Agentless Post Exploitation

November 3, 2016

Agentless Post Exploitation is using system administration capabilities to meet post-exploitation objectives, without an agent on the target. It’s just evil system administration. This talk is a survey of agentless post-exploitation techniques. It covers how to execute commands, upload/download files, harvest credential material, user exploitation, and pivoting. Enjoy!

You may also download the slides as well.

One comment

  1. I don’t want to sound harsh but I think that several of techiques/tools used in this demo would be trivially detected by some behavioral analysis tool (thinking of MS ATA / InsightDR and maybe some others – I don’t sell/own any of them). Lateral movement via PtH, SAMR enumeration, local admin logon probes and such are all almost instantly detected by those analysis tools. I write this just to warn how not to ruin the engagement in the early steps after the initial foothold. Otherwise, thank you for yet another valuable article.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s