Exploitation

The exploitation stage is the second most crucial stage after the reconnaissance stage. This stage proves whether a certain vulnerability found in the previous stage is exploitable. A pen tester can always identify the success of penetration testing projects if they can exploit the vulnerabilities that are found. Exploitation can be done automatically using certain tools, such as Metasploit Framework and Canvas. This is because we don't know how a certain web application or system will behave when we use our payloads.

Generally, in all types of tests, we need to confirm from the client whether we are authorized to perform memory-based exploitation, such as exploiting buffer/heap overflows and running memory corruption exploits. The advantage of doing this is that we can have access to the target system by running a specific exploit (this only works if the target system is vulnerable to this specific exploit). The issue with using such exploits is that the system/server/web application may crash, which could cause a business continuity issue.

Once we have exploited a system or web application, we can either stop at that or we can perform post-exploitation work (if authorized by the client) to move inside the network (pivoting) and locate business-critical servers.

Please make sure that all the payloads, web shells, files, and scripts are uploaded to the target system for exploitation so that they can be cleaned up after taking proper proof-of-concept (PoC) screenshots. This should be done at all times; otherwise, a genuine attacker can find the web shells and easily use them to attack the organization.