1 00:00:00,550 --> 00:00:01,960 So as I said before. 2 00:00:02,780 --> 00:00:07,850 My interpreter sessions reside in the memory of a process. 3 00:00:09,170 --> 00:00:15,980 So when this process finishes, the interpreter session will die and you will lose your connection to 4 00:00:15,980 --> 00:00:17,060 the compromise machine. 5 00:00:18,360 --> 00:00:22,040 If you lose it, then you've got to exploit the target again. 6 00:00:23,010 --> 00:00:32,340 So if you want to avoid this, you migrate to processes that can't easily be terminated by a user such 7 00:00:32,340 --> 00:00:33,720 as Alsace. 8 00:00:35,240 --> 00:00:35,900 However. 9 00:00:36,870 --> 00:00:42,310 It's not always a permanent solution, especially if the user completely shuts down the computer. 10 00:00:42,330 --> 00:00:42,690 Right. 11 00:00:43,880 --> 00:00:44,450 So. 12 00:00:45,690 --> 00:00:54,720 We've probably got to find a better way to come back again and not to repeat the exploitation, because 13 00:00:54,720 --> 00:00:57,840 the system might be patched already, but hopefully not. 14 00:00:58,770 --> 00:01:04,380 But you've really got to be careful because what you're going to do next. 15 00:01:05,350 --> 00:01:10,000 Should be clearly specified in the scope of the engagement. 16 00:01:11,050 --> 00:01:18,070 All right, so let's move on, rather than really exploiting the same vulnerability or move between 17 00:01:18,070 --> 00:01:24,460 the processes, it would be ideal to have a persistent connection with the target. 18 00:01:25,540 --> 00:01:31,990 So to accomplish this idea, you can create back doors and users use root kits. 19 00:01:31,990 --> 00:01:33,970 And there's a bunch of other things. 20 00:01:35,050 --> 00:01:41,250 But thankfully, MSF interpreter will let you be persistent on the target system. 21 00:01:42,410 --> 00:01:48,830 And that is what is going to keep your access for future exploitations and then you can spread throughout 22 00:01:48,830 --> 00:01:49,460 the network. 23 00:01:50,760 --> 00:01:57,630 Now, one thing you should keep in mind is don't forget your back door when the penetration test finishes.