Closed z99z closed 5 years ago
cybervaca
commented
5 years ago I think that on that hackthebox machine it is not allowed to execute .exe. Maybe you should try to convert it to a dll. However, I would appreciate it if you did not publish spoilers, since the machine is still active in HTB.
z99z
commented
5 years ago Thank you and sorry about the spoilers. Edited it
cybervaca
commented
5 years ago Do not worry. However, I can tell you that I made this machine completely with Salsa Tools hehe.
z99z
commented
5 years ago Do not worry. However, I can tell you that I made this machine completely with Salsa Tools hehe.
I'm practicing for OSCP . Need a solid way to establish reverse shell, as many people has issues in OSCP exam with reverse shell, Hence I'm trying with salsa tools in all the machines that I gained root flag.
Can you help me with running dll in the box. Is it by invoking rundll32.exe Btw I know a person in online who used salsaseoloader.exe insted of dll and gained reverse shell. But I think running dll is safe. Can you help me executing dll along with xp_cmd.
cybervaca
commented
5 years ago If you want to talk to me. I leave here our htb channel. https://t.me/joinchat/Bv7uT0DTIfBOvhUaiR0xUw
In VisualBasic I built salsaseoloader.exe for x64bit machine as a windows console file, Built EvilSalsa.dll as Class Library for x64 bit Machine.
Copied the above files to my Kali Machine
ENCRYPTED A SAMPLE FILE HA.TXT python encrypterassembly.py EvilSalsa/EvilSalsa/bin/debug/EvilSalsa.dll drcy /root/Desktop/htb/ha.txt
Using Impacket> mssqlclient.py gained access to machine
Mean while I started nc -nvlp 1337 and HTTP at usr/share/windows-binaries/ python -m SimpleHTTPServer 80
ISSUE: I'm not getting reverse shell and Powershell Can you help me, where is the issue. Is it something from my side or binary side. I'm using Salsatools to gain PS and Reverse shell for HACK THE BOX , Querier Machine.
Thanks in Advance