![]() ![]() We have a filename here, which is the name of our malicious executable. Here we've got a few definitions of variables that we're going to be using throughout the rest of this script. We're also going to use shutil, for a couple of commands, and we're importing OS for operating system commands. This makes it useful for AutoRun, and more useful in general for phishing attacks. This is helpful because, well Python script might not be runnable and a target system, ie, if they don't have Python installed, if you've got a self-contained executable, it's going to run on windows. As we see up at the top of the file, we're going to be using PyInstaller to create a Windows executable from a Python script. The file I have open here in Notepad++ is the Python file we're going to be using for this particular demonstration. If you can create a plausible looking executable that someone might think is something legitimate and run it, then achieve the same goal as if you could automatically run that executable. In the cases where that's not the case, then a lot of these same techniques are going to be useful in say, a social engineering attack. However, some computers might still have AutoRun enabled, making it a viable initial access factor. Now, with current versions of Windows, AutoRun isn't available because obviously running programs by default when you plug in a USB, can create a security risk. That's the files that are designed to automatically run when a USB drive is plugged into a computer. If you've used USB drive before, you're probably familiar with AutoRun. In this video we're going to be talking about USB AutoRun. That stage in the Mitre ATTACK framework. Where we're talking about the use of Python scripts for achieving initial access on a computer. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |