A guided tour to someone else's network

Step 4: What to Do Once You're In

So you've successfully compromised a host, executed a local attack, and gained root access. Now what? For most attackers, the answer is simple: Install a rootkit [20] to maintain access and then keep going. With access to internal systems (such as file servers), an attacker can create links to shared files, which on Windows, for example, will be executed with "Intranet" if it is within the same network, thus bypassing many of the security protections.

Even if the attacker only has access to a limited web server within your domain, the assailant will be able to attack the network infrastructure (such as routers and switches) directly and spoof email more easily. Alternatively, an attacker might simply use your systems as part of a botnet to attack other hosts and networks, send spam, and harvest personal information. The possibilities are endless.

Infos

  1. "Ten Things Everyone Should Know About Lockpicking & Physical Security" by Deviant Ollam: http://www.blackhat.com/presentations/bh-europe-08/Deviant_Ollam/Whitepaper/bh-eu-08-deviant_ollam-WP.pdf
  2. "Blogs Falling in an Empty Forest": http://www.nytimes.com/2009/06/07/fashion/07blogs.html
  3. DojoSec: http://www.dojosec.com/
  4. DojoSec monthly briefings, April 2009, Joseph McCray: http://vimeo.com/4109188
  5. "Sysadmin: Nmap Scripting" by Eric Amberg, Linux Magazine, February 2008, pg. 68
  6. "Sysadmin: Nmap Methods" by Christian Ney, Linux Magazine, January 2006, pg. 62
  7. Nessus: http://nessus.org/nessus/
  8. "Metasploit: How Hacking Got Easy" by Kurt Seifried, Linux Magazine, November 2008, pg. 62
  9. Common Vulnerabilities and Exposures: http://cve.mitre.org/cve/
  10. Open Source Vulnerability Database: http://osvdb.org/
  11. Milw0rm: http://www.milw0rm.com/
  12. PacketStorm Security: http://packetstormsecurity.com/exploits100.html
  13. Top 10 web vulnerability scanners: http://sectools.org/web-scanners.html
  14. SQL Injection Cheat Sheet: http://ferruh.mavituna.com/sql-injection-cheatsheet-oku/
  15. SQLMap: http://sqlmap.sourceforge.net/
  16. "Attack of the CSRF" by Kurt Seifried, Linux Magazine, Febraury 2009, pg. 66
  17. Http parameter pollution: http://www.owasp.org/images/b/ba/AppsecEU09_CarettoniDiPaola_v0.8.pdf
  18. Disabling JavaScript in Adobe Reader: http://blogs.adobe.com/psirt/2009/04/update_on_adobe_reader_issue.html
  19. Didier Stevens' blog: "PDF Tools" http://blog.didierstevens.com/programs/pdf-tools/
  20. "Fourth-Generation Rootkits" by Kurt Seifried, Linux Magazine, December 2008, pg. 64

Read full article as PDF:

Intrusion_101.pdf (988.72 kB)

Related content

comments powered by Disqus

Direct Download

Read full article as PDF:

Intrusion_101.pdf (988.72 kB)

News

njobs Europe
What:
Where:
Country:
Njobs Netherlands Njobs Deutschland Njobs United Kingdom Njobs Italia Njobs France Njobs Espana Njobs Poland
Njobs Austria Njobs Denmark Njobs Belgium Njobs Czech Republic Njobs Mexico Njobs India Njobs Colombia