Menu
rhosts file and just log in, your next step is likely to be either trowing back a reverse shell or binding a shell to a TCP port. If it’s not possible to add a new account / SSH key /. If you’re lucky enough to find a command execution vulnerability during a penetration test, pretty soon afterwards you’ll probably want an interactive shell. For instance, if your target machine spawn out a connection on port 1234 will be very fast caught. For this, on your target machine, your reverse shell connection should go out on a common well-known port. When doing any reverse shell, like all other "suspicious" activities, these needs to be as less than suspicious as possible.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |