Postexploitation

The chapter discusses the postexploitation phase, which is the last phase of penetration testing process. It also discusses gaining situation awareness in windows/linux after target compromise and meterpreter scripts to perform reconnaissance. The chapter provides various methods for escalating privileges and penetrating the internal network. Immediately after compromising a host, hacker need to gain information about where the host is located on the internal network and its functionality, which would include hostname, interfaces, routes, and services that our host is listening to. Most of the commands that hacker use to further penetrate the network would require administrator-level privileges to run, but before that hacker will talk about making our meterpreter session stable so that it does not close. The attacker has compromised a host on the target network, escalated the privileges, installed a backdoor on the target machine, and harvested important data.