Re: What's Next? Attack of Internal IP Disclosure

[Nikhil Wagholikar <visitnikhil () gmail com>]

Hi Zaki,

There is no direct implication/risk of internal IP Address disclosure.
However, you can use this knowledge for further hacking. For example,
if you are able to exploit a vulnerability remotely and get a reverse
command shell, you can then attempt to further penetrate the internal
network, since you now know the internal IP Address of system and
hence the internal IP Addressing scheme.

All the best!

---
Nikhil Wagholikar

On 24 May 2011 14:37, Zaki Akhmad <zakiakhmad () gmail com> wrote:
> Hi all,
>
> I need a hint/idea here.
>
> After I launched a penetration testing attack from Internet, I could
> disclose the internal IP address. What would be the attack after I
> knew the internal IP address? How do I access directly to this machine
> with internal IP address?
>
> --
> Zaki Akhmad
>
> ------------------------------------------------------------------------
> This list is sponsored by: Information Assurance Certification Review Board
>
> Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
> and CEPT certs require a full practical examination in order to become certified.
>
> http://www.iacertification.org
> ------------------------------------------------------------------------

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------