Using Ip as Lhost

Penetration Testing
1

In a same network, if i put my local Ip as Lhost in a payload is it safe or i can be trace back?
Also, If i use port forwarding and use my public IP and send playload, Will it can be traceback to me since it has my public IP in it?

2

Yes, it can always be tracked back, that is why it is very important to obfuscate the payload or the apk with the embedded payload.

3 Likes
3

@HackerSploit is 100% correct when telling you to

When I work in the local network as you first asked.

  • Local Network

  1. Macchanger clone mac address of something connected to the network deauth it and you connect.

  2. Obfuscate the Payload.

  3. Delete and shred the logs. Cover your tracks.

  • Remote Outside Local Network

  1. Macchanger

  2. NordVpn

  3. Tor

  4. When sending exploit do it using NordVpn + Tor

  5. When creating Payload use DnS instead of your IP address. Use Noip or Dydns. Make sure the Dns account was made using NordVpn + Tor. Never use that Dns again.

  6. Obfuscate your Payload

  7. When connecting back to your shell make sure NordVpn is running.

  8. Delete and shred logs. Cover your tracks.

  9. Never connect to reverse shell from your home.

  10. Do not brag about it.

1 Like
4

thanks you so much thats helps alot. :slight_smile: