A penetration tester has gained a foothold on a publicly-facing web server. The tester discovers the server is also connected to an internal corporate network, which is not directly accessible from the internet. To continue the assessment, the tester uses the compromised web server to relay their tools and scan for vulnerabilities on internal network hosts. Which of the following techniques is the tester using?
Pivoting is the technique of using a compromised system as a relay or proxy to attack other systems on an internal or otherwise inaccessible network. In this scenario, the tester leverages the dual-homed web server to 'pivot' their attack into the internal network. Credential dumping involves extracting usernames and passwords from a system, which is a different activity. A reverse shell is a payload that connects back to the attacker, providing shell access, and while it could be used on the compromised host, it doesn't describe the overall strategy of relaying traffic through it to other targets. Service creation is a persistence method used to ensure continued access to a compromised machine.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is pivoting in cybersecurity?
Open an interactive chat with Bash
What is the difference between pivoting and lateral movement?