@2codemonte

In part one of this series we looked at making a malicious Word document using DDE, which connected to our malicious site and automatically ran malicious code to give us access to the victim, but also gives us a fall back where the user is also prompted to install a secure file viewer should our …

Continue reading "Creating a Cyber Attack – Part 9 (Making a malicious Word document using DDE and Powershell)"

In the final video of this series we continue with post exploitation using metasploit and meterpreter, using Windows commands to gain persistence. We have created our new user and have remote desktop access. Now we ensure our backdoor is always running and even if it crashes or loses connection we have ways to restart it …

Continue reading "Creating a Cyber Attack – Part 8 (Post Exploitation – Gaining Persistence 2)"

In this part we continue with post exploitation using metasploit and meterpreter, but this time using Windows commands to gain persistence. We start with our meterpreter shell, then use the Windows cmd prompt to run native commands to enumerate shares and users. We will also enable RDP, and create a new user adding the account …

Continue reading "Creating a Cyber Attack – Part 7 (Post Exploitation – Gaining Persistence )"

In this part we continue with post exploitation, this time using metasploit and meterpreter. We have socially engineered the victim to visit our malicious webpage which has provided us with an initial connection to our victim machine, and our meterpreter shell. Now we will show a few simple commands you can use to escalate your …

Continue reading "Creating a Cyber Attack – Part 6 (Post Exploitation – With Msf console and mimikatz )"

In this video we pick up where we left off in Part 4. We have socially engineered our victim to visit our malicious website which has provided us with an initial connection to the victim machine. Attacker on the right, and victim on the left. If you have not read the previous explanations or watched …

Continue reading "Creating a Cyber Attack – Part 5 (Post Exploitation and attempting Persistence – With BeeF )"

In Part 4 of this series you can sit back and enjoy the fruits of your work as all we need to do now is ensure everything is running then launch our attack. We will email a link to our victim and then once the file is downloaded and opened we will see how everything …

Continue reading "Creating a Cyber Attack – Part 4 (Exploiting – Getting Access )"

In the third part in this series we will show how to make your malicious web page. Our web page will host the malicious file, and script we prepared in Part 2. This is the website our malicious document will open which we created in Part 1. There is not much to do in this …

Continue reading "Creating a Cyber Attack – Part 3 (Creating a malicious web page )"

In part one we created our Word document which will run the initial stage, and here in part 2 we will be creating the two malicious payloads which will be used in our malicious web page which we will make in part 3. We will be using Beef to make use of it's browser hook …

Continue reading "Creating a Cyber Attack – Part 2 (Creating Malware Payloads )"

In this new series we are going to be making a malicious Word document, which will connect to our malicious site and automatically run malicious code to give us access to the victim, but also give us a fall back where the user is also prompted to install a secure file viewer should our automatic …

Continue reading "Creating a Cyber Attack – Part 1 (Making a malicious Word document using DDE)"