Mutt
Professional
- Messages
- 1,457
- Reaction score
- 1,266
- Points
- 113
The essence of the vulnerability lies in the partial use of social engineering and user carelessness. Many people, when they look at a guide or manual on the site, copy the text and stupidly paste it into the command line without even thinking - although this is basically impossible to do.
But the PasteZort utility has gone further. It allows you to spoof the clipboard: a user from the site wants to copy one command
and instead, a slightly different command is copied to the clipboard, with encrypted contents
- if the user inserts that command, he will not even have time to understand that something has happened, because the terminal will instantly be cleaned, and the payload from Metasploit will already be launched on its computer, which will open remote access for the attacker.
First thing we do is install PasteZort:
Bash:
Launch:
Now let's start creating this phrase, so to speak)
1. We need to select the victim's OS:
2.Select the payload (I chose 1 - tcp):
3. Enter your ip address and port 4444:
Now we should generate a payload, after generating it, we need to enter two words or one, in which this payload will be encrypted:
After that, Metasploit will open for us, and when you activate payload, a session will open) And then do whatever you want)
That's all, now we have started the Apache server where our phrase is located. How do I use it? I will give an example: The source code of a site is taken and downloaded, for example, using wget, then we copy the phrase and paste it anywhere on the site, then we launch the site through ngrok, for example, and throw it to the victim.
But the PasteZort utility has gone further. It allows you to spoof the clipboard: a user from the site wants to copy one command
Code:
"Ping 8.8.8.8"and instead, a slightly different command is copied to the clipboard, with encrypted contents
Code:
“Ping 8.8.8.8; ASAUSDYTG (* & ^ @ # T $) * ASDHU # * TRFGIHUSAD; cls "- if the user inserts that command, he will not even have time to understand that something has happened, because the terminal will instantly be cleaned, and the payload from Metasploit will already be launched on its computer, which will open remote access for the attacker.
First thing we do is install PasteZort:
Bash:
Code:
git clone https://github.com/ZettaHack/PasteZort
cd PasteZort
chmod + x *Launch:
Code:
./PasteZortNow let's start creating this phrase, so to speak)
1. We need to select the victim's OS:
2.Select the payload (I chose 1 - tcp):
3. Enter your ip address and port 4444:
Now we should generate a payload, after generating it, we need to enter two words or one, in which this payload will be encrypted:
After that, Metasploit will open for us, and when you activate payload, a session will open) And then do whatever you want)
That's all, now we have started the Apache server where our phrase is located. How do I use it? I will give an example: The source code of a site is taken and downloaded, for example, using wget, then we copy the phrase and paste it anywhere on the site, then we launch the site through ngrok, for example, and throw it to the victim.
