In this blog post, I will be demonstrating different techniques to obtain initial access to Windows and Linux machines. Initial access is the action of using credentials or an exploitation of a remote machine to execute malicious code. In a Red vs. Blue competition, gaining initial access is one of the very first things the red team does. The dynamic of the entire competition hangs in the balance of the red team gaining initial access.
This past weekend, I had the pleasure of red teaming at University of Buffalo’s competition called Lockdown. It was a fantastic competition and I had ALOT of fun interacting/challenging the blue teamers on Windows. This blog post will focus on my C2 infrastructure setup for Powershell Empire.
In this post I will show you how to get a meterpreter session on a Windows box with C#. I give all the credit to guy in this post. I am simply sharing this cool tutorial! This guide assumes that you have a Kali Linux VM and a Windows 7 VM, additionally a method to get the malware on to the remote Windows PC. I will walk you through the process of exploitation and how the code works. I will also show you how to setup Metasploit to get a reverse shell. In part 2 I will discuss how to add functionality to your C#malware and run it as a Windows Service!!!!