laatste deel ch05
Jef Roosens
parent
fe632b6ab5
commit
54c5cb8277
|
|
@ -184,3 +184,25 @@
|
|||
2. attacker relays authentication request messages to real server -> acts
|
||||
as authenticating client
|
||||
3. attacker receives authentication and returns error message to client
|
||||
|
||||
### Obtaining hashes
|
||||
|
||||
* Linux: `/etc/passwd` & `/etc/shadow`
|
||||
* Windows
|
||||
* Metasploit `hashdump`
|
||||
* minikatz
|
||||
* domain controller: Volume Shadow Copy Service (VSS) to create copy of OS
|
||||
partition including password db
|
||||
* requires shell access to target with system or admin
|
||||
* sniff authentication challenge/responses
|
||||
|
||||
## Pivoting
|
||||
|
||||
* methods
|
||||
* SSH port forwarding
|
||||
* can also act as SOCKS proxy
|
||||
* meterpreter
|
||||
* use `route` command to route packets through open connections
|
||||
* netcat
|
||||
* TCP tunnel
|
||||
* ...
|
||||
|
|
|
|||
|
|
@ -1,7 +1,8 @@
|
|||
---
|
||||
title: Network Security Summary
|
||||
geometry:
|
||||
- top=30mm
|
||||
- left=30mm
|
||||
- right=30mm
|
||||
- top=15mm
|
||||
- left=15mm
|
||||
- right=15mm
|
||||
- bottom=15mm
|
||||
---
|
||||
|
|
|
|||
Loading…
Reference in New Issue