Password Cracking
Generally, password cracking takes place in the ENTRENCH phase of the attack, after an initial penetration has been successful and password hashes have been retrieved from the compromised system, but…
Entrench
Exfiltrate Data
There are several reasons why an attacker might want to get data back out of a system or network: The process of getting the data out can be as simple…
Ensure Future Access
Once high privileges are established and an account for future use is established, the next need is to ensure there is a pathway for future access. Use a penetration agent/rootkit…
Add an Admin User
Once admin/root privileges have been established, an attacker will often create a new account with high privilege levels in order to allow future access without needing to take extraordinary action.…
Escalate Privileges
After penetration, if the established presence doesn’t have admin/root privileges, a top priority may become escalating privileges so that further action become possible. There are a variety of ways to…
Whoami?
One of the first tasks of the attacker after penetrating a system is to figure out what account status is associated with the presence established and what permissions and privileges…