Maintaining access or ET Phone Home

Persistent connections in the hacker world are called Phoning Home. Persistence gives the attacker the ability to leave a connection back to the attacking machine and have a full command line or a desktop connection to the victim machine.

Why do this? Your network is protected by a firewall normally and port connections to the internal machines are controlled by the firewall and not the local machine. Sure, if you're in a box, you could turn on telnet and you could access the telnet port from the local network. It is unlikely that you would be able to get to this port from the public network. Any local firewall may block this port, and a network scan would reveal that telnet is running on the victim machine. ...

Get Kali Linux 2018: Windows Penetration Testing - Second Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.