netstat without netstat

Recently I was doing an assessment in a locked down and restricted environment. One of the first actions you tend to do when landing a shell on a [linux] box is to do some reconnaissance. This is both on host and network, as you want to determine what new access this host has given you. Normally you would run netstat, ifconfig, ip route etc to determine if the compromised host is connected to any other hosts and to determine if there are other network segments you do not know about....

Powershell Shells

It’s been a while… I figured it’s about time I post something here again. A while back I was required to see how much damage can be done by a malicious staff member. The one caveat here was that I had to test directly from the Windows box and had extremely limited outbound comms. For various reasons the usual tool-suites were out and I took this as a challenge to see how much damage I could do by coding tools on the “employee machine”....