13 hours 9 minutes
Hello and welcome to another penetration testing execution Standard discussion.
Today we're going to look at further penetration into infrastructure in the post exploitation section of the Pee test standard. Now, quick disclaimer Pee Test videos do cover tools and techniques that could be used for system hacking.
So any tools or techniques that we discussed her, you should be researched by the user prior to their use as well as you should research local laws
and regulations regarding the use of such tools to ensure that you do not get into any trouble with the law. Now today's objectives are pretty straightforward. We're going to discuss what pivoting isn't a high level. We're going to discuss from compromise system pivoting and through compromise system pivoting, which is going to touch on definitions,
look at a few things, give you a few examples
and move on through. So pivoting
is the action where the tester will use his presence on compromise systems to further enumerating gain access to other systems on the client infrastructure.
This action can be executed from the compromise host itself, using local resource is or tools uploaded to the compromise system. So if I get to a server or something of that nature that I can use to then gain access to. Other resource is run tools that may not otherwise be restricted on other systems.
I could totally do that from that point as long as it's covered in the rules of engagement Now
from compromised system pivoting. These actions were taken from the system so we can upload tools to it and use it. We could use local system tools, AARP scans, ping sweeps, do de NS and admiration of internal networks. And so
if there's like a system management tool at our disposal or something of that nature that's native to that system, it could be used to then compromise other systems or collect data sets.
The actions that will be executed will depend on the information needed to show specific risk or further penetration into the client network and hosts. So you should do regular planning sessions to re evaluate the information gathered
and whether or not you'll continue in the post exploitation phase until set goals are met. So we want to ensure that we meet the goals of the client,
and if we do, based on the things that we've done. Then we can stop doing the post exploitation components of this and start reporting
now through compromise systems actions that are taken through a compromise system so we can use them for Port 14 proxy into internal networks. VP ends to internal networks to execute remote exploits on dhe, then to abuse or the abuse of compromise credentials and keys.
And so again, same kind of scenario here, we're going to re evaluate,
um, kind of regularly where were and whether or not the information we've gathered and the things that we're doing through those systems
meets the goals for the test. And if those goals are met,
we can step away and start reporting and feel good about what we've identified for the client. So let's do a quick check on learning.
True or false from the compromise system means that action can be taken from a compromise system
well, that right out the gate is true. So from compromise system means that actions can be taken from a compromise system if it said from compromise system means that actions can be taken through a compromise system than that would not be the case.
So, in summary today, we've just discussed what pivoting wasn't a high level. We discussed from compromise system pivoting and through compromise system pivoting. So with that in mind, I want to thank you for your time today. And I look forward to seeing you again soon.