PyHttpShell is a shell written in python and php, traffic is over http protocol using a server in the middle.
All Posts Tagged
I created this tool for a pen test i performed for a client,
i already had a meterpreter session and i needed to get the current domain user credentials.
Instead of using a key logger and wait for the user to type his password i decided to force him to enter it.
Yesterday a new Meterpreter script named “ScreenSpy” was added to the Metasploit redmine. The script was written by Roni Bachar, You can read the official release notes on his Blog. This Meterpreter script captures images on remote host desktop at a predefined interval and then displays the images sequence . This emulates a live view of the remote host […]
There are several ways to Backdoor a machine that has been compromised, One of them is placing your executable as a windows service. The advantages are that user doesn’t have to log on in order for the service to run, non like placing it in the startup via registry which requires user to log in. […]
If you haven’t noticed the Metasploit Framework has a JAVA meterpreter payload for some time now It supports all the commands supported by the PHP meterpreter, as of SVN revision 9777, and additionally the ipconfig, route, and screenshot commands. It is not fully implemented into the framework yet and in order to get it up and […]
Wrote an article named : “Buffer Overflows 101” which was published today on the Israeli Security Magazine “Digital Whisper” issue 11. The article is in the Hebrew language and covers the basics of buffer overflows,fuzzing,olly basics,writing a metasploit modules and more… The article has a companion tar.gz file which includes the source code of the vulnerable server (Which was […]
About a year ago I stumbled upon a Facebook clone phishing site which contained an evil Java applet, At the time SET wasn’t introduced yet and only few articles disscussing this attack vector were published (Another applet creation process was published by Jabra and described later on the Offensive Security “Metasploit Unleashed” Online course). No source code was released […]
A while back I needed a way to make metasploit’s meterpreter persistent or to be able to remotely execute it whenever needed. I decided to try and create a tool for doing that using Visual Basic Let me first say that i am not a programmer, I have very basic programming skills (some code snippets […]