Loopus

Pro Content

This lesson requires Loopus Pro access. Upgrade to unlock all courses, labs, and challenges.

Post-ExploitationPost-Exploitation Fundamentals

Situational Awareness

25 min
lab
+50 XP

Learning Objectives

  • Perform situational awareness on compromised systems
  • Identify valuable information and next targets
  • Understand the compromised environment

Situational Awareness

After gaining access to a system, situational awareness helps you understand your position, identify opportunities, and plan next steps. This reconnaissance phase is critical for effective post-exploitation.

Essential Questions

Every compromise requires answering: Who am I (user, privileges)? Where am I (system, network)? What is here (data, software)? Who else is here (users, admins)? Where can I go (other systems)?

Linux Situational Awareness

User and Privilege Information


Check current user with whoami and id, sudo permissions with sudo -l, users on system with /etc/passwd.

System Information


System details with uname -a and /etc/os-release, hostname, hardware with lscpu, free, df.

Network Position


Network configuration with ip a, netstat, ss. Routing and neighbors with ip route and arp.

Interesting Files


Configuration files in /etc/crontab and cron directories, /etc/hosts. User files in /home directories.

Windows Situational Awareness

User and Privilege Information


Current user with whoami, privileges with whoami /priv, groups with whoami /groups. Local users with net user, administrators with net localgroup administrators.

System Information


System details with systeminfo and hostname. Environment with set.

Network Position


Network configuration with ipconfig /all, netstat -ano, arp -a. Active connections with net session and net use.

Automated Enumeration

Use scripts for comprehensive checks: linpeas.sh and LinEnum.sh for Linux, winPEAS.exe and Seatbelt.exe for Windows.

Documenting Findings

Record everything: access obtained (user, time), system information, network position, interesting findings, credentials found, next steps identified.

Good situational awareness enables every subsequent post-exploitation step.

Answer the Questions0 / 4 completed

📚 KnowledgeQuestion 1

What shell stabilization methods exist?

Format: ******(6 chars)
Exact match required
⌨️ Hands-OnQuestion 2

What tool provides a full interactive binary shell?

Format: *****(5 chars)
Exact match required
📚 KnowledgeQuestion 3

Why is shell stability important?

Format: *********(9 chars)
Exact match required
⌨️ Hands-OnQuestion 4

What command downloads files in Linux?

Format: ****(4 chars)
Exact match required
Answer all questions correctly to unlock the next lesson

Interactive Sandbox

Loading sandbox...

Submit Flag

Found the flag? Submit it below to complete this lesson.
Format: LOOPUS{...}

Previous
Answer all questions to continue