What to do Post Exploitation — Ethical Hacking as a Beginner [07]
Hmm. In our last article we managed to break into our target. Next is the post exploitation stage. Let’s trace the last two stages of penetration testing in this one.
Now, as we advance further into the realm of ethical hacking, we explore the intricate domain of post-exploitation tactics. Post exploitation is where the true prowess of an ethical hacker comes into play, encompassing activities aimed at elevating privileges, establishing persistence, and covering tracks to maintain access and evade detection.
Post Exploitation our aim is to:
- Elevate Privileges
- Persistence
- Covering tracks
Elevating Privileges: Once access to a target system is secured through exploitation, the next logical step is to escalate privileges. Privilege escalation involves acquiring higher levels of access than initially obtained, thereby unlocking deeper layers of the system and granting the ability to execute privileged commands.
Establishing Persistence: Persistence is essential for maintaining access to the compromised system over an extended period. By implanting backdoors or configuring persistent mechanisms, ethical hackers ensure continued access to the target even after the initial breach is remediated, which can happen due to various reasons. For example, we can leverage techniques like adding malicious payloads to startup folders or exploiting services for persistent access, we solidify our foothold within the target environment, enabling sustained reconnaissance and further exploitation opportunities.
Covering Tracks: In the cat-and-mouse game of ethical hacking, covering tracks is paramount to evade detection and maintain anonymity. Clearing event logs and erasing evidence of intrusion are pivotal steps in covering tracks effectively. Tools such as clearev (event log cleaner) aid in eradicating traces of our presence, mitigating the risk of detection by system administrators or security solutions.
For example,
exploit windows/local/persistence/service is one exploit used for persistence, to discover more, run search persistence in the msfconsole.
Next time? Let’s see hacking an android device.
stay protected!
