Hide a Hacker's Reverse Shell in ONE Command

80,447

2,213 0

Published 2023-05-12

j-h.io/plextrac || Save time and effort on pentest reports with PlexTrac's premiere reporting & collaborative platform in a FREE one-month trial! j-h.io/plextrac 😎

🔥 YOUTUBE ALGORITHM ➡ Like, Comment, & Subscribe!
🙏 SUPPORT THE CHANNEL ➡ jh.live/patreon
🤝 SPONSOR THE CHANNEL ➡ jh.live/sponsor
🌎 FOLLOW ME EVERYWHERE ➡ jh.live/discord ↔ jh.live/twitter ↔ jh.live/linkedin ↔ jh.live/instagram ↔ jh.live/tiktok
💥 SEND ME MALWARE ➡ jh.live/malware

All Comments (21)

@laurenlewis4189 11 months ago

Grzegorz is pronounced "gSehgoS" where the capital "S"s are pronounced like the "s" in "treasure"/"pleasure"/"vision." Tworek is easier: "tforek" - just remember that most european languages pronounce "w" the way english speakers pronounce "v," and in some words that can get the "voice" (the hum) taken out of it to become an "f" I highly recommend learning the International Phonetic Alphabet. It makes sense of those weird pronunciation symbols on Wikipedia and Wiktionary, and you'll look like you're a smart cookie who speaks multiple languages when you just have figured out how to read pronunciation guides. Knowing how to pronounce words in other languages and knowing what phonemes are commonly used in certain languages also helps you fake an accent and better socially engineer people, if that's the type of hacker you're aiming to be.
@panchakosha 11 months ago

Yes, that's correct \0 is a null character. \1 would be a null character but with an index of 1, so \0\1 would be two null terminated strings. Modifying the registry doesn't affect the RDP query commands directly. It just allows you to customize the output with the key and value. The query commands retrieve the information from multiple sources: WMI, RDS, TS configs, registry, system data structures like Process Management, etc.
@andreadistasi8842 11 months ago

Great one! I like that you kept it slim!
@cyberdevil657 11 months ago

That is epic Jhon keep up the great work! <3
@guyincognito9009 11 months ago

Dude this guy is incredible. Just like you, thanks so much for All your Videos john
@list1726 11 months ago

Thanks for posting
@groundwalker2162 11 months ago

Love your content Inspired me to learn
@FuzzerHash 11 months ago

Heavy nice content, already waiting next videos.
@donttrusttheape 11 months ago

It will be Gregor in English, actually one of few Polish chaps worth, following!
@HxN0n3 11 months ago

Superb! man
@oildiggerlwd 11 months ago

Love the comments about webroot. Made me laugh because that’s what our MSP has installed on our endpoints.
@ReligionAndMaterialismDebunked 11 months ago

AMSI reminds me of Jamsey and Wamsey, an inside joke my friend's friend started. Haha
@panchakosha 11 months ago

Does CLR Hooking to bypass AMSI still work in Windows 11?
@gooniesfan7911 11 months ago

So you could instead of run a dropped file/bat loader, you could just make it execute a powershell command that downloads&executes the malicious code? (say reflectively load a dll) Then have a scheduled task to run the bogie query command? Would this be considered fileless?
@JontheRippa 11 months ago

Wow i love it 👍👍👍
@VorteX-nl3qe 3 months ago

How can you run that payload on the target machine without them noticing?
@franman6831 11 months ago

Top tier content John
@kazhiroma9736 11 months ago

I was just watching your video on hoaxshell
@mikaeleriksson6504 11 months ago

Am I missing something. You need to have admin rights to add the query command right?
@ruthvikas 11 months ago

Still waiting for picoCTF 2023 🙃