LAB Client-Side Exploitation

ing.infantec-e6ab552 · February 20, 2022, 9:42pm

Hi everyone.

I just completed the lab “Client-Side Exploitation” of Penetration Test Professional (Network Security section), but I have some dubts about the solutions.

The solutions says that it is not possible use the reverse_tcp for exploiting the demo1.ine.local machine. Anyway, I obtained a reverse_tcp meterpreter shell.

I think was possible because of I used the autoroute Metasploit module, the solutions used the autoroute Meterpreter command. I think this is the difference for different behaviour.

Can someone confirm me this or explain me the situation?

Thank you to everyone.

Kind regards.

SecITguy · February 22, 2022, 10:22pm

You are correct. Due to basic networking in the scenario of the lab, the “demo1.ine.local” would not be accessible, normally. However, using the ‘autoroute’ functionality would enable the access necessary to gain the reverse callback.

Topic		Replies	Views
Linux Exploitation: Lab 3 - Remote Exploitation and Post Exploitation -- Reverse relaying issue Penetration Testing Professional red , lab , exam , ptp	2	244	February 28, 2022
Post Exploitation Pivoting Penetration Testing Professional red	6	454	November 3, 2021
Post-Exploitation Lab - Backdoor not working Penetration Testing Professional red , ine , security , lab	2	375	April 27, 2022
UACME Lab problem Penetration Testing Student (SP) red , lab , ejpt	2	310	September 3, 2022
Lab 16 - Privilege Escalation via Services - issue on reverse shell back connection Penetration Testing Professional red , security , lab , cybersec	2	308	October 26, 2021

LAB Client-Side Exploitation

Related Topics