Electronic Books

632
Practical Hacking Techniques and Countermeasures
Open Internet Explorer on the local machine and enter the local IP address
(172.16.1.56) into the address bar of the browser. Because port 80 is now
listening on the local machine and Fpipe redirected all traffic from port 80 to
the Web server IP address (172.16.1.60), the Web site will be displayed.
By looking at the Fpipe screen, the verbose will list the data flow statistics
for the connection.
*Note: Fpipe, from Foundstone, is a small, fast port redirector and I highly recommend
this application if you have a need for traffic redirection.
Redirection
633
Lab 89: Remote Execution
Remote Execution on Target: PsExec
Prerequisites: File and print sharing enabled and Admin$ share (a hidden
share that maps to the \windows directory) is defined on the remote
system. Compromised target with Administrative access.
Countermeasures: Bastion servers, strong password policy and enforcement
Description: PsExec is a lightweight Telnet replacement that lets you
execute processes on other systems, complete with full interactivity for
console applications, without having to manually install client software.
*Note: This is an excellent tool to execute applications on remote systems that have
been compromised. The best part of this application is that it requires no
software to be installed on the target.
Procedure: Set the parameters and execute against the target.
Verify the IP address on the target by typing ipconfig and pressing Enter.


Pages:
191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215