Payload Delivery
Payloads execution methods
Payloads generated with Amnesiac can be executed by simply pasting them into the command prompt or running them wherever the user has gained command execution on the target system.
There are various methods through which a user can gain command execution on a target system, and here are some examples:
SMB Relay Attacks: Involves the use of ntlmrelayx to execute a command on a target system.
Various forms of relay attacks can be used to execute commands on target systems.
Pass-the-Hash: Execute commands on a targets by leveraging pass-the-hash attacks.
MitM6 Attacks: Involves the use of ntlmrelayx to execute commands on target systems
Phishing Attacks: Payloads can be delivered through phishing attacks that use VBA, Macros or other malicious file delivery techniques.
Payloads can be embedded into executables.
MS SQL Command Execution
Group Policy Objects (GPOs)
Local PrivEsc: Elevating privileges locally to obtain an elevated session on the local system.
These are just some examples. Payloads generated by Amnesiac can be executed in various scenarios to establish sessions on target systems.
Last updated