26 matches found
Malicious code in theta-kit (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 09b0737ff5b0b0768e2314b014529b80609632a38dfdc3a9ad6cfd6ab1da9039 package.json declares postinstall: node dist/index.js, and dist/index.js executes Model.resetor at module top level — meaning both npm install...
HTTPS Fetch, Reverse TCP Stager (RC4 Stage Encryption DNS, Metasm)
Fetch and execute an x86 payload from an HTTPS server. Connect back to the attacker Module Options msf use payload/cmd/windows/https/x86/vncinject/reversetcprc4dns msf payloadreversetcprc4dns show actions ...actions... msf payloadreversetcprc4dns set ACTION msf payloadreversetcprc4dns show option...
HTTPS Fetch, Generic x86 Debug Trap
Fetch and execute an x86 payload from an HTTPS server. Generate a debug trap in the target process Module Options msf use payload/cmd/windows/https/x86/generic/debugtrap msf payloaddebugtrap show actions ...actions... msf payloaddebugtrap set ACTION msf payloaddebugtrap show options ...show and s...
HTTP Fetch, Reverse TCP Stager (No NX or Win7)
Fetch and execute an x86 payload from an HTTP server. Connect back to the attacker No NX Module Options msf use payload/cmd/windows/http/x86/patchupdllinject/reversenonxtcp msf payloadreversenonxtcp show actions ...actions... msf payloadreversenonxtcp set ACTION msf payloadreversenonxtcp show...
HTTPS Fetch, Reverse TCP Stager (RC4 Stage Encryption DNS, Metasm)
Fetch and execute an x86 payload from an HTTPS server. Connect back to the attacker Module Options msf use payload/cmd/windows/https/x86/meterpreter/reversetcprc4dns msf payloadreversetcprc4dns show actions ...actions... msf payloadreversetcprc4dns set ACTION msf payloadreversetcprc4dns show...
HTTPS Fetch, Hidden Bind TCP Stager
Fetch and execute an x86 payload from an HTTPS server. Listen for a connection from a hidden port and spawn a command shell to the allowed host. Module Options msf use payload/cmd/windows/https/x86/peinject/bindhiddentcp msf payloadbindhiddentcp show actions ...actions... msf payloadbindhiddentcp...
HTTP Fetch, Reverse TCP Stager (RC4 Stage Encryption DNS, Metasm)
Fetch and execute an x86 payload from an HTTP server. Connect back to the attacker Module Options msf use payload/cmd/windows/http/x86/vncinject/reversetcprc4dns msf payloadreversetcprc4dns show actions ...actions... msf payloadreversetcprc4dns set ACTION msf payloadreversetcprc4dns show options...
HTTPS Fetch
Fetch and execute a PPC64LE payload from an HTTPS server. Module Options msf use payload/cmd/linux/https/ppc64le/meterpreterreversehttp msf payloadmeterpreterreversehttp show actions ...actions... msf payloadmeterpreterreversehttp set ACTION msf payloadmeterpreterreversehttp show options ...show...
HTTP Fetch, Linux Command Shell, Reverse TCP Inline
Fetch and execute an AARCH64 payload from an HTTP server. Connect back to attacker and spawn a command shell Module Options msf use payload/cmd/linux/http/aarch64/shellreversetcp msf payloadshellreversetcp show actions ...actions... msf payloadshellreversetcp set ACTION msf payloadshellreversetcp...
SMB Fetch, Windows x64 IPv6 Bind TCP Stager
Fetch and execute an x64 payload from an SMB server. Listen for an IPv6 connection Windows x64 Module Options msf use payload/cmd/windows/smb/x64/peinject/bindipv6tcp msf payloadbindipv6tcp show actions ...actions... msf payloadbindipv6tcp set ACTION msf payloadbindipv6tcp show options ...show an...
SMB Fetch, Windows shellcode stage, Windows x64 Reverse HTTPS Stager (winhttp)
Fetch and execute an x64 payload from an SMB server. Custom shellcode stage. Tunnel communication over HTTPS Windows x64 winhttp Module Options msf use payload/cmd/windows/smb/x64/custom/reversewinhttps msf payloadreversewinhttps show actions ...actions... msf payloadreversewinhttps set ACTION ms...
SMB Fetch, Windows shellcode stage, Windows x64 Bind Named Pipe Stager
Fetch and execute an x64 payload from an SMB server. Custom shellcode stage. Listen for a pipe connection Windows x64 Module Options msf use payload/cmd/windows/smb/x64/custom/bindnamedpipe msf payloadbindnamedpipe show actions ...actions... msf payloadbindnamedpipe set ACTION msf...
SMB Fetch, Windows x64 Bind Named Pipe Stager
Fetch and execute an x64 payload from an SMB server. Listen for a pipe connection Windows x64 Module Options msf use payload/cmd/windows/smb/x64/meterpreter/bindnamedpipe msf payloadbindnamedpipe show actions ...actions... msf payloadbindnamedpipe set ACTION msf payloadbindnamedpipe show options...
SMB Fetch, Windows x64 Command Shell, Reverse TCP Inline
Fetch and execute an x64 payload from an SMB server. Connect back to attacker and spawn a command shell Windows x64 Module Options msf use payload/cmd/windows/smb/x64/shellreversetcp msf payloadshellreversetcp show actions ...actions... msf payloadshellreversetcp set ACTION msf...
SMB Fetch, Windows x64 Reverse HTTP Stager (wininet)
Fetch and execute an x64 payload from an SMB server. Tunnel communication over HTTP Windows x64 wininet Module Options msf use payload/cmd/windows/smb/x64/vncinject/reversehttp msf payloadreversehttp show actions ...actions... msf payloadreversehttp set ACTION msf payloadreversehttp show options...
SMB Fetch, Windows x64 Command Shell, Bind TCP Stager with UUID Support (Windows x64)
Fetch and execute an x64 payload from an SMB server. Spawn a piped command shell Windows x64 staged. Listen for a connection with UUID Support Windows x64 Module Options msf use payload/cmd/windows/smb/x64/shell/bindtcpuuid msf payloadbindtcpuuid show actions ...actions... msf payloadbindtcpuuid...
SMB Fetch, Windows x64 LoadLibrary Path
Fetch and execute an x64 payload from an SMB server. Load an arbitrary x64 library path Module Options msf use payload/cmd/windows/smb/x64/loadlibrary msf payloadloadlibrary show actions ...actions... msf payloadloadlibrary set ACTION msf payloadloadlibrary show options ...show and set options...
SMB Fetch, Windows Meterpreter Shell, Bind TCP Inline (x64)
Fetch and execute an x64 payload from an SMB server. Connect to victim and spawn a Meterpreter shell. Requires Windows XP SP2 or newer. Module Options msf use payload/cmd/windows/smb/x64/meterpreterbindtcp msf payloadmeterpreterbindtcp show actions ...actions... msf payloadmeterpreterbindtcp set...
HTTPS Fetch, Linux Read File
Fetch and execute an x86 payload from an HTTPS server. Read up to 4096 bytes from the local file system and write it back out to the specified file descriptor Module Options msf use payload/cmd/linux/https/x86/readfile msf payloadreadfile show actions ...actions... msf payloadreadfile set ACTION...
HTTP Fetch, Bind TCP Stager (Linux x86)
Fetch and execute a x86 payload from an HTTP server. Listen for a connection Linux x86 Module Options msf use payload/cmd/linux/http/x86/meterpreter/bindtcp msf payloadbindtcp show actions ...actions... msf payloadbindtcp set ACTION msf payloadbindtcp show options ...show and set options... msf...