Pivot recon

In order to launch a pivot attack against another system, the attacker needs standard recon information. This includes the IP address, ports that are open and services responding on the ports, the type and version of OS being used and maybe vulnerabilities that can be detected. This information can be collected in some cases simply […]


One way to launch an attack from a compromised system is to transfer all the tools you need to perform the attack over to the compromised system. Another way to do it is to set up a relay. Netcat relays are the simplest form, requiring only the small nc program.


It is also possible to launch relayed pivot attacks through “agents” installed by sophisticated penetration testing tools. Core Impact agents, once deployed on a target system can be set as “source” and then used to relay recon and attack efforts toward a new target, often bypassing firewalls and other obstacles because the attack is originating […]


Metasploit has a payload component called Meterpreter that is injected inside a running process and offers a command environment to the attacker. This avoids starting a new process and keeps the activity inside memory without needing to write to the hard drive. The meterpreter payload can launch a command prompt session for you on the […]