hak5
/
omg-payloads
mirror of https://github.com/hak5/omg-payloads.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
omg-payloads/payloads/library/exfiltration/Windows-netstat
History
aleff-github 320ac03f56 Update 2023-06-25 00:39:41 +02:00
..
README.md Update 2023-06-25 00:39:41 +02:00
Windows-netstat.ps1 readme 2023-06-12 14:32:43 +02:00
payload.txt Windows-netstat-to-Discord-Exfiltration 2023-06-12 14:31:43 +02:00

README.md

Windows netstat

A script used to stole target netstat status.

Category: Exfiltration

Description

This script will stole target netstat status.

Opens PowerShell hidden, grabs netstat status, saves as a cleartext in a variable and exfiltrates info via Discord Webhook.

Then it cleans up traces of what you have done after.

Getting Started

Dependencies

  • An internet connection
  • Windows 10,11

Executing program

  • Plug in your device
  • Invoke the indicated commands
  • Invoke-WebRequest will be entered in the Run Box to send the content

Settings

Put 1 on the function that you want to active, else 0. Functions available:

  • default (or simple 'netstat' command)
  • routing_table $r
  • listening_canonical $lc
  • listening_numerical $ln
  • all_canonical $ac
  • all_numerical $an
  • offload ot
  • proto $p "<protocol>"
    • In this option you must put the protocol that you want to monitor, for example $proto="TCP" if you want to monitor TCP, else leave blank, so $proto="".

Credits

Aleff :octocat:


Github
Linkedin