Continuous back Door
Get a session First
Generate a continuous backdoor on the target host
Set Listening parameters
Start listening
Restarting the host being attacked
Gets to session when an attacker is started
Use of Mimikatz
Mimikatz is a tool developed by Russian organizations
Load Mimikatz
Help View commands
MSV get user name and hash
Wdigest getting clear-text password information in memory
Kerberos Gets the plaintext password information in memory
View Hash
View Bootkey
View the processes running on the attacked host
View services running on the attacked host
To view the encryption criteria for the attacked host
PHP Shell
Generate a payload file
Copy to the home directory of the PHP server
Turn on Listen
Open Browser Access a.php
You get a session.
Enter the shell
MSF client Penetration (eight): Durable backdoor, Mimikatz use, get PHP server Shell