{"id":1129,"date":"2020-04-04T15:02:24","date_gmt":"2020-04-04T13:02:24","guid":{"rendered":"https:\/\/andreas-klingler.de\/infosec\/?p=1129"},"modified":"2023-12-20T20:46:09","modified_gmt":"2023-12-20T19:46:09","slug":"post-exploitation","status":"publish","type":"post","link":"https:\/\/infosec.andreas-klingler.de\/?p=1129","title":{"rendered":"Post exploitation"},"content":{"rendered":"\n<h1 class=\"wp-block-heading\">General<\/h1>\n\n\n\n<p class=\"wp-block-paragraph\">After bee\u00ading root, do the fol\u00adlow\u00ading to gain addi\u00adtion\u00adal information.<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Copy \/ break \/etc\/shadow or&nbsp;<span class=\"caps\">SAM<\/span><\/li><li>Inves\u00adti\u00adgate all \/home direc\u00adto\u00adries and \/root <ul><li> <pre class=\"bbcode_code\">ls -lahR \/home\/<\/pre> <\/li><li>Are there <span class=\"caps\">SSH<\/span>&nbsp;keys?&nbsp;<\/li><\/ul><\/li><li>Inves\u00adti\u00adgate all data\u00adbas\u00ades and get \/ break their users and passwords<\/li><li>Check cron\u00adjob\u00ads\/-tabs<\/li><li>Enu\u00admer\u00adate programs&nbsp;<ul><li>and deter\u00admine where cre\u00adden\u00adtials could&nbsp;be.&nbsp;<\/li><\/ul><\/li><li>Enu\u00admer\u00adate the user\u2019s mail<\/li><li>Enu\u00admer\u00adate <span class=\"caps\">WWW<\/span> directories<\/li><li><a href=\"https:\/\/andreas-klingler.de\/infosec\/?p=761\" data-type=\"post\" data-id=\"761\">Get all hashes<\/a><\/li><\/ul>\n\n\n\n<h1 class=\"wp-block-heading\">Enumerate network connections<\/h1>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/andreas-klingler.de\/infosec\/?p=313\" data-type=\"post\" data-id=\"313\">See the Sniff\u00ading net\u00adwork traf\u00adfic&nbsp;post.<\/a><\/p>\n\n\n\n<h1 class=\"wp-block-heading\">Windows<\/h1>\n\n\n\n<ul class=\"wp-block-list\"><li>Try <em>post\/windows\/gather\/enum_ie<\/em><\/li><\/ul>\n\n\n\n<p class=\"wp-block-paragraph\"><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Gen\u00ader\u00adal After bee\u00ading root, do the fol\u00adlow\u00ading to gain addi\u00adtion\u00adal infor\u00adma\u00adtion. Copy \/ break \/etc\/shadow or&nbsp;<span class=\"caps\">SAM<\/span> Inves\u00adti\u00adgate all \/home direc\u00adto\u00adries and \/root ls \u2011lahR \/home\/ Are there <span class=\"caps\">SSH<\/span>&nbsp;keys?&nbsp; Inves\u00adti\u00adgate all data\u00adbas\u00ades and get \/ break their users and pass\u00adwords Check cron\u00adjob\u00ads\/-tabs Enu\u00admer\u00adate pro\u00adgrams&nbsp; and deter\u00admine where cre\u00adden\u00adtials could&nbsp;be.&nbsp; Enu\u00admer\u00adate the user\u2019s mail Enu\u00admer\u00adate <span class=\"caps\">WWW<\/span> directories&nbsp;[\u2026]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"wp_typography_post_enhancements_disabled":false,"footnotes":""},"categories":[472],"tags":[207],"class_list":["post-1129","post","type-post","status-publish","format-standard","hentry","category-postexp","tag-post-exploitation"],"_links":{"self":[{"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=\/wp\/v2\/posts\/1129","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1129"}],"version-history":[{"count":12,"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=\/wp\/v2\/posts\/1129\/revisions"}],"predecessor-version":[{"id":1959,"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=\/wp\/v2\/posts\/1129\/revisions\/1959"}],"wp:attachment":[{"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1129"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1129"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1129"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}