There are two main ways to gain access on a computer
1.Server Side
Do not require user interaction, all we need is a
target IP!
Start with information gathering, find open
ports, OS, installed services, and work from
there.
SERVER SIDE ATTACKS
Need an IP address.
Very simple if target is on the same network
If target has a domain, then a simple ping will return its IP.
ping www.google.com
Getting the IP is tricker if the target is a personal computer, might be useless it the target is accessing the internet through a network as the IP will be the router IP and not the targets, client side attacks
are more effective in this case as reverse connection can be used.
2.Client Side
Require user interaction, such as opening a file, a link.
Information gathering is key here, create a trojan and use social engineering to get the target to run the it.
CLIENT SIDE ATTACKS
Use if server side attacks fail.
If IP is probably useless
Require user interaction.
Social engineering can be very useful.
Information gathering is vital.
Comments
Post a Comment