No worries - please see below resources - hopefully these should help :) th-cam.com/video/I3N2_arY9Kg/w-d-xo.html docs.metasploit.com/docs/using-metasploit/intermediate/pivoting-in-metasploit.html www.offsec.com/metasploit-unleashed/pivoting/
Guide me on this. I found out that you'll get one IP on the exam. From that you have to identify the endpoints and then pivot to them. I found out two ways to find those is, with script to ping all the ips until I get the endpoints or use arp -a to get arp cache. Let me know if I am doing it correctly or is there any other on-point method to do it. Thanks ❤
u can use a module of metasploit if is windows machine, if its a linux machine u can create a bash script where u do ping to the network with a loop, for example 192.168.0.x, the variable x increase +1
@TalesforTots123 I guess after u obtain the meterpreter, u run bin bash and ifconfig command to see the victim-2 ip address and then try the autoroute command. after that, u can do a port scan or something to the victim-2 ip
@@johanjimenez3461 that's the only way to find endpoints we can pivot to, on the exam? Is there a module for both OS. Asking because I am going for this exam
I follow up until bind shell. I understand the need for different shells depending on the situation but I’m still learning use case scenarios
Well explained. Thanks mate.
Could you please recommend some material for the explanation at 13:31. I don't really get the meterpreter autorute section.
No worries - please see below resources - hopefully these should help :)
th-cam.com/video/I3N2_arY9Kg/w-d-xo.html
docs.metasploit.com/docs/using-metasploit/intermediate/pivoting-in-metasploit.html
www.offsec.com/metasploit-unleashed/pivoting/
Guide me on this.
I found out that you'll get one IP on the exam. From that you have to identify the endpoints and then pivot to them.
I found out two ways to find those is, with script to ping all the ips until I get the endpoints or use arp -a to get arp cache.
Let me know if I am doing it correctly or is there any other on-point method to do it.
Thanks ❤
But on the exam you are not given two machines. How do you identify the second IP address on a compromised machine?
u can use a module of metasploit if is windows machine, if its a linux machine u can create a bash script where u do ping to the network with a loop, for example 192.168.0.x, the variable x increase +1
What module specifically. I dont see it mentioned in any of the training material.
@TalesforTots123 I guess after u obtain the meterpreter, u run bin bash and ifconfig command to see the victim-2 ip address and then try the autoroute command. after that, u can do a port scan or something to the victim-2 ip
@@TalesforTots123in the Metasploit MSF video, they covered basic pivoting in the enumeration section
@@johanjimenez3461 that's the only way to find endpoints we can pivot to, on the exam? Is there a module for both OS. Asking because I am going for this exam
Thanks very clear