Was having a discussion with some friends last night and the question came up: "Would it be possible to hijack an attacker's payload and control their computer through the open connection?"
Our hypothetical situation went something like this. Let's say I accidentally ran a reverse tcp EXE payload on my computer, giving an attacker a meterpreter shell and access to my box. Using netstat or likewise analysis I'm able to figure out the EXE file, IP address, and port the attacker is using.
Now the question is, would there be a way to reverse engineer or even create exploits of my own against the EXE so that I can use that open connection to MY advantage and essentially attack the attacker. Theoretically I think this might be possible, but practically I'm not so sure.
Any thoughts?
Comments
No Comments Exist
Be the first, drop a comment!