![]() ![]() When the beacon calls home, it will call home with whatever sleep time configured in the malleable profile. This way your beacon will only call home ONLY when you want it to call home. The beacon will enter a sleep state until an email with a given word (in subject or body) is provided. This is an implementation of an on-demand C2 using dotnet BOF. Most of the heavy lifting was done by wumb0in 4 ) On-demand C2 This one uses WMI events for lateral movement. 3 ) WMI Lateral Movement - Event Subscription This method uses the class Win32_Process. Similar concepts to the previous one, but an interesting learning experince. 2 ) WMI Lateral Movement - Win32_Process Create ![]() A short article can be about using COM objects in C can be found here. ![]() To use the current user, just leave the domain, username, and password empty. 1 ) DCOM Lateral MovementĪ quick PoC that uses DCOM (ShellWindows) via beacon object files for lateral movement.You can either specify credentials or use the current user. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |