LINUX - POSTEXPLOTAITION
- Layout for this exercise:
- First of all, let's exploit the Linux system:
- As a consequence of the attack a remote shell session is open. For handling the attack in a better way, the session is backgrounded:
- Metasploit provides several post exploitation tools, for instance hashdump gathers hashes of all the passwords available at the victim's machine:
- Also, checkvm determines whether the remote system is a real or virtual machine:
- enum_configs gathers information about the victim's configuration, related to installed applications and services:
- enum_network collects data about the network, like IPTables rules, interfaces, ports, connections, DNS, SSH, etc ...
- enum_protections module looks for applications used to prevent or detect attacks, like Antivirus, IDS/IPS, firewalls, etc ...
- enum_system module gathers system information, like installed packages, services, mount information, user list, user bash history and cron jobs:
- enum_users_history module gathers user information like user lists, bash history, mysql history, vim history, etc ...