Need some opinions with what direction i should take this

[JinnX93]

i'm looking for a powerful malware of windows and android. how are you gonna help?

Hit me up in the PM with your contact ID bro

 

[Cplusplus]

I will just ransom them. but would determine a good partner.. Your part would be running the file or getting it to where it should be. if you can afford exploit then would be a better advantage. What's the worth 9f the company?

 

[n0n]

Hit me up in the PM with your contact ID bro

Bro are you going to keep on ignoring me or what?

 

[doperobot]

Everyone that commented here are all forgetting the universal fraud law.."Do not shit where you eat." OPSEC.
you gotta consider every point of view. consider your position in the company.
if worse comes to worst, will the management see you as potential criminal if you ever done your heist project?
you have to come clean always. if you are an IT-related employee in the company well then, you can be the suspect.
so exploiting the company database is already an EX out.
always act like you have paranoia. the company will definitely hire someone who can trace the footsteps of the criminal and mind ya'll theres nothing to hide as long as we are all connected to internet. everything is exposed in the web wide world. so careful. always be careful.

Hey everyone.
tbh i had forgotten i reached out, lol. Also seems , as seen in quoted text, that this is my place of employment, but you are wrong. No one pays me but me. cheers

 

[doperobot]

Bro are you going to keep on ignoring me or what?

maybe i didnt add that to my hi im new post. I am just gonna say it, but i am indeed terrible at anything to do with being time, or timely any that type shit, sorry ill activly try to do better.

 

[doperobot]

1.- Use Havoc or Cobalt Strike c2 framework (URDL (Bokuloader, ElusiveMice...) + Sleepmask). If you can not code your custom kits look on github for public ones. For Havoc you dont need that, Sleepmask are actually defined inside the c2 framework. You can set up Ekko for example.
2.- Get a good Stealer. Personally. I like Dokito's, because is free, you can read the source code, and works perfectly for me.
3.- Find a Shellcode loader. You will generate a .bin file (shellcode) and the mission is to load into memory, obviously it will need to be encrypted and decrypted into memory. Tools like PE-Sieve and Moneta will tell you if EDR or AV can find it on memory.
4.- Use of redirectors. You will be able to hide your c2 server by implementing these.
5.- Persistence. The most important thing. There are many ways to do this. Registry, Startup folder, DLL sideloading on a existing legal tool.
6.- Clearing logs after finishing your work: shell for /F "tokens=*" %1 in ('wevtutil.exe el') DO wevtutil.exe cl "%1" . You need Admin privileges for that.

Basically when you have access to a machine you need to do Lateral movement. Mimikatz will give you credentials, Stealer can give you lot of credentials. With that you can access to other machines if they use RDP for example.

I can give you UAC scripts for both, cobalt and Havoc. After initial access is important to gain Admin* Privileges. With that you can set Exclusions to windows defender AV and you can exclude for example C:\ unit, then you can run more cool stuff.

You have achieved Admin* and we imagine that you already have setted up a couple of persistance payloads. You have a very long time access. Now is time to recon. You have to analyze for credentials and see whats going on the system, connections, how they work etc...

HVNC is cool but is the noisiest thing in the entire earth, I don't recommend it, to be honest.

The most important thing is your shellcode loader. This will make you a big difference. You will need to read about custom malleable c2, there are hundreds of c2 written for these tools. If you really want to learn and you are good with that. You can customize it and use Burpsuite for example to spoof real HTTPS traffic like Microsoft Teams or Google chome HTTPS traffic. You can see get/post traffic with Wireshark. But I dont think you want to do this.

In resume: Malleable C2, Shellcode loader, Persistance methods, Lateral movement. Stealer+Mimikatz. Delete logs.

If you have any question feel free to ask. I will try to help If I can.

Посмотреть вложение 82590
Посмотреть вложение 82591
Посмотреть вложение 82592
Посмотреть вложение 82593
Посмотреть вложение 82594
Посмотреть вложение 82595

Holy shit bro..... my head just popped lol

but thank you, this the kind of answers im looking for, some guidance.
I dont want to take up too much your time, but if you have a write up you can share id appreciate. i mean you pretty much just did.
I spent the last few hours messing around trying to put silentminer on the server and get working but no luck yet. I like your ideas though focusing on persistant access first

 

[doperobot]

do you have a link for the free stealer you speak of?

 

[doperobot]

oh, and its linux servers