{"id":89,"date":"2024-01-25T10:03:17","date_gmt":"2024-01-25T09:03:17","guid":{"rendered":"https:\/\/www.fabiansulu.com\/blog\/?p=89"},"modified":"2024-01-25T10:03:17","modified_gmt":"2024-01-25T09:03:17","slug":"exploit-hta_server-sur-windows","status":"publish","type":"post","link":"https:\/\/www.fabiansulu.com\/blog\/exploit-hta_server-sur-windows\/","title":{"rendered":"Exploit hta_server sur Windows"},"content":{"rendered":"\n<p class=\"has-medium-font-size wp-block-paragraph\">Comment prendre possession d&rsquo;un ordinateur sous Windows \u00e0 l&rsquo;aide  de la vuln\u00e9rabilit\u00e9 hta_server.<\/p>\n\n\n\n<p class=\"has-medium-font-size wp-block-paragraph\">A l&rsquo;aide Metasploit Framework, vous pouvez cr\u00e9er le lien d&rsquo;exploit hta_server en utilisant comme payload windows\/meterpreter\/reverse_tcp. Une fois que la victime aurait cliqu\u00e9 sur le lien, une console sera cr\u00e9e donnant acc\u00e8s \u00e0 toutes les fonctionnalit\u00e9s de la machine victime.<\/p>\n\n\n\n<p class=\"has-medium-font-size wp-block-paragraph\">Le lien d&rsquo;exploit peut \u00eatre envoy\u00e9 par la cible via e-mail, cach\u00e9 derri\u00e8re une photo ou une vid\u00e9o, etc&#8230; Dans la vid\u00e9o de d\u00e9monstration, la victime est dans le m\u00eame r\u00e9seau local que moi, mais pour attaquer une cible \u00e0 travers internet, on peut utiliser NGROK dans un meilleur cas il suffit d&rsquo;utiliser Metasploit Framework sur un server \u00e0 partir du Cloud.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">PS: Vid\u00e9o sans commentaire audio.<\/p>\n\n\n\n<figure class=\"wp-block-video\"><video height=\"768\" style=\"aspect-ratio: 1366 \/ 768;\" width=\"1366\" controls src=\"https:\/\/www.fabiansulu.com\/blog\/wp-content\/uploads\/2024\/01\/hackingLINK.mkv\"><\/video><\/figure>\n","protected":false},"excerpt":{"rendered":"<p>Comment prendre possession d&rsquo;un ordinateur sous Windows \u00e0 l&rsquo;aide de la vuln\u00e9rabilit\u00e9 hta_server. A l&rsquo;aide Metasploit Framework, vous pouvez cr\u00e9er le lien d&rsquo;exploit hta_server en utilisant comme payload windows\/meterpreter\/reverse_tcp. Une fois que la victime aurait cliqu\u00e9 sur le lien, une console sera cr\u00e9e donnant acc\u00e8s \u00e0 toutes les fonctionnalit\u00e9s de la machine victime. Le lien [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":91,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[22],"tags":[],"class_list":["post-89","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cyber-securite"],"_links":{"self":[{"href":"https:\/\/www.fabiansulu.com\/blog\/wp-json\/wp\/v2\/posts\/89","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.fabiansulu.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.fabiansulu.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.fabiansulu.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.fabiansulu.com\/blog\/wp-json\/wp\/v2\/comments?post=89"}],"version-history":[{"count":1,"href":"https:\/\/www.fabiansulu.com\/blog\/wp-json\/wp\/v2\/posts\/89\/revisions"}],"predecessor-version":[{"id":92,"href":"https:\/\/www.fabiansulu.com\/blog\/wp-json\/wp\/v2\/posts\/89\/revisions\/92"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.fabiansulu.com\/blog\/wp-json\/wp\/v2\/media\/91"}],"wp:attachment":[{"href":"https:\/\/www.fabiansulu.com\/blog\/wp-json\/wp\/v2\/media?parent=89"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.fabiansulu.com\/blog\/wp-json\/wp\/v2\/categories?post=89"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.fabiansulu.com\/blog\/wp-json\/wp\/v2\/tags?post=89"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}