Lateral Movement Using B-H.exe to Get quick execution

Subject Lateral Movement Via Use B-H.exe

What is Lateral Movement ::>

1::( Lateral Movement She is remotely )

Are the techniques that specialize in access to resources, and applications and the implementation of code on applications, and resources And Getting On information, And Getting Simulation of system without using tools, remotely,   More-Lateral Movement

 

B-H.exe #>

is tool Designed to receive,software Bash Like, All Of Coding Language-Bash Come on like Console-Terminal Like this, And Not is, i have analyzed it B-H.exe And of this analyzed i have I knew that through him I could get On Get-Console Via Powershell And is not another framework Just Like-Cmder/Framework, But can support it file bashrc  Via Tool B-H.exe Yes, Why ? I have spoken that we can, Reception Command or Coding Language Bash ? Via Tool B-H.exe, But Language-Bash Supports this Files bashrc, And But What is file bashrc, file bashrc is a file that sends any content entering into it from any user to Terminal Or Which Framework Or Service Like Cmder, How this works Or How Send Command-Coding, Did you know that everything supports Language-Bash All Of Terminal Or Tool bash Or Terminal, The first thing that opens itself will open from the direction Home System, Why Path Home!,  Because it is the only thing I used to get downloaded files in System , So a file was established bashrc in Home To Send-info Or Command, to Which tool supports is tool bash,

 

So it can be use tool B-H.exe in Execute Command Via Method ? = using this the Method, = Get-console,   Analysis =  How the Careers Works Like-this = Example Get Console Mode, Which means That you can get On Console B-H.exe

Start
\
\
\
————————
| Get Console Mode |
__________________

32746675-08be4a14-c8bf-11e7-92bb-3eff3297012f

32746988-0cf7a890-c8c0-11e7-8263-2b151c9e3f4d

In short I can get = Console Like-this Example ===> in Cmder/Framework

32746851-a0e5440a-c8bf-11e7-8029-fbb66378c56a

And Why In Framework = And Not Powershell !! So I’ve thought about how they kidnapped her Console Tool B-H.exe in Powershell And not in Cmder Or Anything like-this Cmder/Framework, i can Hijack  B-H.exe-Console To Run In Powershell To Execute File bashrc,

Download Reg-bashrc:=   Regfile

Download B-H.exe of Site Cmder/Framework:=  B-H

$Go_path = cd “\\ip-your\c`$\Users\Gihad\”
$Create_file = New-Item -Name .bashrc -Value calc
$backfile = cd C:
$catfile = type ‘\\ip-your\c$\Users\Name-you\.bashrc’
$catfile
$Run_regfile = reg Import .\lock-bashrc.reg
$Run_regfile = .\lock-bashrc.reg

now

now just invoke-B-H.exe To Execute, Instructions you have typed In File bashrc, Use this Method to the execution Via Powershell Did you know that the execution speed is fast,  Or if it was  This is slow It will be because of Execute the code, and not of Via execute the content that is inside the file,

 

Capture

Some explanations on operations the Execute in B-H.exe in Process
Capture3

 

Author: Matt Homjxi0e @matthomjxi0e
Subject: Lateral Movement using Get-Console object

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s