Maintaining Access
Maintaining Access – Once a pentester manages to gain access to the target system, he should work hard to keep his boat afloat, metaphorically speaking. He can choose either to use the hijacked system as a launching-pad (i.e., to be part of a botnet for DDoS attacks or spam campaigns), at this moment attack, scan and exploit other systems, or keep on exploiting the current system in stealth mode. Both actions can entail a great deal of damage.
How to maintain access
There are a lot of methods that can be used to maintain access.
- Backdoor – A backdoor is a malware type that negates normal authentication procedures to access a system. As a result, remote access is granted to resources within an application, such as databases and file servers, giving perpetrators the ability to remotely issue system commands and update malware.
References