E-mail attachment execution

Added: 01/28/2009

Background

This tool sends an e-mail attachment which, when executed, establishes a command connection.

Limitations

This tool requires a user to execute the e-mail attachment in order to succeed.

This tool requires the IP address of a working mail server which allows relaying of mail to the recipients.

The target field must be a licensed target but is unused.

This tool accepts either a single recipient or a space-separated list of recipients.

If the user's e-mail client blocks .exe attachments, then an attachment filename which doesn't end in .exe must be used, and the file must be renamed to end in .exe before it can be run.

Platforms

Windows
Linux

Back to exploit index