method_5_post-exploitation
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
| method_5_post-exploitation [2023/01/12 00:20] – [Windoze] gman | method_5_post-exploitation [2023/01/12 00:31] (current) – [First Thing] gman | ||
|---|---|---|---|
| Line 33: | Line 33: | ||
| * Concealment | * Concealment | ||
| * Retain Access | * Retain Access | ||
| + | |||
| + | ---- | ||
| + | |||
| + | ===== First Thing ===== | ||
| + | |||
| + | After you've compromised a system, one of the //**first things**// you want to try is acquiring the local credential store (passwords). | ||
| + | |||
| + | **Windows: | ||
| + | |||
| + | **Linux:** The '' | ||
| + | - '' | ||
| + | - '' | ||
| + | - '' | ||
| + | |||
| + | Linux passwords are usually found in ''/ | ||
| + | * You can simply copy that file to your attack machine and crack offline (if you have root). | ||
| + | * Therefore, priv esc is a key part of acquiring credentials. | ||
| ---- | ---- | ||
method_5_post-exploitation.1673482836.txt.gz · Last modified: by gman