Tampering the PAC — Post exploit windows — Metasploit
PAC: Proxy auto config.
→ It is very important in enterprises to assign proxies based on policies.
→ A proxy auto-config (PAC) file defines how web browsers and other user agents can automatically choose the appropriate proxy server (access method) for fetching a given URL.
• *A sandbox is a type of software testing environment that enables the isolated execution of software or programs for independent evaluation, monitoring or testing.
Let’s create a fresh directory named PAC (you can name whatever you want), and create a file named proxy.pac(you can name whatever you want, but normally it’s proxy.pac)
Here our Kali Machine’s IP is 192.168.1.35
The browser is going to contact the given proxy(192.168.1.5:80) to get the URL asked by the user.
Now I am assuming we already have compromised a windows machine and got system on it using UAC bypass.
At first a quick compromise of Windows followed by UAC bypass
Now on the kali machine let’s fire up apache2 server.
Now lets put the pac file in the /var/www/html
Now we need to use a metasploit script named ie_proxypac.
Lets run the exploit:
Let’s check if the proxy settings have been changed or not.
Okay, Great it has been changed.
Now let’s go and check in the internet explorer.
Here we are trying to access any website but it is serving us out index.php
Let’s check the Apache logs.