Closed veso266 closed 6 years ago
That will be awesome but for doing that you have to find a vuln in the update process, in the first editions we just MiTM the first site and trick the user to download a binary, if you find a vulnerability maybe it is possible to inject automatic payloads.
@f-amato im having issues getting the update to install
Hi I was wondering is it posible to hook into Windows Update Agent 3.0 instead of plain file download
as you can see here: https://youtu.be/9uDXtJqdcKM?t=185 when user click install updates it automaticly launches Windows Update Agent 3.0 without even asking user if her/she want's to run update setup file
it would be more autentic to just run payload for hin instead of leting user choose to run downloaded payload
Is this even posible?
BTW: it would be interesting if evilgrade could scan user computer and present specific list of updates to the user like MS does it
Thanks for Anwsering and Best Regards
Can I see the video brother
Hi I was wondering is it posible to hook into Windows Update Agent 3.0 instead of plain file download
as you can see here: https://youtu.be/9uDXtJqdcKM?t=185 when user click install updates it automaticly launches Windows Update Agent 3.0 without even asking user if her/she want's to run update setup file
it would be more autentic to just run payload for hin instead of leting user choose to run downloaded payload
Is this even posible?
BTW: it would be interesting if evilgrade could scan user computer and present specific list of updates to the user like MS does it
Thanks for Anwsering and Best Regards