Sunday, 11 September 2011
Post-Exploitation Without A TTY
Post-exploitation activities during a pentest may involve using “su” to try and log into other local accounts, or using “ssh” to log into other hosts.
Using “Expect” To Get A TTY If you’re lucky enough to have the Expect language installed just a few lines of code will get you a good enough TTY to run useful tools such as “ssh”, “su” and “login”.
$ cat sh.exp
#!/usr/bin/expect
# Spawn a
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment