HTA Attack

HTA attack

This type of attack is a simple HTML application that can provide full access to the remote attacker. The usual file extension of an HTA is .hta. An HTA is treated like any executable file with the extension .exe. When executed via mshta.exe (or if the file icon is double-clicked), it runs immediately. When executed remotely via the browser, the user is asked once, before the HTA is downloaded, whether or not to save and run the application; if saved, it can simply be run on demand after that.

What is a HTA File?

A HTA file is usually made up of HTML and script such as JScript or VBScript, much like a normal web page.

Proof of concept

create shell with mfsvenom in directory /var/www/html

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
GrimTheRipper

You get the best out of others when you give the best of yourself