This is small harness to recreate the social engineering and phishing lure recently seen in the wild around August/September 2024.
Originally seen with the guise “Verify you are human”, the attack vector being copy and paste.
It literally instructs the user to open the Windows Run dialog box with the hotkey Win+R
, and have them paste in a malicious command with Ctrl+V
that the web browser has premptively copied into their clipboard.
Really all you need is index.html
. It includes the CSS and JavaScript in a single file for ease of use, but might need further customization to change the command that is ran (see the JavaScript at the end of the showVerifyWindow
function).
This can be used as a standalone file and a run any local command, but to get a bit more flexibility with code execution, this repository includes a sample HTA file recaptcha-verify
for an innocent proof of concept of popping open the Windows calculator application.
This secondary HTA file would mean it needs to be hosted server-side, or have some other backing infrastructure to offer the payload.
For quick local testing, I literally just used python -m http.server 8000
.
The HTA file also gives you an opportunity for more convincing charade, too, potentially with a window that pops up to “try and connect to the reCAPTCHA servers”, but state that it fails and prompt the user to do it all over again. 🤪 (Extra callbacks, anybody?)
So this recreation has some extra perks:
ModTask is an advanced C# tool designed for red teaming operations, focusing on manipulating scheduled…
HellBunny is a malleable shellcode loader written in C and Assembly utilizing direct and indirect…
SharpRedirect is a simple .NET Framework-based redirector from a specified local port to a destination…
Flyphish is an Ansible playbook allowing cyber security consultants to deploy a phishing server in…
A crypto library to decrypt various encrypted D-Link firmware images. Confirmed to work on the…
LLMs (e.g., GPT-3.5, LLaMA, and PaLM) suffer from hallucination—fabricating non-existent facts to cheat users without…