Automation of post-exploitation

Purpose – The purpose of this paper is to describe the improvements achieved in automating post‐exploit activitiesDesign/methodology/approach – Based on existing frameworks such as Metasploit and Meterpreter the paper develops a prototype and uses this to automate typical post‐exploitation activities.Findings – Using a multi‐step approach of pivoting this paper can automate the cascaded attacks on computers not directly routable.Practical implications – Based on the findings and developed prototypes penetration tests can be made more efficient since many manual exploitation activities can now be scripted.Original/value – The main contribution of the paper is to extend Metapreter‐scripts so that post‐exploitation can be scripted. Moreover, using a multi‐step approach (pivoting), it can automatically exploit machines that are not directly routable

[1]  Edgar R. Weippl,et al.  Role-Based Access Controls: Status, Dissemination, and Prospects for Generic Security Mechanisms , 2004, Electron. Commer. Res..

[2]  Mark Baggett,et al.  Effectiveness of Antivirus in Detecting Metasploit Payloads , 2008 .

[3]  Edgar R. Weippl,et al.  Security Ontology: Simulating Threats to Corporate Assets , 2006, ICISS.

[4]  W. Tolman,et al.  Social Engineering , 2014, Encyclopedia of Social Network Analysis and Mining.

[5]  Carl E. Landwehr,et al.  Basic concepts and taxonomy of dependable and secure computing , 2004, IEEE Transactions on Dependable and Secure Computing.

[6]  Carl E. Landwehr,et al.  Formal Models for Computer Security , 1981, CSUR.

[7]  Edgar R. Weippl,et al.  Formal threat descriptions for enhancing governmental risk assessment , 2007, ICEGOV '07.

[8]  Carl E. Landwehr,et al.  Computer security , 2001, International Journal of Information Security.