Venom Openssl listener session resume persistence

r00t-3xp10it / venom

venom - C2 shellcode generator/compiler/handler

1.76k stars 594 forks source link

Venom Openssl listener session resume persistence #46

Open alviseelvis opened 4 years ago

alviseelvis commented 4 years ago

problem Dear, i'm using, for a penetartion test, the venom openssl (option 8 and then 2 on venom) in persistence mode. It's working perfectly but i don't know how i can resume the session (handler). Also i have a problem on target with ftp cmd command, when i run it he go on "freeze" without possible to exit and return on norml cmd command. Any idea for how i cn resolve it without closing the session? thank you. Best regards.

r00t-3xp10it commented 4 years ago

Persistence explained ..

1º venom openssl agent builds 2 SSL certificates in 'venom-main/output/'

[ key.pem ]   AND   [ cert.pem ]

2º - Venom openssl 'persistence module' writes a batch script into target 'startup folder'

%appdata%\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\KB4524147_$random_name.update.bat

3º - Attacker needs to Restart target machine and start the OpenSSL handler

cd venom/output
openssl s_server -quiet -key key.pem -cert cert.pem -port $lport

Now about 'FTP' issue i dont know whats wrong ..

alviseelvis commented 4 years ago

Thank you.

Best regards.

r00t-3xp10it commented 3 years ago

venom v1.0.17.7 release update auto store persistence settings into a ZIP file ..

zip handler files

[x] handler_ID:<$Id>.zip
[x] handler.sh <-- Handler script with all persistence settings stored
[x] README.txt <-- Instructions how to use handler.sh script
[x] cert.pem <-- OpenSSL certificate
[x] key.pem <-- OpenSSL certificate