PIVOTING

  • Use the hacked device as a pivot.
  • Try to gain access to other devices in the network.

Tool: Metasploit - AUTOROUTE Module

Target: Metasploitable VM

  • Set up a route between hacker and hacked device.
  • Gives hacker access to devices on the network.
  • Use Metasploit exploits auxiliaries ...etc

1. Use it

use post/multi/manage/autoroute

2. Set subnet of the target network

set subnet [subnet]

3. Set Session id.

set session [id]

4. exploit

exploit

Then you can exploit Metasplotable VM now.

For more information about Pivoting, please refer to:

https://www.offensive-security.com/metasploit-unleashed/pivoting/

Ethical Hacking - POST EXPLOITATION(4)的更多相关文章

  1. Ethical Hacking - POST EXPLOITATION(3)

    Spying - Capturing Key Strikes & Taking Screen Shots Log all mouse/keyboard events > keyscan- ...

  2. Ethical Hacking - POST EXPLOITATION(2)

    MAINTAINING ACCESS - Methods 1. Using a veil-evasion Rev_http_service Rev_tcp_service Use it instead ...

  3. Ethical Hacking - POST EXPLOITATION(1)

    METERPRETER BASICS >help - shows help >background - backgrounds current session >sessions - ...

  4. Ethical Hacking Tutorials

    Ethical Hacking Tutorials Free Ethical Hacking Tutorials https://www.guru99.com/ethical-hacking-tuto ...

  5. Ethical Hacking - Overview

    Hacking is gaining unauthorized access to anything. Preparation Setting up a lab and installing need ...

  6. Ethical Hacking - Web Penetration Testing(3)

    EXPLOITATION -File Upload VULNS Simple type of vulnerabilities. Allow users to upload executable fil ...

  7. Ethical Hacking - GAINING ACCESS(22)

    CLIENT SIDE ATTACKS - BeEf Framework Browser Exploitation Framework allowing us to launch a number o ...

  8. Python Ethical Hacking - Basic Concetion

    What is Hacking? Gaining unauthorized access. Hackers? 1.Black-hat Hackers 2.White-hat Hackers 3.Gre ...

  9. Ethical Hacking - GAINING ACCESS(4)

    SERVER SIDE ATTACKS - METASPLOIT Metasploit is an exploit development and execution tool. It can als ...

随机推荐

  1. vc6.0打开类向导时报错-Parsing error: Expected ";".Input Line: "解决方法

    --------------------------- Microsoft Visual C++ --------------------------- Parsing error:  Expecte ...

  2. 【Java】错误: 需要class, interface或enum

    今天在用cmd实现mvn package操作时跳出来的报错! 网上搜索到的结论是因为编码问题而产生的,具体原因就不深究了 要详细了解可以查看以下链接https://blog.csdn.net/qq_3 ...

  3. MonoBehaviour.StartCoroutine开启协同程序

    StartCoroutine协同程序 StartCoroutine(IEnumerator) StartCoroutine(string methodName) StartCoroutine(stri ...

  4. selenium(9)- Xpath的详细使用

    什么是Xpath 官方:XPath 是一门在 XML 文档中查找信息的语言.XPath 用于在 XML 文档中通过元素和属性进行导航 [XPath 使用路径表达式来选取 XML 文档中的节点或者节点集 ...

  5. JMETER学习宝典

    1. 简介 Apache JMeter是100%纯java桌面应用程序,被设计用来测试客户端/服务器结构的软件(例如web应用程序).它可以用来测试包括基于静态和动态资源程序的性能,例如静态文件,Ja ...

  6. android自定义控件onMeasure方法

    1.自定义控件首先定义一个类继承View 有时,Android系统控件无法满足我们的需求,因此有必要自定义View.具体方法参见官方开发文档:http://developer.android.com/ ...

  7. 利用xampp集成环境搭建pikachu靶场及部分问题解决

    xampp的环境部署 1.本地服务器的搭建 首先要到官网下载xampp https://www.apachefriends.org/zh_cn/index.html 有各个不同的系统版本,这里我们选择 ...

  8. Linux--容器命令

    ***执行:yum install lrzsz 然后sz和rz命令就可以使用了 1.查找文件的命令:find / -name [文件名:override.xml] eg:  find / -name ...

  9. docker 运行镜像

    docker run -e "环境变量=值“ --nam 别名 -v /etc/localtime:/etc/localtime:ro [时区保持跟宿主机器一致]-d -p 21021:80 ...

  10. a标签绑定点击事件失败

    如图 然后对a标签绑定点击事件  无效 换成span标签可以