I popped the penguin, now what? Recon and maintaining access in Linux system presented at BSidesDetroit 2013

by Mark Kikta,

Tags: Security

Summary : Breaking in is half the battle. I've talked to so many people whose only objective is to try and break into systems. I get that. It’s awesome, the rush you get when you bring up that shell. But what then? Ops hardening does not end at the outer shell. Once you're in, you still have to navigate the maze of files, directories, and permissions that is the Linux file system. This talk will cover discovering services, utilizing simple and moderate netcat commands, combining netcat with crontab to create access windows, and utilizing /dev/tcp to create a reverse shell. Minimal Linux experience needed. If breaking in is half the battle, staying in wins the war.