Basically what I managed to develop, was a malicious script, using Reverse Shell, from the Atacker (Linux) to Victim (Windows).

When executing the script on the remote computer, what happens is that the computer itself sends a request to connect to the attacker's IP. Then we have access and full control from the command line on the remote computer, but for now without the interface, let's take care of it!

It is also possible to have access to the visual part of what is happening on the remote computer.

I also created a script in Command Prompt and PowerShell, in which with only 2 clicks on a .bat file, Python is installed on the computer, without the interface, then it autonomously imports the necessary modules, and then starts sharing the screen to any desired ip in the world. In other words, I can be in Portugal, and when I send this script to a person in another country, like Switzerland for example, and when executed, a request is sent to my router and it forwards it to my computer ip, this way I can see everything remotely what is happening on the other remote computer.

For this project I used:

- Python
- Unix Shell
- Microsoft PowerShell
- Command Prompt

Remote Computer Python Auto-Install Scripts

Creating a port 87, opening a connection to my computer's ip and listening for a connection. The same is done for a future livestreaming screen connection (receiver.py).

Running malicious script on remote machine. As we can see the script is available online and at the end of it we set the ip address and the port for our computer from which we are attacking.

Then I'm switching to the Command Prompt, to execute the command that will execute a python script that gives us access to the visual part as well, the concept is the same, but in this case we are performing a livestreaming of the screen. Not forgetting that everything we are doing on the remote computer is in a subprocess, it is silent without any interface.

Of course, at this point we already have python installed on the remote computer, which doesn't make it impossible for us to carry out this whole process. Having full control over the computer we can install python with the modules we want and we can perform practically all the tasks at this point. I developed a script that performs all this process autonomously, however, we always need to pass the python installation executable somehow (to do this we can pass a link to a site with automatic download or pass a fake masked file, etc) or even open chrome and carry out the whole process normally remotely (next example).

As we can see, we can have access to all files from the command line, searching all the valuable information on the remote computer.
Or as I mentioned above, we can run all the tasks and see what is happening in the interface, open a web browser, turn on the camera, record, send files to us, etc.