36 matches found
HTTPS Fetch, Windows x64 Bind Named Pipe Stager
Fetch and execute an x64 payload from an HTTPS server. Listen for a pipe connection Windows x64 Module Options msf use payload/cmd/windows/https/x64/meterpreter/bindnamedpipe msf payloadbindnamedpipe show actions ...actions... msf payloadbindnamedpipe set ACTION msf payloadbindnamedpipe show...
TFTP Fetch, Linux Command Shell, Bind TCP Stager
Fetch and execute an x64 payload from a TFTP server. Spawn a command shell staged. Listen for a connection Module Options msf use payload/cmd/linux/tftp/x64/shell/bindtcp msf payloadbindtcp show actions ...actions... msf payloadbindtcp set ACTION msf payloadbindtcp show options ...show and set...
PT-2022-5235 · Adobe · Bridge
Name of the Vulnerable Software and Affected Versions: Adobe Bridge versions 11.1.3 and earlier Adobe Bridge versions 12.0.2 and earlier Description: The issue is related to a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this...
Powershell Exec, Windows shellcode stage, Windows x86 Reverse Named Pipe (SMB) Stager
Execute an x86 payload from a command via PowerShell. Custom shellcode stage. Connect back to the attacker via a named pipe pivot Module Options msf use payload/cmd/windows/powershell/custom/reversenamedpipe msf payloadreversenamedpipe show actions ...actions... msf payloadreversenamedpipe set...
Powershell Exec, Windows shellcode stage, Find Tag Ordinal Stager
Execute an x86 payload from a command via PowerShell. Custom shellcode stage. Use an established connection Module Options msf use payload/cmd/windows/powershell/custom/findtag msf payloadfindtag show actions ...actions... msf payloadfindtag set ACTION msf payloadfindtag show options ...show and...
Powershell Exec, Windows shellcode stage, Bind TCP Stager with UUID Support (Windows x86)
Execute an x86 payload from a command via PowerShell. Custom shellcode stage. Listen for a connection with UUID Support Windows x86 Module Options msf use payload/cmd/windows/powershell/custom/bindtcpuuid msf payloadbindtcpuuid show actions ...actions... msf payloadbindtcpuuid set ACTION msf...
Powershell Exec, Windows shellcode stage, Bind TCP Stager with UUID Support (Windows x64)
Execute an x64 payload from a command via PowerShell. Custom shellcode stage. Listen for a connection with UUID Support Windows x64 Module Options msf use payload/cmd/windows/powershell/x64/custom/bindtcpuuid msf payloadbindtcpuuid show actions ...actions... msf payloadbindtcpuuid set ACTION msf...
Powershell Exec, Hidden Bind TCP Stager
Execute an x86 payload from a command via PowerShell. Listen for a connection from a hidden port and spawn a command shell to the allowed host. Module Options msf use payload/cmd/windows/powershell/vncinject/bindhiddentcp msf payloadbindhiddentcp show actions ...actions... msf payloadbindhiddentc...
Powershell Exec, Windows x64 Bind Named Pipe Stager
Execute an x64 payload from a command via PowerShell. Listen for a pipe connection Windows x64 Module Options msf use payload/cmd/windows/powershell/x64/vncinject/bindnamedpipe msf payloadbindnamedpipe show actions ...actions... msf payloadbindnamedpipe set ACTION msf payloadbindnamedpipe show...
Powershell Exec, Windows Command Shell, Hidden Bind TCP Inline
Execute an x86 payload from a command via PowerShell. Listen for a connection from certain IP and spawn a command shell. The shellcode will reply with a RST packet if the connections is not coming from the IP defined in AHOST. This way the port will appear as "closed" helping us to hide the...
Powershell Exec, Reverse TCP Stager with UUID Support (Windows x64)
Execute an x64 payload from a command via PowerShell. Connect back to the attacker with UUID Support Windows x64 Module Options msf use payload/cmd/windows/powershell/x64/meterpreter/reversetcpuuid msf payloadreversetcpuuid show actions ...actions... msf payloadreversetcpuuid set ACTION msf...
Powershell Exec, Windows Upload/Execute, Reverse Ordinal TCP Stager (No NX or Win7)
Execute an x86 payload from a command via PowerShell. Uploads an executable and runs it staged. Connect back to the attacker Module Options msf use payload/cmd/windows/powershell/upexec/reverseordtcp msf payloadreverseordtcp show actions ...actions... msf payloadreverseordtcp set ACTION msf...
Powershell Exec, Windows Meterpreter Shell, Bind TCP Inline
Execute an x86 payload from a command via PowerShell. Connect to victim and spawn a Meterpreter shell. Requires Windows XP SP2 or newer. Module Options msf use payload/cmd/windows/powershell/meterpreterbindtcp msf payloadmeterpreterbindtcp show actions ...actions... msf payloadmeterpreterbindtcp...
Powershell Exec, Windows x86 Bind Named Pipe Stager
Execute an x86 payload from a command via PowerShell. Listen for a pipe connection Windows x86 Module Options msf use payload/cmd/windows/powershell/dllinject/bindnamedpipe msf payloadbindnamedpipe show actions ...actions... msf payloadbindnamedpipe set ACTION msf payloadbindnamedpipe show option...
Powershell Exec, Hidden Bind TCP Stager
Execute an x86 payload from a command via PowerShell. Listen for a connection from a hidden port and spawn a command shell to the allowed host. Module Options msf use payload/cmd/windows/powershell/meterpreter/bindhiddentcp msf payloadbindhiddentcp show actions ...actions... msf...
Scalable infrastructure for investigations and incident response
Traditional computer forensics and cyber investigations are as relevant in the cloud as they are in on-premise environments, but the methods in which to access and perform such investigations differ. This post will describe some of the challenges of bringing on-premises forensics techniques to th...