Ethical Hacking and Penetration Testing Guide


  Postexploitation ........................................................................................................231



Yüklə 22,44 Mb.
Pdf görüntüsü
səhifə10/235
tarix07.08.2023
ölçüsü22,44 Mb.
#138846
1   ...   6   7   8   9   10   11   12   13   ...   235
Ethical Hacking and Penetration Testing Guide ( PDFDrive )

 9 
Postexploitation ........................................................................................................231
Acquiring Situation Awareness........................................................................................231
Enumerating a Windows Machine ........................................................................231
Enumerating Local Groups and Users ...................................................................233
Enumerating a Linux Machine ..............................................................................233
Enumerating with Meterpreter ..............................................................................235
Identifying Processes ....................................................................................235
Interacting with the System ..........................................................................235
User Interface Command .............................................................................235
Privilege Escalation ........................................................................................................ 236
Maintaining Stability ........................................................................................... 236
Escalating Privileges....................................................................................................... 237
Bypassing User Access Control ............................................................................. 238
Impersonating the Token ...................................................................................... 239
Escalating Privileges on a Linux Machine ..............................................................241
Maintaining Access.........................................................................................................241
Installing a Backdoor ......................................................................................................241
Cracking the Hashes to Gain Access to Other Services ..................................................241
Backdoors .......................................................................................................................241
Disabling the Firewall ........................................................................................... 242
Killing the Antivirus ............................................................................................. 242
Netcat ................................................................................................................... 243
MSFPayload/MSFEncode .............................................................................................. 244
Generating a Backdoor with MSFPayload ............................................................ 244
MSFEncode ...........................................................................................................245
MSFVenom ................................................................................................................... 246
Persistence .............................................................................................................247
What Is a Hash? ....................................................................................................249
Hashing Algorithms ..............................................................................................249
Windows Hashing Methods ..................................................................................250
LAN Manager (LM) .............................................................................................250
NTLM/NTLM2 ...................................................................................................250
Kerberos ................................................................................................................250
Where Are LM/NTLM Hashes Located? ..............................................................250
Dumping the Hashes ......................................................................................................251
Scenario 1—Remote Access ...................................................................................251
Scenario 2—Local Access ......................................................................................251
Ophcrack ...............................................................................................................252
References .......................................................................................................................253
Scenario 3—Offline System ..................................................................................253
Ophcrack LiveCD .................................................................................................253
Bypassing the Log-In .............................................................................................253


xvi
◾ 
Contents
References .......................................................................................................................253
Cracking the Hashes .......................................................................................................253
Bruteforce ..............................................................................................................253
Dictionary Attacks ............................................................................................... 254
Password Salts ....................................................................................................... 254
Rainbow Tables .................................................................................................... 254
John the Ripper ..............................................................................................................255
Cracking LM/NTLM Passwords with JTR ...........................................................255
Cracking Linux Passwords with JTR .....................................................................256
Rainbow Crack ...............................................................................................................256
Sorting the Tables ..................................................................................................257
Cracking the Hashes with rcrack ...........................................................................258
Speeding Up the Cracking Process ........................................................................258
Gaining Access to Remote Services .......................................................................258
Enabling the Remote Desktop ...............................................................................259
Adding Users to the Remote Desktop ....................................................................259
Data Mining ...................................................................................................................259
Gathering OS Information ................................................................................... 260
Harvesting Stored Credentials ...............................................................................261
Identifying and Exploiting Further Targets ................................................................... 262
Mapping the Internal Network ............................................................................. 263
Finding Network Information .............................................................................. 264
Identifying Further Targets ...................................................................................265
Pivoting ................................................................................................................ 266
Scanning Ports and Services and Detecting OS .....................................................267
Compromising Other Hosts on the Network Having the Same Password ............ 268
psexec ............................................................................................................................ 269
Exploiting Targets ..................................................................................................270
Conclusion ......................................................................................................................270

Yüklə 22,44 Mb.

Dostları ilə paylaş:
1   ...   6   7   8   9   10   11   12   13   ...   235




Verilənlər bazası müəlliflik hüququ ilə müdafiə olunur ©azkurs.org 2024
rəhbərliyinə müraciət

gir | qeydiyyatdan keç
    Ana səhifə


yükləyin