I don't understand the purpouse of this attack if you alteady hacked the user computer just cat the file and then you get the files why all this pain and thank you for responding❤
The main purpose is to be as silent as possible. From what I understand certain actions might be monitored on target system including using "cat" for some files. So even if your presence in the target network got detected, you leave (almost)no traces of any data being stolen.
But do you think how much IS this so difficult to install the program on the infected system and then figure a way to not see you openning that Window popup on his monitor why instead of all that just cat the file and then erase all logs or replace them with logs without any actions from your part .unless if you do not have hvnc that let you open Windows on the computer you cannot run the exe that transmit the files to your sys and also the packets Can bé captured bye someone else on the network so i think this IS not good practice.and final ly i wanna add that you make great content Hope you doeing well and continue what you are doeing and espeacially what i liked the most its that you take the Time to explain really complexe with simple examples ❤️❤️ i'd really enjoy if you creat a group for everybody whois trying to understandand in depth concept
@@tpevers1048 good point, this is definitly a case sensitive mathod, it would work sometimes, sometimes not. I'm glad you like my work, I was thinking about creating a discord server for my comunity (small but growing hah), but for now you can add me on discord and I'll keep you updated: @screeck
This attack is only viable in the case were arp poisoning is possible AKA being in the same network as the target machine. For THM machines or anything outside your own network, the hustle you would go through to replicate this process without arp poisoning is not worth it
