Title: Post Exploitation
Post by: LSOChris on November 14, 2008, 04:16:43 PM
I'm doing some work on some post exploitation tasks and automating them.
anyone care to share their favorite post exploitation activities?
From ValSmith's Defcon talk I have
1. renable RDP
2. get a password/hash log into every box in the domain and do "something"
Title: Re: Post Exploitation
Post by: SynJunkie on November 14, 2008, 06:31:38 PM
In my opinion its all about the data, so effective methods of finding and extracting data from the network are pretty important.
Also, different ways of covering tracks is quite interesting, maybe overwriting tools by piping larger files into them using type (type bigfile.exe > evil.exe)
Also playing with the time on devices/hosts to make the forensics more interesting. oh and log file manipulation, thats always fun.