Showing posts with label Windows. Show all posts
Showing posts with label Windows. Show all posts

Tuesday, 23 May 2017

Create secured Meterpreter connection using Metasploit Paranoid Mode

Metasploit Paranoid Mode helps you in creating and maintaining your meterpreter session over SSL.

This is achieved by verifying the handler certificate.

Below demonstration is performed from Kali linux system to exploit Windows 7 system using paranoid mode feature, to create payload, and metasploit, to handle the session using meterpreter.
Following payloads can be used in Paranoid Mode.
Staged (payload.bat|ps1|txt|exe):
windows/meterpreter/reverse_winhttps
windows/meterpreter/reverse_https
windows/x64/meterpreter/reverse_https

Stageless (binary.exe):
windows/meterpreter_reverse_https
windows/x64/meterpreter_reverse_https

The script can be found here.


at
Labels: , , , , , , , , , , , ,

Thursday, 18 May 2017

Exploit MS17-010 without FuzzBunch binaries

EternalBlue exploit has been fully ported to Metasploit by 


Video:




Follow me on Twitter - @hardw00t
at
Labels: , , , , , ,

Monday, 1 May 2017

Mimikatz in JScript - Running in memory


Video PoC of running Mimikatz in JS from memory.




Test was performed on Windows 7 x64.

Mimikatz.js can be found here.


Script to convert any .Net application JS can be found here.


Follow me on Twitter - @hardw00t
at
Labels: , , , ,
Subscribe to: Posts (Atom)