JSRat - Reverse HTTP Shell Using JavaScript
JSRat is a reverse HTTP Shell by using JavaScript. JSRat use rundll32.exe to load the JavaScript code in cmd and a HTTP Shell is
returned when the code is executed. The special part is that after
running the cmd command, rundll32.exe will remain in the background to
continuously connect to the Server. No file is written to the disk
during the whole process, which significantly enhances stealth.
Characteristics:
To reverse a shell by using cmd to execute codes
Advantages:
- It can avoid being killed
- It’s easy to use
- It’s relatively stealthy.
Exploitation:
Based its characteristics and advantages, using JavaScript as the phishing payload can achieve amazing effect.
JSRat - Reverse HTTP Shell Using JavaScript
Reviewed by Zion3R
on
7:17 PM
Rating: