6. Infrastructure Attack

Question 1

Metasploit

Answer 1

Framework to:

1. Scan Network
2. Enumeration
3. Exploitation
4. Privilege Escalation
5. Lateral Movement

Question 2

Vulnerability

Answer 2

System Weaknesses

Question 3

Exploit

Answer 3

Attack performed on weaknesses

Question 4

Payload

Answer 4

Code that runs after the exploit is done.

Question 5

CVE

Answer 5

Common Vulnerabilities and Exposures

Question 6

SearchSploit

Answer 6

gathers recent information about exploits

Question 7

msfconsole

Answer 7

Metasploit tool

1. Search
2. Use
3. Set

Question 8

Metasploit Search

Answer 8

search [name]

Question 9

Reverse Shell Types

Answer 9

1. Bind Shell: Connects to target to gain remote shell

2. Reverse Shell: Attacker runs a listener, Target connects with shell.

Question 10

msfvenom

Answer 10

Metasploit tool using msfpayloads and msfencode

Question 11

Meterpreter

Answer 11

Metasploit Payload running in memory.
1. Getuid
2. pwd
3. ls/cd
4. Download
5. Session
6. Background
7 Clearev

Question 12

Lateral Movement

Answer 12

use credentials from one computer to gain access to another computer in the same level in the organization

Question 13

Eternal Blue

Answer 13

created by NSA

Question 14

Bloodhound

Answer 14

Collects info on attacked network

Question 15

Neo4j

Answer 15

set up DB user account

Question 16

Protection against Automated Tools

Answer 16

1. Update
2. Endpoint Security = Antivirus
3. Be Aware