After escalating the privilege to the target machines, the next step we should take is to create a mechanism to maintain our access to the target machines. So, in the future, if the vulnerability you exploited gets patched or turned off, you can still access the system. You may need to consult with your customer about this, before you do it on your customers' systems. In addition, it is critical during penetration testing that you ensure all backdoors that are placed are properly documented so that they can be removed after the test.
Now, let's take a look at some of the tools that can help us maintain our access on the target machines. The tools are categorized as follows:
- Operating system backdoors
- Tunneling tools
- Web backdoors