secure manner, and all of the things that I type going back and forth are encrypted.

    ssh 10.0.0.21
    

    image-20201103203736251

    ssh msfadmin@10.0.0.21
    

    image-20201103204224718

    QUICK REVIEW
    • Don't reinvent the wheel each time - once you're in, make it easier next time.
    • Enable remote access if possible
    • Use remote access to move laterally within a network
    • Telnet can be helpful when connecting to different devices
    相信未来 - 该面对的绝不逃避,该执著的永不怨悔,该舍弃的不再留念,该珍惜的好好把握。
  • 相关阅读:
    Linux route
    python 实现自定义切片类
    python 自省机制
    python 实例方法、静态方法、类方法
    python 动态语言和协议编程
    python 鸭子类型
    信息论
    CRF keras代码实现
    CRF 详细推导、验证实例
    attention 汇总(持续)
  • 原文地址:https://www.cnblogs.com/keepmoving1113/p/13922449.html
Copyright © 2011-2022 走看看