Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
6 Cards in this Set
- Front
- Back
This involves exploitation of targets beyond the DMZ |
Expanding Access / Network Expansion |
|
two commands that help expand access |
portfwd route |
|
This is used as a pivoting (redirecting) technique to enable direct access to target hosts that are further in the network and otherwise inaccessible. |
portfwd Args: add : create forwarding tunnel list : list active forwarders delete : deleted port forwarding entry flush : delete all entries Options: -L : Specifies the listening host (AP) -l : Specifies the listening port for host assigned by -L (AP port) -r : Identifies the IP address of target pivoting to -p : Specifies the port to connect to on target (-r) -h : lists available options Syntax: portfwd add -L AP_IP -l AP_Port -r TargetIP -p TargetPort |
|
Route statement syntax |
metasploit route add TargetIP/CIDR Netmask SessionID Options: add remove flush Meterpreter run autoroute -s TargetIP/CIDR -n Netmask Options -s : Assigns IP address or subnet route -n : Assigns netmask in route statement -p : Prints active route table -d : Deletes route statement |
|
Files of Interest Locations |
SAM database or Active Directory password files User docs and settings folder or docs folder User Desktops Recycle Bins File types to search usually yield files to collect .doc .docx .xls .xlsx .ppt .pptx .txt Meterpreter - example search -d "c:\\Documents and Settings\\" -f *.txt |
|
Two types of Rootkits |
User-mode : Runs as a normal application and can be detected by most anti-virus software Kernel-mode : Runs in between kernel and applications; has ability to avoid detection from applications by filtering information displayed from kernel to anti-virus software, as well as other programs. |