Command and Control with HTTP Shell using JSRat
Learning only one framework such as Metasploit etc. has its own limitations. Todays’ ever-developing cyber world requires an end to end knowledge of every tool and framework so that if you are cut off of one method, you have another to save yourself. That is the reason today through this article we are going to learn about JSRat.
Tables of Content
- Downloading and installation
- Access the web server
- Rundll attack
- Regsvr32 attack
Downloading and Installation
As this tool is user-friendly, downloading and installation of this tool are very easy. You can download it from here. Once you copy the cloning code from the link provided; type the following command to download :
git clone https://github.com/Hood3dRob1n/JSRat-Py.git
Running the command presented above will download and install JSRat. Once it’s all done, use the following command to check the file.
cd JSRat-Py/ ls
Now, use the following command to start the framework :
./JSRat.py -i 192.168.1.107 -p 4444
In the above command, we have specified IP of our own machine and port for the web server to run.
As the server is up and running, it will show the various files it made as shown in the image below :
You can find these files by accessing the server from your or victim’s browser. If you look closely, there is a code given on the server. This code allows you to execute a rundll attack.
Copy this code and paste it in the command prompt of the victims’ PC. As shown in the following image :
As soon as the command is executed you will have a session.
Now on the same server, there is a regsvr32 file, which can also help us to get a session.
Copy the file command and paste it in the run window.
Similar to rundll attack, after running the above command you will have your session.
Author: Yashika Dhir is a passionate Researcher and Technical Writer at Hacking Articles. She is a hacking enthusiast. contact here