by Goatboy on Sat Oct 02, 2010 5:07 pm
([msg=46923]see Re: Port scanning and what to do with it[/msg])
Generally - assuming you don't already have access - you would find out what service+version is running, find/discover a vulnerability, and then exploit it. It sounds easy in writing, but it's not always that simple. You also have to be cautious of any IDS (Intrusion Detection System) or IPS (Intrusion Prevention System) that may be running. After all, what's it worth if you get caught?
After that, you pretty much do what you want. If you're after specific information, it's best to just grab it, cover your tracks, and leave. However, maybe you want access to the machine to use it as an attack platform. In this case, you need to create yourself a nice little backdoor. This is so you don't have to run the exploit each time, or risk it getting patched.
Assume that everything I say is or could be a lie.
19JAW6GabFHqe9yD9rr26QL3W3V2pNitbD