infosec - exploit

 Apres l'obtention d'un reverse shell

commandes pour obtenir le contexte

whoami

id

hostname -I

pwd

You may want to look for low-hanging fruits such as:

• HTTP: Could potentially host a web application where you can find vulnerabilities like SQL injection or Remote Code Execution (RCE). 
• FTP: Could allow anonymous login and provide access to interesting files. 
• SMB: Could be vulnerable to SMB exploits like MS17-010
• SSH: Could have default or easy to guess credentials
• RDP: Could be vulnerable to Bluekeep or allow desktop access if weak credentials were used.