After trying multiple exploits, you’ve gained root access to a Centos 6 server. To ensure you maintain access, what would you do first?
A. Create User Account
B. Disable Key Services
C. Disable IPTables
D. Download and Install Netcat
5 Comments on “what would you do first?”
Jacksays:
Answer should be Download and Install Netcat
CEHv9says:
Answer: D. Download and Install Netcat
TetraGrammatonClericsays:
Answer: A Create User Account
You’ve gained root access to a server. To ensure you maintain access, the first thing you should do is make sure that if discovered, you have another way in.
Note that the point is to establish the Se7en steps of a successful attack;
1. Recon (Case the joint.)
2. Scanning (How do we do this?)
3. Access (Get Innit), maintaining access (We’re Innit, mate!) and take it up a notch (Big up!)
4. Exfil (Get the loot/gear!)
5. Sustain (We’re in, chill, bruv!)
6. Assault (Let’s do this!)
7. Obfuscation (Hide tracks)
NetCat, however, is designed to be a reliable back-end tool to instantly provide network connectivity to other applications and users.
TetraGrammatonClericsays:
…Or, upon reflection, download and install Netcat.
for_the_hac_kingsays:
I think it is A, you probably wouldn’t need netcat if you’re already in a machine as the root… but to be honest wouldn’t creating a user account make too much noise on the target system?
Answer should be Download and Install Netcat
Answer: D. Download and Install Netcat
Answer: A Create User Account
You’ve gained root access to a server. To ensure you maintain access, the first thing you should do is make sure that if discovered, you have another way in.
Note that the point is to establish the Se7en steps of a successful attack;
1. Recon (Case the joint.)
2. Scanning (How do we do this?)
3. Access (Get Innit), maintaining access (We’re Innit, mate!) and take it up a notch (Big up!)
4. Exfil (Get the loot/gear!)
5. Sustain (We’re in, chill, bruv!)
6. Assault (Let’s do this!)
7. Obfuscation (Hide tracks)
NetCat, however, is designed to be a reliable back-end tool to instantly provide network connectivity to other applications and users.
…Or, upon reflection, download and install Netcat.
I think it is A, you probably wouldn’t need netcat if you’re already in a machine as the root… but to be honest wouldn’t creating a user account make too much noise on the target system?