Reverse Shells
Software specific shells
Shell Upgrades
Shell Fixes
Reverse shell files
SCF files
https://pentestlab.blog/2017/12/13/smb-share-scf-file-attacks/ It is not new that SCF (Shell Command Files) files can be used to perform a limited set of operations such as showing the Windows desktop or opening a Windows explorer. However a SCF file can be used to access a specific UNC path which allows the penetration tester to build an attack. The code below can be placed inside a text file which then needs to be planted into a network share. Saving the pentestlab.txt file as SCF file will make the file to be executed when the user will browse the file. Adding the @ symbol in front of the filename will place the pentestlab.scf on the top of the share drive.
Responder needs to be executed with the following parameters to capture the hashes of the users that will browse the share.
Last updated