Please enable JavaScript.
Coggle requires JavaScript to display documents.
Hacking Methodology (Part 3: Privilege Elevation (Skippable) (Get Access…
Hacking Methodology
Part 3: Privilege Elevation (Skippable)
Get Access to Shell
SQL might have a admin status for a Account
:red_flag: Become Admin < Great Idea
Part 1: Reconnaissance
Phase 1: Passive
View Website
View Login/Register Page
Is there SQL
Google
News
Security Breaches And Security Service Info - If any
Whois Lookup
IP Address of a Server
Social Media
Find out People that work there
Find out Public Events
Security Breaches Reported
Phase 2: Active
N-Map - Scan for Open Ports
Zenmap - Easy GUI for Nmap
Terminal N-Map - More Options
If Website - Use a Page Finder
Might contain experimental
page that might have exploits
Part 2: Exploitation
Metasploit
Check your Open Port and See if there is a Exploit
FTP
SSH
Apache
Samba
SQL
Etc.
Hydra
Bruteforce
Admin Page
Login
Part 4: Establish Persistence
Drop a Backdoor
Drop a RAT
Break In