Brosec is a terminal based reference utility designed
to help us infosec bros and broettes with useful (yet sometimes complex)
payloads and commands that are often used during work as infosec practitioners.
An example of one of Brosec's most popular use cases is the ability to generate
on the fly reverse shells (python, perl, powershell, etc) that get copied to
the clipboard.
Firstly install the Brosec tool in your Kali Linux.
Follow the below steps one by one:
Reference:
https://github.com/gabemarshall/Brosec
·
apt-get install npm build-essential g++ xsel
netcat Install dependencies
·
npm config set registry
http://registry.npmjs.org/ Npm registry seems to be broken by default when
installed from Kali repos
·
npm install -g n Install n (nodejs version
manager)
·
n latest Install latest version of nodejs
·
git clone
https://github.com/gabemarshall/Brosec.git - Clone Brosec repo
·
cd Brosec && npm install - cd into
the directory and install npm depdendencies
After that start Brosec by typing in terminal:
./bros
It will show you menu
options.
Now set the IP of your localhost :
set lhost
192.168.0.111
Now set the lport :
set lport 4444
After setting the localhost and lport, choose option 5 Miscellaneous.
You will see 2 options Reverse
Shells and Exfiltration. Now
select option1 Reverse Shells, see
the image below:
After choosing the option Reverse Shells, you will see 5
options. In my case I'm selecting option 4 Reverse
Shell PSH
Now it will show you a message Should I start a netcat listener for you?
Press Y to start
the netcat listener. It will generate a powershell script, see the below
picture.
And copy this code in text editor and save it with .ps1 (powershell extension)
Now send the saved .ps1 file to the victim using any social
engineering method. When the victim clicks on it, you will get the session of
the victim's PC. See the picture below for reference.
Now you can use the systeminfo
command to get the information of the victim's PC.
0 comments:
Post a Comment