2 matches found
Metasploit Wrap-Up 10/03/2025
Windows LNK and Linux persistence This week, happybear-21 introduced four new modules that abuse Windows Shell Link LNK to execute various attacks. Three of these modules are designed to trigger authentication attempts to a remote server, facilitating the harvesting of NTLM authentication...
Service SystemD override.conf Persistence
This module will create an override.conf file for a SystemD service on the box. The ExecStartPost hook is used to launch the payload after the service is started. We need enough access typically root to write in the /etc/systemd/system directory and potentially restart services. Verified on Ubunt...