PBSC CyberWeek 2022 PowerShell Empire Demo

Рет қаралды 4,830

Күн бұрын

A demo of PowerShell-Empire in Kali Linux for CyberWeek 2022 at Palm Beach State College
This video is for educational purposes only.

Пікірлер: 15

@samsepoil2111 Жыл бұрын

This was a great demonstration. Thanks!

@stanislavsmetanin1307 7 ай бұрын

Would be nice to see a showcase how EMPIRE works under the hood. For instance: What is it doing when prevesc/bypassuac happens.

@bmkay Жыл бұрын

Thank you for making this video. Can you explain again the distinction between the BindIP and the HostIP in the listener? Is the distinction because you're using a C2 server with a client on different systems? My pentest training lab is on a local LAN, so I usually leave the BindIP blank. I want to know what situations would require the BindIP.

@BeariumNetworks Жыл бұрын

In my lab environment, I have multiple routers segmenting the network, so the bind IP is being used so the payload routes properly and hits my attacking machine. That 10.4.x.x address could be considered over the internet based on how my lab is configured.

@papimbodjpm10 9 ай бұрын

Nice it's getting experience for that but… I want to know if you get the Wifi IP address you can get any user you want even Android?

@Chinmoy-bf6cz Жыл бұрын

Bro, how can we use it in WAN... And how to port forward and which port forward method we should use with empire please reply..

@user-wy2cy5xn9f 6 ай бұрын

agent don't do feedback, just not work........ I'VE BEEN TRYING TO FIGURE OUT WHAT I'M DOING WRONG FOR HALF A YEAR NOW, BUT NO MATTER HOW HARD I TRY, NOTHING HELPS!!!! HELP MEEEEEEEEEEEEEEE

@lafang.xcix_v 4 ай бұрын

Hey, could you explain to me your error or what's going wrong, I could explain

@bradtopler8559 Жыл бұрын

Hi. Very informative video, but it does not work in real life. If you try to run stager, you will encounter a problem. Windows antivirus will block you. Also, even if you obfuscate your code, it will trigger an AMSI level lockout. How do you fix this?

@tirtharajkarmakar1192 Жыл бұрын

I think the best way of doing this is using a rubber ducky.... Firstly use some ducky script to stop the antivirus services and then set the code.... This is my opinion, what about yours?

@BeariumNetworks Жыл бұрын

Well, fortunately windows defender is patched to protect from this! The demo was for a class project to demo how a poorly patched environment could be easily attacked.

@BeariumNetworks Жыл бұрын

@@tirtharajkarmakar1192 That could work. Though with physical access, you should be able to get most anything done!

@srdandordevic2202 Жыл бұрын

yea bud your defender it off

@BeariumNetworks Жыл бұрын

Yep, it was demo regarding unsecured environments. This was a video made for a class project to demonstrate how badly a poorly patched system can be infiltrated.