O'Reilly logo

Coding for Penetration Testers, 2nd Edition by Ryan Linn, Jason Andress

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 10

Postexploitation scripting

Abstract

Once the shells come back, we have a bit more work to do. This chapter discusses what happens after we’ve gotten in. Working from information gathering under Windows, and moving toward maintaining access through creating users using the Windows command line, this chapter looks at how to query and manipulate Windows systems from the command line. Once we’ve gotten the hang of it, this chapter works to convert that hard work into a Meterpreter script using Ruby where we can easily run these commands through Metasploit.

After exploiting a Web application, we don’t want the database to feel left out, so this chapter ends with manipulating SQL injection vulnerabilities to gain access to applications, dump ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required