Podcast
Questions and Answers
Which of the following resources provides a web-based interface to access latest exploits?
Which of the following resources provides a web-based interface to access latest exploits?
What is the name of the exploit framework that is pre-installed with Kali?
What is the name of the exploit framework that is pre-installed with Kali?
Which of the following is a command line search tool for exploits in Kali?
Which of the following is a command line search tool for exploits in Kali?
Which of the following exploits was developed by the U.S. National Security Agency (NSA)?
Which of the following exploits was developed by the U.S. National Security Agency (NSA)?
Signup and view all the answers
What is the name of the ransomware that used the EternalBlue exploit to attack unpatched computers?
What is the name of the ransomware that used the EternalBlue exploit to attack unpatched computers?
Signup and view all the answers
Which of the following is a online resource that provides a large vulnerability database complete with exploits and PoCs for research purposes?
Which of the following is a online resource that provides a large vulnerability database complete with exploits and PoCs for research purposes?
Signup and view all the answers
Which of the following is a framework that provides tools to develop and execute exploits?
Which of the following is a framework that provides tools to develop and execute exploits?
Signup and view all the answers
What is the name of the group that released the EternalBlue exploit on April 14, 2017?
What is the name of the group that released the EternalBlue exploit on April 14, 2017?
Signup and view all the answers
Which of the following is a online resource that provides a web-based interface to access latest exploits?
Which of the following is a online resource that provides a web-based interface to access latest exploits?
Signup and view all the answers
Which of the following is a search tool for exploits in Kali?
Which of the following is a search tool for exploits in Kali?
Signup and view all the answers
Study Notes
Fuzzing
- Sending unexpected or malformed data to an application to see how it handles
- Can lead to a possible DoS (Denial of Service)
Post Exploitation
- What happens after exploiting the target
- Privilege escalation: gaining higher-level access and permissions
- Password harvesting: collecting sensitive data
- Pivoting: moving to other systems in the network to gain more access and information
Privilege Escalation
- Targeting high-permission accounts (e.g., root, administrators)
- Gain access to system information and make changes to services and users
Pivoting
- Using a compromised system to access other systems in the network
- Compromised targets may have multiple interfaces, allowing access to other networks
Persistence
- Maintaining access to compromised systems
- Keeping access through repeated exploitation or other means
Process Injection
- Hiding malicious code inside existing processes
- Using Metasploit Meterpreter migrate command
Log Manipulation
- Clearing logs on compromised systems
- Deleting log files on Windows and Linux systems
- Using Meterpreter to clear event logs
Hiding Data
- Using dot files and directories on Linux
- Using alternate data streams (ADS) on Windows
Summary
- Searching for exploits
- Cracking password hashes using John the Ripper and Lophcrack
- Pivoting and privilege escalation
- Covering tracks to avoid detection
Exploit Resources
- CXSecurity: web-based interface for latest exploits
- Vulnerability-Lab: large vulnerability database with exploits and PoCs
- Exploit-Db: online resource for exploits, including Exploit Database and Metasploit
Metasploit
- Preinstalled with Kali, a popular penetration testing framework
- Provides tools for developing and executing exploits
- Many modules available for testing systems and networks
- Owned by Rapid7
Exploits Search Tools
- Search tools in Kali, including searchsploit command
- Searching for exploits using searchsploit
EternalBlue
- Exploit developed by the U.S. National Security Agency (NSA)
- Leaked by the Shadow Brokers hacker group in 2017
- Used in WannaCry ransomware attacks on unpatched computers
Studying That Suits You
Use AI to generate personalized quizzes and flashcards to suit your learning preferences.
Description
Learn about the next steps after exploiting a target system, including privilege escalation, password harvesting, and pivoting to other systems. Discover how to gain more sensitive information or access new areas of the network.