background image


Chapter 17

In this example, we clear all the event logs, but the examiner might notice 

other interesting things on the system that could alert him to an attack. In 
general though, the examiner will not be able to piece together the puzzle to 
identify what happened during the attack, but he will know that something 
bad had occurred.

Remember to document your changes to a target system to make it easier 

to cover your tracks. Usually, you’ll leave a small sliver of information on 
the system, so you might as well make it extremely difficult for the incident 
response and forensics analysis team to find it.

Wrapping Up

Having gotten this far, we could continue to attack other machines on the 
internal network using Metasploit and Meterpreter, with our attacks limited 
only by our creativity and ability. If this were a larger network, we could fur-
ther penetrate the network using information gathered from various systems 
on the network.

For example, earlier in this chapter we compromised a Windows-based 

system. We could use the Meterpreter console to extract the hash values from 
that system and then use those credentials to authenticate to other Windows-
based systems. The local administrator account is almost always the same from 
one system to another, so even in a corporate environment, we could use the 
information from one system to bridge attacks to another.

Penetration testing requires you to think outside the box and combine 

pieces of a puzzle. We used one method during this chapter, but there are 
probably several different ways to get into the systems and different avenues 
of attack you can leverage. This all comes with experience and spending the 
time to become creative. Persistence is key to penetration testing.

Remember to establish a fundamental set of methodologies you are com-

fortable with, but change them as necessary. Often, penetration testers change 
their methodologies at least once per test to stay fresh. Changes might include 
a new way of attacking a system or use of a new method. Regardless of the 
method you choose, remember that you can accomplish anything in this 
field with a bit of experience and hard work.