Electronic Books

*Note: Because the server is set to respond with Echo Reply and the attacker is using
Echo Request, the traffic will look like normal traffic to firewalls and Intrusion
Detection Systems (IDS) solutions.
550
Practical Hacking Techniques and Countermeasures
The client will connect to the server. Notice your prompt has changed to
the # sign.
To verify you are actually connected to the server, type ifconfig and press
Enter.
Wireless
551
The IP is 172.16.1.200, which verifies we are at a server terminal.
At this point, you can operate the keyboard as though you are sitting directly
behind the keyboard of the server. Run any command you would normally
run, such as ls ??“l for a detailed directory listing.
552
Practical Hacking Techniques and Countermeasures
Verify your user mode by typing the command whoami and pressing Enter.
Since we are attached as user root we have absolute control over this
target.
*Note: I have been asked many times, ???If I already had the ability to connect and
upload this program does that mean I already have root access???? The answer
is ???Not really.??? The biggest advantage of this tool is the ability to set a backdoor
for you to return to at any point in time. Many times a few minutes of physical
access are all you need to set the back door and then return remotely.
Wireless
553
Lab 80: Hiding Tools on the Target
Hiding Files on the Target: CP
Prerequisites: None Local/Admin Remote
Countermeasures: SFIND Tool
Description: A common technique is for an attacker to stream files
together to hide his or her tools inside a valid application.


Pages:
168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192