INNUENDO RPC Shell

You can find the blog post referenced in this video at: https://immunityproducts.blogspot.com/2016/12/innuendo-rpc-shell.html Since the script depends on the execute operation, it is able to take full advantage of capabilities such as user impersonation, allowing you to run the shell as…

INNUENDO RPC Shell

Source

0
(0)

You can find the blog post referenced in this video at: https://immunityproducts.blogspot.com/2016/12/innuendo-rpc-shell.html

Since the script depends on the execute operation, it is able to take full advantage of capabilities such as user impersonation, allowing you to run the shell as any user on the target system.

Remember as well that thanks to the design of INNUENDO’s channels, this shell is resilient to any sort of communication failure. If the web channel were to go down just after entering a command, you would still get the command’s output as soon as the implant is able to sync again (maybe over the DNS channel).

Also note that the response time of the command will depend on the active channel of the target implant, and the configured sync_frequency for that channel. So while a command shell is an interesting experiment for how the RPC API can be used, it won’t be practical except where sync frequencies are very low (or patience is very high).

0 / 5. 0