This has probably been asked a thousand times before…
How to run an exploit remotely (not over wan) over the tor service?
I know you can’t reverse connect and can only use a bind payload. I am able to pop a few command shells and even part of a meterpreter shell but I don’t think the entire payload has been loaded on the remote system because I only have limited meterpreter commands.
In 2015 FBI uploaded a malicious into an onion site and retrieved MANY IP’s.Tor fixed this vulnerability with selfrando.
But if you want to upload an exploit into a relay, then I suppose you cannot because their only job is to encrypt and decrypt the data you send. So if you send an exploit, they just encrypt the file… They do not execute it.
In my opinion you can choose one of those scenarios :
You have a Pi mini pc that keeps no logs and via it you can attack to other computers in the network.
Another one is if you have access to the router options, you can open a port and take a laptop or whatever and you connect to other free wifi and connect to your router via tor in the open port and you upload an routersploit and do you job.
3)If victim’s pc is connected via ethernet, then you can do something like MiTM (if router is switched, use a method like turtle) attack if you want to retrieve information, or some similar ways to control his internet direction to redirect him in a place that you want like (a page to download a file, cookie virus etc.) and do your job.
If you upload to victims computer an exploit, you can make it to take orders via a private net and it can upload files etc to this net or another one (like anonfile) via victim’s computer. That means he sees that he is attacker and a victim at the same time.
If router keeps no logs, then the only threat you have is the local IP that router gives you (192.168.XX.XX) for your identity.
So the simplest is to attack normally to the computer and then handbrake router (for extra security) and restart your device to take a new IP and boom!
that should be able to send exploits over the tor network to targets machine?
What about anonsurf in parrot os? Is this capable of running metasploit through?
I seem to be able to spawn shells in anonsurf but the connection drops out
Also I am aware that you can only send tcp bind payloads etc… obviously not reverse connections (because your LHOST is *anonymized)