Post-exploitation is an often overlooked aspect of penetration testing. In the past, many even considered the job to be complete the moment that shell access is gained on a remote target machine. Goal-oriented pentesting will require more than this. There must be a specific goal, such as accessing a critical database or obtaining key credentials that will allow an attacker to read private corporate e-mails, for the penetration test to be of value. Business owners and managers are concerned with protecting the confidentiality, integrity, and availability of their assets and data. Reporting that a random system was easily compromised means very little compared to providing tangible proof that an attacker could effortlessly cost the company millions of dollars in missed sales due to a vulnerability affecting a critical system that is externally facing.
In this chapter, we will be covering many areas of interest, including:
Rules of Engagement with regards to post...