How Hackers Use netsh.exe For Persistence & Code Execution (Sliver C2)
Vložit
- čas přidán 20. 08. 2024
- j-h.io/plextrac || Save time and effort on pentest reports with PlexTrac's premiere reporting & collaborative platform in a FREE one-month trial! j-h.io/plextrac 😎
My binnim tool: github.com/Joh...
🔥 CZcams ALGORITHM ➡ Like, Comment, & Subscribe!
🙏 SUPPORT THE CHANNEL ➡ jh.live/patreon
🤝 SPONSOR THE CHANNEL ➡ jh.live/sponsor
🌎 FOLLOW ME EVERYWHERE ➡ jh.live/discord ↔ jh.live/twitter ↔ jh.live/linkedin ↔ jh.live/instagram ↔ jh.live/tiktok
💥 SEND ME MALWARE ➡ jh.live/malware
"Because it is over 9000." LOL
true man of culture 🐉🔮
He got me too. Lol
@@lumosyobtrueeee!
Haa played around with netsh after seeing that same Tweet... 🤓😆
And as much as i love these short bit videos i miss the old +1H videos where you just went mental on some project - Watching people fail and rethinking their approach often learns more than anything else.
But again, thanks for the videos John! Keep up the great work, hope you are having fun on the journey!
same here man!
A
when i was a kid i didnt have internet service. i did have a modem. i got an AOL disk in the mail. used aol to download boserve and got to chatting. then found a local chat room and commenced to making a list of local internet provider passwords. I would like to thank my classmates for never getting on the internet. (90's)
Hi john! love ur vids!
Great video. I've been at this for a min, and I learn lots from all you videos. Thanks for the great content!
Early crew! I love the shirt btw! I saw Jurassic Park in the theatres as a 90s kid, born in 89. :3 Hehe. Dinosaur 🦖🦕. 🐁
John your computer Specs ?
Superb video 🔥.
Nice work. Thanks from Germany...
🇩🇪
hei ahmed from greece
nice job john love you always prof and vocal
ITS OVER 9000!
Super cool and exciting video! Thank you for sharing! ❤️
nice and early, another good video ^^
amazing, gotta try this at work
Hi John, just a question. What is the difference of this sliver C2 from metasploit and why not to use msf for those demos ? Cobalt Strike is different because the client is windows based but for those Linux based C2 clients I really do not see the difference 😢 in fact, it sometimes looks harder to do stuff on those rather than msf
I have the exact same opinion. Had a look at Mythic and Havoc C2 as well which felt more exploitation C2 as compared to Covenant C2 which seemed more like post-exploitation focused. Please correct me if I'm wrong.
Really Great BRO!
Not only hackers :) feds too
Ur the man..that was so cool...pentesting is more than i could imagine
golang is awesome because its really easy to statically compile a single binary on any system. victim doesnt need additional stuff already installed like c# sometimes does.
You could say the same for c and rust now two golang is just the child but I agree it is okay for cross compatibility much more easier then using c but both can be the same
Non-technical question (or maybe that is a technical question, after all), how are you zooming in on your screen? I take it, the reason you installed via curl (instead of kali repoisitories), is to make sure you had the most recent code?
I love being "required" to watch hacking videos for work, at work.
More Sliver? Sure, more Sliver in the name of Bishop Fox!)
does netsh start automtically when windows starts? thats why it is a persistence ?
Nice Tee John
11:41 yeah that’s what I though haha. Because MDE immediately blocks this haha.
I wonder if you leverage changeling to swap your shell code out on the fly
Could you have used something like Shellter to inject this shell code into netsh.exe or a DLL for the binary? - also it looks like you're able to generate the payload in the shellcode format now so you don't have to use the nim script to convert it. Maybe this was added in an update to sliver
who remembers Back orifice ?
Really good
Interesting, I've only ever used this with physical access to get wifi passwords. Cewl stuff.
How many virtual machine you have John ? 😅
virtual machines are programs, not hardware
@@robertroussakov9395 yes i understand that 😌
damn thx for this great content!
Hi mister perfect 🎉
Sir thank you for the binnim tool thank you so much❤❤❤😢
super cool
Plz make more video like this
What type of VPN do you use?
Awsome
this app its not on market but l tried to find it so l wanted to share it with you
Why "apt install sliver" when you can curl pipe to bash like a an absolute maniac!
how we can get can you help??? pls!!!!
Video To hack scammers .... Process video...... How scammers playback channel hack in the scammers system
दुनिया की सबसे बड़ी योद्धा मां होती है।🧑🍼
कौन कौन मानता है इस बात को
Love U Maa😘😘🥰
Have you noticed you're very lookalike to the guy from LowLevelLearning? Am I crazy?
🤨
This one is just too deep for me, within the first 4 mins there was so many different acronyms and phrases I just had no clue what was going on.
Shame, I used to like John's channel, but it is just assuming the average viewer knows so much these days.
I am sure for the knowledgeable it is very interesting, but they already know this stuff, so who is the target audience?
Does anyone have any recommendations for some lower level content?
What is the sort of content and approachability you would rather see?
its crazy that you talk about how hard it was for the 'average viewer' to watch and when asked what he can do to improve, you stay silent.
im the first!!!!
Bro hit the gym also
If you don’t know what he’s saying then don’t watch it stop complaining we need more advanced videos bruh
NO idea what's going on here. John's gotten worse. Next video he'll be programming his own AI in python and saying how easy it was....
Anyone know how to resolve this:
┌──(root㉿kali)-[/opt/binnim]
└─# nimble build --verbose
Verifying dependencies for binnim@0.1.0
Error: Unsatisfied dependency: nim (>= 1.6.14)
┌──(root㉿kali)-[/opt/binnim]
└─# apt-get upgrade nim
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
nim is already the newest version (1.6.10-2).
Calculating upgrade... Done
The following packages were automatically installed and are no longer required:
python3-ajpy python3-pysmi python3-pysnmp4
Use 'apt autoremove' to remove them.
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
How scammers hack there system CZcams: scammerplayback
1:08 , oldie but goodie ,, real friends dont let friends pipe bash 🤌