akde/infosec

Information security is ultimately about managing risk

Covenant

, ,

-NET attack frame­work: https://github.com/cobbr/Covenant

Usage

  1. Cre­ate a lis­ten­er on the attack system.
  2. Add a launch­er to the listener.
  3. The attack sys­tem now pro­vides a pay­load file the vic­tim has to start.

You can use Urban­Bish­op to inject the pay­load into a run­ning process. As soon as the pay­load is exe­cut­ed, Covenant will show on the dash­board a new con­nec­tion with which you can inter­act now. Exam­ple for the injec­tion part:

Leave a Reply

About

Personal collection of some infosec stuff. Primary purpose of this site is to collect and organize for myself.

Note: Some content is not publicly visible due to copyright issues. Therefore, some links could be broken.

Checklists

Categories

Checklists: Ports

python -c 'import pty;pty.spawn("/bin/bash")';

python3 -c 'import pty;pty.spawn("/bin/bash")';