PIVOTING

  • Use the hacked device as a pivot.
  • Try to gain access to other devices in the network.

Tool: Metasploit - AUTOROUTE Module

Target: Metasploitable VM

  • Set up a route between hacker and hacked device.
  • Gives hacker access to devices on the network.
  • Use Metasploit exploits auxiliaries ...etc

1. Use it

use post/multi/manage/autoroute

2. Set subnet of the target network

set subnet [subnet]

3. Set Session id.

set session [id]

4. exploit

exploit

Then you can exploit Metasplotable VM now.

For more information about Pivoting, please refer to:

https://www.offensive-security.com/metasploit-unleashed/pivoting/

Ethical Hacking - POST EXPLOITATION(4)的更多相关文章

  1. Ethical Hacking - POST EXPLOITATION(3)

    Spying - Capturing Key Strikes & Taking Screen Shots Log all mouse/keyboard events > keyscan- ...

  2. Ethical Hacking - POST EXPLOITATION(2)

    MAINTAINING ACCESS - Methods 1. Using a veil-evasion Rev_http_service Rev_tcp_service Use it instead ...

  3. Ethical Hacking - POST EXPLOITATION(1)

    METERPRETER BASICS >help - shows help >background - backgrounds current session >sessions - ...

  4. Ethical Hacking Tutorials

    Ethical Hacking Tutorials Free Ethical Hacking Tutorials https://www.guru99.com/ethical-hacking-tuto ...

  5. Ethical Hacking - Overview

    Hacking is gaining unauthorized access to anything. Preparation Setting up a lab and installing need ...

  6. Ethical Hacking - Web Penetration Testing(3)

    EXPLOITATION -File Upload VULNS Simple type of vulnerabilities. Allow users to upload executable fil ...

  7. Ethical Hacking - GAINING ACCESS(22)

    CLIENT SIDE ATTACKS - BeEf Framework Browser Exploitation Framework allowing us to launch a number o ...

  8. Python Ethical Hacking - Basic Concetion

    What is Hacking? Gaining unauthorized access. Hackers? 1.Black-hat Hackers 2.White-hat Hackers 3.Gre ...

  9. Ethical Hacking - GAINING ACCESS(4)

    SERVER SIDE ATTACKS - METASPLOIT Metasploit is an exploit development and execution tool. It can als ...

随机推荐

  1. 研为电子6轴运动控制卡win10驱动无法安装问题,解决方法

    研为电子6轴运动控制卡win10驱动无法安装问题,解决方法 研为电子6轴运动控制卡win10驱动无法安装问题,解决方法 iMC3xx2E系列运动控制卡使用手册V1.003 IMCdrv_Ins.exe ...

  2. 点击提交按钮,屏幕会出现闪烁问题,element.style问题

    点击提交按钮,屏幕会出现闪烁问题 通过后台调试发现,在点击的按钮的时候会给body添加一个padding值,而且会出现怎么都修改不了的问题,会发现里面会有 element.style的值,这其实是一种 ...

  3. GridView绑定数据与隐藏指定控件(模板列)

    1.1.    GridView绑定数据 1)       可以配置SqlDataSource数据源,修改select语句生成框架(不想手动绑定) 2)       删除DataSourceID属性和 ...

  4. Appium 概括与环境安装

    Appium 是什么, 有什么用 Appium 用途和特点 appium 是一个移动 app 自动化工具 手机APP自动化有什么用? 自动化完成一些重要性的任务 比如微信客服机器人 爬虫 就是通过自动 ...

  5. MongoDB入门二

    MongoDB配置 本地启动 c:\MongoDB\bin>mongod.exe --dbpath "C:\\MongoDB\data\db" --logpath " ...

  6. JDK8--03:lambda表达式语法

    对于lambda表达式的基础语法,一个是要了解lambda表达式的基础语法,另外一个是需要了解函数式接口 一.lambda表达式基础语法描述 java8中引入了新的操作符  ->  ,可以称为l ...

  7. 如何在项目开发中应用好“Deadline 是第一生产力”?

    我想也许你早就听说过"Deadline是第一生产力"这句话,哪怕以前没听说过,我相信看完本文后,再也不会忘记这句话,甚至时不时还要感慨一句:"Deadline是第一生产力 ...

  8. return zero,or ,return non-zero

    it may return a value to its caller, which is in effect the environment in which the program was exe ...

  9. 模型评测之IoU,mAP,ROC,AUC

    IOU 在目标检测算法中,交并比Intersection-over-Union,IoU是一个流行的评测方式,是指产生的候选框candidate bound与原标记框ground truth bound ...

  10. 关于位图数据和标记位-P3

    文章目录 1 背景 1.1 问题 2 问题1探究 2.1 没有区的情况 2.2 一个区的情况 2.3 两个区的情况 2.4 三个区的情况 2.5 四个区的情况 2.6 五个区的情况 3 问题2探究 3 ...