Most networks operate on a client-server model, where clients access information from servers and interact through them. However, attackers may exploit peer-to-peer (client-to-client) communication to take advantage of weak credentials or vulnerable clients. For instance, port 445, used by SMB, can indicate compromise; typically, clients shouldn’t communicate via SMB, but during an attack, it may be used to further compromise systems.
Once a system is compromised, an attacker can use it to explore additional networks that the compromised system can access, often due to elevated privileges or additional network interfaces. This technique, known as pivoting, allows the attacker to leverage the compromised host to reach and scan other networks.
Lateral movement involves using a compromised system as a pivot to exploit another system, allowing the attacker to further explore and compromise additional targets. In this scenario, Eve uses Server X to discover System B.
