9 Linux or UNIX post-exploitation
This chapter covers
- Harvesting credentials from .dot files
- Tunneling through SSH connections
- Automating SSH pubkey authentication with bash
- Scheduling a reverse callback using cron
- Escalating privileges with SUID binaries
In the last chapter, we discussed the three main components of Windows post-exploitation, which you will recall are the following:
-
Maintaining reliable re-entry
-
Harvesting credentials
-
Moving laterally
These are the same for Linux- or UNIX-based systems; the only difference is the techniques used to do them. A strong pentester is OS-agnostic. It doesn’t matter if you’re on a Windows machine, FreeBSD UNIX, CentOS Linux, or macOS. You should know enough about where to find credentials, ...
Get The Art of Network Penetration Testing now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.