From Scanning to Exploitation: Computer Security Lectures 2014/15 S1
Convert Text to Speech
This video is part of the computer/information/cyber security and ethical hacking lecture series; by Z. Cliffe Schreuders at Leeds Beckett University. Laboratory work sheets, slides, and other open educational resources are available at http://z.cliffe.schreuders.org.
The slides themselves are creative commons licensed CC-BY-SA, and images used are licensed as individually attributed.
Topics covered in this lecture include:
What an attacker does after exploiting a vulnerability successfully
Depends on the goals/motivation of the attacker
Having shell
Got root? The actions an attacker can take will depend on their security context
Unix commands: whoami, id {-u}
Access controls
Post-exploitation information gathering
View environment variables: env
cat /proc/cpuinfo
free -m
df -h
uname -a
Changing attack surface
Local privilege escalation exploits
Post-exploitation via MSF post-exploitation modules
Advanced payload: Meterpreter
Staged payloads
Pivoting: routing attacks through compromised systems
Other payloads: VNC
Covering tracks
Maintaining access
Conclusion
video, sharing, camera phone, video phone, free, upload
2014-12-24 00:33:33
source
Gloss