by Dimitris Pallis
Connectivity Basics
Before jumping on to exploitation tools and techniques, the most important step is to connect to the client's network.
This can be done in two ways, either remotely or on-site by going to client's offices. On-site visits would require your own dedicated space and access to the client's network through wired ethernet or wireless connection. After that, you would only have to confirm you are assigned with an IP address and you're ready to go. Other measures could be required such as whitelisting your computer's MAC address, but those details should be handled during the scoping process and you'll know beforehand; if you don't, just ask the project manager who will confirm with the client.
Most of the time, the client agrees to a remote internal assessment. This could be achieved by providing them with a virtual machine, which the client spins up on their internal network and provides you with the IP address. This machine could include a local Nessus installation and other tools such as Responder and Crackmapexec. Finally, one could use the X2Go client tool to connect to that virtual machine through SSH (example below).
Read the rest of this story with a free account.
Already have an account? Sign in