1
00:00:00,500 --> 00:00:05,630
All right, after my interpreter has been uploaded into an exploited process memory.

2
00:00:06,600 --> 00:00:11,130
It'll give you a wide variety of actions on the target.

3
00:00:12,350 --> 00:00:16,570
Up until now, we've done some basic things with filesystem operations.

4
00:00:17,530 --> 00:00:22,120
But it gives you the possibility to run system and network command.

5
00:00:23,140 --> 00:00:26,440
I know you're already familiar with the get UID command.

6
00:00:27,700 --> 00:00:35,350
It prints out who is the owner of the exploited process, and this means who you are and my case, I

7
00:00:35,350 --> 00:00:38,890
am the user ente authority system.

8
00:00:40,160 --> 00:00:42,950
You're also familiar with the CIS infocom in.

9
00:00:44,040 --> 00:00:47,370
It'll pull up basic information about the target to your screen.

10
00:00:48,750 --> 00:00:54,450
Now, it's a handy little command, but you can do more by manually examining the system if you want

11
00:00:54,450 --> 00:00:54,750
to.

12
00:00:55,880 --> 00:01:01,160
See, now that you're in, nobody can hold you back if you want to dig deep into the system.

13
00:01:02,570 --> 00:01:06,410
There may be some time issues between you and the target.

14
00:01:07,400 --> 00:01:13,490
In fact, you might even be in separate time zones, so to view the local date and time on the target,

15
00:01:13,490 --> 00:01:15,410
hyp local time.

16
00:01:17,480 --> 00:01:21,440
So this is Metis voidable three local date and time values.

17
00:01:22,540 --> 00:01:27,280
Idle time will give you the idea of how long the target has been running.

18
00:01:28,560 --> 00:01:33,740
And especially for exploiting servers, sometimes this might come in very handy for you.

19
00:01:34,740 --> 00:01:39,240
The command will display all processes of your target.

20
00:01:40,110 --> 00:01:42,990
And it can also help to be more specific.

21
00:01:43,920 --> 00:01:47,370
So type Dash H to give you the help screen.

22
00:01:48,420 --> 00:01:53,130
Now, with Dash, as you can get some information about a specific process.

23
00:01:54,030 --> 00:01:57,240
So I opened a notepad instance on Métis boy table three.

24
00:01:58,360 --> 00:02:01,750
And he has Dash s notepad shows it.

25
00:02:02,790 --> 00:02:07,830
Now, if you're getting a little paranoid, you may be wondering about the process which is exploited

26
00:02:07,830 --> 00:02:08,460
by you.

27
00:02:09,420 --> 00:02:15,300
So using the get P I.D. will bring you the idea of this process.

28
00:02:17,330 --> 00:02:24,230
Oh, and you know something, killing a process is another option, kill and then the process, Heidi.

29
00:02:25,570 --> 00:02:27,720
And that's how I finish the notepad process.

30
00:02:28,910 --> 00:02:29,630
So that's nice.

31
00:02:30,740 --> 00:02:35,980
There is a great command for processes as well, and here's how you use it.

32
00:02:37,020 --> 00:02:39,990
Peace pipe, Pingrup.

33
00:02:40,870 --> 00:02:46,630
And then provided term to grab, so I'm going to do it for.

34
00:02:47,520 --> 00:02:51,080
Let's assess acidotic.

35
00:02:52,180 --> 00:02:53,500
Of course, you can choose another.

36
00:02:54,990 --> 00:02:59,520
Now, believe me, this might not be enough in a penetration test.

37
00:03:00,490 --> 00:03:04,170
You may want to run commands directly in the target command line.

38
00:03:05,450 --> 00:03:07,490
And you have that option.

39
00:03:08,390 --> 00:03:11,420
In fact, an interpreter has several ways to do this.

40
00:03:12,420 --> 00:03:14,120
The execute command is one them.

41
00:03:15,350 --> 00:03:20,680
You can directly run the command or you can start an interactive shell.

42
00:03:21,730 --> 00:03:25,240
Now, of course, it does depend on your particular needs.

43
00:03:26,670 --> 00:03:32,310
But I'll show you, I will start an interactive command show on Matters Floatable three.

44
00:03:33,280 --> 00:03:36,920
Execute that f commander Yankee dash.

45
00:03:36,970 --> 00:03:41,790
I is what I'm going to do now, see, that's really cool.

46
00:03:42,760 --> 00:03:43,540
D.R.

47
00:03:44,820 --> 00:03:45,990
Net users.

48
00:03:47,400 --> 00:03:49,200
And exit.

49
00:03:50,990 --> 00:03:57,220
As you can see, it's a perfect way to execute whatever you want on a target.

50
00:03:58,310 --> 00:04:04,700
Going to come in very handy when you want to connect a specific address to download a local exploitation

51
00:04:04,700 --> 00:04:15,530
code and the if config is going to help you to view network configuration, also IP config can do the

52
00:04:15,530 --> 00:04:16,130
same for you.

53
00:04:17,640 --> 00:04:23,970
And in the internal network, there may be some proxies by using get proxy.

54
00:04:25,140 --> 00:04:26,790
You can get the proxy information.

55
00:04:28,370 --> 00:04:31,940
The art command will print the art table of the target.

56
00:04:33,090 --> 00:04:38,850
You might need this command to identify the connection information on this host and the last command

57
00:04:39,480 --> 00:04:40,170
net stat.

58
00:04:41,340 --> 00:04:45,890
It is like real net stat, but it doesn't have all the filtering options.