Fork me on GitHub

сряда, 19 октомври 2016 г.

Media - USB/CD/DVD drop attack

Dropping a malicious USB key in a parking is an effective attack vector, as demonstrated by my recent large-scale.

After researching and discussing with colleagues the pros and cons of the three types of malicious USB keys, this post will walk you through how to create exploit powershell and take a full access to the victim computer, like this one who I show you "USB drop attack".

You must be in the IP range of the victim, to accomplish this attack!
Or you have to use your real ip address for report from victim, when "he" or "she" are connect to their own computer. But this is dangerous and trackable if you use integrated network device!

The goal of the payload is to create a reverse TCP shell that connects back to a server chosen by the attacker.

For 100% successful attack you have to use CD or DVD for this, because the antivirus of the victim can delete your payload from your usb stick in background process! Your lure must be a very seductive, this is very nasty trick! :)

NOTE: On some systems, "Autoplay" for media - CD/DVD or USB options , are not enabled!!! For that reason you need to lure the victim to click on your exploit program!

Media - USB/CD/DVD drop attack by nu11secur1ty

IMPORTANT: Never use USB, CD OR DVD which you found on the street, parking, or front of your door. If this is happened immediately connect with computer specialist or your System Administrator, before you decide to use this media, or contact with me! ;)


Няма коментари:

Публикуване на коментар