一、后渗透攻击
1、实施漏洞利用
利用后活动是指一旦系统受到危害就进行的活动。这些活动因操作系统的类型而异。他们可以从运行简单的“whoami”到枚举本地帐户。
1. Windows Post漏洞利用
1)盲文件
(当你所能做的就是盲目阅读时,需要做的事情)LFI/Directory遍历。在网络/Windows域/系统中具有相同名称的文件。
File | Expected Contents / Description |
---|---|
%SYSTEMDRIVE%\boot.ini |
A file that can be counted on to be on virtually every windows host. Helps with confirmation that a read is happening. |
%WINDIR%\win.ini |
This is another file to look for if boot.ini isn’t there or coming back, which is some times the case. |
%SYSTEMROOT%\repair\SAM
|
It stores user |