akde/infosec

Information security is ultimately about managing risk

Post exploitation

General

After bee­ing root, do the fol­low­ing to gain addi­tion­al information.

  • Copy / break /etc/shadow or SAM
  • Inves­ti­gate all /home direc­to­ries and /root 
    • ls -lahR /home/
    • Are there SSH keys? 
  • Inves­ti­gate all data­bas­es and get / break their users and passwords
  • Check cron­job­s/-tabs
  • Enu­mer­ate programs 
    • and deter­mine where cre­den­tials could be. 
  • Enu­mer­ate the user’s mail
  • Enu­mer­ate WWW directories
  • Get all hashes

Enumerate network connections

See the Sniff­ing net­work traf­fic post.

Windows

  • Try post/windows/gather/enum_ie

Leave a Reply

About

Personal collection of some infosec stuff. Primary purpose of this site is to collect and organize for myself.

Note: Some content is not publicly visible due to copyright issues. Therefore, some links could be broken.

Checklists

Categories

Checklists: Ports

python -c 'import pty;pty.spawn("/bin/bash")';

python3 -c 'import pty;pty.spawn("/bin/bash")';