Phase 3
· Phase 3: Verify and use the weaknesses found in above step and gain access
This is the active exploitation of the vulnerabilities found. It can either be an attack to a specific system or the actual phising campaign that starts now,
- Breach systems(s)
- Plant malicious code
- Use backdoors
A PoC I did quite a while ago: Reverseshell from DNS lookups