YOU ARE CLAY YOU ARE
git-svn-id: file:///home/svn/incoming/trunk@2632 4d416f70-5f16-0410-b530-b9f4589650da
This commit is contained in:
parent
a6e0eac67d
commit
23e4c9e713
|
@ -94,31 +94,35 @@
|
||||||
\end{frame}
|
\end{frame}
|
||||||
|
|
||||||
\begin{frame}[t]
|
\begin{frame}[t]
|
||||||
\frametitle{Background: the exploitation cycle}
|
\frametitle{Our definitions: the exploitation cycle}
|
||||||
|
|
||||||
\begin{sitemize}
|
\begin{sitemize}
|
||||||
\item \textbf{Pre-exploitation} - Before the attack
|
\item \textbf{Pre-exploitation} - Before the attack
|
||||||
\begin{sitemize}
|
\begin{sitemize}
|
||||||
\item Find a bug and isolate it
|
\item Find a bug and locate the code
|
||||||
\item Write the exploit, payloads, and tools
|
\item Write the exploit
|
||||||
|
\item Write any other tools, shellcode, etc
|
||||||
\end{sitemize}
|
\end{sitemize}
|
||||||
|
|
||||||
\pause
|
\pause
|
||||||
\item \textbf{Exploitation} - Leveraging the vulnerability
|
\item \textbf{Exploitation} - Leveraging the vulnerability
|
||||||
\begin{sitemize}
|
\begin{sitemize}
|
||||||
|
\item Do some recon, gather information
|
||||||
\item Find a vulnerable target
|
\item Find a vulnerable target
|
||||||
\item Gather information
|
\item Get network access to vulnerable target, etc
|
||||||
\item Initialize tools and post-exploitation handlers
|
\item Initialize tools, infrastructure, etc
|
||||||
\item Launch the exploit
|
\item Launch the exploit
|
||||||
\end{sitemize}
|
\end{sitemize}
|
||||||
|
|
||||||
\pause
|
\pause
|
||||||
\item \textbf{Post-exploitation} - Manipulating the target
|
\item \textbf{Post-exploitation} - Manipulating the target
|
||||||
\begin{sitemize}
|
\begin{sitemize}
|
||||||
|
% NOTE:
|
||||||
|
\item Not so much the command shell itself, but what you do with it
|
||||||
\item Command shell redirection
|
\item Command shell redirection
|
||||||
\item Arbitrary command execution
|
\item Arbitrary command execution
|
||||||
\item Pivoting
|
|
||||||
\item Advanced payload interaction
|
\item Advanced payload interaction
|
||||||
|
\item File access, VNC, pivoting, etc
|
||||||
\end{sitemize}
|
\end{sitemize}
|
||||||
\end{sitemize}
|
\end{sitemize}
|
||||||
\end{frame}
|
\end{frame}
|
||||||
|
|
Loading…
Reference in New Issue