Premium Only Content
This video is only available to Rumble Premium subscribers. Subscribe to
enjoy exclusive content and ad-free viewing.
HTML Smuggle with JavaScript
1 year ago
14
A great way to obtain an intial foothold when doing covert ops is HTML smuggling. The idea is to get the client side to click on an HTML file. This will automatically download a file of choice which will connect back to our C2 Channel.
I used msfvenom to create the payload in raw format then fed this to Sharpshooter which converts the payload to Javascript. I could have used DotNetToJScript do this, however this way is much quicker. Keep in mind from an Opsec perspective, Sharpshooter might be signatured in todays security tools.
I base64 encode our Javascript payload. Then place the payload into a JavaScript Blob into my dropper. This dropper has a base64 decryption routine embedded.
Loading comments...
-
11:22:12
a12cat34dog
21 hours agoALMOST HAVE ALL GUNS DIAMOND :: Call of Duty: Black Ops 6 :: SO MANY ZOMBIES CAMOS {18+}
86.1K4 -
3:32:31
United Fight League
21 hours agoUFC 309 Watch Party w/ Rampage Jackson, Maycee Barber, Demi Bagby, and Harrison Rogers
196K34 -
2:35:52
Jewels Jones Live ®
1 day agoELECTION OVER - LIES CONTINUE | A Political Rendezvous - Ep. 100
93K77 -
3:59:18
GamerGril
23 hours agoPAGING ALL ZOMBOIZ | DEAD ISLAND 2
203K21 -
42:24
MYLUNCHBREAK CHANNEL PAGE
1 day agoA Century Gone
206K140 -
38:22
Stephen Gardner
1 day ago🔥HOLD ON! The RUMORS about Kamala are TRUE...
247K744 -
1:22:44
Michael Franzese
1 day agoWill Trump’s Win Finally Convince Democrats to Stop The Woke Nonsense??
209K174 -
8:27:07
MDGgamin
1 day ago🔴LIVE- Rumble Gaming To The MOON - Variety of Games & Chatting - #RumbleTakeover
179K5 -
27:24
Mr. Build It
6 days agoDECK DISASTER! How We Fixed a Botched Build
138K19 -
26:58
barstoolsports
1 day agoZach Bryan Blocks All of Barstool | Stool Scenes
145K20