Shell access on a Unix-type server is access to send commands to a target as
a user of the system and get a response back (standard input to a shell and
standard output from that shell). This shell service is limited and some
commands will work and other will not. Window shell access has a similar
limited command structure and this article will explore how to navigate and
give some interesting tips hopefully as well.
A tool that can demonstrate this is netcat as I will illustrate below using
netcat for shell access on a windows target. On a windows machine open up a
command prompt and start a netcat listener (see Figure #1). You may need to
install the program http://nmap.org/ncat before you continue.
Figure #1 starting a netcat listener on windows
Now connect to it from you Linux box with the following command in Figure #2
Figure #2 connecting to the windows box vi... (more)
In a previous article , I described how to obtain a memory image from a
Windows computer that would allow forensic analysis. I briefly discussed
using F-Response TACTICAL  to get the memory image, and then Volatility
 and Mandiant Redline  for further investigation. In this paper, I dive
more deeply into Redline and Volatility.
To begin, I review a raw memory dump of a known malware variant (see the
"Malware Image" box) with Mandiant Redline. After firing up Redline, I chose
By Analyzing a Saved Memory File under Analyze Data and browsed to the
location of the memory... (more)
The Metasploit Framework is a penetration testing toolkit, exploit
development platform, and research tool. The framework includes hundreds of
working remote exploits for a variety of platforms. Payloads, encoders, and
nop slide generators can be mixed and matched with exploit modules to solve
almost any exploit-related task. A very nice feature in Metasploit is the
ability to pivot through a Meterpreter session to the network on the other
side. This tutorial walks you through how this is done once you have a
Meterpreter session on a foreign box. We begin right after a client sid... (more)
The purpose of this article is to describe some tools and techniques in
performing the planning, scoping, and recon portion of a penetration test. In
covering these tools and techniques the reader will learn how to use them to
find vulnerabilities in their organization and help improve security posture.
Some other names for this first phase of penetration testing are; OSINT (Open
Source Intelligence), Footprinting, Discovery, and Cyberstalking.
During reconnaissance we'll gather information from public sources to learn
about the target and try to find what is importan... (more)
When performing a penetration test on a customer’s network by simulating an
attack and trying to find a way inside many forget there is an easier way.
Many networks have well established security protection through firewalls,
Intrusion Detections/ Protections Systems that will alert to your presents.
Performing a vulnerability scan using tools such as NeXpose, Nessus, nmap,
etc will alert many systems. By performing some research on the target and
learn what the company does you can narrow your attack. By using some social
engineering you can email your payload to an inspecting v... (more)